From fe66f3a1a2de5aa38d4b9075dac8952cae123bb1 Mon Sep 17 00:00:00 2001 From: markm Date: Thu, 21 Mar 2002 22:50:02 +0000 Subject: [PATCH] Vendor import of OPIE 2.4 --- contrib/opie/BUG-REPORT | 9 +- contrib/opie/INSTALL | 101 ++- contrib/opie/Makefile.in | 127 +++- contrib/opie/README | 180 +++-- contrib/opie/acconfig.h | 77 +- contrib/opie/config.h.in | 75 ++ contrib/opie/configure | 945 +++++++++++++++++-------- contrib/opie/configure.in | 66 +- contrib/opie/ftpcmd.y | 7 +- contrib/opie/glob.c | 4 +- contrib/opie/libmissing/Makefile.in | 14 +- contrib/opie/libmissing/endutent.c | 4 +- contrib/opie/libmissing/getutline.c | 4 +- contrib/opie/libmissing/pututline.c | 4 +- contrib/opie/libmissing/setutent.c | 4 +- contrib/opie/libopie/Makefile.in | 14 +- contrib/opie/libopie/accessfile.c | 2 +- contrib/opie/libopie/atob8.c | 6 +- contrib/opie/libopie/btoa8.c | 8 +- contrib/opie/libopie/btoe.c | 15 +- contrib/opie/libopie/btoh.c | 7 +- contrib/opie/libopie/challenge.c | 8 +- contrib/opie/libopie/generator.c | 372 ++++++++-- contrib/opie/libopie/getsequence.c | 2 +- contrib/opie/libopie/getutmpentry.c | 4 +- contrib/opie/libopie/hash.c | 34 +- contrib/opie/libopie/hashlen.c | 44 +- contrib/opie/libopie/insecure.c | 28 +- contrib/opie/libopie/keycrunch.c | 8 +- contrib/opie/libopie/lock.c | 7 +- contrib/opie/libopie/login.c | 25 +- contrib/opie/libopie/logwtmp.c | 27 +- contrib/opie/libopie/lookup.c | 4 +- contrib/opie/libopie/md4c.c | 2 +- contrib/opie/libopie/md5c.c | 2 +- contrib/opie/libopie/newseed.c | 97 ++- contrib/opie/libopie/open.c | 24 +- contrib/opie/libopie/parsechallenge.c | 8 +- contrib/opie/libopie/passcheck.c | 2 +- contrib/opie/libopie/passwd.c | 16 +- contrib/opie/libopie/randomchallenge.c | 8 +- contrib/opie/libopie/readpass.c | 2 +- contrib/opie/libopie/readrec.c | 19 +- contrib/opie/libopie/unlock.c | 2 +- contrib/opie/libopie/verify.c | 67 +- contrib/opie/libopie/version.c | 2 +- contrib/opie/libopie/writerec.c | 17 +- contrib/opie/opie.4 | 7 +- contrib/opie/opie.h | 43 +- contrib/opie/opie_cfg.h | 11 +- contrib/opie/opieaccess.5 | 3 +- contrib/opie/opieauto.c | 386 ++++++++++ contrib/opie/opieftpd.8 | 14 + contrib/opie/opieftpd.c | 33 +- contrib/opie/opiegen.1 | 6 +- contrib/opie/opiegen.c | 2 +- contrib/opie/opieinfo.1 | 2 +- contrib/opie/opieinfo.c | 2 +- contrib/opie/opiekey.1 | 2 +- contrib/opie/opiekey.c | 31 +- contrib/opie/opielogin.1 | 2 +- contrib/opie/opielogin.c | 100 +-- contrib/opie/opiepasswd.1 | 5 +- contrib/opie/opiepasswd.c | 26 +- contrib/opie/opieserv.1 | 2 +- contrib/opie/opieserv.c | 4 +- contrib/opie/opiesu.1 | 2 +- contrib/opie/opiesu.c | 20 +- contrib/opie/opietest.c | 60 +- contrib/opie/permsfile.c | 4 +- contrib/opie/popen.c | 2 +- 71 files changed, 2417 insertions(+), 856 deletions(-) create mode 100644 contrib/opie/opieauto.c diff --git a/contrib/opie/BUG-REPORT b/contrib/opie/BUG-REPORT index 5373871015da..c772d2d504fe 100644 --- a/contrib/opie/BUG-REPORT +++ b/contrib/opie/BUG-REPORT @@ -1,11 +1,12 @@ -OPIE Software Distribution, Release 2.32 Bug Reporting Form -======================================== ================== +OPIE Software Distribution, Release 2.4 Bug Reporting Form +======================================= ================== Before submitting a bug report, please check the README file and make sure that your "bug" is not a known problem. Please make a copy of this file and then edit it with your favorite -text editor to include the answers to the following questions: +text editor (NOT a word processor; the end result needs to be reasonable ASCII +text) to include the answers to the following questions: 1. Your name and electronic mail address, in case we need more information. If you can provide multiple addresses, please do so in case we @@ -76,7 +77,7 @@ Copyright ========= %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/INSTALL b/contrib/opie/INSTALL index 71f0afb68aab..db23f84a2b76 100644 --- a/contrib/opie/INSTALL +++ b/contrib/opie/INSTALL @@ -1,5 +1,5 @@ -OPIE Software Distribution, Release 2.31 Installation Instructions -======================================== ========================= +OPIE Software Distribution, Release 2.4 Installation Instructions +======================================= ========================= Did you read the README file? @@ -26,11 +26,102 @@ hole, but a necessary evil for some sites), type: If you'd like the file to go somewhere else, adjust this appropriately. - There are a number of configure-time options available for OPIE. To -get a list, type: + There are a number of configure-time options available for OPIE. You +probably don't want to change the defaults. To get a complete listing of the +currently available options, type: sh configure --help + Some options that may be of interest are: + + --enable-access-file=FILENAME: Enable the OPIE access file FILENAME + The OPIE access file provides a system administrator with the ability + to make the use of OTP optional for certain hosts. Note that individual + users can create a file named ".opiealways" in their home directory to + require that OTP be used to access to their account. Note also that the + access file is based on addresses, but many of the clients that use it + are only given hostnames. This opens this entire scheme up to DNS + spoofing attacks, which is a major security problem. ALWAYS use a + package such as tcp_wrappers configured to do paranoid checking on DNS + information if you enable this option (it's good practice anyway). + + --enable-server-md4: Use MD4 instead of MD5 for the server + The old S/Key package used MD4 instead of MD5. MD4 is believed to be + less secure than MD5. Use this option only for compatibility with old + key files. + + --disable-user-locking: Disable user locking + OPIE only allows one session at a time to attempt to authenticate a + principal; this prevents a possible race attack on OTP. This locking + mechanism can cause problems in some applications, in which case you + might want to disable the locking. This option also provides a work- + around if the locking code doesn't work reliably on your system. + + --enable-user-locking[=DIR]: Put user lock files in DIR [/etc/opielocks] + The OPIE lock files need to be put in an isolated directory that is + only accessable by the super-user and has a parent directory that is + only writable by the super-user. If you are trying to use OPIE with + the key file shared by NFS, you need to make the lock directory + shared too. (But you read the README file, so you knew this) + + --enable-retype: Ask users to re-type their secret pass phrases + On the one hand, this helps prevent users from having to go generate + an OTP, type it into a remote system, and then found out they + mistyped. On the other hand, it's annoying. If this is enabled, users + can simply hit return at the second prompt and the generator will skip + the retype check, which allows users who don't like the retype check + to mostly skip it. + + --enable-su-star-check: Refuse to switch to disabled accounts + On many systems, an asterisk means one thing and one thing only: this + account is never meant for human users. Therefore, it doesn't make + much sense for anyone other than an attacker to try to su to that + account. Enabling this check causes su to refuse to switch to + accounts with an asterisk in their password field. While probably + better for security, this is not compatible with traditional *IX su + behavior, so it is disabled by default + + --disable-new-prompts: Use more compatible (but less informative) prompts + OPIE uses login prompts that tell you exactly what kind of response + (an OTP response and/or a cleartext password) it expects you to give. + This can break automatic login scripts that look for 'Password:' as + the prompt for the password. If you have users that use such scripts, + you might want to disable the more informative responses so as not to + break those scripts. + + --enable-insecure-override: Allow users to override insecure checks + While OPIE cannot determine whether or not a session is secure, it can + check for fairly common signs that it isn't secure. If it believes the + session is insecure, some programs like opiekey will refuse to run + because they prompt the user to send a secret pass phrase. Sometimes + these checks declare a session insecure when it is, and sometimes the + user wants to continue anyway even if the session is insecure. If this + option is enabled, many commands gain a '-f' option to force them to + operate even if OPIE thinks the session is insecure. + + --enable-anonymous-ftp Enable anonymous FTP support + By default, the OPIE FTP daemon does not support anonymous FTP + service. The FTP daemon contains many security related bug fixes + relative to the original source, but bugs probably remain. It was not + intended to be used for anonymous FTP, where it is more open to the + commands of potentially hostile users. If you enable this option, it + will once again support anonymous FTP, but it probably isn't secure + when that way. + + --disable-utmp Disable utmp logging + --disable-wtmp Disable wtmp logging + On some systems, logging to the utmp and/or wtmp files is just a lost + cause. If this is the case on your system, you might be better off + not having OPIE even try. + + --enable-opieauto Enable support for opieauto + opieauto is a facility that caches an intermediate result of the OTP + generator so that a user-selected number of OTPs can be generated on + demand for each time the user types in the secret pass phrase. This + is great for user convenience, as typing a twenty or thirty character + secret pass phrase can be annoying. It can also be a minor security + hole (see the README for details). + 2. Edit the Makefile The Makefile contains some options that you may wish to modify. Also @@ -75,7 +166,7 @@ Copyright ========= %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/Makefile.in b/contrib/opie/Makefile.in index 926ff4233fd3..77e0fc3b1bb1 100644 --- a/contrib/opie/Makefile.in +++ b/contrib/opie/Makefile.in @@ -2,7 +2,7 @@ # Makefile.source and Makefile: Directions for building and installing OPIE. # # %%% portions-copyright-cmetz-96 -# Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +# Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights # Reserved. The Inner Net License Version 2 applies to these portions of # the software. # You should have received a copy of the license with this software. If @@ -15,6 +15,9 @@ # # History: # +# Modified by cmetz for OPIE 2.4. Add libmissing to include header path. +# Renamed realclean to distclean. Added opieauto rules. Made +# system program install more tolerant of non-existent files. # Modified by cmetz for OPIE 2.31. Moved logwtmp.o into libopie. # Modified by cmetz for OPIE 2.3. Removed manual config -- it's # Autoconf or bust. Replaced user configuration options @@ -80,9 +83,9 @@ SHELL=/bin/sh OWNER=0 GROUP=bin -# Where should the OPIE standard and extended databases be stored? +# Where should the OPIE standard and extended databases be stored? # -# Some sites might want to put this elsewhere. If you want to use an old +# Some sites might want to put this elsewhere. If you want to use an old # S/Key database, you should create a link from /etc/skeykeys to /etc/opiekeys. KEY_FILE=/etc/opiekeys @@ -115,10 +118,11 @@ SU=@SU@ ALT_SU=@ALT_SU@ LOGIN=@LOGIN@ LOCK_DIR=@LOCK_DIR@ +OPIEAUTO=@OPIEAUTO@ BACKUP=opie.old -CFLAGS=$(DEBUG) +CFLAGS=$(DEBUG) -Ilibmissing LFLAGS=-Llibopie -Llibmissing -lopie $(LIBS) -lmissing -lopie LDEPS=libmissing/libmissing.a libopie/libopie.a @@ -128,17 +132,19 @@ all: client server ifdefs: egrep '^#*if*def' *.c *.h | cut -f2 -d: | sort | uniq -client: libopie/libopie.a libmissing/libmissing.a opietest-passed opiekey opiegen +client: libopie/libopie.a libmissing/libmissing.a opietest-passed opiekey opiegen $(OPIEAUTO) client-install: client @echo "Installing OPIE client software..." @echo "Copying OPIE key-related files" @if test ! -d $(LOCALBIN); then $(MKDIR) $(LOCALBIN); chmod 755 $(LOCALBIN); fi - @cp opiekey $(LOCALBIN) + @cp opiekey $(OPIEAUTO) $(LOCALBIN) @$(CHOWN) $(OWNER) $(LOCALBIN)/opiekey + @if test ! -z "$(OPIEAUTO)"; then $(CHOWN) $(OWNER) $(LOCALBIN)/opieauto; fi @chgrp $(GROUP) $(LOCALBIN)/opiekey @echo "Changing file permissions" @chmod 0511 $(LOCALBIN)/opiekey + @if test ! -z "$(OPIEAUTO)"; then chmod 0511 $(LOCALBIN)/opieauto; fi @echo "Symlinking aliases to opiekey" @-ln -s $(LOCALBIN)/opiekey $(LOCALBIN)/otp-md4 @-ln -s $(LOCALBIN)/opiekey $(LOCALBIN)/otp-md5 @@ -160,32 +166,75 @@ server-install: server @chmod 0555 $(LOCALBIN)/opieinfo @chmod 4511 $(LOCALBIN)/opiepasswd @echo "Installing OPIE system programs..." - @if test ! $(EXISTS) $(LOGIN).$(BACKUP); then echo "Renaming existing $(LOGIN) to $(LOGIN).$(BACKUP)"; mv $(LOGIN) $(LOGIN).$(BACKUP); echo "Clearing permissions on old $(LOGIN)"; chmod 0 $(LOGIN).$(BACKUP); fi - @echo "Copying opielogin to $(LOGIN)" - @cp opielogin $(LOGIN) - @echo "Changing ownership of $(LOGIN)" - @$(CHOWN) $(OWNER) $(LOGIN) - @chgrp $(GROUP) $(LOGIN) - @echo "Changing file permissions of $(LOGIN)" - @chmod 4111 $(LOGIN) - @if test ! $(EXISTS) $(SU).$(BACKUP); then echo "Renaming existing su to su.$(BACKUP)"; mv $(SU) $(SU).$(BACKUP); echo "Clearing permissions on old su"; chmod 0 $(SU).$(BACKUP); fi - @-if test ! -z "$(ALT_SU)"; then if test ! $(EXISTS) $(ALT_SU).$(BACKUP); then echo "Renaming existing su to su.$(BACKUP)"; mv $(ALT_SU) $(ALT_SU).$(BACKUP); fi; echo "Copying opiesu to su"; cp opiesu $(ALT_SU); echo "Changing ownership"; $(CHOWN) $(OWNER) $(ALT_SU); chgrp $(GROUP) $(ALT_SU); echo "Changing file permissions"; chmod 4111 $(ALT_SU); echo "Clearning permissions on old su"; chmod 0 $(ALT_SU).$(BACKUP); fi - @echo "Copying opiesu to su" - @cp opiesu $(SU) - @echo "Changing ownership of su" - @$(CHOWN) $(OWNER) $(SU) - @chgrp $(GROUP) $(SU) - @echo "Changing file permissions of su" - @chmod 4111 $(SU) - @if test ! $(EXISTS) $(FTPD).$(BACKUP); then echo "Renaming existing ftp daemon to $(FTPD).$(BACKUP)"; mv $(FTPD) $(FTPD).$(BACKUP); echo "Clearing permissions on old ftp daemon"; chmod 0 $(FTPD).$(BACKUP); fi - @echo "Copying OPIE ftp daemon" - @cp opieftpd $(FTPD) - @echo "Changing ownership of ftpd" - @$(CHOWN) $(OWNER) $(FTPD) - @chgrp $(GROUP) $(FTPD) - @echo "Changing file permissions of ftpd" - @chmod 0100 $(FTPD) - @echo "Making sure OPIE database file exists" + @if test ! -z $(LOGIN); \ + then \ + if test ! $(EXISTS) $(LOGIN).$(BACKUP); \ + then \ + echo "Renaming existing $(LOGIN) to $(LOGIN).$(BACKUP)"; \ + mv $(LOGIN) $(LOGIN).$(BACKUP); \ + echo "Clearing permissions on $(LOGIN)"; \ + chmod 0 $(LOGIN).$(BACKUP); \ + fi; \ + echo "Copying OPIE login to $(LOGIN)"; \ + cp opielogin $(LOGIN); \ + echo "Changing ownership of $(LOGIN)"; \ + $(CHOWN) $(OWNER) $(LOGIN); \ + chgrp $(GROUP) $(LOGIN); \ + echo "Changing file permissions of $(LOGIN)"; \ + chmod 4111 $(LOGIN); \ + fi + @if test ! -z $(SU); \ + then \ + if test ! $(EXISTS) $(SU).$(BACKUP); \ + then \ + echo "Renaming existing $(SU) to $(SU).$(BACKUP)"; \ + mv $(SU) $(SU).$(BACKUP); \ + echo "Clearing permissions on $(SU)"; \ + chmod 0 $(SU).$(BACKUP); \ + fi; \ + echo "Copying OPIE su to $(SU)"; \ + cp opiesu $(SU); \ + echo "Changing ownership of $(SU)"; \ + $(CHOWN) $(OWNER) $(SU); \ + chgrp $(GROUP) $(SU); \ + echo "Changing file permissions of $(SU)"; \ + chmod 4111 $(SU); \ + fi + @if test ! -z $(ALT_SU); \ + then \ + if test ! $(EXISTS) $(ALT_SU).$(BACKUP); \ + then \ + echo "Renaming existing $(ALT_SU) to $(ALT_SU).$(BACKUP)"; \ + mv $(ALT_SU) $(ALT_SU).$(BACKUP); \ + echo "Clearing permissions on $(ALT_SU)"; \ + chmod 0 $(ALT_SU).$(BACKUP); \ + fi; \ + echo "Copying OPIE su to $(ALT_SU)"; \ + cp opiesu $(ALT_SU); \ + echo "Changing ownership of $(ALT_SU)"; \ + $(CHOWN) $(OWNER) $(ALT_SU); \ + chgrp $(GROUP) $(ALT_SU); \ + echo "Changing file permissions of $(ALT_SU)"; \ + chmod 4111 $(ALT_SU); \ + fi + @if test ! -z $(FTPD); \ + then \ + if test ! $(EXISTS) $(FTPD).$(BACKUP); \ + then \ + echo "Renaming existing $(FTPD) to $(FTPD).$(BACKUP)"; \ + mv $(FTPD) $(FTPD).$(BACKUP); \ + echo "Clearing permissions on $(FTPD).$(BACKUP)"; \ + chmod 0 $(FTPD).$(BACKUP); \ + fi; \ + echo "Copying OPIE ftp daemon to $(FTPD)"; \ + cp opieftpd $(FTPD); \ + echo "Changing ownership of $(FTPD)"; \ + $(CHOWN) $(OWNER) $(FTPD); \ + chgrp $(GROUP) $(FTPD); \ + echo "Changing file permissions of $(FTPD)"; \ + chmod 0100 $(FTPD); \ + fi + @echo "Making sure OPIE database file exists"; @touch $(KEY_FILE) @echo "Changing permissions of OPIE database file" @chmod 0644 $(KEY_FILE) @@ -230,16 +279,18 @@ libmissing/libmissing.a: libmissing/*.c clean: -rm -f *.o opiekey opiegen opielogin opiepasswd opiesu opieftpd - -rm -f opieserv opieinfo opietest *core* opietest-passed + -rm -f opieserv opieinfo opietest opieauto *core* opietest-passed -rm -f Makefile.munge configure.munger y.tab.c .gdb* (cd libopie ; $(MAKE) clean) (cd libmissing ; $(MAKE) clean) -realclean: clean +realclean: distclean + +distclean: clean -rm -f *~ core* "\#*\#" Makefile make.log -rm -f config.log config.status config.cache config.h - (cd libopie ; $(MAKE) realclean) - (cd libmissing ; $(MAKE) realclean) + (cd libopie ; $(MAKE) distclean) + (cd libmissing ; $(MAKE) distclean) opiekey: opiekey.o $(LDEPS) $(CC) $(CFLAGS) opiekey.o $(LFLAGS) -o opiekey @@ -270,3 +321,7 @@ opieinfo: opieinfo.o $(LDEPS) opietest: opietest.o $(LDEPS) $(CC) $(CFLAGS) opietest.o $(LFLAGS) -o opietest + +opieauto: opieauto.o $(LDEPS) + $(CC) $(CFLAGS) opieauto.o $(LFLAGS) -o opieauto + diff --git a/contrib/opie/README b/contrib/opie/README index dcc46a9103da..a89e168adadb 100644 --- a/contrib/opie/README +++ b/contrib/opie/README @@ -1,5 +1,5 @@ -OPIE Software Distribution, Release 2.32 Important Information -======================================== ===================== +OPIE Software Distribution, Release 2.4 Important Information +======================================= ===================== Introduction ============ @@ -75,87 +75,104 @@ original Bellcore S/Key(tm) Version 1 software: A Glance at What's New ====================== - 2.32 January 1, 1998. + 2.4 TEST VERSION -- NOT FOR REDISTRIBUTION - Indicate support for extended responses in challenges and check for - such indication before generating any extended responses. + Merged in opieauto, which is disabled by default. - Lots of portability and bug fixes. + Lots of documentation updates. - 2.31 March 20, 1997. + Portability and bug fixes. - Removed active attack protection support due to patent problems. + 2.32 January 1, 1998. - Moved user locks to a separate directory. + Indicate support for extended responses in challenges and check for such +indication before generating any extended responses. - Moved user-serviceable configuration options to the configure script. + Lots of portability and bug fixes. - Lots of portability and bug fixes. + 2.31 March 20, 1997. - 2.3 September 22, 1996 + Removed active attack protection support due to patent problems. - Autoconf is now the only supported configuration method. + Removed the supplemental key file; it did more harm than good. - Lots of internal functions got re-written in ways that will make some + Moved user locks to a separate directory. + + Moved user-serviceable configuration options to the configure script. + + Lots of portability and bug fixes. + + 2.3 September 22, 1996 + + Autoconf is now the only supported configuration method. + + Lots of internal functions got re-written in ways that will make some planned future changes easier. - OTP extended responses, such as automatic re-initialization. + OTP extended responses, such as automatic re-initialization. - Support for a supplemental key file that stores information that was -not in the original /etc/skeykeys file. This allows OPIE to store extra data -needed for things like the OTP re-initialization extended response without -breaking interoperability with other S/Key derived programs. This file is -named "/etc/opiekeys.ext" by default. Unlike the standard key file, it MUST -NOT be world readable. + Support for a supplemental key file that stores information that was not +in the original /etc/skeykeys file. This allows OPIE to store extra data needed +for things like the OTP re-initialization extended response without breaking +interoperability with other S/Key derived programs. This file is named +"/etc/opiekeys.ext" by default. Unlike the standard key file, it MUST NOT be +world readable. - OPIE should better support some of the native "features" of drain -bamaged OSs such as AIX, HP-UX, and Solaris. + OPIE should better support some of the native "features" of drain bamaged +OSs such as AIX, HP-UX, and Solaris. - OPIE's utmp/wtmp handling has been completely re-written. This should -solve many of the utmp/wtmp problems people have been having. + OPIE's utmp/wtmp handling has been completely re-written. This should solve +many of the utmp/wtmp problems people have been having. - Lots of cleanups. + Lots of cleanups. - Bug fixes. + Bug fixes. - 2.22 May 3, 1996. + 2.22 May 3, 1996. - More minor bug fixes. OPIE once again works on Solaris 2.x. + More minor bug fixes. OPIE once again works on Solaris 2.x. - 2.21 April 27, 1996. + 2.21 April 27, 1996. - Minor bug fixes. + Minor bug fixes. - 2.2 April 11, 1996. + 2.2 April 11, 1996. - opiesubr.c, opiesubr2.c, and a few other functions moved into -a subdirectory and split into files with fine granularity. Ditto with -missing function replacements. This subdirectory structure changes a lot -of things around and more splitting like this should be expected in the -near future. + opiesubr.c, opiesubr2.c, and a few other functions moved into a +subdirectory and split into files with fine granularity. Ditto with missing +function replacements. This subdirectory structure changes a lot of things +around and more splitting like this should be expected in the near future. - Added opiegenerator() library function that should make it very easy -to create OTP clients using the OPIE library (this function is subject to -change: there are a few problems remaining to be solved). Just about re-write + Added opiegenerator() library function that should make it very easy to +create OTP clients using the OPIE library (this function is subject to change: +there are a few problems remaining to be solved). Just about re-wrote opiegetpass() to use raw I/O and got most of the OPIE programs actually using that function. Autoconf build fixes. Lots of bug fixes. Lots of portability fixes. Function declarations should be ANSI style for ANSI compilers. Several -fixes to bring OPIE in line with the latest OTP spec. MJR DES key crunch +fixes to bring OPIE in line with the latest OTP spec. MJR DES key crunch de-implemented. - Added sample programs: opiegen (client) and opieserv (server). + Added sample programs: opiegen (client) and opieserv (server). - Probably broke non-autoconf support along the way :(. I've tried to -bring this back in sync, but it may still be broken. + Probably broke non-autoconf support along the way :(. I've tried to bring +this back in sync, but it may still be broken. - 2.11 December 27, 1995. + 2.11 December 27, 1995. - Minor bug fixes. + Minor bug fixes. - 2.10 December 26, 1995. + 2.10 December 26, 1995. - Optional autoconf support. opieinfo is now a normal program. -Bugs fixed -- should work much better on SunOS, HP-UX, and AIX. + Optional