This commit was generated by cvs2svn to compensate for changes in r92906,
which included commits to RCS files with non-trunk default branches.
This commit is contained in:
commit
7b0f9607c9
@ -1,11 +1,12 @@
|
||||
OPIE Software Distribution, Release 2.32 Bug Reporting Form
|
||||
======================================== ==================
|
||||
OPIE Software Distribution, Release 2.4 Bug Reporting Form
|
||||
======================================= ==================
|
||||
|
||||
Before submitting a bug report, please check the README file and make
|
||||
sure that your "bug" is not a known problem.
|
||||
|
||||
Please make a copy of this file and then edit it with your favorite
|
||||
text editor to include the answers to the following questions:
|
||||
text editor (NOT a word processor; the end result needs to be reasonable ASCII
|
||||
text) to include the answers to the following questions:
|
||||
|
||||
1. Your name and electronic mail address, in case we need more information.
|
||||
If you can provide multiple addresses, please do so in case we
|
||||
@ -76,7 +77,7 @@ Copyright
|