autoconf support. opieinfo is now a normal program. Bugs fixed -- +should work much better on SunOS, HP-UX, and AIX. + + 2.01 -- 2.04 + + Bug fix releases. + + 2.00 + + Initial release of OPIE 2.0. System Requirements =================== @@ -177,12 +194,15 @@ OPIE code. If OPIE Doesn't Work ==================== - First and foremost, make sure you have the latest version of OPIE. The -latest version is available by anonymous FTP at: + Under NO circumstances should you send trouble reports directly to the +authors or contributors. They WILL BE IGNORED. - ftp://ftp.nrl.navy.mil/pub/security/opie - and - ftp://ftp.inner.net/pub/opie + Make sure you have the latest version of OPIE. The latest version is +available by HTTP at: + + http://www.inner.net/pub/opie + + (sorry, but anonymous FTP is no longer available) If you have installed the OPIE software (either through "make test" in (7) above or "make install" in (14)), you can run "make uninstall" from the @@ -194,7 +214,8 @@ installation procedure itself did not work properly. If you are running a release version, try installing the latest public test version (look around). These frequently have already fixed the problem you are seeing, but may have new problems of their own (that's why they're -test versions!). +test versions!). Similarly, if you are running a test version, try installing +the latest released version. OPIE is NOT supported software. We don't promise to support you or even to acknowledge your mail, but we are interested in bug reports and are @@ -233,7 +254,7 @@ Gotchas ======= Solaris 2.x is just a lose. It does a lot of nonstandard and downright -broken things. If you want OPIE to be reliable on your box, upgrade to NetBSD +broken things. If you want OPIE to be reliable on your box, upgrade to OpenBSD or Linux. While an almost universal "feature", most people remain unaware that @@ -342,6 +363,25 @@ it puts them. The lock file directory must be a directory used only for OPIE lock files. It must be a directory, owned by the superuser, and must be mode 0700. + opieauto is a potential security hole. It opens a limited window of +exposure by transmitting and storing information that can be used to +generate one or more OTPs earlier than the current sequence number. Every +effort has been made to limit the potential for compromise to the user- +specified window. However, an attacker with superuser priveleges or access to +your account on the client system can still generate OTPs based on the +information cached via opieauto. In practice, there are other ways for such an +an attacker to get your entire secret pass phrase, so this is probably not +creating a significant new security problem. However, because of this +potential for problems and because opieauto uses system features that are not +present on all systems, opieauto support is not compiled in by default and +must be specifically enabled at compile time. + + Many users are running OPIE with the key file on a shared NFS volume +in order to use OTP as a single-login system for a cluster of machines. OPIE +was NOT designed to be operated this way, though it does seem to work. If it +fails or if this proves insecure, this is not OPIE's fault. Note that, if you +do this, you probably want to share the OPIE lock files too. + Gripes ====== @@ -355,14 +395,12 @@ are complying to some or other "standard." My (cmetz) conclusion is that the only thing that is standard about utmp and wtmp handling is that it will be nonstandard on any given system. I've tried a lot of things and I've wasted *a lot* of time on trying to make utmp and wtmp handling work for everybody; -my conclusion is that it will never happen. I personally am willing to stand -behind the code for utmp/wtmp handling on reasonable Linux and 4.4BSD-Lite -systems. If it breaks, tell me and I will fix it. While I am still interested -in hearing about fixes for other OSs, I'm not likely to go out of my way to fix -utmp/wtmp handling on them. If you want it fixed, the best way to do it is to -fix it yourself and give me a patch. As long as the patch is reasonable, I'll -include it in the next release. If you can't wait, use the --disable-utmp -option. +my conclusion is that it will never happen. While I am still interested in +hearing about fixes for utmp/wtmp on systems where they don't work, I'm not +likely to go out of my way to fix utmp/wtmp handling. If you want it fixed, +the best way to do it is to fix it yourself and contribute a patch. As long as +the patch is reasonable, it will be included in the next release. If you can't +wait, use the --disable-utmp option. Credits ======= @@ -396,23 +434,29 @@ community effort. These contributors include: Mowgli Assor Lawrie Brown Andrew Davis + Taso N. Devetzis + Carson Gaspar Dennis Glatting Ben Golding Axel Grewe "Hobbit" Kojima Hajime Darren Hosking - Matt Hucke + Matt Hucke + Kenji Kamizono Charles Karney Jeff Kletsky + Peter Koch Martijn Koster Osamu Kurati Ayamura Kikuchi Ronald van der Meer + Bret Musser Hiroshi Nakano Ikuo Nakagawa Angelo Neri C. R. Oldham + Ossama Othman D. Jason Penney John Perkins Steve Price @@ -429,7 +473,7 @@ City, Virginia. If you have problems with OPIE, please follow the instructions under "If OPIE Doesn't Work." Under NO circumstances should you send trouble -reports directly to the authors or contributors. +reports directly to the authors or contributors. They WILL BE IGNORED. Trademarks ========== @@ -440,12 +484,12 @@ NRL is a trademark of the U. S. Naval Research Laboratory. All other trademarks are trademarks of their respective owners. The term "OPIE" is in the public domain and hence cannot be legally -trademarked by anyone. +trademarked by anyone. Please do not abuse it. Copyrights ========== %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/acconfig.h b/contrib/opie/acconfig.h index f22ca38310bd..e33ebcf13058 100644 --- a/contrib/opie/acconfig.h +++ b/contrib/opie/acconfig.h @@ -1,7 +1,7 @@ /* acconfig.h: Extra commentary for Autoheader %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -117,6 +117,15 @@ you didn't get a copy, you may request one from . /* Define if there is a ut_host field in struct utmp */ #undef HAVE_UT_HOST +/* Define if there is a ut_id field in struct utmp */ +#undef HAVE_UT_ID + +/* Define if there is a ut_syslen field in struct utmp */ +#undef HAVE_UT_SYSLEN + +/* Define if there is a utx_syslen field in struct utmpx */ +#undef HAVE_UTX_SYSLEN + /* Define if the system has getutline() */ #undef HAVE_GETUTLINE @@ -149,3 +158,69 @@ you didn't get a copy, you may request one from . /* Defined if user locking is to be used */ #undef USER_LOCKING + +/* Defined if opieauto is to be used */ +#undef OPIEAUTO + +/* Define if you have the atexit function. */ +#undef HAVE_ATEXIT + +/* Define if you have the endutent function. */ +#undef HAVE_ENDUTENT + +/* Define if you have the initgroups function. */ +#undef HAVE_INITGROUPS + +/* Define if you have the memcmp function. */ +#undef HAVE_MEMCMP + +/* Define if you have the memcpy function. */ +#undef HAVE_MEMCPY + +/* Define if you have the memset function. */ +#undef HAVE_MEMSET + +/* Define if you have the getcwd function. */ +#undef HAVE_GETCWD + +/* Define if you have the getenv function. */ +#undef HAVE_GETENV + +/* Define if you have the getutline function. */ +#undef HAVE_GETUTLINE + +/* Define if you have the pututline function. */ +#undef HAVE_PUTUTLINE + +/* Define if you have the setenv function. */ +#undef HAVE_SETENV + +/* Define if you have the setegid function. */ +#undef HAVE_SETEGID + +/* Define if you have the seteuid function. */ +#undef HAVE_SETEUID + +/* Define if you have the setutent function. */ +#undef HAVE_SETUTENT + +/* Define if you have the sigprocmask function. */ +#undef HAVE_SIGPROCMASK + +/* Define if you have the strchr function. */ +#undef HAVE_STRCHR + +/* Define if you have the strrchr function. */ +#undef HAVE_STRRCHR + +/* Define if you have the strtoul function. */ +#undef HAVE_STRTOUL + +/* Define if you have the sysconf function. */ +#undef HAVE_SYSCONF + +/* Define if you have the uname function. */ +#undef HAVE_UNAME + +/* Define if you have the unsetenv function. */ +#undef HAVE_UNSETENV diff --git a/contrib/opie/config.h.in b/contrib/opie/config.h.in index 7f8fe4006d67..ca700f7e7212 100644 --- a/contrib/opie/config.h.in +++ b/contrib/opie/config.h.in @@ -149,6 +149,12 @@ /* Define if there is a ut_host field in struct utmp */ #undef HAVE_UT_HOST +/* Define if there is a ut_id field in struct utmp */ +#undef HAVE_UT_ID + +/* Define if there is a utx_syslen field in struct utmpx */ +#undef HAVE_UTX_SYSLEN + /* Define if the system has getutline() */ #undef HAVE_GETUTLINE @@ -158,6 +164,9 @@ /* Defined if you want to disable utmp support */ #undef DISABLE_UTMP +/* Defined if you want to disable wtmp support */ +#undef DISABLE_WTMP + /* Defined if you want to allow users to override the insecure checks */ #undef INSECURE_OVERRIDE @@ -176,6 +185,72 @@ /* Defined if su should not switch to disabled accounts */ #undef SU_STAR_CHECK +/* Defined if opieauto is to be used */ +#undef OPIEAUTO + +/* Define if you have the atexit function. */ +#undef HAVE_ATEXIT + +/* Define if you have the endutent function. */ +#undef HAVE_ENDUTENT + +/* Define if you have the initgroups function. */ +#undef HAVE_INITGROUPS + +/* Define if you have the memcmp function. */ +#undef HAVE_MEMCMP + +/* Define if you have the memcpy function. */ +#undef HAVE_MEMCPY + +/* Define if you have the memset function. */ +#undef HAVE_MEMSET + +/* Define if you have the getcwd function. */ +#undef HAVE_GETCWD + +/* Define if you have the getenv function. */ +#undef HAVE_GETENV + +/* Define if you have the getutline function. */ +#undef HAVE_GETUTLINE + +/* Define if you have the pututline function. */ +#undef HAVE_PUTUTLINE + +/* Define if you have the setenv function. */ +#undef HAVE_SETENV + +/* Define if you have the setegid function. */ +#undef HAVE_SETEGID + +/* Define if you have the seteuid function. */ +#undef HAVE_SETEUID + +/* Define if you have the setutent function. */ +#undef HAVE_SETUTENT + +/* Define if you have the sigprocmask function. */ +#undef HAVE_SIGPROCMASK + +/* Define if you have the strchr function. */ +#undef HAVE_STRCHR + +/* Define if you have the strrchr function. */ +#undef HAVE_STRRCHR + +/* Define if you have the strtoul function. */ +#undef HAVE_STRTOUL + +/* Define if you have the sysconf function. */ +#undef HAVE_SYSCONF + +/* Define if you have the uname function. */ +#undef HAVE_UNAME + +/* Define if you have the unsetenv function. */ +#undef HAVE_UNSETENV + /* Define if you have the bcopy function. */ #undef HAVE_BCOPY diff --git a/contrib/opie/configure b/contrib/opie/configure index d69b16d10cd2..2bfce6ea8d50 100755 --- a/contrib/opie/configure +++ b/contrib/opie/configure @@ -1,7 +1,7 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated automatically using autoconf version 2.12 +# Generated automatically using autoconf version 2.13 # Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc. # # This configure script is free software; the Free Software Foundation @@ -35,6 +35,8 @@ ac_help="$ac_help --disable-utmp Disable utmp logging" ac_help="$ac_help --disable-wtmp Disable wtmp logging" +ac_help="$ac_help + --enable-opieauto Enable support for opieauto" # Initialize some variables set by options. # The variables have the same names as the options, with @@ -73,6 +75,7 @@ mandir='${prefix}/man' # Initialize some other variables. subdirs= MFLAGS= MAKEFLAGS= +SHELL=${CONFIG_SHELL-/bin/sh} # Maximum number of lines to put in a shell here document. ac_max_here_lines=12 @@ -356,7 +359,7 @@ EOF verbose=yes ;; -version | --version | --versio | --versi | --vers) - echo "configure generated by autoconf version 2.12" + echo "configure generated by autoconf version 2.13" exit 0 ;; -with-* | --with-*) @@ -526,9 +529,11 @@ ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. ac_cpp='$CPP $CPPFLAGS' ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' cross_compiling=$ac_cv_prog_cc_cross +ac_exeext= +ac_objext=o if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu. if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then @@ -638,7 +643,7 @@ if test "${enable_anonymous_ftp+set}" = set; then cat >> confdefs.h <<\EOF #define DOANONYMOUS 1 EOF - echo "Enabling anonymous FTP support in ftp -- don't say we didn't warn you!" + echo "enabling anonymous FTP support in ftp -- don't say we didn't warn you!" fi # Check whether --enable-utmp or --disable-utmp was given. @@ -647,31 +652,42 @@ if test "${enable_utmp+set}" = set; then cat >> confdefs.h <<\EOF #define DISABLE_UTMP 1 EOF - echo "Disabling utmp logging" + echo "disabling utmp logging" fi # Check whether --enable-wtmp or --disable-wtmp was given. if test "${enable_wtmp+set}" = set; then enableval="$enable_wtmp" cat >> confdefs.h <<\EOF -#define DISABLE_UTMP 1 +#define DISABLE_WTMP 1 EOF - echo "Disabling wtmp logging" + echo "disabling wtmp logging" fi +# Check whether --enable-opieauto or --disable-opieauto was given. +if test "${enable_opieauto+set}" = set; then + enableval="$enable_opieauto" + cat >> confdefs.h <<\EOF +#define OPIEAUTO 1 +EOF + OPIEAUTO=opieauto; echo "enabling opieauto support" +fi + + # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:667: checking for $ac_word" >&5 +echo "configure:682: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in $PATH; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_prog_CC="gcc" @@ -692,16 +708,17 @@ if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:696: checking for $ac_word" >&5 +echo "configure:712: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" ac_prog_rejected=no - for ac_dir in $PATH; do + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then @@ -736,25 +753,61 @@ else echo "$ac_t""no" 1>&6 fi + if test -z "$CC"; then + case "`uname -s`" in + *win32* | *WIN32*) + # Extract the first word of "cl", so it can be a program name with args. +set dummy cl; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:763: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_prog_CC="cl" + break + fi + done + IFS="$ac_save_ifs" +fi +fi +CC="$ac_cv_prog_CC" +if test -n "$CC"; then + echo "$ac_t""$CC" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + ;; + esac + fi test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; } fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 -echo "configure:744: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 +echo "configure:795: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. ac_cpp='$CPP $CPPFLAGS' ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' cross_compiling=$ac_cv_prog_cc_cross -cat > conftest.$ac_ext < conftest.$ac_ext << EOF + +#line 806 "configure" #include "confdefs.h" + main(){return(0);} EOF -if { (eval echo configure:758: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:811: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ac_cv_prog_cc_works=yes # If we can't run a trivial program, we are probably using a cross compiler. if (./conftest; exit) 2>/dev/null; then @@ -768,18 +821,24 @@ else ac_cv_prog_cc_works=no fi rm -fr conftest* +ac_ext=c +# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. +ac_cpp='$CPP $CPPFLAGS' +ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +cross_compiling=$ac_cv_prog_cc_cross echo "$ac_t""$ac_cv_prog_cc_works" 1>&6 if test $ac_cv_prog_cc_works = no; then { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 -echo "configure:778: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 +echo "configure:837: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 cross_compiling=$ac_cv_prog_cc_cross echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 -echo "configure:783: checking whether we are using GNU C" >&5 +echo "configure:842: checking whether we are using GNU C" >&5 if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -788,7 +847,7 @@ else yes; #endif EOF -if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:792: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then +if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:851: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then ac_cv_prog_gcc=yes else ac_cv_prog_gcc=no @@ -799,11 +858,15 @@ echo "$ac_t""$ac_cv_prog_gcc" 1>&6 if test $ac_cv_prog_gcc = yes; then GCC=yes - ac_test_CFLAGS="${CFLAGS+set}" - ac_save_CFLAGS="$CFLAGS" - CFLAGS= - echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 -echo "configure:807: checking whether ${CC-cc} accepts -g" >&5 +else + GCC= +fi + +ac_test_CFLAGS="${CFLAGS+set}" +ac_save_CFLAGS="$CFLAGS" +CFLAGS= +echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 +echo "configure:870: checking whether ${CC-cc} accepts -g" >&5 if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -818,20 +881,24 @@ rm -f conftest* fi echo "$ac_t""$ac_cv_prog_cc_g" 1>&6 - if test "$ac_test_CFLAGS" = set; then - CFLAGS="$ac_save_CFLAGS" - elif test $ac_cv_prog_cc_g = yes; then +if test "$ac_test_CFLAGS" = set; then + CFLAGS="$ac_save_CFLAGS" +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then CFLAGS="-g -O2" else - CFLAGS="-O2" + CFLAGS="-g" fi else - GCC= - test "${CFLAGS+set}" = set || CFLAGS="-g" + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi fi echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 -echo "configure:835: checking how to run the C preprocessor" >&5 +echo "configure:902: checking how to run the C preprocessor" >&5 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= @@ -846,14 +913,14 @@ else # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:856: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out` +{ (eval echo configure:923: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : else @@ -863,14 +930,31 @@ else rm -rf conftest* CPP="${CC-cc} -E -traditional-cpp" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:873: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out` +{ (eval echo configure:940: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + : +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + CPP="${CC-cc} -nologo -E" + cat > conftest.$ac_ext < +Syntax Error +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:957: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : else @@ -882,6 +966,8 @@ else fi rm -f conftest* fi +rm -f conftest* +fi rm -f conftest* ac_cv_prog_CPP="$CPP" fi @@ -892,7 +978,7 @@ fi echo "$ac_t""$CPP" 1>&6 echo $ac_n "checking whether ln -s works""... $ac_c" 1>&6 -echo "configure:896: checking whether ln -s works" >&5 +echo "configure:982: checking whether ln -s works" >&5 if eval "test \"`echo '$''{'ac_cv_prog_LN_S'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -915,15 +1001,16 @@ fi # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:919: checking for $ac_word" >&5 +echo "configure:1005: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in $PATH; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_prog_RANLIB="ranlib" @@ -946,15 +1033,16 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:950: checking for $ac_word" >&5 +echo "configure:1037: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_YACC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test -n "$YACC"; then ac_cv_prog_YACC="$YACC" # Let the user override the test. else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in $PATH; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_prog_YACC="$ac_prog" @@ -977,9 +1065,9 @@ test -n "$YACC" || YACC="yacc" echo $ac_n "checking for AIX""... $ac_c" 1>&6 -echo "configure:981: checking for AIX" >&5 +echo "configure:1069: checking for AIX" >&5 cat > conftest.$ac_ext <&6 -echo "configure:1005: checking for POSIXized ISC" >&5 +echo "configure:1093: checking for POSIXized ISC" >&5 if test -d /etc/conf/kconfig.d && grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1 then @@ -1023,18 +1111,18 @@ fi ac_safe=`echo "minix/config.h" | sed 'y%./+-%__p_%'` echo $ac_n "checking for minix/config.h""... $ac_c" 1>&6 -echo "configure:1027: checking for minix/config.h" >&5 +echo "configure:1115: checking for minix/config.h" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1037: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out` +{ (eval echo configure:1125: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* eval "ac_cv_header_$ac_safe=yes" @@ -1075,7 +1163,7 @@ fi # Extract the first word of "chown", so it can be a program name with args. set dummy chown; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1079: checking for $ac_word" >&5 +echo "configure:1167: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_path_CHOWN'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -1083,9 +1171,13 @@ else /*) ac_cv_path_CHOWN="$CHOWN" # Let the user override the test with a path. ;; + ?:/*) + ac_cv_path_CHOWN="$CHOWN" # Let the user override the test with a dos path. + ;; *) - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in /usr/bin /bin /usr/sbin /sbin /usr/etc /etc$ac_dummy; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="/usr/bin /bin /usr/sbin /sbin /usr/etc /etc" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_path_CHOWN="$ac_dir/$ac_word" @@ -1108,7 +1200,7 @@ fi # Extract the first word of "su", so it can be a program name with args. set dummy su; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1112: checking for $ac_word" >&5 +echo "configure:1204: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_path_SU'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -1116,9 +1208,13 @@ else /*) ac_cv_path_SU="$SU" # Let the user override the test with a path. ;; + ?:/*) + ac_cv_path_SU="$SU" # Let the user override the test with a dos path. + ;; *) - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in /usr/bin /bin$ac_dummy; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="/usr/bin /bin" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_path_SU="$ac_dir/$ac_word" @@ -1140,7 +1236,7 @@ fi # Extract the first word of "su", so it can be a program name with args. set dummy su; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1144: checking for $ac_word" >&5 +echo "configure:1240: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_path_ALT_SU'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -1148,9 +1244,13 @@ else /*) ac_cv_path_ALT_SU="$ALT_SU" # Let the user override the test with a path. ;; + ?:/*) + ac_cv_path_ALT_SU="$ALT_SU" # Let the user override the test with a dos path. + ;; *) - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in /usr/sbin /sbin$ac_dummy; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="/usr/sbin /sbin" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_path_ALT_SU="$ac_dir/$ac_word" @@ -1172,7 +1272,7 @@ fi # Extract the first word of "scheme", so it can be a program name with args. set dummy scheme; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1176: checking for $ac_word" >&5 +echo "configure:1276: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_path_SCHEME'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -1180,9 +1280,13 @@ else /*) ac_cv_path_SCHEME="$SCHEME" # Let the user override the test with a path. ;; + ?:/*) + ac_cv_path_SCHEME="$SCHEME" # Let the user override the test with a dos path. + ;; *) - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in /usr/lib/iaf/scheme$ac_dummy; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="/usr/lib/iaf/scheme" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_path_SCHEME="$ac_dir/$ac_word" @@ -1203,7 +1307,7 @@ fi # Extract the first word of "login", so it can be a program name with args. set dummy login; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1207: checking for $ac_word" >&5 +echo "configure:1311: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_path_LOGIN'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -1211,9 +1315,13 @@ else /*) ac_cv_path_LOGIN="$LOGIN" # Let the user override the test with a path. ;; + ?:/*) + ac_cv_path_LOGIN="$LOGIN" # Let the user override the test with a dos path. + ;; *) - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in /usr/bin /bin$ac_dummy; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="/usr/bin /bin" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_path_LOGIN="$ac_dir/$ac_word" @@ -1241,7 +1349,7 @@ fi # Extract the first word of "ftpd", so it can be a program name with args. set dummy ftpd; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1245: checking for $ac_word" >&5 +echo "configure:1353: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_path_FTPD'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -1249,9 +1357,13 @@ else /*) ac_cv_path_FTPD="$FTPD" # Let the user override the test with a path. ;; + ?:/*) + ac_cv_path_FTPD="$FTPD" # Let the user override the test with a dos path. + ;; *) - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in /usr/libexec /usr/etc /etc /usr/sbin /sbin /usr/lbin$ac_dummy; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="/usr/libexec /usr/etc /etc /usr/sbin /sbin /usr/lbin" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_path_FTPD="$ac_dir/$ac_word" @@ -1272,7 +1384,7 @@ fi # Extract the first word of "in.ftpd", so it can be a program name with args. set dummy in.ftpd; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1276: checking for $ac_word" >&5 +echo "configure:1388: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_path_INFTPD'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -1280,9 +1392,13 @@ else /*) ac_cv_path_INFTPD="$INFTPD" # Let the user override the test with a path. ;; + ?:/*) + ac_cv_path_INFTPD="$INFTPD" # Let the user override the test with a dos path. + ;; *) - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:" - for ac_dir in /usr/libexec /usr/etc /etc /usr/sbin /sbin /usr/lbin$ac_dummy; do + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="/usr/libexec /usr/etc /etc /usr/sbin /sbin /usr/lbin" + for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_path_INFTPD="$ac_dir/$ac_word" @@ -1310,7 +1426,7 @@ then fi echo $ac_n "checking for default PATH entries""... $ac_c" 1>&6 -echo "configure:1314: checking for default PATH entries" >&5 +echo "configure:1430: checking for default PATH entries" >&5 default_path="" save_IFS="$IFS" IFS=" " @@ -1341,7 +1457,7 @@ EOF echo "$ac_t""$default_path" 1>&6 echo $ac_n "checking for test -e flag""... $ac_c" 1>&6 -echo "configure:1345: checking for test -e flag" >&5 +echo "configure:1461: checking for test -e flag" >&5 if sh config.testeflag then result=yes @@ -1354,7 +1470,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking for mkdir -p flag""... $ac_c" 1>&6 -echo "configure:1358: checking for mkdir -p flag" >&5 +echo "configure:1474: checking for mkdir -p flag" >&5 if test -d config.tmpdir then rmdir config.tmpdir/foo/bar >/dev/null 2>/dev/null @@ -1390,7 +1506,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking for ls group field""... $ac_c" 1>&6 -echo "configure:1394: checking for ls group field" >&5 +echo "configure:1510: checking for ls group field" >&5 lsg=`/bin/ls -ldg / | wc -w | awk '{print $1}'`; ls=`/bin/ls -ld / | wc -w | awk '{print $1}'`; result="no" @@ -1410,7 +1526,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking for /etc/default/login""... $ac_c" 1>&6 -echo "configure:1414: checking for /etc/default/login" >&5 +echo "configure:1530: checking for /etc/default/login" >&5 if test $EXISTS /etc/default/login then result=yes @@ -1424,7 +1540,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking for /etc/securetty""... $ac_c" 1>&6 -echo "configure:1428: checking for /etc/securetty" >&5 +echo "configure:1544: checking for /etc/securetty" >&5 if test $EXISTS /etc/securetty then result=yes @@ -1438,7 +1554,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking for /etc/logindevperm""... $ac_c" 1>&6 -echo "configure:1442: checking for /etc/logindevperm" >&5 +echo "configure:1558: checking for /etc/logindevperm" >&5 if test $EXISTS /etc/logindevperm then echo "$ac_t""yes" 1>&6 @@ -1450,7 +1566,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for /etc/fbtab""... $ac_c" 1>&6 -echo "configure:1454: checking for /etc/fbtab" >&5 +echo "configure:1570: checking for /etc/fbtab" >&5 if test $EXISTS /etc/fbtab then result=yes @@ -1465,7 +1581,7 @@ EOF fi echo $ac_n "checking for /etc/environment""... $ac_c" 1>&6 -echo "configure:1469: checking for /etc/environment" >&5 +echo "configure:1585: checking for /etc/environment" >&5 if test $EXISTS /etc/environment then echo "$ac_t""yes" 1>&6 @@ -1477,7 +1593,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for /etc/src.sh""... $ac_c" 1>&6 -echo "configure:1481: checking for /etc/src.sh" >&5 +echo "configure:1597: checking for /etc/src.sh" >&5 if test $EXISTS /etc/src.sh then result=yes @@ -1492,7 +1608,7 @@ EOF fi echo $ac_n "checking for /etc/shadow""... $ac_c" 1>&6 -echo "configure:1496: checking for /etc/shadow" >&5 +echo "configure:1612: checking for /etc/shadow" >&5 if test $EXISTS /etc/shadow then result=yes @@ -1504,7 +1620,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for /etc/security/passwd.adjunct""... $ac_c" 1>&6 -echo "configure:1508: checking for /etc/security/passwd.adjunct" >&5 +echo "configure:1624: checking for /etc/security/passwd.adjunct" >&5 if test $EXISTS /etc/security/passwd.adjunct then result=yes @@ -1520,7 +1636,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking for /var/adm/sulog""... $ac_c" 1>&6 -echo "configure:1524: checking for /var/adm/sulog" >&5 +echo "configure:1640: checking for /var/adm/sulog" >&5 if test $EXISTS /var/adm/sulog then result=yes @@ -1534,7 +1650,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking mail spool location""... $ac_c" 1>&6 -echo "configure:1538: checking mail spool location" >&5 +echo "configure:1654: checking mail spool location" >&5 mail_spool="" for i in /var/mail /usr/mail /var/spool/mail /usr/spool/mail do @@ -1556,7 +1672,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking where your system puts the utmp file""... $ac_c" 1>&6 -echo "configure:1560: checking where your system puts the utmp file" >&5 +echo "configure:1676: checking where your system puts the utmp file" >&5 utmp_path="" for i in /var/run /var/adm /usr/adm /etc do @@ -1578,7 +1694,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking where your system puts the utmpx file""... $ac_c" 1>&6 -echo "configure:1582: checking where your system puts the utmpx file" >&5 +echo "configure:1698: checking where your system puts the utmpx file" >&5 utmp_path="" for i in /var/run /var/adm /usr/adm /etc do @@ -1598,7 +1714,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking where your system puts the wtmp file""... $ac_c" 1>&6 -echo "configure:1602: checking where your system puts the wtmp file" >&5 +echo "configure:1718: checking where your system puts the wtmp file" >&5 wtmp_path="" for i in /var/run /var/log /var/adm /usr/adm /etc do @@ -1620,7 +1736,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking where your system puts the wtmpx file""... $ac_c" 1>&6 -echo "configure:1624: checking where your system puts the wtmpx file" >&5 +echo "configure:1740: checking where your system puts the wtmpx file" >&5 wtmpx_path="" for i in /var/run /var/log /var/adm /usr/adm /etc do @@ -1642,7 +1758,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking whether the system profile displays the motd""... $ac_c" 1>&6 -echo "configure:1646: checking whether the system profile displays the motd" >&5 +echo "configure:1762: checking whether the system profile displays the motd" >&5 result=no if test $EXISTS /etc/profile then @@ -1661,7 +1777,7 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking whether the system profile checks for mail""... $ac_c" 1>&6 -echo "configure:1665: checking whether the system profile checks for mail" >&5 +echo "configure:1781: checking whether the system profile checks for mail" >&5 result=no if test $EXISTS /etc/profile then @@ -1680,12 +1796,12 @@ fi echo "$ac_t""$result" 1>&6 echo $ac_n "checking for working const""... $ac_c" 1>&6 -echo "configure:1684: checking for working const" >&5 +echo "configure:1800: checking for working const" >&5 if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:1854: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_const=yes else @@ -1756,16 +1872,16 @@ fi echo $ac_n "checking to see if your compiler can handle void arguments""... $ac_c" 1>&6 -echo "configure:1760: checking to see if your compiler can handle void arguments" >&5 +echo "configure:1876: checking to see if your compiler can handle void arguments" >&5 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:1885: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_VOIDARG 1 @@ -1780,16 +1896,16 @@ fi rm -f conftest* echo $ac_n "checking to see if your compiler can handle void return values""... $ac_c" 1>&6 -echo "configure:1784: checking to see if your compiler can handle void return values" >&5 +echo "configure:1900: checking to see if your compiler can handle void return values" >&5 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:1909: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_VOIDRET 1 @@ -1804,16 +1920,16 @@ fi rm -f conftest* echo $ac_n "checking to see if your compiler can handle void pointers""... $ac_c" 1>&6 -echo "configure:1808: checking to see if your compiler can handle void pointers" >&5 +echo "configure:1924: checking to see if your compiler can handle void pointers" >&5 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:1933: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_VOIDPTR 1 @@ -1828,16 +1944,16 @@ fi rm -f conftest* echo $ac_n "checking to see if your compiler can handle ANSI argument lists""... $ac_c" 1>&6 -echo "configure:1832: checking to see if your compiler can handle ANSI argument lists" >&5 +echo "configure:1948: checking to see if your compiler can handle ANSI argument lists" >&5 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:1957: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_ANSIDECL 1 @@ -1852,16 +1968,16 @@ fi rm -f conftest* echo $ac_n "checking to see if your compiler can handle ANSI prototypes""... $ac_c" 1>&6 -echo "configure:1856: checking to see if your compiler can handle ANSI prototypes" >&5 +echo "configure:1972: checking to see if your compiler can handle ANSI prototypes" >&5 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:1981: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_ANSIPROTO 1 @@ -1876,9 +1992,9 @@ fi rm -f conftest* echo $ac_n "checking to see if your compiler can handle ANSI variable arguments""... $ac_c" 1>&6 -echo "configure:1880: checking to see if your compiler can handle ANSI variable arguments" >&5 +echo "configure:1996: checking to see if your compiler can handle ANSI variable arguments" >&5 cat > conftest.$ac_ext < int foo(int arg, ...) { @@ -1891,7 +2007,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:1895: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:2011: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_ANSISTDARG 1 @@ -1906,12 +2022,12 @@ fi rm -f conftest* echo $ac_n "checking to see if you have an ANSI-style sprintf""... $ac_c" 1>&6 -echo "configure:1910: checking to see if you have an ANSI-style sprintf" >&5 +echo "configure:2026: checking to see if you have an ANSI-style sprintf" >&5 if test "$cross_compiling" = yes; then echo "$ac_t""no" 1>&6 else cat > conftest.$ac_ext < int main(argc, argv) @@ -1924,7 +2040,7 @@ char *argv[]; return (i == 6) ? 0 : -1; } EOF -if { (eval echo configure:1928: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:2044: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then cat >> confdefs.h <<\EOF #define HAVE_ANSISPRINTF 1 @@ -1941,7 +2057,7 @@ fi echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6 -echo "configure:1945: checking for crypt in -lcrypt" >&5 +echo "configure:2061: checking for crypt in -lcrypt" >&5 ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -1949,7 +2065,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcrypt $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2080: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -1988,7 +2104,7 @@ else fi echo $ac_n "checking for gethostname in -lnsl""... $ac_c" 1>&6 -echo "configure:1992: checking for gethostname in -lnsl" >&5 +echo "configure:2108: checking for gethostname in -lnsl" >&5 ac_lib_var=`echo nsl'_'gethostname | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -1996,7 +2112,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2127: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2035,7 +2151,7 @@ else fi echo $ac_n "checking for main in -lposix""... $ac_c" 1>&6 -echo "configure:2039: checking for main in -lposix" >&5 +echo "configure:2155: checking for main in -lposix" >&5 ac_lib_var=`echo posix'_'main | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -2043,14 +2159,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lposix $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2170: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2078,7 +2194,7 @@ else fi echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 -echo "configure:2082: checking for socket in -lsocket" >&5 +echo "configure:2198: checking for socket in -lsocket" >&5 ac_lib_var=`echo socket'_'socket | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -2086,7 +2202,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2217: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2130,12 +2246,12 @@ for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr that defines DIR""... $ac_c" 1>&6 -echo "configure:2134: checking for $ac_hdr that defines DIR" >&5 +echo "configure:2250: checking for $ac_hdr that defines DIR" >&5 if eval "test \"`echo '$''{'ac_cv_header_dirent_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include <$ac_hdr> @@ -2143,7 +2259,7 @@ int main() { DIR *dirp = 0; ; return 0; } EOF -if { (eval echo configure:2147: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:2263: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* eval "ac_cv_header_dirent_$ac_safe=yes" else @@ -2168,7 +2284,7 @@ done # Two versions of opendir et al. are in -ldir and -lx on SCO Xenix. if test $ac_header_dirent = dirent.h; then echo $ac_n "checking for opendir in -ldir""... $ac_c" 1>&6 -echo "configure:2172: checking for opendir in -ldir" >&5 +echo "configure:2288: checking for opendir in -ldir" >&5 ac_lib_var=`echo dir'_'opendir | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -2176,7 +2292,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ldir $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2307: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2209,7 +2325,7 @@ fi else echo $ac_n "checking for opendir in -lx""... $ac_c" 1>&6 -echo "configure:2213: checking for opendir in -lx" >&5 +echo "configure:2329: checking for opendir in -lx" >&5 ac_lib_var=`echo x'_'opendir | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -2217,7 +2333,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lx $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2348: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -2251,12 +2367,12 @@ fi fi echo $ac_n "checking for sys/wait.h that is POSIX.1 compatible""... $ac_c" 1>&6 -echo "configure:2255: checking for sys/wait.h that is POSIX.1 compatible" >&5 +echo "configure:2371: checking for sys/wait.h that is POSIX.1 compatible" >&5 if eval "test \"`echo '$''{'ac_cv_header_sys_wait_h'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -2272,7 +2388,7 @@ wait (&s); s = WIFEXITED (s) ? WEXITSTATUS (s) : 1; ; return 0; } EOF -if { (eval echo configure:2276: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:2392: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_header_sys_wait_h=yes else @@ -2296,18 +2412,18 @@ for ac_hdr in crypt.h fcntl.h limits.h termios.h sys/file.h sys/ioctl.h sys/time do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:2300: checking for $ac_hdr" >&5 +echo "configure:2416: checking for $ac_hdr" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2310: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out` +{ (eval echo configure:2426: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* eval "ac_cv_header_$ac_safe=yes" @@ -2335,9 +2451,9 @@ done echo $ac_n "checking for ut_pid in struct utmp""... $ac_c" 1>&6 -echo "configure:2339: checking for ut_pid in struct utmp" >&5 +echo "configure:2455: checking for ut_pid in struct utmp" >&5 cat > conftest.$ac_ext < #include @@ -2345,7 +2461,7 @@ int main() { struct utmp foo; return (int)foo.ut_pid; ; return 0; } EOF -if { (eval echo configure:2349: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:2465: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_UT_PID 1 @@ -2359,9 +2475,9 @@ else fi rm -f conftest* echo $ac_n "checking for ut_type in struct utmp""... $ac_c" 1>&6 -echo "configure:2363: checking for ut_type in struct utmp" >&5 +echo "configure:2479: checking for ut_type in struct utmp" >&5 cat > conftest.$ac_ext < #include @@ -2369,7 +2485,7 @@ int main() { struct utmp foo; return (int)foo.ut_type; ; return 0; } EOF -if { (eval echo configure:2373: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:2489: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_UT_TYPE 1 @@ -2383,9 +2499,9 @@ else fi rm -f conftest* echo $ac_n "checking for ut_name in struct utmp""... $ac_c" 1>&6 -echo "configure:2387: checking for ut_name in struct utmp" >&5 +echo "configure:2503: checking for ut_name in struct utmp" >&5 cat > conftest.$ac_ext < #include @@ -2393,7 +2509,7 @@ int main() { struct utmp foo; return (int)foo.ut_name[0]; ; return 0; } EOF -if { (eval echo configure:2397: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:2513: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_UT_NAME 1 @@ -2407,9 +2523,9 @@ else fi rm -f conftest* echo $ac_n "checking for ut_host in struct utmp""... $ac_c" 1>&6 -echo "configure:2411: checking for ut_host in struct utmp" >&5 +echo "configure:2527: checking for ut_host in struct utmp" >&5 cat > conftest.$ac_ext < #include @@ -2417,7 +2533,7 @@ int main() { struct utmp foo; return (int)foo.ut_host[0]; ; return 0; } EOF -if { (eval echo configure:2421: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:2537: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_UT_HOST 1 @@ -2430,14 +2546,65 @@ else echo "$ac_t""no" 1>&6 fi rm -f conftest* +echo $ac_n "checking for ut_id in struct utmp""... $ac_c" 1>&6 +echo "configure:2551: checking for ut_id in struct utmp" >&5 +cat > conftest.$ac_ext < +#include +int main() { +struct utmp foo; return (int)foo.ut_id[0]; +; return 0; } +EOF +if { (eval echo configure:2561: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_UT_ID 1 +EOF + echo "$ac_t""yes" 1>&6 +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + echo "$ac_t""no" 1>&6 +fi +rm -f conftest* +#AC_MSG_CHECKING(for ut_syslen in struct utmp) +#AC_TRY_COMPILE([#include +##include ], [struct utmp foo; return (int)foo.ut_syslen;], AC_DEFINE(HAVE_UT_SYSLEN) AC_MSG_RESULT(yes), AC_MSG_RESULT(no)) +echo $ac_n "checking for ut_syslen in struct utmpx""... $ac_c" 1>&6 +echo "configure:2578: checking for ut_syslen in struct utmpx" >&5 +cat > conftest.$ac_ext < +#include +int main() { +struct utmpx foo; return (int)foo.ut_syslen; +; return 0; } +EOF +if { (eval echo configure:2588: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_UTX_SYSLEN 1 +EOF + echo "$ac_t""yes" 1>&6 +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + echo "$ac_t""no" 1>&6 +fi +rm -f conftest* echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 -echo "configure:2436: checking return type of signal handlers" >&5 +echo "configure:2603: checking return type of signal handlers" >&5 if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -2454,7 +2621,7 @@ int main() { int i; ; return 0; } EOF -if { (eval echo configure:2458: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:2625: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_type_signal=void else @@ -2475,12 +2642,12 @@ EOF for ac_func in gettimeofday socket strftime strstr setpriority getttynam setvbuf getspnam endspent setgroups getgroups fpurge setlogin lstat getutxline pututxline usleep do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2479: checking for $ac_func" >&5 +echo "configure:2646: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2674: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2529,7 +2696,7 @@ done echo $ac_n "checking for 8-bit clean memcmp""... $ac_c" 1>&6 -echo "configure:2533: checking for 8-bit clean memcmp" >&5 +echo "configure:2700: checking for 8-bit clean memcmp" >&5 if eval "test \"`echo '$''{'ac_cv_func_memcmp_clean'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2537,7 +2704,7 @@ else ac_cv_func_memcmp_clean=no else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:2718: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_func_memcmp_clean=yes else @@ -2562,24 +2729,24 @@ fi fi echo "$ac_t""$ac_cv_func_memcmp_clean" 1>&6 -test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS memcmp.o" +test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS memcmp.${ac_objext}" # The Ultrix 4.2 mips builtin alloca declared by alloca.h only works # for constant arguments. Useless! echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6 -echo "configure:2571: checking for working alloca.h" >&5 +echo "configure:2738: checking for working alloca.h" >&5 if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { char *p = alloca(2 * sizeof(int)); ; return 0; } EOF -if { (eval echo configure:2583: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2750: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ac_cv_header_alloca_h=yes else @@ -2600,25 +2767,30 @@ EOF fi echo $ac_n "checking for alloca""... $ac_c" 1>&6 -echo "configure:2604: checking for alloca" >&5 +echo "configure:2771: checking for alloca" >&5 if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < +# ifdef _MSC_VER +# include +# define alloca _alloca # else -# ifdef _AIX - #pragma alloca +# if HAVE_ALLOCA_H +# include # else -# ifndef alloca /* predefined by HP cc +Olibcalls */ +# ifdef _AIX + #pragma alloca +# else +# ifndef alloca /* predefined by HP cc +Olibcalls */ char *alloca (); +# endif # endif # endif # endif @@ -2628,7 +2800,7 @@ int main() { char *p = (char *) alloca(1); ; return 0; } EOF -if { (eval echo configure:2632: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2804: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ac_cv_func_alloca_works=yes else @@ -2653,19 +2825,19 @@ if test $ac_cv_func_alloca_works = no; then # that cause trouble. Some versions do not even contain alloca or # contain a buggy version. If you still want to use their alloca, # use ar to extract alloca.o from them instead of compiling alloca.c. - ALLOCA=alloca.o + ALLOCA=alloca.${ac_objext} cat >> confdefs.h <<\EOF #define C_ALLOCA 1 EOF echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6 -echo "configure:2664: checking whether alloca needs Cray hooks" >&5 +echo "configure:2836: checking whether alloca needs Cray hooks" >&5 if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&6 if test $ac_cv_os_cray = yes; then for ac_func in _getb67 GETB67 getb67; do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2694: checking for $ac_func" >&5 +echo "configure:2866: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:2894: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2745,7 +2917,7 @@ done fi echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6 -echo "configure:2749: checking stack direction for C alloca" >&5 +echo "configure:2921: checking stack direction for C alloca" >&5 if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2753,7 +2925,7 @@ else ac_cv_c_stack_direction=0 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null +if { (eval echo configure:2948: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_c_stack_direction=1 else @@ -2796,12 +2968,12 @@ fi for ac_func in getusershell sigaddset sigemptyset strerror strncasecmp do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2800: checking for $ac_func" >&5 +echo "configure:2972: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3000: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2845,19 +3017,20 @@ EOF else echo "$ac_t""no" 1>&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" +LIBOBJS="$LIBOBJS ${ac_func}.${ac_objext}" fi done MISSING="$LIBOBJS $ALLOCA " ; + echo $ac_n "checking for atexit""... $ac_c" 1>&6 -echo "configure:2856: checking for atexit" >&5 +echo "configure:3029: checking for atexit" >&5 if eval "test \"`echo '$''{'ac_cv_func_atexit'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3057: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_atexit=yes" else @@ -2894,18 +3067,21 @@ fi if eval "test \"`echo '$ac_cv_func_'atexit`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_ATEXIT 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}atexit.o "; for ac_func in on_exit do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2904: checking for $ac_func" >&5 +echo "configure:3080: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3108: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2955,12 +3131,12 @@ done fi echo $ac_n "checking for endutent""... $ac_c" 1>&6 -echo "configure:2959: checking for endutent" >&5 +echo "configure:3135: checking for endutent" >&5 if eval "test \"`echo '$''{'ac_cv_func_endutent'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3163: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_endutent=yes" else @@ -2997,19 +3173,126 @@ fi if eval "test \"`echo '$ac_cv_func_'endutent`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_ENDUTENT 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}endutent.o " fi +echo $ac_n "checking for initgroups""... $ac_c" 1>&6 +echo "configure:3187: checking for initgroups" >&5 +if eval "test \"`echo '$''{'ac_cv_func_initgroups'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char initgroups(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_initgroups) || defined (__stub___initgroups) +choke me +#else +initgroups(); +#endif + +; return 0; } +EOF +if { (eval echo configure:3215: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_initgroups=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_func_initgroups=no" +fi +rm -f conftest* +fi + +if eval "test \"`echo '$ac_cv_func_'initgroups`\" = yes"; then + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define HAVE_INITGROUPS 1 +EOF + +else + echo "$ac_t""no" 1>&6 +MISSING="${MISSING}initgroups.o " +fi + +echo $ac_n "checking for memcmp""... $ac_c" 1>&6 +echo "configure:3239: checking for memcmp" >&5 +if eval "test \"`echo '$''{'ac_cv_func_memcmp'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char memcmp(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_memcmp) || defined (__stub___memcmp) +choke me +#else +memcmp(); +#endif + +; return 0; } +EOF +if { (eval echo configure:3267: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_memcmp=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_func_memcmp=no" +fi +rm -f conftest* +fi + +if eval "test \"`echo '$ac_cv_func_'memcmp`\" = yes"; then + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define HAVE_MEMCMP 1 +EOF + +else + echo "$ac_t""no" 1>&6 +MISSING="${MISSING}memcmp.o " +fi + echo $ac_n "checking for memcpy""... $ac_c" 1>&6 -echo "configure:3008: checking for memcpy" >&5 +echo "configure:3291: checking for memcpy" >&5 if eval "test \"`echo '$''{'ac_cv_func_memcpy'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3319: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_memcpy=yes" else @@ -3046,18 +3329,21 @@ fi if eval "test \"`echo '$ac_cv_func_'memcpy`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_MEMCPY 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}memcpy.o "; for ac_func in bcopy do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3056: checking for $ac_func" >&5 +echo "configure:3342: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3370: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3107,12 +3393,12 @@ done fi echo $ac_n "checking for memset""... $ac_c" 1>&6 -echo "configure:3111: checking for memset" >&5 +echo "configure:3397: checking for memset" >&5 if eval "test \"`echo '$''{'ac_cv_func_memset'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3425: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_memset=yes" else @@ -3149,18 +3435,21 @@ fi if eval "test \"`echo '$ac_cv_func_'memset`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_MEMSET 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}memset.o "; for ac_func in bzero do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3159: checking for $ac_func" >&5 +echo "configure:3448: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3476: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3210,12 +3499,12 @@ done fi echo $ac_n "checking for getcwd""... $ac_c" 1>&6 -echo "configure:3214: checking for getcwd" >&5 +echo "configure:3503: checking for getcwd" >&5 if eval "test \"`echo '$''{'ac_cv_func_getcwd'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3531: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_getcwd=yes" else @@ -3252,18 +3541,21 @@ fi if eval "test \"`echo '$ac_cv_func_'getcwd`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_GETCWD 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}getcwd.o "; for ac_func in getwd do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3262: checking for $ac_func" >&5 +echo "configure:3554: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3582: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3313,12 +3605,12 @@ done fi echo $ac_n "checking for getenv""... $ac_c" 1>&6 -echo "configure:3317: checking for getenv" >&5 +echo "configure:3609: checking for getenv" >&5 if eval "test \"`echo '$''{'ac_cv_func_getenv'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3637: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_getenv=yes" else @@ -3365,12 +3657,12 @@ MISSING="${MISSING}env.o " fi echo $ac_n "checking for getutline""... $ac_c" 1>&6 -echo "configure:3369: checking for getutline" >&5 +echo "configure:3661: checking for getutline" >&5 if eval "test \"`echo '$''{'ac_cv_func_getutline'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3689: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_getutline=yes" else @@ -3416,12 +3708,12 @@ else MISSING="${MISSING}getutline.o "; for ac_func in ttyslot do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3420: checking for $ac_func" >&5 +echo "configure:3712: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3740: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3471,12 +3763,12 @@ done fi echo $ac_n "checking for pututline""... $ac_c" 1>&6 -echo "configure:3475: checking for pututline" >&5 +echo "configure:3767: checking for pututline" >&5 if eval "test \"`echo '$''{'ac_cv_func_pututline'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3795: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_pututline=yes" else @@ -3513,18 +3805,21 @@ fi if eval "test \"`echo '$ac_cv_func_'pututline`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_PUTUTLINE 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}pututline.o "; for ac_func in ttyslot do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3523: checking for $ac_func" >&5 +echo "configure:3818: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3846: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3574,12 +3869,12 @@ done fi echo $ac_n "checking for setenv""... $ac_c" 1>&6 -echo "configure:3578: checking for setenv" >&5 +echo "configure:3873: checking for setenv" >&5 if eval "test \"`echo '$''{'ac_cv_func_setenv'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3901: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_setenv=yes" else @@ -3626,12 +3921,12 @@ MISSING="${MISSING}env.o " fi echo $ac_n "checking for setegid""... $ac_c" 1>&6 -echo "configure:3630: checking for setegid" >&5 +echo "configure:3925: checking for setegid" >&5 if eval "test \"`echo '$''{'ac_cv_func_setegid'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:3953: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_setegid=yes" else @@ -3668,18 +3963,21 @@ fi if eval "test \"`echo '$ac_cv_func_'setegid`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_SETEGID 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}setegid.o "; for ac_func in setregid setresgid do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3678: checking for $ac_func" >&5 +echo "configure:3976: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4004: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3729,12 +4027,12 @@ done fi echo $ac_n "checking for seteuid""... $ac_c" 1>&6 -echo "configure:3733: checking for seteuid" >&5 +echo "configure:4031: checking for seteuid" >&5 if eval "test \"`echo '$''{'ac_cv_func_seteuid'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4059: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_seteuid=yes" else @@ -3771,18 +4069,21 @@ fi if eval "test \"`echo '$ac_cv_func_'seteuid`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_SETEUID 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}seteuid.o "; for ac_func in setreuid setresuid do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3781: checking for $ac_func" >&5 +echo "configure:4082: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4110: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3832,12 +4133,12 @@ done fi echo $ac_n "checking for setutent""... $ac_c" 1>&6 -echo "configure:3836: checking for setutent" >&5 +echo "configure:4137: checking for setutent" >&5 if eval "test \"`echo '$''{'ac_cv_func_setutent'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4165: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_setutent=yes" else @@ -3874,19 +4175,22 @@ fi if eval "test \"`echo '$ac_cv_func_'setutent`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_SETUTENT 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}setutent.o " fi echo $ac_n "checking for sigprocmask""... $ac_c" 1>&6 -echo "configure:3885: checking for sigprocmask" >&5 +echo "configure:4189: checking for sigprocmask" >&5 if eval "test \"`echo '$''{'ac_cv_func_sigprocmask'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4217: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_sigprocmask=yes" else @@ -3923,18 +4227,21 @@ fi if eval "test \"`echo '$ac_cv_func_'sigprocmask`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_SIGPROCMASK 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}sigprocmask.o "; for ac_func in sigblock sigsetmask do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3933: checking for $ac_func" >&5 +echo "configure:4240: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4268: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3984,12 +4291,12 @@ done fi echo $ac_n "checking for strchr""... $ac_c" 1>&6 -echo "configure:3988: checking for strchr" >&5 +echo "configure:4295: checking for strchr" >&5 if eval "test \"`echo '$''{'ac_cv_func_strchr'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4323: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_strchr=yes" else @@ -4026,18 +4333,21 @@ fi if eval "test \"`echo '$ac_cv_func_'strchr`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_STRCHR 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}strchr.o "; for ac_func in index do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:4036: checking for $ac_func" >&5 +echo "configure:4346: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4374: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -4087,12 +4397,12 @@ done fi echo $ac_n "checking for strrchr""... $ac_c" 1>&6 -echo "configure:4091: checking for strrchr" >&5 +echo "configure:4401: checking for strrchr" >&5 if eval "test \"`echo '$''{'ac_cv_func_strrchr'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4429: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_strrchr=yes" else @@ -4129,18 +4439,21 @@ fi if eval "test \"`echo '$ac_cv_func_'strrchr`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_STRRCHR 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}strrchr.o "; for ac_func in rindex do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:4139: checking for $ac_func" >&5 +echo "configure:4452: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4480: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -4190,12 +4503,12 @@ done fi echo $ac_n "checking for strtoul""... $ac_c" 1>&6 -echo "configure:4194: checking for strtoul" >&5 +echo "configure:4507: checking for strtoul" >&5 if eval "test \"`echo '$''{'ac_cv_func_strtoul'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4535: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_strtoul=yes" else @@ -4232,19 +4545,22 @@ fi if eval "test \"`echo '$ac_cv_func_'strtoul`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_STRTOUL 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}strtoul.o " fi echo $ac_n "checking for sysconf""... $ac_c" 1>&6 -echo "configure:4243: checking for sysconf" >&5 +echo "configure:4559: checking for sysconf" >&5 if eval "test \"`echo '$''{'ac_cv_func_sysconf'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4587: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_sysconf=yes" else @@ -4281,18 +4597,21 @@ fi if eval "test \"`echo '$ac_cv_func_'sysconf`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_SYSCONF 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}sysconf.o "; for ac_func in getdtablesize do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:4291: checking for $ac_func" >&5 +echo "configure:4610: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4638: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -4342,12 +4661,12 @@ done fi echo $ac_n "checking for uname""... $ac_c" 1>&6 -echo "configure:4346: checking for uname" >&5 +echo "configure:4665: checking for uname" >&5 if eval "test \"`echo '$''{'ac_cv_func_uname'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4693: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_uname=yes" else @@ -4384,18 +4703,21 @@ fi if eval "test \"`echo '$ac_cv_func_'uname`\" = yes"; then echo "$ac_t""yes" 1>&6 - : + cat >> confdefs.h <<\EOF +#define HAVE_UNAME 1 +EOF + else echo "$ac_t""no" 1>&6 MISSING="${MISSING}uname.o "; for ac_func in gethostname do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:4394: checking for $ac_func" >&5 +echo "configure:4716: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4744: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -4445,12 +4767,12 @@ done fi echo $ac_n "checking for unsetenv""... $ac_c" 1>&6 -echo "configure:4449: checking for unsetenv" >&5 +echo "configure:4771: checking for unsetenv" >&5 if eval "test \"`echo '$''{'ac_cv_func_unsetenv'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then +if { (eval echo configure:4799: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_unsetenv=yes" else @@ -4499,9 +4821,9 @@ fi echo $ac_n "checking for nonstandard gettimeofday""... $ac_c" 1>&6 -echo "configure:4503: checking for nonstandard gettimeofday" >&5 +echo "configure:4825: checking for nonstandard gettimeofday" >&5 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:4842: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* echo "$ac_t""no" 1>&6 else @@ -4524,7 +4846,7 @@ else cat conftest.$ac_ext >&5 rm -rf conftest* echo "$ac_t""maybe" 1>&6 cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:4865: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* cat >> confdefs.h <<\EOF #define HAVE_ONE_ARG_GETTIMEOFDAY 1 @@ -4579,7 +4901,7 @@ EOF # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. (set) 2>&1 | - case `(ac_space=' '; set) 2>&1` in + case `(ac_space=' '; set | grep ac_space) 2>&1` in *ac_space=\ *) # `set' does not quote correctly, so add quotes (double-quote substitution # turns \\\\ into \\, and sed turns \\ into \). @@ -4646,7 +4968,7 @@ do echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion" exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;; -version | --version | --versio | --versi | --vers | --ver | --ve | --v) - echo "$CONFIG_STATUS generated by autoconf version 2.12" + echo "$CONFIG_STATUS generated by autoconf version 2.13" exit 0 ;; -help | --help | --hel | --he | --h) echo "\$ac_cs_usage"; exit 0 ;; @@ -4665,9 +4987,11 @@ sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g; s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF $ac_vpsub $extrasub +s%@SHELL@%$SHELL%g s%@CFLAGS@%$CFLAGS%g s%@CPPFLAGS@%$CPPFLAGS%g s%@CXXFLAGS@%$CXXFLAGS%g +s%@FFLAGS@%$FFLAGS%g s%@DEFS@%$DEFS%g s%@LDFLAGS@%$LDFLAGS%g s%@LIBS@%$LIBS%g @@ -4688,6 +5012,7 @@ s%@infodir@%$infodir%g s%@mandir@%$mandir%g s%@ACCESS_FILE@%$ACCESS_FILE%g s%@LOCK_DIR@%$LOCK_DIR%g +s%@OPIEAUTO@%$OPIEAUTO%g s%@CC@%$CC%g s%@CPP@%$CPP%g s%@LN_S@%$LN_S%g diff --git a/contrib/opie/configure.in b/contrib/opie/configure.in index 6fd7cd40bd63..7c2bca2e1d4f 100644 --- a/contrib/opie/configure.in +++ b/contrib/opie/configure.in @@ -1,7 +1,7 @@ dnl configure.in: Input for Autoconf dnl dnl %%% portions-copyright-cmetz-96 -dnl Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +dnl Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights dnl Reserved. The Inner Net License Version 2 applies to these portions of dnl the software. dnl You should have received a copy of the license with this software. If @@ -14,6 +14,11 @@ dnl License Agreement applies to this software. dnl dnl History: dnl +dnl Modified by cmetz for OPIE 2.4. Add --enable-opieauto option. Check +dnl for ut_id and ut_syslen. Make disable-wtmp disable wtmp not utmp. +dnl Define HAVE_foo if foo is found by the libmissing function check. +dnl Added checks for libmissing functions that were there but never +dnl actually checked for and therefore available. dnl Modified by cmetz for OPIE 2.32. Substitute default for LOCK_DIR. dnl Fix the --disable-user-locking bug. AC_DEFINE variables to 1. dnl Really check for ut_host. @@ -72,9 +77,11 @@ AC_ARG_ENABLE(su-star-check, [ --enable-su-star-check Refuse to switch to disa AC_ARG_ENABLE(new-prompts, [ --disable-new-prompts Use more compatible (but less informative) prompts],, AC_DEFINE(NEW_PROMPTS, 1)) AC_ARG_ENABLE(insecure-override, [ --enable-insecure-override Allow users to override insecure checks], AC_DEFINE(INSECURE_OVERRIDE, 1)) -AC_ARG_ENABLE(anonymous-ftp, [ --enable-anonymous-ftp Enable anonymous FTP support], AC_DEFINE(DOANONYMOUS, 1) echo "Enabling anonymous FTP support in ftp -- don't say we didn't warn you!") -AC_ARG_ENABLE(utmp, [ --disable-utmp Disable utmp logging], AC_DEFINE(DISABLE_UTMP, 1) echo "Disabling utmp logging") -AC_ARG_ENABLE(wtmp, [ --disable-wtmp Disable wtmp logging], AC_DEFINE(DISABLE_UTMP, 1) echo "Disabling wtmp logging") +AC_ARG_ENABLE(anonymous-ftp, [ --enable-anonymous-ftp Enable anonymous FTP support], AC_DEFINE(DOANONYMOUS, 1) echo "enabling anonymous FTP support in ftp -- don't say we didn't warn you!") +AC_ARG_ENABLE(utmp, [ --disable-utmp Disable utmp logging], AC_DEFINE(DISABLE_UTMP, 1) echo "disabling utmp logging") +AC_ARG_ENABLE(wtmp, [ --disable-wtmp Disable wtmp logging], AC_DEFINE(DISABLE_WTMP, 1) echo "disabling wtmp logging") +AC_ARG_ENABLE(opieauto, [ --enable-opieauto Enable support for opieauto], AC_DEFINE(OPIEAUTO, 1) OPIEAUTO=opieauto; echo "enabling opieauto support") +AC_SUBST(OPIEAUTO) dnl Checks for programs. AC_PROG_CC @@ -484,6 +491,15 @@ dnl #include ], [struct utmp foo; return (int)foo.ut_user[0];], AC_DEFIN AC_MSG_CHECKING(for ut_host in struct utmp) AC_TRY_COMPILE([#include #include ], [struct utmp foo; return (int)foo.ut_host[0];], AC_DEFINE(HAVE_UT_HOST) AC_MSG_RESULT(yes), AC_MSG_RESULT(no)) +AC_MSG_CHECKING(for ut_id in struct utmp) +AC_TRY_COMPILE([#include +#include ], [struct utmp foo; return (int)foo.ut_id[0];], AC_DEFINE(HAVE_UT_ID) AC_MSG_RESULT(yes), AC_MSG_RESULT(no)) +#AC_MSG_CHECKING(for ut_syslen in struct utmp) +#AC_TRY_COMPILE([#include +##include ], [struct utmp foo; return (int)foo.ut_syslen;], AC_DEFINE(HAVE_UT_SYSLEN) AC_MSG_RESULT(yes), AC_MSG_RESULT(no)) +AC_MSG_CHECKING(for ut_syslen in struct utmpx) +AC_TRY_COMPILE([#include +#include ], [struct utmpx foo; return (int)foo.ut_syslen;], AC_DEFINE(HAVE_UTX_SYSLEN) AC_MSG_RESULT(yes), AC_MSG_RESULT(no)) dnl Checks for library functions. dnl AC_PROG_GCC_TRADITIONAL @@ -495,25 +511,29 @@ AC_FUNC_MEMCMP AC_FUNC_ALLOCA AC_REPLACE_FUNCS(getusershell sigaddset sigemptyset strerror strncasecmp) MISSING="$LIBOBJS $ALLOCA " ; -AC_CHECK_FUNC(atexit,, MISSING="${MISSING}atexit.o "; AC_CHECK_FUNCS(on_exit)) -AC_CHECK_FUNC(endutent,, MISSING="${MISSING}endutent.o ") -AC_CHECK_FUNC(memcpy,, MISSING="${MISSING}memcpy.o "; AC_CHECK_FUNCS(bcopy)) -AC_CHECK_FUNC(memset,, MISSING="${MISSING}memset.o "; AC_CHECK_FUNCS(bzero)) -AC_CHECK_FUNC(getcwd,, MISSING="${MISSING}getcwd.o "; AC_CHECK_FUNCS(getwd)) -AC_CHECK_FUNC(getenv, AC_DEFINE(HAVE_GETENV), MISSING="${MISSING}env.o ") -AC_CHECK_FUNC(getutline, AC_DEFINE(HAVE_GETUTLINE), MISSING="${MISSING}getutline.o "; AC_CHECK_FUNCS(ttyslot)) -AC_CHECK_FUNC(pututline,, MISSING="${MISSING}pututline.o "; AC_CHECK_FUNCS(ttyslot)) -AC_CHECK_FUNC(setenv, AC_DEFINE(HAVE_SETENV), MISSING="${MISSING}env.o ") -AC_CHECK_FUNC(setegid,, MISSING="${MISSING}setegid.o "; AC_CHECK_FUNCS(setregid setresgid)) -AC_CHECK_FUNC(seteuid,, MISSING="${MISSING}seteuid.o "; AC_CHECK_FUNCS(setreuid setresuid)) -AC_CHECK_FUNC(setutent,, MISSING="${MISSING}setutent.o ") -AC_CHECK_FUNC(sigprocmask,, MISSING="${MISSING}sigprocmask.o "; AC_CHECK_FUNCS(sigblock sigsetmask)) -AC_CHECK_FUNC(strchr,, MISSING="${MISSING}strchr.o "; AC_CHECK_FUNCS(index)) -AC_CHECK_FUNC(strrchr,, MISSING="${MISSING}strrchr.o "; AC_CHECK_FUNCS(rindex)) -AC_CHECK_FUNC(strtoul,, MISSING="${MISSING}strtoul.o ") -AC_CHECK_FUNC(sysconf,, MISSING="${MISSING}sysconf.o "; AC_CHECK_FUNCS(getdtablesize)) -AC_CHECK_FUNC(uname,, MISSING="${MISSING}uname.o "; AC_CHECK_FUNCS(gethostname)) -AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV), MISSING="${MISSING}env.o ") + +dnl These should be simplified by a macro +AC_CHECK_FUNC(atexit, AC_DEFINE(HAVE_ATEXIT), MISSING="${MISSING}atexit.o "; AC_CHECK_FUNCS(on_exit)) +AC_CHECK_FUNC(endutent, AC_DEFINE(HAVE_ENDUTENT), MISSING="${MISSING}endutent.o ") +AC_CHECK_FUNC(initgroups, AC_DEFINE(HAVE_INITGROUPS), MISSING="${MISSING}initgroups.o ") +AC_CHECK_FUNC(memcmp, AC_DEFINE(HAVE_MEMCMP), MISSING="${MISSING}memcmp.o ") +AC_CHECK_FUNC(memcpy, AC_DEFINE(HAVE_MEMCPY), MISSING="${MISSING}memcpy.o "; AC_CHECK_FUNCS(bcopy)) +AC_CHECK_FUNC(memset, AC_DEFINE(HAVE_MEMSET), MISSING="${MISSING}memset.o "; AC_CHECK_FUNCS(bzero)) +AC_CHECK_FUNC(getcwd, AC_DEFINE(HAVE_GETCWD), MISSING="${MISSING}getcwd.o "; AC_CHECK_FUNCS(getwd)) +AC_CHECK_FUNC(getenv, AC_DEFINE(HAVE_GETENV), MISSING="${MISSING}env.o ") +AC_CHECK_FUNC(getutline, AC_DEFINE(HAVE_GETUTLINE), MISSING="${MISSING}getutline.o "; AC_CHECK_FUNCS(ttyslot)) +AC_CHECK_FUNC(pututline, AC_DEFINE(HAVE_PUTUTLINE), MISSING="${MISSING}pututline.o "; AC_CHECK_FUNCS(ttyslot)) +AC_CHECK_FUNC(setenv, AC_DEFINE(HAVE_SETENV), MISSING="${MISSING}env.o ") +AC_CHECK_FUNC(setegid, AC_DEFINE(HAVE_SETEGID), MISSING="${MISSING}setegid.o "; AC_CHECK_FUNCS(setregid setresgid)) +AC_CHECK_FUNC(seteuid, AC_DEFINE(HAVE_SETEUID), MISSING="${MISSING}seteuid.o "; AC_CHECK_FUNCS(setreuid setresuid)) +AC_CHECK_FUNC(setutent, AC_DEFINE(HAVE_SETUTENT), MISSING="${MISSING}setutent.o ") +AC_CHECK_FUNC(sigprocmask, AC_DEFINE(HAVE_SIGPROCMASK), MISSING="${MISSING}sigprocmask.o "; AC_CHECK_FUNCS(sigblock sigsetmask)) +AC_CHECK_FUNC(strchr, AC_DEFINE(HAVE_STRCHR), MISSING="${MISSING}strchr.o "; AC_CHECK_FUNCS(index)) +AC_CHECK_FUNC(strrchr, AC_DEFINE(HAVE_STRRCHR), MISSING="${MISSING}strrchr.o "; AC_CHECK_FUNCS(rindex)) +AC_CHECK_FUNC(strtoul, AC_DEFINE(HAVE_STRTOUL), MISSING="${MISSING}strtoul.o ") +AC_CHECK_FUNC(sysconf, AC_DEFINE(HAVE_SYSCONF), MISSING="${MISSING}sysconf.o "; AC_CHECK_FUNCS(getdtablesize)) +AC_CHECK_FUNC(uname, AC_DEFINE(HAVE_UNAME), MISSING="${MISSING}uname.o "; AC_CHECK_FUNCS(gethostname)) +AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV), MISSING="${MISSING}env.o ") AC_SUBST(MISSING) AC_MSG_CHECKING(for nonstandard gettimeofday) diff --git a/contrib/opie/ftpcmd.y b/contrib/opie/ftpcmd.y index 8ade38d9013a..5567c4a50223 100644 --- a/contrib/opie/ftpcmd.y +++ b/contrib/opie/ftpcmd.y @@ -1,7 +1,7 @@ /* ftpcmd.y: yacc parser for the FTP daemon. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -9,6 +9,7 @@ you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Use DOTITLE rather than SETPROCTITLE. Modified by cmetz for OPIE 2.3. Moved LS_COMMAND here. Modified by cmetz for OPIE 2.2. Fixed a *lot* of warnings. Use FUNCTION declaration et al. Removed useless strings. @@ -962,10 +963,10 @@ int yylex FUNCTION_NOARGS dologout(0); } (void) alarm(0); -#ifdef SETPROCTITLE +#if DOTITLE if (strncasecmp(cbuf, "PASS", 4) != NULL) setproctitle("%s: %s", proctitle, cbuf); -#endif /* SETPROCTITLE */ +#endif /* DOTITLE */ if ((cp = strchr(cbuf, '\r'))) { *cp++ = '\n'; *cp = '\0'; diff --git a/contrib/opie/glob.c b/contrib/opie/glob.c index 8cbe7790e1a2..c1bd65801079 100644 --- a/contrib/opie/glob.c +++ b/contrib/opie/glob.c @@ -1,8 +1,8 @@ /* glob.c: The csh et al glob pattern matching routines. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . diff --git a/contrib/opie/libmissing/Makefile.in b/contrib/opie/libmissing/Makefile.in index 3da41edad598..e4759da3098f 100644 --- a/contrib/opie/libmissing/Makefile.in +++ b/contrib/opie/libmissing/Makefile.in @@ -2,29 +2,33 @@ # Makefile.in/Makefile: Directions for building libmissing. # # %%% copyright-cmetz-96 -# This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -# The Inner Net License Version 2 applies to this software. +# This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +# The Inner Net License Version 3 applies to this software. # You should have received a copy of the license with this software. If # you didn't get a copy, you may request one from . # # History: # +# Modified by cmetz for OPIE 2.4. Add current dir to include header path. +# Use ar 'cr' instead of 'r'. Renamed realclean to distclean. # Created by cmetz for OPIE 2.3 using old Makefiles as a guide. OBJS=bogus.o @MISSING@ CC=@CC@ -CFLAGS=$(CFL) -I.. +CFLAGS=$(CFL) -I.. -I. TARGET=libmissing.a all: $(TARGET) $(TARGET): $(OBJS) - ar r $(TARGET) $(OBJS) + ar cr $(TARGET) $(OBJS) @RANLIB@ $(TARGET) clean: -rm -f $(OBJS) $(TARGET) -realclean: clean +realclean: distclean + +distclean: clean -rm -f *~ core* "\#*\#" *.o *.a Makefile diff --git a/contrib/opie/libmissing/endutent.c b/contrib/opie/libmissing/endutent.c index 0b4bd7a39763..e0355b7e28f8 100644 --- a/contrib/opie/libmissing/endutent.c +++ b/contrib/opie/libmissing/endutent.c @@ -1,8 +1,8 @@ /* endutent.c: A replacement for the endutent function %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . diff --git a/contrib/opie/libmissing/getutline.c b/contrib/opie/libmissing/getutline.c index 59df92b750a1..929d024c6b6c 100644 --- a/contrib/opie/libmissing/getutline.c +++ b/contrib/opie/libmissing/getutline.c @@ -1,8 +1,8 @@ /* getutline.c: A replacement for the getutline() function %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . diff --git a/contrib/opie/libmissing/pututline.c b/contrib/opie/libmissing/pututline.c index 93f209bbc76c..718ecbaadde9 100644 --- a/contrib/opie/libmissing/pututline.c +++ b/contrib/opie/libmissing/pututline.c @@ -1,8 +1,8 @@ /* pututline.c: A replacement for the pututline() function %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . diff --git a/contrib/opie/libmissing/setutent.c b/contrib/opie/libmissing/setutent.c index ebb98e0ac4ef..865fcd16df59 100644 --- a/contrib/opie/libmissing/setutent.c +++ b/contrib/opie/libmissing/setutent.c @@ -1,8 +1,8 @@ /* setutent.c: A replacement for the setutent function %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . diff --git a/contrib/opie/libopie/Makefile.in b/contrib/opie/libopie/Makefile.in index 2b3c96c0cd85..dfc1c6f94d4b 100644 --- a/contrib/opie/libopie/Makefile.in +++ b/contrib/opie/libopie/Makefile.in @@ -2,30 +2,34 @@ # Makefile.in/Makefile: Directions for building libopie. # # %%% copyright-cmetz-96 -# This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -# The Inner Net License Version 2 applies to this software. +# This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +# The Inner Net License Version 3 applies to this software. # You should have received a copy of the license with this software. If # you didn't get a copy, you may request one from . # # History: # +# Modified by cmetz for OPIE 2.4. Add libmissing to include header path. +# Use ar 'cr' instead of 'r'. Renamed realclean to distclean. # Modified by cmetz for OPIE 2.31. Added logwtmp.o # Created by cmetz for OPIE 2.3 using old Makefiles as a guide. OBJS=md4c.o md5c.o atob8.o btoa8.o btoh.o challenge.o getsequence.o hash.o hashlen.o keycrunch.o lock.o lookup.o newseed.o parsechallenge.o passcheck.o passwd.o randomchallenge.o readpass.o unlock.o verify.o version.o btoe.o accessfile.o generator.o insecure.o getutmpentry.o readrec.o writerec.o login.o open.o logwtmp.o # sha.o CC=@CC@ -CFLAGS=$(CFL) -I.. +CFLAGS=$(CFL) -I.. -I../libmissing TARGET=libopie.a all: $(TARGET) $(TARGET): $(OBJS) - ar r $(TARGET) $(OBJS) + ar cr $(TARGET) $(OBJS) @RANLIB@ $(TARGET) clean: -rm -f $(OBJS) $(TARGET) -realclean: clean +realclean: distclean + +distclean: clean -rm -f *~ core* "\#*\#" *.o *.a Makefile diff --git a/contrib/opie/libopie/accessfile.c b/contrib/opie/libopie/accessfile.c index 0fe1d123958e..8e2765feb634 100644 --- a/contrib/opie/libopie/accessfile.c +++ b/contrib/opie/libopie/accessfile.c @@ -2,7 +2,7 @@ overrides. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/atob8.c b/contrib/opie/libopie/atob8.c index 78a7d43831b4..77367f199f81 100644 --- a/contrib/opie/libopie/atob8.c +++ b/contrib/opie/libopie/atob8.c @@ -1,7 +1,7 @@ /* atob8.c: The opieatob8() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,7 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg. Modified by cmetz for OPIE 2.3. Return the output variable. Don't check parameters. Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al. @@ -27,10 +28,11 @@ License Agreement applies to this software. /* Convert 8-byte hex-ascii string to binary array */ -char *opieatob8 FUNCTION((out, in), char *out AND char *in) +char *opieatob8 FUNCTION((out, in), struct opie_otpkey *outkey AND char *in) { register int i; register int val; + unsigned char *out = (unsigned char *)outkey; for (i = 0; i < 8; i++) { while (*in == ' ' || *in == '\t') diff --git a/contrib/opie/libopie/btoa8.c b/contrib/opie/libopie/btoa8.c index 2b3e885bc1a5..b66306f2739a 100644 --- a/contrib/opie/libopie/btoa8.c +++ b/contrib/opie/libopie/btoa8.c @@ -1,13 +1,14 @@ /* btoa8.c: The opiebtoa8() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg. Created by cmetz for OPIE 2.3 (quick re-write). */ @@ -17,9 +18,10 @@ you didn't get a copy, you may request one from . static char hextochar[16] = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'}; -char *opiebtoa8 FUNCTION((out, in), char *out AND char *in) +char *opiebtoa8 FUNCTION((out, in), char *out AND struct opie_otpkey *inkey) { int i; + unsigned char *in = (unsigned char *)inkey; char *c = out; for (i = 0; i < 8; i++) { diff --git a/contrib/opie/libopie/btoe.c b/contrib/opie/libopie/btoe.c index b7ed3cde3420..fa91077a95fe 100644 --- a/contrib/opie/libopie/btoe.c +++ b/contrib/opie/libopie/btoe.c @@ -3,7 +3,7 @@ 64 bit OTP. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -16,6 +16,7 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg. Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al. Remove unnecessary address futzing with Wp in opiebtoe. Changed unsigned long to UINT4 for Alpha. @@ -2088,13 +2089,13 @@ static char Wp[2048][4] = }; /* Encode 8 bytes in 'c' as a string of English words. */ -char *opiebtoe FUNCTION((engout, c), char *engout AND char *c) +char *opiebtoe FUNCTION((engout, c), char *engout AND struct opie_otpkey *c) { - char cp[9]; /* add in room for the parity 2 bits */ + char cp[sizeof(struct opie_otpkey) + 1]; /* add in room for the parity 2 bits */ int p, i; engout[0] = '\0'; - memcpy(cp, c, 8); + memcpy(cp, c, sizeof(struct opie_otpkey)); /* compute parity */ for (p = 0, i = 0; i < 64; i += 2) p += extract(cp, i, 2); @@ -2120,7 +2121,7 @@ char *opiebtoe FUNCTION((engout, c), char *engout AND char *c) * -1 badly formed in put ie > 4 char word * -2 words OK but parity is wrong */ -int opieetob FUNCTION((out, e), char *out AND char *e) +int opieetob FUNCTION((out, e), struct opie_otpkey *out AND char *e) { char *word, *c, *input, b[9]; int i, p, v, l, low, high, rval = -1; @@ -2137,7 +2138,7 @@ int opieetob FUNCTION((out, e), char *out AND char *e) strncpy(input, e, i); input[i] = 0; memset(b, 0, sizeof(b)); - memset(out, 0, 8); + memset(out, 0, sizeof(struct opie_otpkey)); for (i = 0, p = 0, word = c = input; i < 6; i++, p += 11) { while (*c && !isalpha(*c)) c++; @@ -2187,7 +2188,7 @@ int opieetob FUNCTION((out, e), char *out AND char *e) goto opiebtoeret; } - memcpy(out, b, 8); + memcpy(out, b, sizeof(struct opie_otpkey)); rval = 1; diff --git a/contrib/opie/libopie/btoh.c b/contrib/opie/libopie/btoh.c index c5ed15065ac4..45fb4c827083 100644 --- a/contrib/opie/libopie/btoh.c +++ b/contrib/opie/libopie/btoh.c @@ -1,8 +1,8 @@ /* btoh.c: The opiebtoh() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . @@ -17,10 +17,11 @@ you didn't get a copy, you may request one from . static char hextochar[16] = {'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'}; -char *opiebtoh FUNCTION((out, in), char *out AND char *in) +char *opiebtoh FUNCTION((out, in), char *out AND struct opie_otpkey *inkey) { int i; char *c = out; + unsigned char *in = (unsigned char *)inkey; for (i = 0; i < 4; i++) { *(c++) = hextochar[((*in) >> 4) & 0x0f]; diff --git a/contrib/opie/libopie/challenge.c b/contrib/opie/libopie/challenge.c index 0f3fec55cf22..149403db50be 100644 --- a/contrib/opie/libopie/challenge.c +++ b/contrib/opie/libopie/challenge.c @@ -1,7 +1,7 @@ /* challenge.c: The opiechallenge() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -66,11 +66,11 @@ int opiechallenge FUNCTION((mp, name, ss), struct opie *mp AND char *name AND ch #endif /* DEBUG */ } - if (rval) { + if (rval || + (snprintf(ss, OPIE_CHALLENGE_MAX, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed) >= OPIE_CHALLENGE_MAX)) { opierandomchallenge(ss); memset(mp, 0, sizeof(*mp)); - } else - sprintf(ss, "otp-%s %d %s ext", algids[MDX], mp->opie_n - 1, mp->opie_seed); + } return rval; } diff --git a/contrib/opie/libopie/generator.c b/contrib/opie/libopie/generator.c index 618a131333bb..24c6a73efede 100644 --- a/contrib/opie/libopie/generator.c +++ b/contrib/opie/libopie/generator.c @@ -1,7 +1,7 @@ /* generator.c: The opiegenerator() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -9,6 +9,9 @@ you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Added opieauto code based on + previously released test code. Renamed buffer to challenge. + Use struct opie_otpkey for keys. Modified by cmetz for OPIE 2.32. If secret=NULL, always return as if opieauto returned "get the secret". Renamed _opieparsechallenge() to __opieparsechallenge(). Check @@ -31,73 +34,362 @@ you didn't get a copy, you may request one from . #if HAVE_STRING_H #include #endif /* HAVE_STRING_H */ +#if OPIEAUTO +#include +#if HAVE_STDLIB_H +#include +#endif /* HAVE_STDLIB_H */ +#include + +#include +#include +#endif /* OPIEAUTO */ +#if DEBUG +#include +#endif /* DEBUG */ #include "opie.h" static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" }; -int opiegenerator FUNCTION((buffer, secret, response), char *buffer AND char *secret AND char *response) +#if OPIEAUTO +#ifndef max +#define max(x, y) (((x) > (y)) ? (x) : (y)) +#endif /* max */ + +static int opieauto_connect FUNCTION_NOARGS +{ + int s; + struct sockaddr_un sun; + char buffer[1024]; + char *c, *c2 ="/.opieauto"; + uid_t myuid = getuid(), myeuid = geteuid(); + + if (!myuid || !myeuid || (myuid != myeuid)) { +#if DEBUG + syslog(LOG_DEBUG, "opieauto_connect: superuser and/or setuid not allowed"); +#endif /* DEBUG */ + return -1; + }; + + memset(&sun, 0, sizeof(struct sockaddr_un)); + sun.sun_family = AF_UNIX; + + if (!(c = getenv("HOME"))) { +#if DEBUG + syslog(LOG_DEBUG, "opieauto_connect: no HOME variable?"); +#endif /* DEBUG */ + return -1; + }; + + if (strlen(c) > (sizeof(sun.sun_path) - strlen(c2) - 1)) { +#if DEBUG + syslog(LOG_DEBUG, "opieauto_connect: HOME is too long: %s", c); +#endif /* DEBUG */ + return -1; + }; + + strcpy(sun.sun_path, c); + strcat(sun.sun_path, c2); + + if ((s = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) { +#if DEBUG + syslog(LOG_DEBUG, "opieauto_connect: socket: %s(%d)", strerror(errno), errno); +#endif /* DEBUG */ + return -1; + }; + + { + struct stat st; + + if (stat(sun.sun_path, &st) < 0) { +#if DEBUG + syslog(LOG_DEBUG, "opieauto_connect: stat: %s(%d)\n", strerror(errno), errno); +#endif /* DEBUG */ + goto ret; + }; + + if (connect(s, (struct sockaddr *)&sun, sizeof(struct sockaddr_un))) { +#if DEBUG + syslog(LOG_DEBUG, "opieauto_connect: connect: %s(%d)\n", strerror(errno), errno); +#endif /* DEBUG */ + goto ret; + }; + + if ((st.st_uid != myuid) || (!S_ISSOCK(st.st_mode)) || ((st.st_mode & 07777) != 0600)) { +#if DEBUG + syslog(LOG_DEBUG, "opieauto_connect: something's fishy about the socket\n"); +#endif /* DEBUG */ + goto ret; + }; + }; + + return s; + +ret: + close(s); + return -1; +}; +#endif /* OPIEAUTO */ + +int opiegenerator FUNCTION((challenge, secret, response), char *challenge AND char *secret AND char *response) { int algorithm; int sequence; char *seed; - char key[8]; + struct opie_otpkey key; int i; int exts; +#if OPIEAUTO + int s; + int window; + char cmd[1+1+1+1+4+1+OPIE_SEED_MAX+1+4+1+4+1+4+1+4+1]; + char *c; +#endif /* OPIEAUTO */ - if (!(buffer = strstr(buffer, "otp-"))) + if (!(challenge = strstr(challenge, "otp-"))) return 1; - buffer += 4; + challenge += 4; - if (__opieparsechallenge(buffer, &algorithm, &sequence, &seed, &exts)) + if (__opieparsechallenge(challenge, &algorithm, &sequence, &seed, &exts)) return 1; if ((sequence < 2) || (sequence > 9999)) return 1; - if (!secret[0]) - return 2; + if (*secret) { + if (opiepasscheck(secret)) + return -2; - if (opiepasscheck(secret)) - return -2; + if (i = opiekeycrunch(algorithm, &key, seed, secret)) + return i; - if (i = opiekeycrunch(algorithm, key, seed, secret)) - return i; + if (sequence <= OPIE_SEQUENCE_RESTRICT) { + if (!(exts & 1)) + return 1; - if (sequence < 10) { - if (!(exts & 1)) - return 1; + { + char newseed[OPIE_SEED_MAX + 1]; + struct opie_otpkey newkey; + char *c; + char buf[OPIE_SEED_MAX + 48 + 1]; + + while (sequence-- != 0) + opiehash(&key, algorithm); + + if (opienewseed(strcpy(newseed, seed)) < 0) + return -1; + + if (opiekeycrunch(algorithm, &newkey, newseed, secret)) + return -1; + + for (i = 0; i < 499; i++) + opiehash(&newkey, algorithm); + + strcpy(response, "init-hex:"); + strcat(response, opiebtoh(buf, &key)); + if (snprintf(buf, sizeof(buf), ":%s 499 %s:", algids[algorithm], + newseed) >= sizeof(buf)) { +#ifdef DEBUG + syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at init-hex"); +#endif /* DEBUG */ + return -1; + } + strcat(response, buf); + strcat(response, opiebtoh(buf, &newkey)); + }; + }; + }; + +#if OPIEAUTO + if ((s = opieauto_connect()) >= 0) { + if ((i = read(s, cmd, sizeof(cmd)-1)) < 0) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno); +#endif /* DEBUG */ + close(s); + s = -1; + goto l0; + }; + cmd[i] = 0; + if ((cmd[0] != 'C') || (cmd[1] != '+') || (cmd[2] != ' ')) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: got invalid/failing C+ response: %s\n", cmd); +#endif /* DEBUG */ + close(s); + s = -1; + goto l0; + }; + + window = strtoul(&cmd[3], &c, 10); + if (!window || (window >= (OPIE_SEQUENCE_MAX - OPIE_SEQUENCE_RESTRICT)) || !isspace(*c)) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: got bogus option response: %s\n", cmd); +#endif /* DEBUG */ + close(s); + s = -1; + goto l0; + }; + }; + +l0: + if (*secret) { + int j; + + if (s < 0) { + j = 0; + goto l1; + }; + + j = max(sequence - window + 1, OPIE_SEQUENCE_RESTRICT); + + for (i = j; i > 0; i--) + opiehash(&key, algorithm); { - char newseed[OPIE_SEED_MAX + 1]; - char newkey[8]; - char *c; - char buf[OPIE_SEED_MAX + 48 + 1]; + char buf[16+1]; - while (sequence-- != 0) - opiehash(key, algorithm); + opiebtoa8(buf, &key); - if (opienewseed(strcpy(newseed, seed)) < 0) - return -1; + if (snprintf(cmd, sizeof(cmd), "S= %d %d %s %s\n", algorithm, sequence, + seed, buf) >= sizeof(cmd)) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at S=\n"); +#endif /* DEBUG */ + goto l1; + } + } - if (opiekeycrunch(algorithm, newkey, newseed, secret)) - return -1; - - for (i = 0; i < 499; i++) - opiehash(newkey, algorithm); - - strcpy(response, "init-hex:"); - strcat(response, opiebtoh(buf, key)); - sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed); - strcat(response, buf); - strcat(response, opiebtoh(buf, newkey)); + if (write(s, cmd, i = strlen(cmd)) != i) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: write: %s(%d)\n", strerror(errno), errno); +#endif /* DEBUG */ + goto l1; }; - } else { - while (sequence-- != 0) - opiehash(key, algorithm); - opiebtoh(response, key); - } + if ((i = read(s, cmd, sizeof(cmd))) < 0) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno); +#endif /* DEBUG */ + }; + close(s); + + cmd[i] = 0; + i = strlen(seed); + if ((cmd[0] != 'S') || (cmd[1] != '+') || (cmd[2] != ' ') || (strtoul(&cmd[3], &c, 10) != algorithm) || (strtoul(c + 1, &c, 10) != sequence) || strncmp(++c, seed, i) || (*(c + i) != '\n')) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: got invalid/failing S+ response: %s\n", cmd); +#endif /* DEBUG */ + }; + +l1: + for (i = sequence - j; i > 0; i--) + opiehash(&key, algorithm); + + opiebtoh(response, &key); + } else { + if (s < 0) + goto l2; + + if ((snprintf(cmd, sizeof(cmd), "s= %d %d %s\n", algorithm, sequence, + seed) >= sizeof(cmd))) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: snprintf truncation at s=\n"); +#endif /* DEBUG */ + goto l2; + } + + if (write(s, cmd, i = strlen(cmd)) != i) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: write: %s(%d)\n", strerror(errno), errno); +#endif /* DEBUG */ + goto l2; + }; + + if ((i = read(s, cmd, sizeof(cmd))) < 0) { +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: read: %s(%d)\n", strerror(errno), errno); +#endif /* DEBUG */ + goto l2; + }; + close(s); + + i = strlen(seed); + + if ((cmd[0] != 's') || (cmd[2] != ' ') || (strtoul(&cmd[3], &c, 10) != algorithm) || (strtoul(c + 1, &c, 10) != sequence) || strncmp(++c, seed, i)) { +#if DEBUG + if (c) + *c = 0; + else + cmd[3] = 0; + + syslog(LOG_DEBUG, "opiegenerator: got bogus/invalid s response: %s\n", cmd); +#endif /* DEBUG */ + goto l2; + }; + + c += i; + + if (cmd[1] == '-') { +#if DEBUG + if (*c != '\n') { + *c = 0; + syslog(LOG_DEBUG, "opiegenerator: got invalid s- response: %s\n", cmd); + }; +#endif /* DEBUG */ + goto l2; + }; + + if (cmd[1] != '+') { +#if DEBUG + *c = 0; + syslog(LOG_DEBUG, "opiegenerator: got invalid s response: %s\n", cmd); +#endif /* DEBUG */ + goto l2; + }; + + { + char *c2; + + if (!(c2 = strchr(++c, '\n'))) { +#if DEBUG + *c = 0; + syslog(LOG_DEBUG, "opiegenerator: got invalid s+ response: %s\n", cmd); +#endif /* DEBUG */ + goto l2; + }; + + *c2++ = 0; + }; + + if (!opieatob8(&key, c)) + goto l2; + + opiebtoh(response, &key); + }; + + if (s >= 0) + close(s); +#else /* OPIEAUTO */ + if (*secret) { + while (sequence-- != 0) + opiehash(&key, algorithm); + + opiebtoh(response, &key); + } else + return -2; +#endif /* OPIEAUTO */ return 0; -} + +#if OPIEAUTO +l2: +#if DEBUG + syslog(LOG_DEBUG, "opiegenerator: no opieauto response available.\n"); +#endif /* DEBUG */ + if (s >= 0) + close(s); + + return -2; +#endif /* OPIEAUTO */ +}; diff --git a/contrib/opie/libopie/getsequence.c b/contrib/opie/libopie/getsequence.c index e6c96c5aca0f..77fd5a2d2f75 100644 --- a/contrib/opie/libopie/getsequence.c +++ b/contrib/opie/libopie/getsequence.c @@ -1,7 +1,7 @@ /* getsequence.c: The opiegetsequence() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/getutmpentry.c b/contrib/opie/libopie/getutmpentry.c index 531820eba216..f3afe0c3aa18 100644 --- a/contrib/opie/libopie/getutmpentry.c +++ b/contrib/opie/libopie/getutmpentry.c @@ -1,8 +1,8 @@ /* getutmpentry.c: The __opiegetutmpentry() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . diff --git a/contrib/opie/libopie/hash.c b/contrib/opie/libopie/hash.c index ef80a7986b58..e89508cfd583 100644 --- a/contrib/opie/libopie/hash.c +++ b/contrib/opie/libopie/hash.c @@ -1,14 +1,15 @@ /* hash.c: The opiehash() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: - Updated by cmetz for OPIE 2.31. Added SHA support (which may + Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg. + Modified by cmetz for OPIE 2.31. Added SHA support (which may not be correct). Backed out previous optimizations as they killed thread-safety. Created by cmetz for OPIE 2.3 using the old hash.c as a guide. @@ -20,20 +21,21 @@ you didn't get a copy, you may request one from . #endif /* 0 */ #include "opie.h" -VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm) +VOIDRET opiehash FUNCTION((x, algorithm), struct opie_otpkey *results AND +unsigned algorithm) { - UINT4 *results = (UINT4 *)x; - switch(algorithm) { #if 0 case 3: { SHA_CTX sha; + SHAInit(&sha); - SHAUpdate(&sha, (unsigned char *)x, 8); + SHAUpdate(&sha, (unsigned char *)results, 8); SHAFinal(&sha); - results[0] = sha.buffer[0] ^ sha.buffer[2] ^ sha.buffer[4]; - results[1] = sha.buffer[1] ^ sha.buffer[3]; + + results->words[0] = sha.buffer[0] ^ sha.buffer[2] ^ sha.buffer[4]; + results->words[1] = sha.buffer[1] ^ sha.buffer[3]; }; break; #endif /* 0 */ @@ -43,10 +45,11 @@ VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm) UINT4 mdx_tmp[4]; opiemd4init(&mdx); - opiemd4update(&mdx, (unsigned char *)x, 8); + opiemd4update(&mdx, (unsigned char *)results, 8); opiemd4final((unsigned char *)mdx_tmp, &mdx); - results[0] = mdx_tmp[0] ^ mdx_tmp[2]; - results[1] = mdx_tmp[1] ^ mdx_tmp[3]; + + results->words[0] = mdx_tmp[0] ^ mdx_tmp[2]; + results->words[1] = mdx_tmp[1] ^ mdx_tmp[3]; }; break; case 5: @@ -55,10 +58,11 @@ VOIDRET opiehash FUNCTION((x, algorithm), VOIDPTR x AND unsigned algorithm) UINT4 mdx_tmp[4]; opiemd5init(&mdx); - opiemd5update(&mdx, (unsigned char *)x, 8); + opiemd5update(&mdx, (unsigned char *)results, 8); opiemd5final((unsigned char *)mdx_tmp, &mdx); - results[0] = mdx_tmp[0] ^ mdx_tmp[2]; - results[1] = mdx_tmp[1] ^ mdx_tmp[3]; + + results->words[0] = mdx_tmp[0] ^ mdx_tmp[2]; + results->words[1] = mdx_tmp[1] ^ mdx_tmp[3]; }; break; } diff --git a/contrib/opie/libopie/hashlen.c b/contrib/opie/libopie/hashlen.c index 1284a7bd9500..09390c30548d 100644 --- a/contrib/opie/libopie/hashlen.c +++ b/contrib/opie/libopie/hashlen.c @@ -1,51 +1,63 @@ /* hashlen.c: The opiehashlen() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Use struct opie_otpkey, isolate variables. Created by cmetz for OPIE 2.3. */ #include "opie_cfg.h" #include "opie.h" -VOIDRET opiehashlen FUNCTION((algorithm, in, out, n), int algorithm AND VOIDPTR in AND VOIDPTR out AND int n) +VOIDRET opiehashlen FUNCTION((algorithm, in, out, n), int algorithm AND +VOIDPTR in AND struct opie_otpkey *results AND int n) { - UINT4 *results = (UINT4 *)out; - struct opiemdx_ctx mdx; - UINT4 mdx_tmp[4]; -#if 0 - SHA_INFO sha; -#endif /* 0 */ - switch(algorithm) { #if 0 case 3: + { + SHA_INFO sha; + sha_init(&sha); sha_update(&sha, (BYTE *)in, n); sha_final(&sha); - results[0] = sha.digest[0] ^ sha.digest[2] ^ sha.digest[4]; - results[1] = sha.digest[1] ^ sha.digest[3] ^ sha.digest[5]; + + results->words[0] = sha.digest[0] ^ sha.digest[2] ^ sha.digest[4]; + results->words[1] = sha.digest[1] ^ sha.digest[3] ^ sha.digest[5]; + }; break; #endif /* 0 */ case 4: + { + struct opiemdx_ctx mdx; + UINT4 mdx_tmp[4]; + opiemd4init(&mdx); opiemd4update(&mdx, (unsigned char *)in, n); opiemd4final((unsigned char *)mdx_tmp, &mdx); - results[0] = mdx_tmp[0] ^ mdx_tmp[2]; - results[1] = mdx_tmp[1] ^ mdx_tmp[3]; + + results->words[0] = mdx_tmp[0] ^ mdx_tmp[2]; + results->words[1] = mdx_tmp[1] ^ mdx_tmp[3]; + } break; case 5: + { + struct opiemdx_ctx mdx; + UINT4 mdx_tmp[4]; + opiemd5init(&mdx); opiemd5update(&mdx, (unsigned char *)in, n); opiemd5final((unsigned char *)mdx_tmp, &mdx); - results[0] = mdx_tmp[0] ^ mdx_tmp[2]; - results[1] = mdx_tmp[1] ^ mdx_tmp[3]; + + results->words[0] = mdx_tmp[0] ^ mdx_tmp[2]; + results->words[1] = mdx_tmp[1] ^ mdx_tmp[3]; + } break; } } diff --git a/contrib/opie/libopie/insecure.c b/contrib/opie/libopie/insecure.c index a7fda7b3cca2..383206f2f156 100644 --- a/contrib/opie/libopie/insecure.c +++ b/contrib/opie/libopie/insecure.c @@ -1,7 +1,7 @@ /* insecure.c: The opieinsecure() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,8 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Do utmp checks on utmpx systems. + Handle unterminated ut_host. Modified by cmetz for OPIE 2.31. Fixed a logic bug. Call endut[x]ent(). Modified by cmetz for OPIE 2.3. Added result caching. Use __opiegetutmpentry(). Ifdef around ut_host check. Eliminate @@ -56,9 +58,9 @@ int opieinsecure FUNCTION_NOARGS char *s; char *term_name; int insecure = 0; -#if HAVE_UT_HOST +#if HAVE_UT_HOST || DOUTMPX struct utmp utmp; -#endif /* HAVE_UT_HOST */ +#endif /* HAVE_UT_HOST || DOUTMPX */ static int result = -1; if (result != -1) @@ -117,30 +119,34 @@ int opieinsecure FUNCTION_NOARGS return (result = 1); }; -#if HAVE_UT_HOST +#if HAVE_UT_HOST || DOUTMPX if (isatty(0)) { memset(&utmp, 0, sizeof(struct utmp)); { int i = __opiegetutmpentry(ttyname(0), &utmp); endutent(); if (!i && utmp.ut_host[0]) { + char host[sizeof(utmp.ut_host) + 1]; insecure = 1; - if (s = strchr(utmp.ut_host, ':')) { - int n = s - utmp.ut_host; + strncpy(host, utmp.ut_host, sizeof(utmp.ut_host)); + host[sizeof(utmp.ut_host)] = 0; + + if (s = strchr(host, ':')) { + int n = s - host; if (!n) insecure = 0; else if (display_name) { - if (!strncmp(utmp.ut_host, display_name, n)) + if (!strncmp(host, display_name, n)) insecure = 0; -#ifdef SOLARIS +#if 1 /* def SOLARIS */ else - if (s = strchr(utmp.ut_host, ' ')) { + if (s = strchr(host, ' ')) { *s = ':'; if (s = strchr(s + 1, ' ')) *s = '.'; - if (!strncmp(utmp.ut_host, display_name, n)) + if (!strncmp(host, display_name, n)) insecure = 0; } #endif /* SOLARIS */ @@ -149,7 +155,7 @@ int opieinsecure FUNCTION_NOARGS } }; }; -#endif /* HAVE_UT_HOST */ +#endif /* HAVE_UT_HOST || DOUTMPX */ if (insecure) return (result = 1); diff --git a/contrib/opie/libopie/keycrunch.c b/contrib/opie/libopie/keycrunch.c index 94a1a532deec..2ca57e07656a 100644 --- a/contrib/opie/libopie/keycrunch.c +++ b/contrib/opie/libopie/keycrunch.c @@ -1,13 +1,14 @@ /* keycrunch.c: The opiekeycrunch() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for arg. Created by cmetz for OPIE 2.3 using the old keycrunch.c as a guide. */ @@ -23,7 +24,8 @@ you didn't get a copy, you may request one from . #include "opie.h" -int opiekeycrunch FUNCTION((algorithm, result, seed, secret), int algorithm AND char *result AND char *seed AND char *secret) +int opiekeycrunch FUNCTION((algorithm, result, seed, secret), int algorithm AND +struct opie_otpkey *result AND char *seed AND char *secret) { int i, rval = -1; char *c; diff --git a/contrib/opie/libopie/lock.c b/contrib/opie/libopie/lock.c index fc449d4cada4..bd9260751d9a 100644 --- a/contrib/opie/libopie/lock.c +++ b/contrib/opie/libopie/lock.c @@ -1,7 +1,7 @@ /* lock.c: The opielock() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,7 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Use snprintf. Modified by cmetz for OPIE 2.31. Put locks in a separate dir. Bug fixes. Modified by cmetz for OPIE 2.3. Do refcounts whether or not we @@ -194,7 +195,9 @@ int opielock FUNCTION((principal), char *principal) if (!S_ISREG(statbuf[0].st_mode) || (statbuf[0].st_mode != statbuf[1].st_mode) || (statbuf[0].st_ino != statbuf[1].st_ino)) goto lockret; - sprintf(buffer, "%d\n%d\n", getpid(), time(0)); + if (snprintf(buffer, sizeof(buffer), "%d\n%d\n", getpid(), time(0)) >= sizeof(buffer)) + goto lockret; + i = strlen(buffer) + 1; if (lseek(fh, 0, SEEK_SET)) { close(fh); diff --git a/contrib/opie/libopie/login.c b/contrib/opie/libopie/login.c index ca3914321c85..6c6ca79a37a1 100644 --- a/contrib/opie/libopie/login.c +++ b/contrib/opie/libopie/login.c @@ -1,13 +1,15 @@ /* login.c: The opielogin() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Add support for ut_id and + ut_syslen. Don't zero-terminate ut_name and ut_host. Modified by cmetz for OPIE 2.31. If the OS won't tell us where _PATH_WTMP[X] is, try playing the SVID game, then use Autoconf-discovered values. Fixed gettimeofday() call @@ -38,12 +40,15 @@ you didn't get a copy, you may request one from . #endif /* DEBUG */ #include "opie.h" +#define IDLEN 4 + int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *host) { - struct utmp u; int rval = 0; - #if !DISABLE_UTMP + struct utmp u; + char id[IDLEN + 1] = ""; + if (__opiegetutmpentry(line, &u)) { #if DEBUG syslog(LOG_DEBUG, "opielogin: __opiegetutmpentry(line=%s, &u) failed", line); @@ -58,6 +63,11 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h #endif /* DEBUG */ } +#if DOUTMPX || HAVE_UT_ID + strncpy(id, u.ut_id, sizeof(u.ut_id)); + id[sizeof(id)-1] = 0; +#endif /* DOUTMPX || HAVE_UT_ID */ + #if HAVE_UT_TYPE && defined(USER_PROCESS) u.ut_type = USER_PROCESS; #endif /* HAVE_UT_TYPE && defined(USER_PROCESS) */ @@ -67,15 +77,16 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h #if HAVE_UT_NAME strncpy(u.ut_name, name, sizeof(u.ut_name)); - u.ut_name[sizeof(u.ut_name)-1] = 0; #else /* HAVE_UT_NAME */ #error No ut_name field in struct utmp? (Please send in a bug report) #endif /* HAVE_UT_NAME */ #if HAVE_UT_HOST strncpy(u.ut_host, host, sizeof(u.ut_host)); - u.ut_host[sizeof(u.ut_host)-1] = 0; #endif /* HAVE_UT_HOST */ +#if DOUTMPX && HAVE_UTX_SYSLEN + u.ut_syslen = strlen(host) + 1; +#endif /* DOUTMPX && HAVE_UT_SYSLEN */ #if DOUTMPX #ifdef HAVE_ONE_ARG_GETTIMEOFDAY @@ -96,7 +107,7 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h #endif /* !DISABLE_UTMP */ dowtmp: - opielogwtmp(line, name, host); + opielogwtmp(line, name, host, id); opielogwtmp(NULL, NULL, NULL); dosetlogin: diff --git a/contrib/opie/libopie/logwtmp.c b/contrib/opie/libopie/logwtmp.c index a42fdec59a2b..873ca9be4b19 100644 --- a/contrib/opie/libopie/logwtmp.c +++ b/contrib/opie/libopie/logwtmp.c @@ -1,7 +1,7 @@ /* logwtmp.c: Put an entry in the wtmp file. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,8 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Set process to dead if name is null. + Added support for ut_id and ut_syslen. Modified by cmetz for OPIE 2.32. Don't leave line=NULL, skip past /dev/ in line. Fill in ut_host on systems with UTMPX and ut_host. @@ -110,7 +112,7 @@ static int fdx = -1; * after first call, for use with ftp (which may chroot * after login, but before logout). */ -VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND char *host) +VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND char *host AND char *id) { #if !DISABLE_WTMP struct utmp ut; @@ -136,8 +138,15 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c return; if (fstat(fd, &buf) == 0) { #if HAVE_UT_TYPE && defined(USER_PROCESS) - ut.ut_type = USER_PROCESS; + if (name && *name) + ut.ut_type = USER_PROCESS; + else + ut.ut_type = DEAD_PROCESS; #endif /* HAVE_UT_TYPE && defined(USER_PROCESS) */ +#if HAVE_UT_ID + if (id) + strncpy(ut.ut_id, id, sizeof(ut.ut_id)); +#endif /* HAVE_UT_ID */ #if HAVE_UT_PID ut.ut_pid = getpid(); #endif /* HAVE_UT_PID */ @@ -161,6 +170,18 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c strncpy(utx.ut_line, line, sizeof(utx.ut_line)); strncpy(utx.ut_name, name, sizeof(utx.ut_name)); strncpy(utx.ut_host, host, sizeof(utx.ut_host)); +#ifdef USER_PROCESS + if (name && *name) + utx.ut_type = USER_PROCESS; + else + utx.ut_type = DEAD_PROCESS; +#endif /* USER_PROCESS */ + if (id) + strncpy(utx.ut_id, id, sizeof(utx.ut_id)); + utx.ut_pid = getpid(); +#if HAVE_UTX_SYSLEN + utx.ut_syslen = strlen(utx.ut_host) + 1; +#endif /* HAVE_UTX_SYSLEN */ #if HAVE_GETTIMEOFDAY #if HAVE_ONE_ARG_GETTIMEOFDAY gettimeofday(&utx.ut_tv); diff --git a/contrib/opie/libopie/lookup.c b/contrib/opie/libopie/lookup.c index d05e1fa0ec63..3003da7c7380 100644 --- a/contrib/opie/libopie/lookup.c +++ b/contrib/opie/libopie/lookup.c @@ -1,8 +1,8 @@ /* lookup.c: The opielookup() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . diff --git a/contrib/opie/libopie/md4c.c b/contrib/opie/libopie/md4c.c index acc88578b04e..f6adc6756c21 100644 --- a/contrib/opie/libopie/md4c.c +++ b/contrib/opie/libopie/md4c.c @@ -1,7 +1,7 @@ /* md4c.c: "RSA Data Security, Inc. MD4 Message-Digest Algorithm" %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/md5c.c b/contrib/opie/libopie/md5c.c index 09611a5ce825..cdd21e04489a 100644 --- a/contrib/opie/libopie/md5c.c +++ b/contrib/opie/libopie/md5c.c @@ -2,7 +2,7 @@ "derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm" %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/newseed.c b/contrib/opie/libopie/newseed.c index b351798bd28d..0455857a69a6 100644 --- a/contrib/opie/libopie/newseed.c +++ b/contrib/opie/libopie/newseed.c @@ -1,13 +1,15 @@ /* newseed.c: The opienewseed() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Greatly simplified increment. Now does + not add digits. Reformatted the code. Modified by cmetz for OPIE 2.32. Added syslog.h if DEBUG. Modified by cmetz for OPIE 2.31. Added time.h. Created by cmetz for OPIE 2.22. @@ -35,73 +37,54 @@ you didn't get a copy, you may request one from . int opienewseed FUNCTION((seed), char *seed) { - if (!seed) - return -1; + if (!seed) + return -1; - if (seed[0]) { - int i; - - if ((i = strlen(seed)) >= OPIE_SEED_MIN) { - long j; - char *c; - - if (i > OPIE_SEED_MAX) - i = OPIE_SEED_MAX; + if (seed[0]) { + char *c, *end; + unsigned int i, max; - c = seed + i - 1; + if ((i = strlen(seed)) > OPIE_SEED_MAX) + i = OPIE_SEED_MAX; - while(c != seed) { - if (!isdigit(*c)) - break; - c--; - } + for (c = end = seed + i - 1, max = 1; + (c > seed) && isdigit(*c); c--) + max *= 10; - c++; + if ((i = strtoul(++c, (char **)0, 10)) < max) { + if (++i >= max) + i = 1; - if (j = strtol(c, (char **)0, 10)) { - char buf[OPIE_SEED_MAX]; - - *c = 0; - strcpy(buf, seed); - - if (errno == ERANGE) { - j = 1; - } else { - int k = 1, l = OPIE_SEED_MAX - strlen(buf); - while(l--) k *= 10; - - if (++j >= k) - j = 1; + snprintf(c, end - c, "%d", i); + seed[OPIE_SEED_MAX] = 0; + return 0; + } } - sprintf(seed, "%s%04d", buf, j); - return 0; - } - } - } + { + time_t now; - { - { - time_t now; - time(&now); - srand(now); - } + time(&now); + srand(now); + } - { - struct utsname utsname; + { + struct utsname utsname; - if (uname(&utsname) < 0) { + if (uname(&utsname) < 0) { #if DEBUG - syslog(LOG_DEBUG, "uname: %s(%d)", strerror(errno), errno); + syslog(LOG_DEBUG, "uname: %s(%d)", strerror(errno), + errno); #endif /* DEBUG */ - utsname.nodename[0] = 'k'; - utsname.nodename[1] = 'e'; - } - utsname.nodename[2] = 0; + utsname.nodename[0] = 'k'; + utsname.nodename[1] = 'e'; + } + utsname.nodename[2] = 0; - sprintf(seed, "%s%04d", utsname.nodename, (rand() % 9999) + 1); - return 0; - } - } + if (snprintf(seed, OPIE_SEED_MAX+1, "%s%04d", utsname.nodename, + (rand() % 9999) + 1) >= OPIE_SEED_MAX+1) + return -1; + return 0; + } } diff --git a/contrib/opie/libopie/open.c b/contrib/opie/libopie/open.c index dac03a8fd05b..c0c76c20fab3 100644 --- a/contrib/opie/libopie/open.c +++ b/contrib/opie/libopie/open.c @@ -1,13 +1,15 @@ /* open.c: The __opieopen() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. More portable way to get the mode + string for fopen. Created by cmetz for OPIE 2.3. */ #include "opie_cfg.h" @@ -51,9 +53,23 @@ FILE *__opieopen FUNCTION((file, rw, mode), char *file AND int rw AND int mode) return NULL; { - char *fmodes[] = { "r", "r+", "a" }; + char *fmode; - if (!(f = fopen(file, fmodes[rw]))) + switch(rw) { + case 0: + fmode = "r"; + break; + case 1: + fmode = "r+"; + break; + case 2: + fmode = "a"; + break; + default: + return NULL; + }; + + if (!(f = fopen(file, fmode))) return NULL; } diff --git a/contrib/opie/libopie/parsechallenge.c b/contrib/opie/libopie/parsechallenge.c index 2035c381b356..2b23a35ca13d 100644 --- a/contrib/opie/libopie/parsechallenge.c +++ b/contrib/opie/libopie/parsechallenge.c @@ -1,13 +1,15 @@ /* parsechallenge.c: The __opieparsechallenge() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Use OPIE_SEQUENCE_MAX, check for + sequence number of zero. Modified by cmetz for OPIE 2.32. Check for extended response sets. Change prefix to double underscore. Created by cmetz for OPIE 2.3 using generator.c as a guide. @@ -48,7 +50,7 @@ int __opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed, exts), cha *algorithm = a->num; } - if ((*sequence = strtoul(++c, &c, 10)) > 9999) + if (((*sequence = strtoul(++c, &c, 10)) > OPIE_SEQUENCE_MAX) || !*sequence) return -1; while(*c && isspace(*c)) c++; diff --git a/contrib/opie/libopie/passcheck.c b/contrib/opie/libopie/passcheck.c index 8bfa87ddb275..140b8fb2638d 100644 --- a/contrib/opie/libopie/passcheck.c +++ b/contrib/opie/libopie/passcheck.c @@ -1,7 +1,7 @@ /* passcheck.c: The opiepasscheck() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/passwd.c b/contrib/opie/libopie/passwd.c index 6bac249d3c7c..1c3b1ab60086 100644 --- a/contrib/opie/libopie/passwd.c +++ b/contrib/opie/libopie/passwd.c @@ -1,8 +1,8 @@ /* passwd.c: The opiepasswd() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . @@ -46,19 +46,19 @@ int opiepasswd FUNCTION((old, flags, principal, n, seed, ks), struct opie *old A opie.opie_seed = seed; if (ks) { - char key[8]; + struct opie_otpkey key; if (flags & OPIEPASSWD_CONSOLE) { - if (opiekeycrunch(MDX, key, seed, ks)) + if (opiekeycrunch(MDX, &key, seed, ks)) return -1; for (i = n; i; i--) - opiehash(key, MDX); - if (!(opie.opie_val = opiebtoa8(opie.opie_buf, key))) + opiehash(&key, MDX); + if (!(opie.opie_val = opiebtoa8(opie.opie_buf, &key))) return -1; } else { - if ((opieetob(key, ks) != 1) && !opieatob8(key, ks)) + if ((opieetob(&key, ks) != 1) && !opieatob8(&key, ks)) return 1; - if (!(opie.opie_val = opiebtoa8(opie.opie_buf, key))) + if (!(opie.opie_val = opiebtoa8(opie.opie_buf, &key))) return 1; } } diff --git a/contrib/opie/libopie/randomchallenge.c b/contrib/opie/libopie/randomchallenge.c index 99b4c4897e7f..7cf18bb54f99 100644 --- a/contrib/opie/libopie/randomchallenge.c +++ b/contrib/opie/libopie/randomchallenge.c @@ -1,7 +1,7 @@ /* randomchallenge.c: The opierandomchallenge() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,7 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Use snprintf(). Modified by cmetz for OPIE 2.32. Initialize algids[] with 0s instead of NULL. Modified by cmetz for OPIE 2.3. Add sha support. @@ -35,11 +36,12 @@ static char *algids[] = { 0, 0, 0, "sha1", "md4", "md5" }; most situations; it is certainly better than a fixed string */ VOIDRET opierandomchallenge FUNCTION((prompt), char *prompt) { - char buf[OPIE_SEED_MAX + 1]; + char buf[OPIE_SEED_MAX+1]; buf[0] = 0; if (opienewseed(buf)) strcpy(buf, "ke4452"); - sprintf(prompt, "otp-%s %d %s ext", algids[MDX], (rand() % 499) + 1, buf); + snprintf(prompt, OPIE_CHALLENGE_MAX+1, "otp-%s %d %s ext", algids[MDX], + (rand() % 499) + 1, buf); } diff --git a/contrib/opie/libopie/readpass.c b/contrib/opie/libopie/readpass.c index 5808f02357cd..bd24b02a4de0 100644 --- a/contrib/opie/libopie/readpass.c +++ b/contrib/opie/libopie/readpass.c @@ -1,7 +1,7 @@ /* readpass.c: The opiereadpass() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/readrec.c b/contrib/opie/libopie/readrec.c index f6361eb51aa1..98ec6589bc1c 100644 --- a/contrib/opie/libopie/readrec.c +++ b/contrib/opie/libopie/readrec.c @@ -1,13 +1,15 @@ /* readrec.c: The __opiereadrec() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Check that seed, sequence number, and + response values are valid. Modified by cmetz for OPIE 2.31. Removed active attack protection support. Fixed a debug message typo. Keep going after bogus records. Set read flag. @@ -57,7 +59,7 @@ static int parserec FUNCTION((opie), struct opie *opie) opie->opie_n = strtoul(c, &c3, 10); - if (*c3) + if (*c3 || (opie->opie_n <= 0) || (opie->opie_n > 9999)) return -1; }; @@ -66,6 +68,10 @@ static int parserec FUNCTION((opie), struct opie *opie) *(c2++) = 0; + for (c = opie->opie_seed; *c; c++) + if (!isalnum(*c)) + return -1; + while(*c2 == ' ') c2++; if (!(c2 = strchr(opie->opie_val = c2, ' '))) @@ -73,6 +79,13 @@ static int parserec FUNCTION((opie), struct opie *opie) *(c2++) = 0; + { + struct opie_otpkey otpkey; + + if (!opieatob8(&otpkey, opie->opie_val)) + return -1; + } + return 0; } diff --git a/contrib/opie/libopie/unlock.c b/contrib/opie/libopie/unlock.c index 4c01a5c121a1..0f607ab43ed0 100644 --- a/contrib/opie/libopie/unlock.c +++ b/contrib/opie/libopie/unlock.c @@ -1,7 +1,7 @@ /* unlock.c: The opieunlock() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/verify.c b/contrib/opie/libopie/verify.c index 990e29340fc8..e6abec4d217a 100644 --- a/contrib/opie/libopie/verify.c +++ b/contrib/opie/libopie/verify.c @@ -1,13 +1,15 @@ /* verify.c: The opieverify() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for keys. + Check that seed and sequence number are valid. Modified by cmetz for OPIE 2.32. Renamed _opieparsechallenge() to __opieparsechallenge() and handle new argument. Fixed init response parsing bug. @@ -67,7 +69,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) { int i, rval = -1; char *c; - char key[8], fkey[8], lastkey[8]; + struct opie_otpkey key, fkey, lastkey; struct opie nopie; if (!opie || !response) @@ -80,7 +82,14 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) goto verret; #endif /* DEBUG */ - if (!opieatob8(lastkey, opie->opie_val)) + if (!opieatob8(&lastkey, opie->opie_val)) + goto verret; + + for (c = opie->opie_seed; *c; c++) + if (!isalnum(*c)) + goto verret; + + if (opie->opie_n <= 0) goto verret; if (c = strchr(response, ':')) { @@ -97,33 +106,33 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) case RESPONSE_STANDARD: i = 1; - if (opieetob(key, response) == 1) { - memcpy(fkey, key, sizeof(key)); - opiehash(fkey, MDX); - i = memcmp(fkey, lastkey, sizeof(key)); + if (opieetob(&key, response) == 1) { + memcpy(&fkey, &key, sizeof(struct opie_otpkey)); + opiehash(&fkey, MDX); + i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey)); } - if (i && opieatob8(key, response)) { - memcpy(fkey, key, sizeof(key)); - opiehash(fkey, MDX); - i = memcmp(fkey, lastkey, sizeof(key)); + if (i && opieatob8(&key, response)) { + memcpy(&fkey, &key, sizeof(struct opie_otpkey)); + opiehash(&fkey, MDX); + i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey)); } break; case RESPONSE_WORD: i = 1; - if (opieetob(key, c) == 1) { - memcpy(fkey, key, sizeof(key)); - opiehash(fkey, MDX); - i = memcmp(fkey, lastkey, sizeof(key)); + if (opieetob(&key, c) == 1) { + memcpy(&fkey, &key, sizeof(struct opie_otpkey)); + opiehash(&fkey, MDX); + i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey)); } break; case RESPONSE_HEX: i = 1; - if (opieatob8(key, c)) { - memcpy(fkey, key, sizeof(key)); - opiehash(fkey, MDX); - i = memcmp(fkey, lastkey, sizeof(key)); + if (opieatob8(&key, c)) { + memcpy(&fkey, &key, sizeof(struct opie_otpkey)); + opiehash(&fkey, MDX); + i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey)); } break; case RESPONSE_INIT_HEX: @@ -137,17 +146,17 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) *(c2++) = 0; if (i == RESPONSE_INIT_HEX) { - if (!opieatob8(key, c)) + if (!opieatob8(&key, c)) goto verret; } else { - if (opieetob(key, c) != 1) + if (opieetob(&key, c) != 1) goto verret; } - memcpy(fkey, key, sizeof(key)); - opiehash(fkey, MDX); + memcpy(&fkey, &key, sizeof(struct opie_otpkey)); + opiehash(&fkey, MDX); - if (memcmp(fkey, lastkey, sizeof(key))) + if (memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey))) goto verret; if (changed(opie)) @@ -155,7 +164,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) opie->opie_n--; - if (!opiebtoa8(opie->opie_val, key)) + if (!opiebtoa8(opie->opie_val, &key)) goto verret; if (__opiewriterec(opie)) @@ -174,10 +183,10 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) } if (i == RESPONSE_INIT_HEX) { - if (!opieatob8(key, c2)) + if (!opieatob8(&key, c2)) goto verret; } else { - if (opieetob(key, c2) != 1) + if (opieetob(&key, c2) != 1) goto verret; } } @@ -201,7 +210,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response) opie->opie_n--; verwrt: - if (!opiebtoa8(opie->opie_val, key)) + if (!opiebtoa8(opie->opie_val, &key)) goto verret; rval = __opiewriterec(opie); diff --git a/contrib/opie/libopie/version.c b/contrib/opie/libopie/version.c index ef6523d04b15..2364e7755cb8 100644 --- a/contrib/opie/libopie/version.c +++ b/contrib/opie/libopie/version.c @@ -1,7 +1,7 @@ /* version.c: The opieversion() library function. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/libopie/writerec.c b/contrib/opie/libopie/writerec.c index 084342327b77..5ba53fe08732 100644 --- a/contrib/opie/libopie/writerec.c +++ b/contrib/opie/libopie/writerec.c @@ -1,13 +1,15 @@ /* writerec.c: The __opiewriterec() library function. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Check that seed and sequence number are + valid. Modified by cmetz for OPIE 2.31. Removed active attack protection support. Fixed passwd bug. Created by cmetz for OPIE 2.3 from passwd.c. @@ -30,6 +32,7 @@ you didn't get a copy, you may request one from . #if HAVE_STDLIB_H #include #endif /* HAVE_STDLIB_H */ +#include #include "opie.h" char *__opienone = "****************"; @@ -40,6 +43,7 @@ int __opiewriterec FUNCTION((opie), struct opie *opie) time_t now; FILE *f, *f2 = NULL; int i = 0; + char *c; time(&now); if (strftime(buf2, sizeof(buf2), " %b %d,%Y %T", localtime(&now)) < 1) @@ -51,7 +55,14 @@ int __opiewriterec FUNCTION((opie), struct opie *opie) opie->opie_flags = opie2.opie_flags; opie->opie_recstart = opie2.opie_recstart; } - + + for (c = opie->opie_seed; *c; c++) + if (!isalnum(*c)) + return -1; + + if ((opie->opie_n < 0) || (opie->opie_n > 9999)) + return -1; + switch(i) { case 0: if (!(f = __opieopen(KEY_FILE, 1, 0644))) diff --git a/contrib/opie/opie.4 b/contrib/opie/opie.4 index 71ce91a96584..d66a5022d475 100644 --- a/contrib/opie/opie.4 +++ b/contrib/opie/opie.4 @@ -1,7 +1,7 @@ .\" opie.4: Overview of the OPIE software. .\" .\" %%% portions-copyright-cmetz-96 -.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights .\" Reserved. The Inner Net License Version 2 applies to these portions of .\" the software. .\" You should have received a copy of the license with this software. If @@ -14,6 +14,7 @@ .\" .\" History: .\" +.\" Modified by cmetz for OPIE 2.4. Spelling fixes. .\" Modified by cmetz for OPIE 2.2. Removed MJR DES documentation. Removed .\" references to the old square brackets challenge delimiters. .\" Modified at NRL for OPIE 2.01. Updated UNIX trademark credit. @@ -85,7 +86,7 @@ the calculator given the challenge and the secret password. For example, .TP .I seed A piece of information that is used in conjunction with the secret password -and sequence numer to compute the response. Its purpose is to allow the same +and sequence number to compute the response. Its purpose is to allow the same secret password to be used for multiple sequences, by changing the seed, or for authentication to multiple machines by using different seeds. .TP @@ -141,7 +142,7 @@ technique was implemented by Haller, Karn, and Walden at Bellcore. They They created a free software package called "S/Key" that used an algorithm called a cryptographic checksum. A cryptographic checksum is a strong one-way function such that, knowing the result of such a function, an attacker still -cannot feasably determine the input. Further, unlike cyclic redundancy +cannot feasibly determine the input. Further, unlike cyclic redundancy checksums (CRCs), cryptographic checksums have few inputs that result in the same output. .LP diff --git a/contrib/opie/opie.h b/contrib/opie/opie.h index 653ca4e39b26..21e90925668b 100644 --- a/contrib/opie/opie.h +++ b/contrib/opie/opie.h @@ -2,7 +2,7 @@ system that a program might need. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -15,6 +15,9 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Added sequence number limits. Added + struct opie_otpkey and made many functions use it. Added + opiestrncpy(). Include header with libmissing prototypes. Modified by cmetz for OPIE 2.32. Added symbolic flag names for opiepasswd(). Added __opieparsechallenge() prototype. Modified by cmetz for OPIE 2.31. Removed active attack protection. @@ -126,7 +129,7 @@ struct opie { /* Minimum length of a secret password */ #ifndef OPIE_SECRET_MIN -#define OPIE_SECRET_MIN 10 +#define OPIE_SECRET_MIN 1 #endif /* OPIE_SECRET_MIN */ /* Maximum length of a secret password */ @@ -159,6 +162,16 @@ struct opie { #define OPIE_PRINCIPAL_MAX 32 #endif /* OPIE_PRINCIPAL_MAX */ +/* Maximum sequence number */ +#ifndef OPIE_SEQUENCE_MAX +#define OPIE_SEQUENCE_MAX 9999 +#endif /* OPIE_SEQUENCE_MAX */ + +/* Restricted sequence number */ +#ifndef OPIE_SEQUENCE_RESTRICT +#define OPIE_SEQUENCE_RESTRICT 9 +#endif /* OPIE_SEQUENCE_RESTRICT */ + #ifndef __alpha #define UINT4 unsigned long #else /* __alpha */ @@ -171,6 +184,10 @@ struct opiemdx_ctx { unsigned char buffer[64]; }; +struct opie_otpkey { + UINT4 words[2]; +}; + #ifndef SEEK_SET #define SEEK_SET 0 #endif /* SEEK_SET */ @@ -183,18 +200,18 @@ int opieaccessfile __P((char *)); int rdnets __P((long)); int isaddr __P((register char *)); int opiealways __P((char *)); -char *opieatob8 __P((char *,char *)); +char *opieatob8 __P((struct opie_otpkey *, char *)); VOIDRET opiebackspace __P((char *)); -char *opiebtoa8 __P((char *,char *)); -char *opiebtoe __P((char *,char *)); -char *opiebtoh __P((char *,char *)); -int opieetob __P((char *,char *)); +char *opiebtoa8 __P((char *, struct opie_otpkey *)); +char *opiebtoe __P((char *, struct opie_otpkey *)); +char *opiebtoh __P((char *, struct opie_otpkey *)); +int opieetob __P((struct opie_otpkey *, char *)); int opiechallenge __P((struct opie *,char *,char *)); int opiegenerator __P((char *,char *,char *)); int opiegetsequence __P((struct opie *)); -VOIDRET opiehash __P((VOIDPTR, unsigned)); +VOIDRET opiehash __P((struct opie_otpkey *, unsigned)); int opiehtoi __P((register char)); -int opiekeycrunch __P((int, char *, char *, char *)); +int opiekeycrunch __P((int, struct opie_otpkey *, char *, char *)); int opielock __P((char *)); int opielookup __P((struct opie *,char *)); VOIDRET opiemd4init __P((struct opiemdx_ctx *)); @@ -221,6 +238,14 @@ FILE *__opieopen __P((char *, int, int)); int __opiereadrec __P((struct opie *)); int __opiewriterec __P((struct opie *)); int __opieparsechallenge __P((char *buffer, int *algorithm, int *sequence, char **seed, int *exts)); + +#define opiestrncpy(dst, src, n) \ + do { \ + strncpy(dst, src, n-1); \ + dst[n-1] = 0; \ + } while(0) + +/* #include "missing.h" */ #endif /* _OPIE */ #define OPIEPASSWD_CONSOLE 1 diff --git a/contrib/opie/opie_cfg.h b/contrib/opie/opie_cfg.h index 739c8b67fa14..317e2d955031 100644 --- a/contrib/opie/opie_cfg.h +++ b/contrib/opie/opie_cfg.h @@ -1,7 +1,7 @@ /* opie_cfg.h: Various configuration-type pieces of information for OPIE. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,7 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Removed NBBY definition. Modified by cmetz for OPIE 2.32. Include before to make *BSD happy. Modified by cmetz for OPIE 2.31. Added 4.4BSD-Lite pathnames.h @@ -51,8 +52,8 @@ License Agreement applies to this software. #ifndef _OPIE_CFG_H #define _OPIE_CFG_H 1 -#define VERSION "2.32" -#define DATE "Thursday, January 1, 1998" +#define VERSION "2.4" +#define DATE "Friday, January 19, 2001" #ifndef unix #define unix 1 @@ -163,10 +164,6 @@ License Agreement applies to this software. #define MOTD_FILE "/etc/motd" #endif -#ifndef NBBY -#define NBBY 8 /* Reasonable for modern systems */ -#endif /* NBBY */ - #ifndef LOGIN_PATH #define LOGIN_PATH "/usr/ucb:/bin:/usr/bin" #endif /* LOGIN_PATH */ diff --git a/contrib/opie/opieaccess.5 b/contrib/opie/opieaccess.5 index 33ab6dd47e75..e8170e2e17ff 100644 --- a/contrib/opie/opieaccess.5 +++ b/contrib/opie/opieaccess.5 @@ -7,6 +7,7 @@ .\" .\" History: .\" +.\" Modified by cmetz for OPIE 2.4. Fixed "0PIE" typo. .\" Written at NRL for OPIE 2.0. .\" .ll 6i @@ -61,7 +62,7 @@ mask Mask of the network to match Subnets can be controlled by using the appropriate address and mask. Individual hosts can be controlled by using the appropriate address and a mask of -255.255.255.255. If no rules are matched, the default is to deny non-0PIE +255.255.255.255. If no rules are matched, the default is to deny non-OPIE logins. .SH SEE ALSO diff --git a/contrib/opie/opieauto.c b/contrib/opie/opieauto.c new file mode 100644 index 000000000000..731c6fda5897 --- /dev/null +++ b/contrib/opie/opieauto.c @@ -0,0 +1,386 @@ +/* opieauto.c: The opieauto program. + +%%% copyright-cmetz-96 +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. +You should have received a copy of the license with this software. If +you didn't get a copy, you may request one from . + + History: + + Created by cmetz for OPIE 2.4 based on previously released + test code. Use opiestrncpy(). +*/ + +#include "opie_cfg.h" +#include +#include +#include +#if HAVE_SYS_TIME_H +#include +#endif /* HAVE_SYS_TIME_H */ +#include +#include +#if HAVE_STRING_H +#include +#endif /* HAVE_STRING_H */ +#include +#if HAVE_STDLIB_H +#include +#endif /* HAVE_STDLIB_H */ +#if HAVE_UNISTD_H +#include +#endif /* HAVE_UNISTD_H */ +#include + +#include "opie.h" + +#ifndef max +#define max(x, y) (((x) > (y)) ? (x) : (y)) +#endif /* max */ + +int window = 10; +char *myname = NULL; + +uid_t myuid = 0; + +#define MAXCLIENTS 2 +int parents, s[MAXCLIENTS + 1]; + +char cmd[1+1+1+1+4+1+OPIE_SEED_MAX+1+4+1+4+1+4+1+4+1]; + +struct cachedotp { + struct cachedotp *next; + int algorithm, base, current; + struct opie_otpkey basekey; + char seed[OPIE_SEED_MAX+1]; +}; + +struct cachedotp *head = NULL; + +char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" }; + +void baile(x) { + fprintf(stderr, "%s: %s: %s(%d)\n", myname, x, strerror(errno), errno); + exit(1); +} + +void bail(x) { + fprintf(stderr, "%s: %s\n", myname, x); + exit(1); +} + +void zerocache(void) +{ + struct cachedotp *c = head, *c2; + + while(c) { + c2 = c->next; + memset(c, 0, sizeof(struct cachedotp)); + c = c2; + }; +}; + +int doreq(int fd) +{ + int algorithm, sequence, i; + char *seed = NULL, *response = NULL; + + if (((cmd[0] != 'S') && (cmd[0] != 's')) || (cmd[1] != '=') || (cmd[2] != ' ')) { +#if DEBUG + fprintf(stderr, "%s: got bogus command: %s\n", myname, cmd); +#endif /* DEBUG */ + goto error; + }; + + { + char *c; + + if (((algorithm = strtoul(&cmd[3], &c, 10)) < 3) || (algorithm > 5) || (*c != ' ')) { +#if DEBUG + fprintf(stderr, "%s: got bogus algorithm: %s\n", myname, cmd); +#endif /* DEBUG */ + goto error; + }; + + if (((sequence = strtoul(c + 1, &c, 10)) <= OPIE_SEQUENCE_RESTRICT) || (sequence > OPIE_SEQUENCE_MAX)) { +#if DEBUG + fprintf(stderr, "%s: got bogus sequence: %s\n", myname, cmd); +#endif /* DEBUG */ + goto error; + }; + + if (cmd[0] == 'S') { + if (!(c = strchr(seed = c + 1, ' '))) { +#if DEBUG + fprintf(stderr, "%s: got bogus seed: %s\n", myname, cmd); +#endif /* DEBUG */ + goto error; + }; + + *c = 0; + + if (!(c = strchr(response = c + 1, '\n'))) { +#if DEBUG + fprintf(stderr, "%s: got bogus response: %s\n", myname, cmd); +#endif /* DEBUG */ + goto error; + }; + + *c = 0; + } else { + if (!(c = strchr(seed = c + 1, '\n'))) { +#if DEBUG + fprintf(stderr, "%s: got bogus seed: %s\n", myname, cmd); +#endif /* DEBUG */ + goto error; + }; + + *c = 0; + }; + }; + +#if DEBUG + fprintf(stderr, "got cmd=%c, algorithm=%d sequence=%d seed=+%s+ response=+%s+ on fd %d\n", cmd[0], algorithm, sequence, seed, response, fd); +#endif /* DEBUG */ + + seed = strdup(seed); + + if (sequence < 10) { +#if DEBUG + fprintf(stderr, "sequence < 10; can't do it\n"); +#endif /* DEBUG */ + sprintf(cmd, "%c- %d %d %s\n", cmd[0], algorithm, sequence, seed); + }; + + { + struct cachedotp **c; + + for (c = &head; *c && (strcmp((*c)->seed, seed) || ((*c)->algorithm != algorithm)); c = &((*c)->next)); + if (!(*c)) { + if (cmd[0] == 's') { +#if DEBUG + fprintf(stderr, "(seed, algorithm) not found for s command\n"); +#endif /* DEBUG */ + sprintf(cmd, "s- %d %d %s\n", algorithm, sequence, seed); + goto out; + } + + if (!(*c = malloc(sizeof(struct cachedotp)))) + baile("malloc"); + memset(*c, 0, sizeof(struct cachedotp)); + + (*c)->algorithm = algorithm; + opiestrncpy((*c)->seed, seed, OPIE_SEED_MAX); + }; + + if (cmd[0] == 'S') { + (*c)->base = max(sequence - window + 1, OPIE_SEQUENCE_RESTRICT); + (*c)->current = sequence; + + if (!opieatob8(&(*c)->basekey, response)) + goto error; + + sprintf(cmd, "S+ %d %d %s\n", algorithm, sequence, (*c)->seed); + } else { + if (sequence != ((*c)->current - 1)) { +#if DEBUG + fprintf(stderr, "out of sequence: sequence=%d, base=%d, current=%d\n", sequence, (*c)->base, (*c)->current); +#endif /* DEBUG */ + sprintf(cmd, "s- %d %d %s\n", algorithm, sequence, (*c)->seed); + goto out; + }; + + if (sequence < (*c)->base) { +#if DEBUG + fprintf(stderr, "attempt to generate below base: sequence=%d, base=%d, current=%d\n", sequence, (*c)->base, (*c)->current); +#endif /* DEBUG */ + sprintf(cmd, "s- %d %d %s\n", algorithm, sequence, (*c)->seed); + goto out; + }; + + (*c)->current = sequence; + i = sequence - (*c)->base; + { + struct opie_otpkey key; + char buffer[16+1]; + + key = (*c)->basekey; + while(i--) + opiehash(&key, algorithm); + + opiebtoa8(buffer, &key); + sprintf(cmd, "s+ %d %d %s %s\n", algorithm, sequence, (*c)->seed, buffer); + }; + }; + + printf("%c otp-%s %d %s (%d/%d)\n", cmd[0], algids[algorithm], sequence, (*c)->seed, sequence - (*c)->base, window); + fflush(stdout); + + if (sequence == (*c)->base) { + struct cachedotp *c2 = *c; + *c = (*c)->next; + memset(c2, 0, sizeof(struct cachedotp)); + free(c2); + }; + }; + +out: + write(fd, cmd, i = strlen(cmd)); + free(seed); + return 0; + +error: + fprintf(stderr, "Invalid command on fd %d\n", fd); + if (seed) + free(seed); + return -1; +} + +static void usage() +{ + fprintf(stderr, "usage: %s [-v] [-h] [-q] [-n ]\n", myname); + exit(1); +} + +int main(int argc, char **argv) +{ + int i; + struct stat st; + char *sockpath; + + if (myname = strrchr(argv[0], '/')) + myname++; + else + myname = argv[0]; + + while((i = getopt(argc, argv, "w:hv")) != EOF) { + switch(i) { + case 'v': + opieversion(); + + case 'w': + if (!(window = atoi(optarg))) { + fprintf(stderr, "%s: invalid number of OTPs: %s\n", myname, optarg); + exit(1); + }; + break; + + default: + usage(); + } + }; + + { + uid_t myeuid; + + if (!(myuid = getuid()) || !(myeuid = geteuid()) || (myuid != myeuid)) + bail("this program must not be run with superuser priveleges or setuid."); + }; + + if (atexit(zerocache) < 0) + baile("atexit"); + + { + struct sockaddr_un sun; + + memset(&sun, 0, sizeof(struct sockaddr_un)); + sun.sun_family = AF_UNIX; + + { + char *c; + char *c2 = "/.opieauto"; + + if (!(c = getenv("HOME"))) + bail("getenv(HOME) failed -- no HOME variable?"); + + if (strlen(c) > (sizeof(sun.sun_path) - strlen(c2) - 1)) + bail("your HOME is too long"); + + strcpy(sun.sun_path, c); + strcat(sun.sun_path, c2); + sockpath = strdup(sun.sun_path); + }; + + if ((parents = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) + baile("socket"); + + if (unlink(sockpath) && (errno != ENOENT)) + baile("unlink"); + + if (umask(0177) < 0) + baile("umask"); + + if (bind(parents, (struct sockaddr *)&sun, sizeof(struct sockaddr_un))) + baile("bind"); + + if (stat(sockpath, &st) < 0) + baile("stat"); + + if ((st.st_uid != myuid) || (!S_ISSOCK(st.st_mode)) || ((st.st_mode & 07777) != 0600)) + bail("socket permissions and/or ownership were not correctly created."); + + if (listen(parents, 1) < 0) + baile("listen"); + }; + + { + fd_set fds, rfds, efds; + int maxfd = parents; + int i, j; + + FD_ZERO(&fds); + FD_SET(parents, &fds); + + while(1) { + memcpy(&rfds, &fds, sizeof(fd_set)); + + if (select(maxfd + 1, &rfds, NULL, NULL, NULL) < 0) + baile("select"); + + for (i = 0; s[i]; i++) { + if (!FD_ISSET(s[i], &rfds)) + continue; + + if (((j = read(s[i], cmd, sizeof(cmd)-1)) <= 0) || ((cmd[j] = 0) || doreq(s[i]))) { + close(s[i]); + FD_CLR(s[i], &fds); + + if (s[i] == maxfd) + maxfd--; + + for (j = i; s[j]; s[j] = s[j + 1], j++); + FD_SET(parents, &fds); + i--; + continue; + }; + }; + + if (FD_ISSET(parents, &rfds)) { + for (i = 0; s[i]; i++) + if (i > MAXCLIENTS) + bail("this message never printed"); + + if (stat(sockpath, &st) < 0) + baile("stat"); + + if ((st.st_uid != myuid) || (!S_ISSOCK(st.st_mode)) || ((st.st_mode & 07777) != 0600)) + bail("socket permissions and/or ownership has been messed with."); + + if ((s[i] = accept(parents, NULL, 0)) < 0) + baile("accept"); + + FD_SET(s[i], &fds); + if (s[i] > maxfd) + maxfd = s[i]; + + sprintf(cmd, "C+ %d\n", window); + if (write(s[i], cmd, j = strlen(cmd)) != j) + baile("write"); + + if (++i == MAXCLIENTS) + FD_CLR(parents, &fds); + } + } + } +} diff --git a/contrib/opie/opieftpd.8 b/contrib/opie/opieftpd.8 index 1943ce938a48..b527bd2426ca 100644 --- a/contrib/opie/opieftpd.8 +++ b/contrib/opie/opieftpd.8 @@ -1,5 +1,13 @@ .\" opieftpd.8: Manual page describing the FTP daemon. .\" +.\" %%% portions-copyright-cmetz-98 +.\" Portions of this software are Copyright 1998-1999 by Craig Metz, All Rights +.\" Reserved. The Inner Net License Version 2 applies to these portions of +.\" the software. +.\" You should have received a copy of the license with this software. If +.\" you didn't get a copy, you may request one from . +.\" +.\" .\" Portions of this software are Copyright 1995 by Randall Atkinson and Dan .\" McDonald, All Rights Reserved. All Rights under this copyright are assigned .\" to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and @@ -7,6 +15,7 @@ .\" .\" History: .\" +.\" Modified by cmetz for OPIE 2.4. Document -u option. .\" Modified at NRL for OPIE 2.0. .\" Originally from BSD. .\" @@ -59,6 +68,8 @@ opieftpd \- File Transfer Protocol server that uses OPIE authentication .I timeout ] [\-T .I maxtimeout +] [\-u +.I umask ] .SH DESCRIPTION @@ -90,6 +101,9 @@ the maximum period allowed may be set to seconds with the .B \-T option. The default limit is 2 hours. +.B \-u +Set the default umask value to +.I umask. .SH COMMANDS The ftp server currently supports the following ftp requests; case is not distinguished: diff --git a/contrib/opie/opieftpd.c b/contrib/opie/opieftpd.c index 8ef014c007ec..3afb6ca40237 100644 --- a/contrib/opie/opieftpd.c +++ b/contrib/opie/opieftpd.c @@ -1,7 +1,7 @@ /* opieftpd.c: Main program for an FTP daemon. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,8 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Add id parameter to opielogwtmp. Use + opiestrncpy(). Fix incorrect use of setproctitle(). Modified by cmetz for OPIE 2.32. Remove include of dirent.h here; it's done already (and conditionally) in opie_cfg.h. Modified by cmetz for OPIE 2.31. Merged in some 4.4BSD-Lite changes. @@ -241,7 +243,7 @@ static int receive_data __P((FILE *, FILE *)); static char *gunique __P((char *)); static char *sgetsave __P((char *)); -int opielogwtmp __P((char *, char *, char *)); +int opielogwtmp __P((char *, char *, char *, char *)); int fclose __P((FILE *)); @@ -508,7 +510,7 @@ static VOIDRET end_login FUNCTION_NOARGS if (seteuid((uid_t) 0)) syslog(LOG_ERR, "Can't set euid"); if (logged_in) - opielogwtmp(ttyline, "", ""); + opielogwtmp(ttyline, "", "", "ftp"); pw = NULL; logged_in = 0; #if DOANONYMOUS @@ -562,7 +564,7 @@ VOIDRET pass FUNCTION((passwd), char *passwd) /* open wtmp before chroot */ sprintf(ttyline, "ftp%d", getpid()); - opielogwtmp(ttyline, pw->pw_name, remotehost); + opielogwtmp(ttyline, pw->pw_name, remotehost, "ftp"); logged_in = 1; #if DOANONYMOUS @@ -629,11 +631,10 @@ VOIDRET pass FUNCTION((passwd), char *passwd) if (guest) { reply(230, "Guest login ok, access restrictions apply."); #if DOTITLE - sprintf(proctitle, "%s: anonymous/%.*s", remotehost, - sizeof(proctitle) - sizeof(remotehost) - - sizeof(": anonymous/"), passwd); - setproctitle(proctitle); -#endif /* DOTITLE */ + setproctitle("%s: anonymous/%.*s", remotehost, + sizeof(proctitle) - sizeof(remotehost) - sizeof(": anonymous/"), + passwd); +#endif /* DOTITLE */ syslog(LOG_NOTICE, "ANONYMOUS FTP login from %s with ID %s", remotehost, passwd); } else @@ -642,9 +643,8 @@ VOIDRET pass FUNCTION((passwd), char *passwd) reply(230, "User %s logged in.", pw->pw_name); #if DOTITLE - sprintf(proctitle, "%s: %s", remotehost, pw->pw_name); - setproctitle(proctitle); -#endif /* DOTITLE */ + setproctitle("%s: %s", remotehost, pw->pw_name); +#endif /* DOTITLE */ syslog(LOG_INFO, "FTP login from %s with user name %s", remotehost, pw->pw_name); } home = pw->pw_dir; /* home dir for globbing */ @@ -1254,12 +1254,11 @@ static VOIDRET dolog FUNCTION((sin), struct sockaddr_in *sin) time_t t, time(); if (hp) - strncpy(remotehost, hp->h_name, sizeof(remotehost)); + opiestrncpy(remotehost, hp->h_name, sizeof(remotehost)); else - strncpy(remotehost, inet_ntoa(sin->sin_addr), sizeof(remotehost)); + opiestrncpy(remotehost, inet_ntoa(sin->sin_addr), sizeof(remotehost)); #if DOTITLE - sprintf(proctitle, "%s: connected", remotehost); - setproctitle(proctitle); + setproctitle("%s: connected", remotehost); #endif /* DOTITLE */ t = time((time_t *) 0); @@ -1277,7 +1276,7 @@ VOIDRET dologout FUNCTION((status), int status) if (logged_in) { if (seteuid((uid_t) 0)) syslog(LOG_ERR, "Can't set euid"); - opielogwtmp(ttyline, "", ""); + opielogwtmp(ttyline, "", "", "ftp"); } /* beware of flushing buffers after a SIGPIPE */ _exit(status); diff --git a/contrib/opie/opiegen.1 b/contrib/opie/opiegen.1 index 3326ad055ebe..9bc171b18dc1 100644 --- a/contrib/opie/opiegen.1 +++ b/contrib/opie/opiegen.1 @@ -1,7 +1,7 @@ .\" opiegen.1: Manual page for the opiegen(1) program. .\" .\" %%% portions-copyright-cmetz-96 -.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights .\" Reserved. The Inner Net License Version 2 applies to these portions of .\" the software. .\" You should have received a copy of the license with this software. If @@ -14,6 +14,7 @@ .\" .\" History: .\" +.\" Modified by cmetz for OPIE 2.4. Fixed *roff bug. .\" Created by cmetz for OPIE 2.2 from opiekey.1. .\" .ll 6i @@ -56,7 +57,8 @@ wintermute$ .BR opiegen(1) can lull a user into revealing his/her password when remotely logged in, thus defeating the purpose of OPIE. This is especially a problem with xterm. -.BR opiegen(1) implements simple checks to reduce the risk of a user making +.BR opiegen(1) +implements simple checks to reduce the risk of a user making this mistake. Better checks are needed. .LP diff --git a/contrib/opie/opiegen.c b/contrib/opie/opiegen.c index 0cced9872e2b..d48ee0932890 100644 --- a/contrib/opie/opiegen.c +++ b/contrib/opie/opiegen.c @@ -2,7 +2,7 @@ library routine. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/opieinfo.1 b/contrib/opie/opieinfo.1 index 7ab538793267..fded547ef168 100644 --- a/contrib/opie/opieinfo.1 +++ b/contrib/opie/opieinfo.1 @@ -1,7 +1,7 @@ .\" opieinfo.1: Manual page for the opieinfo(1) program. .\" .\" %%% portions-copyright-cmetz-96 -.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights .\" Reserved. The Inner Net License Version 2 applies to these portions of .\" the software. .\" You should have received a copy of the license with this software. If diff --git a/contrib/opie/opieinfo.c b/contrib/opie/opieinfo.c index d667a9ae6d04..1c25f090c7fa 100644 --- a/contrib/opie/opieinfo.c +++ b/contrib/opie/opieinfo.c @@ -2,7 +2,7 @@ opieinfo: Print a user's current OPIE sequence number and seed %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If diff --git a/contrib/opie/opiekey.1 b/contrib/opie/opiekey.1 index 50ac7c10f8be..e110e5e7565b 100644 --- a/contrib/opie/opiekey.1 +++ b/contrib/opie/opiekey.1 @@ -1,7 +1,7 @@ .\" opiekey.1: Manual page for the opiekey(1) program. .\" .\" %%% portions-copyright-cmetz-96 -.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights .\" Reserved. The Inner Net License Version 2 applies to these portions of .\" the software. .\" You should have received a copy of the license with this software. If diff --git a/contrib/opie/opiekey.c b/contrib/opie/opiekey.c index 20f982b641b6..cb80a3b152e9 100644 --- a/contrib/opie/opiekey.c +++ b/contrib/opie/opiekey.c @@ -5,7 +5,7 @@ and outputs a response. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -18,6 +18,7 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Use struct opie_key for key blocks. Modified by cmetz for OPIE 2.31. Renamed "init" and RESPONSE_INIT to "init-hex" and RESPONSE_INIT_HEX. Removed active attack protection support. @@ -132,7 +133,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) int i; int count = 1; char secret[OPIE_SECRET_MAX + 1], newsecret[OPIE_SECRET_MAX + 1]; - char key[8], newkey[8]; + struct opie_otpkey key, newkey; char *seed, newseed[OPIE_SEED_MAX + 1]; char response[OPIE_RESPONSE_MAX + 1]; char *slash; @@ -263,13 +264,13 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) goto error; } - if (opiekeycrunch(algorithm, newkey, newseed, newsecret)) { + if (opiekeycrunch(algorithm, &newkey, newseed, newsecret)) { fprintf(stderr, "%s: key crunch failed (1)\n", argv[0]); goto error; } for (i = 0; i < 499; i++) - opiehash(newkey, algorithm); + opiehash(&newkey, algorithm); } else #if RETYPE getsecret(secret, "", 1); @@ -278,13 +279,13 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) #endif /* RETYPE */ /* Crunch seed and secret password into starting key normally */ - if (opiekeycrunch(algorithm, key, seed, secret)) { + if (opiekeycrunch(algorithm, &key, seed, secret)) { fprintf(stderr, "%s: key crunch failed\n", argv[0]); goto error; } for (i = 0; i <= (keynum - count); i++) - opiehash(key, algorithm); + opiehash(&key, algorithm); { char buf[OPIE_SEED_MAX + 48 + 1]; @@ -297,37 +298,37 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) switch(type) { case RESPONSE_STANDARD: if (hex) - opiebtoh(response, key); + opiebtoh(response, &key); else - opiebtoe(response, key); + opiebtoe(response, &key); break; case RESPONSE_WORD: strcpy(response, "word:"); - strcat(response, opiebtoe(buf, key)); + strcat(response, opiebtoe(buf, &key)); break; case RESPONSE_HEX: strcpy(response, "hex:"); - strcat(response, opiebtoh(buf, key)); + strcat(response, opiebtoh(buf, &key)); break; case RESPONSE_INIT_HEX: case RESPONSE_INIT_WORD: if (type == RESPONSE_INIT_HEX) { strcpy(response, "init-hex:"); - strcat(response, opiebtoh(buf, key)); + strcat(response, opiebtoh(buf, &key)); sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed); strcat(response, buf); - strcat(response, opiebtoh(buf, newkey)); + strcat(response, opiebtoh(buf, &newkey)); } else { strcpy(response, "init-word:"); - strcat(response, opiebtoe(buf, key)); + strcat(response, opiebtoe(buf, &key)); sprintf(buf, ":%s 499 %s:", algids[algorithm], newseed); strcat(response, buf); - strcat(response, opiebtoe(buf, newkey)); + strcat(response, opiebtoe(buf, &newkey)); } break; } puts(response); - opiehash(key, algorithm); + opiehash(&key, algorithm); } } diff --git a/contrib/opie/opielogin.1 b/contrib/opie/opielogin.1 index 7fdeb642e097..0ee2c85538c3 100644 --- a/contrib/opie/opielogin.1 +++ b/contrib/opie/opielogin.1 @@ -1,7 +1,7 @@ .\" opielogin.1: Manual page for the opielogin(1) program. .\" .\" %%% portions-copyright-cmetz-96 -.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights .\" Reserved. The Inner Net License Version 2 applies to these portions of .\" the software. .\" You should have received a copy of the license with this software. If diff --git a/contrib/opie/opielogin.c b/contrib/opie/opielogin.c index 8ca8de075866..1e5a8af89d3e 100644 --- a/contrib/opie/opielogin.c +++ b/contrib/opie/opielogin.c @@ -1,7 +1,7 @@ /* opielogin.c: The infamous /bin/login %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,13 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Omit "/dev/" in lastlog entry. + Don't chdir for invalid users. Fixed bug where getloginname() + didn't actually change spaces to underscores. Use struct + opie_key for key blocks. Do the home directory chdir() after + doing the setuid() in case we're on superuser-mapped NFS. + Initialize some variables explicitly. Call opieverify() if + login times out. Use opiestrncpy(). Modified by cmetz for OPIE 2.32. Partially handle environment variables on the command line (a better implementation is coming soon). Handle failure to issue a challenge more @@ -157,13 +164,13 @@ License Agreement applies to this software. static int rflag = 0; static int usererr = -1; -static int stopmotd; +static int stopmotd = 0; static char rusername[NMAX + 1]; static char name[NMAX + 1] = ""; static char minusnam[16] = "-"; static char *envinit[1]; /* now set by setenv calls */ -static char term[64] = "\0"; /* important to initialise to a NULL string */ -static char host[HMAX + 1] = "\0"; +static char term[64] = ""; /* important to initialise to a NULL string */ +static char host[HMAX + 1] = ""; static struct passwd nouser; static struct passwd thisuser; @@ -208,6 +215,9 @@ static void getstr __P((char *, int, char *)); #undef TRUE #define TRUE -1 +static int need_opieverify = 0; +static struct opie opie; + #ifdef TIOCSWINSZ /* Windowing variable relating to JWINSIZE/TIOCSWINSZ/TIOCGWINSZ. This is available on BSDish systems and at least Solaris 2.x, but portability to @@ -276,8 +286,7 @@ static int lookupuser FUNCTION_NOARGS static VOIDRET getloginname FUNCTION_NOARGS { - register char *namep; - char c, d; + char *namep, d; int flags; static int first = 1; @@ -291,7 +300,7 @@ static VOIDRET getloginname FUNCTION_NOARGS flags = 4; first--; } else - printf("%s", ttyprompt); + printf(ttyprompt); } else printf("login: "); fflush(stdout); @@ -302,8 +311,8 @@ static VOIDRET getloginname FUNCTION_NOARGS exit(0); } for (namep = name; *namep; namep++) { - if (c == ' ') - c = '_'; + if (*namep == ' ') + *namep = '_'; } } } @@ -313,6 +322,10 @@ static VOIDRET timedout FUNCTION((i), int i) /* input variable declared just to keep the compiler quiet */ printf("Login timed out after %d seconds\n", timeout); syslog(LOG_CRIT, "Login timed out after %d seconds!", timeout); + + if (need_opieverify) + opieverify(&opie, NULL); + exit(0); } @@ -632,7 +645,6 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) { extern char **environ; register char *namep; - struct opie opie; int invalid, quietlog; FILE *nlfd; @@ -643,7 +655,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) char *p; char opieprompt[OPIE_CHALLENGE_MAX + 1]; int af_pwok; - int authsok; + int authsok = 0; char *pp; char buf[256]; int uid; @@ -651,7 +663,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) #ifndef DEBUG if (geteuid()) { - fprintf(stderr, "This program requires super-user priveleges.\n"); + fprintf(stderr, "This program requires super-user privileges.\n"); exit(1); } #endif /* DEBUG */ @@ -669,7 +681,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) #ifdef DEBUG syslog(LOG_DEBUG, "environment TERM=%s", p); #endif /* DEBUG */ - strncpy(term, p, sizeof(term)); + opiestrncpy(term, p, sizeof(term)); }; memset(&nouser, 0, sizeof(nouser)); @@ -696,13 +708,9 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) #endif #ifdef DEBUG - { - int foo; - - syslog(LOG_DEBUG, "my args are: (argc=%d)", foo = argc); - while (--foo) - syslog(LOG_DEBUG, "%d: %s", foo, argv[foo]); - } + syslog(LOG_DEBUG, "my args are: (argc=%d)", i = argc); + while (--i) + syslog(LOG_DEBUG, "%d: %s", i, argv[i]); #endif /* DEBUG */ /* Implement our own getopt()-like functionality, but do so in a much more @@ -742,7 +750,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) if (!doremotelogin(ouroptarg)) rflag = 1; - strncpy(host, ouroptarg, sizeof(host)); + opiestrncpy(host, ouroptarg, sizeof(host)); break; case 'h': @@ -759,7 +767,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) if (!(ouroptarg = argv[ouroptind])) exit(1); - strncpy(host, ouroptarg, sizeof(host)); + opiestrncpy(host, ouroptarg, sizeof(host)); } break; @@ -776,7 +784,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) if (!(ouroptarg = argv[ouroptind])) exit(1); - strncpy(name, ouroptarg, sizeof(name)); + opiestrncpy(name, ouroptarg, sizeof(name)); break; case 'p': pflag = 1; @@ -788,8 +796,8 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) if (strchr(argv[ouroptind], '=')) { if (!strncmp(argv[ouroptind], "TERM=", 5)) { - strncpy(term, &(argv[ouroptind][5]), sizeof(term)); - term[sizeof(term) - 1] = 0; + opiestrncpy(term, &(argv[ouroptind][5]), sizeof(term)); + #ifdef DEBUG syslog(LOG_DEBUG, "passed TERM=%s, ouroptind = %d", term, ouroptind); #endif /* DEBUG */ @@ -801,7 +809,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) continue; }; - strncpy(name, argv[ouroptind], sizeof(name)); + opiestrncpy(name, argv[ouroptind], sizeof(name)); }; #ifdef TIOCNXCL @@ -1088,6 +1096,7 @@ completeness, but these are set within appropriate defines for portability. */ /* Attempt a one-time password challenge */ i = opiechallenge(&opie, name, opieprompt); + need_opieverify = TRUE; if ((i < 0) || (i > 1)) { syslog(LOG_ERR, "error: opiechallenge() returned %d, errno=%d!\n", i, errno); @@ -1126,7 +1135,7 @@ completeness, but these are set within appropriate defines for portability. */ if (!opiereadpass(buf, sizeof(buf), !(authsok & 2))) invalid = TRUE; #else /* NEW_PROMPTS */ - if (!(authsok & 1) && authsok) + if ((authsok & 3) == 1) printf("(OTP response required)\n"); printf("Password:"); fflush(stdout); @@ -1150,6 +1159,7 @@ completeness, but these are set within appropriate defines for portability. */ if (authsok & 1) { i = opiegetsequence(&opie); opiepassed = !opieverify(&opie, buf); + need_opieverify = 0; #ifdef DEBUG syslog(LOG_DEBUG, "opiepassed = %d", opiepassed); @@ -1209,15 +1219,6 @@ completeness, but these are set within appropriate defines for portability. */ } if (*thisuser.pw_shell == '\0') thisuser.pw_shell = "/bin/sh"; - if ((chdir(thisuser.pw_dir) < 0) && !invalid) { - if (chdir("/") < 0) { - printf("No directory!\n"); - invalid = TRUE; - } else { - printf("No directory! %s\n", "Logging in with HOME=/"); - strcpy(thisuser.pw_dir, "/"); - } - } /* Remote login invalid must have been because of a restriction of some sort, no extra chances. */ if (invalid) { @@ -1271,8 +1272,11 @@ completeness, but these are set within appropriate defines for portability. */ lseek(f, (long)thisuser.pw_uid * sizeof(struct lastlog), 0); time(&ll.ll_time); - strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); - strncpy(ll.ll_host, host, sizeof(ll.ll_host)); + if (!strncmp(tty, "/dev/", 5)) + opiestrncpy(ll.ll_line, tty + 5, sizeof(ll.ll_line)); + else + opiestrncpy(ll.ll_line, tty, sizeof(ll.ll_line)); + opiestrncpy(ll.ll_host, host, sizeof(ll.ll_host)); write(f, (char *) &ll, sizeof ll); close(f); } @@ -1312,6 +1316,21 @@ interested in hearing of a more portable approach. rja */ environ = envinit; setenv("HOME", thisuser.pw_dir, 1); setenv("SHELL", thisuser.pw_shell, 1); + + if (chdir(thisuser.pw_dir) < 0) { +#if DEBUG + syslog(LOG_DEBUG, "chdir(%s): %s(%d)", thisuser.pw_dir, strerror(errno), + errno); +#endif /* DEBUG */ + if (chdir("/") < 0) { + printf("No directory!\n"); + invalid = TRUE; + } else { + printf("No directory! %s\n", "Logging in with HOME=/"); + strcpy(thisuser.pw_dir, "/"); + } + } + if (!term[0]) { #if HAVE_GETTTYNAM /* @@ -1328,7 +1347,7 @@ interested in hearing of a more portable approach. rja */ c = tty; if (t = getttynam(c)) - strncpy(term, t->ty_type, sizeof(term)); + opiestrncpy(term, t->ty_type, sizeof(term)); else #endif /* HAVE_GETTTYNAM */ strcpy(term, "unknown"); @@ -1407,8 +1426,7 @@ interested in hearing of a more portable approach. rja */ char buf[128]; int len; - strncpy(buf, PATH_MAIL, sizeof(buf) - 2); - buf[sizeof(buf) - 2] = 0; + opiestrncpy(buf, PATH_MAIL, sizeof(buf) - 2); len = strlen(buf); if (*(buf + len - 1) != '/') { diff --git a/contrib/opie/opiepasswd.1 b/contrib/opie/opiepasswd.1 index d37c93afb137..e1c93fbd1170 100644 --- a/contrib/opie/opiepasswd.1 +++ b/contrib/opie/opiepasswd.1 @@ -1,7 +1,7 @@ .\" opiepasswd.1: Manual page for the opiepasswd(1) program. .\" .\" %%% portions-copyright-cmetz-96 -.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights .\" Reserved. The Inner Net License Version 2 applies to these portions of .\" the software. .\" You should have received a copy of the license with this software. If @@ -14,6 +14,7 @@ .\" .\" History: .\" +.\" Modified by cmetz for OPIE 2.4. Fixed spelling bug. .\" Modified by cmetz for OPIE 2.3. Added -f flag documentation. .\" Updated console example. .\" Modified by cmetz for OPIE 2.2. Removed MJR DES documentation. @@ -35,7 +36,7 @@ system. [\-v] [\-h] [\-c|\-d] [\-f] .sp 0 [\-n -.I inital_sequence_number +.I initial_sequence_number ] [\-s .I seed diff --git a/contrib/opie/opiepasswd.c b/contrib/opie/opiepasswd.c index 9cccb997aeb9..5e491440062c 100644 --- a/contrib/opie/opiepasswd.c +++ b/contrib/opie/opiepasswd.c @@ -1,7 +1,7 @@ /* opiepasswd.c: Add/change an OTP password in the key database. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,8 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Use struct opie_key for key blocks. + Use opiestrncpy(). Modified by cmetz for OPIE 2.32. Use OPIE_SEED_MAX instead of hard coding the length. Unlock user on failed lookup. Modified by cmetz for OPIE 2.3. Got of some variables and made some @@ -95,12 +97,13 @@ static VOIDRET finish FUNCTION((name), char *name) } printf("OTP key is %d %s\n", opie.opie_n, opie.opie_seed); { - char key[8]; - if (!opieatob8(key, opie.opie_val)) { + struct opie_otpkey key; + + if (!opieatob8(&key, opie.opie_val)) { fprintf(stderr, "Error verifying key -- possible database corruption.\n"); finish(NULL); } - printf("%s\n", opiebtoe(buf, key)); + printf("%s\n", opiebtoe(buf, &key)); } } @@ -154,8 +157,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) OPIE_SEED_MIN, OPIE_SEED_MAX); finish(NULL); } - strncpy(seed, optarg, sizeof(seed)); - seed[sizeof(seed) - 1] = 0; + opiestrncpy(seed, optarg, sizeof(seed)); break; default: usage(argv[0]); @@ -240,7 +242,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) { char *c; if (c = strrchr(tmp, ' ')) - strncpy(oseed, c + 1, sizeof(oseed)); + opiestrncpy(oseed, c + 1, sizeof(oseed)); else { #if DEBUG fprintf(stderr, "opiepasswd: bogus challenge\n"); @@ -276,7 +278,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) { char *c; if (c = strrchr(tmp, ' ')) - strncpy(nseed, c + 1, sizeof(nseed)); + opiestrncpy(nseed, c + 1, sizeof(nseed)); else { #if DEBUG fprintf(stderr, "opiepasswd: bogus challenge\n"); @@ -347,18 +349,18 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) finish(NULL); } { - char key[8]; + struct opie_otpkey key; char tbuf[OPIE_RESPONSE_MAX + 1]; - if (opiekeycrunch(MDX, key, opie.opie_seed, passwd) != 0) { + if (opiekeycrunch(MDX, &key, opie.opie_seed, passwd) != 0) { fprintf(stderr, "%s: key crunch failed. Secret pass phrase unchanged\n", argv[0]); finish(NULL); } memset(passwd, 0, sizeof(passwd)); i = opie.opie_n - 1; while (i-- != 0) - opiehash(key, MDX); - opiebtoe(tbuf, key); + opiehash(&key, MDX); + opiebtoe(tbuf, &key); if (opieverify(&opie, tbuf)) { fprintf(stderr, "Sorry.\n"); finish(NULL); diff --git a/contrib/opie/opieserv.1 b/contrib/opie/opieserv.1 index 021228d67ac0..7007f432b775 100644 --- a/contrib/opie/opieserv.1 +++ b/contrib/opie/opieserv.1 @@ -1,7 +1,7 @@ .\" opieserv.1: Manual page for the opieserv(1) program. .\" .\" %%% portions-copyright-cmetz-96 -.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights .\" Reserved. The Inner Net License Version 2 applies to these portions of .\" the software. .\" You should have received a copy of the license with this software. If diff --git a/contrib/opie/opieserv.c b/contrib/opie/opieserv.c index 1626a786d8fd..db5c66b0189b 100644 --- a/contrib/opie/opieserv.c +++ b/contrib/opie/opieserv.c @@ -2,8 +2,8 @@ opieverify() library routines. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . diff --git a/contrib/opie/opiesu.1 b/contrib/opie/opiesu.1 index cbb15bd37469..29f553a25b62 100644 --- a/contrib/opie/opiesu.1 +++ b/contrib/opie/opiesu.1 @@ -1,7 +1,7 @@ .\" opiesu.c: Manual page for the opiesu(1) program. .\" .\" %%% portions-copyright-cmetz-96 -.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights .\" Reserved. The Inner Net License Version 2 applies to these portions of .\" the software. .\" You should have received a copy of the license with this software. If diff --git a/contrib/opie/opiesu.c b/contrib/opie/opiesu.c index e2bbdb807537..329679fcc61f 100644 --- a/contrib/opie/opiesu.c +++ b/contrib/opie/opiesu.c @@ -1,7 +1,7 @@ /* opiesu.c: main body of code for the su(1m) program %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -14,6 +14,8 @@ License Agreement applies to this software. History: + Modified by cmetz for OPIE 2.4. Check euid on startup. Use + opiestrncpy(). Modified by cmetz for OPIE 2.32. Set up TERM and PATH correctly. Modified by cmetz for OPIE 2.31. Fix sulog(). Replaced Getlogin() with currentuser. Fixed fencepost error in month printed by sulog(). @@ -302,6 +304,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) argv++; } + { struct passwd *pwd; char *p = getlogin(); @@ -314,14 +317,12 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) #endif /* HAVE_SULOG */ exit(1); } - strncpy(buf, pwd->pw_name, sizeof(buf)-1); - buf[sizeof(buf)-1] = 0; + opiestrncpy(buf, pwd->pw_name, sizeof(buf)); if (!p) p = "unknown"; - strncpy(currentuser, p, 31); - currentuser[31] = 0; + opiestrncpy(currentuser, p, 31); if (p && *p && strcmp(currentuser, buf)) { strcat(currentuser, "("); @@ -338,6 +339,15 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) exit(1); } + if (geteuid()) { + syslog(LOG_CRIT, "'%s' failed for %s on %s: not running with superuser priveleges", argvbuf, currentuser, ttyname(2)); +#if HAVE_SULOG + sulog(0, NULL); +#endif /* HAVE_SULOG */ + fprintf(stderr, "You do not have permission to su %s\n", user); + exit(1); + }; + /* Implement the BSD "wheel group" su restriction. */ #if DOWHEEL /* Only allow those in group zero to su to root? */ diff --git a/contrib/opie/opietest.c b/contrib/opie/opietest.c index 91a7e9525271..004d2647b948 100644 --- a/contrib/opie/opietest.c +++ b/contrib/opie/opietest.c @@ -9,13 +9,14 @@ on your system. The converse is not such a safe statement. %%% copyright-cmetz-96 -This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved. -The Inner Net License Version 2 applies to this software. +This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved. +The Inner Net License Version 3 applies to this software. You should have received a copy of the license with this software. If you didn't get a copy, you may request one from . History: + Modified by cmetz for OPIE 2.4. Use struct opie_key for key blocks. Modified by cmetz for OPIE 2.31. Added a couple of new checks, removed a few commented-out checks for functions that no longer exist, added test-skip capability. @@ -34,12 +35,13 @@ char buffer[1024]; int testatob8() { static char testin[] = "0123456789abcdef"; - static unsigned char testout[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; - - if (!opieatob8(buffer, testin)) + static unsigned char testout[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; + struct opie_otpkey key; + + if (!opieatob8(&key, testin)) return -1; - if (memcmp(buffer, testout, sizeof(testout))) + if (memcmp(&key, testout, sizeof(testout))) return -1; return 0; @@ -47,10 +49,13 @@ int testatob8() int testbtoa8() { - static unsigned char testin[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; + static unsigned char testin[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; static char testout[] = "0123456789abcdef"; + struct opie_otpkey testin_aligned; + + memcpy(&testin_aligned, testin, sizeof(struct opie_otpkey)); - if (!opiebtoa8(buffer, testin)) + if (!opiebtoa8(buffer, &testin_aligned)) return -1; if (memcmp(buffer, testout, sizeof(testout))) @@ -61,10 +66,13 @@ int testbtoa8() int testbtoe() { - static unsigned char testin[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; + static unsigned char testin[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; static char testout[] = "AIM HEW BLUM FED MITE WARM"; + struct opie_otpkey testin_aligned; + + memcpy(&testin_aligned, testin, sizeof(struct opie_otpkey)); - if (!opiebtoe(buffer, testin)) + if (!opiebtoe(buffer, &testin_aligned)) return -1; if (memcmp(buffer, testout, sizeof(testout))) @@ -76,12 +84,13 @@ int testbtoe() int testetob() { static char testin[] = "AIM HEW BLUM FED MITE WARM"; - static unsigned char testout[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; + static unsigned char testout[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; + struct opie_otpkey key; - if (opieetob(buffer, testin) != 1) + if (opieetob(&key, testin) != 1) return -1; - if (memcmp(buffer, testout, sizeof(testout))) + if (memcmp(&key, testout, sizeof(testout))) return -1; return 0; @@ -116,12 +125,15 @@ int testgetsequence() int testhashmd4() { - static unsigned char testin[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; - static unsigned char testout[] = { 0x9f, 0x40, 0xfb, 0x84, 0xb, 0xf8, 0x7f, 0x4b }; + static unsigned char testin[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; + static unsigned char testout[sizeof(struct opie_otpkey)] = { 0x9f, 0x40, 0xfb, 0x84, 0xb, 0xf8, 0x7f, 0x4b }; + struct opie_otpkey testin_aligned; - opiehash(testin, 4); + memcpy(&testin_aligned, testin, sizeof(struct opie_otpkey)); - if (memcmp(testin, testout, sizeof(testout))) + opiehash(&testin_aligned, 4); + + if (memcmp(&testin_aligned, testout, sizeof(struct opie_otpkey))) return -1; return 0; @@ -131,10 +143,13 @@ int testhashmd5() { static unsigned char testin[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; static unsigned char testout[] = { 0x78, 0xdd, 0x1a, 0x37, 0xf8, 0x91, 0x54, 0xe1 }; + struct opie_otpkey testin_aligned; - opiehash(testin, 5); + memcpy(&testin_aligned, testin, sizeof(struct opie_otpkey)); - if (memcmp(testin, testout, sizeof(testout))) + opiehash(&testin_aligned, 5); + + if (memcmp(&testin_aligned, testout, sizeof(struct opie_otpkey))) return -1; return 0; @@ -151,12 +166,13 @@ int testkeycrunch() { static char testin1[] = "ke1234"; static char testin2[] = "this is a test"; - static unsigned char testout[] = { 0x2e, 0xd3, 0x5d, 0x74, 0x3e, 0xa9, 0xe9, 0xe8 }; + static unsigned char testout[sizeof(struct opie_otpkey)] = { 0x2e, 0xd3, 0x5d, 0x74, 0x3e, 0xa9, 0xe9, 0xe8 }; + struct opie_otpkey opie_otpkey; - if (opiekeycrunch(5, buffer, testin1, testin2)) + if (opiekeycrunch(5, &opie_otpkey, testin1, testin2)) return -1; - if (memcmp(buffer, testout, sizeof(testout))) + if (memcmp(&opie_otpkey, testout, sizeof(struct opie_otpkey))) return -1; return 0; diff --git a/contrib/opie/permsfile.c b/contrib/opie/permsfile.c index 13b3ea3b44f2..ece04b5590b4 100644 --- a/contrib/opie/permsfile.c +++ b/contrib/opie/permsfile.c @@ -2,7 +2,7 @@ functionality to set device permissions on login %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If @@ -48,7 +48,7 @@ char **ftpglob __P((char *)); VOIDRET opiefatal FUNCTION((x), char *x) { - fprintf(stderr, "%s", x); + fprintf(stderr, x); exit(1); } diff --git a/contrib/opie/popen.c b/contrib/opie/popen.c index 3cc307883cae..d5ad0f0658b1 100644 --- a/contrib/opie/popen.c +++ b/contrib/opie/popen.c @@ -1,7 +1,7 @@ /* popen.c: A "safe" pipe open routine. %%% portions-copyright-cmetz-96 -Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights +Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights Reserved. The Inner Net License Version 2 applies to these portions of the software. You should have received a copy of the license with this software. If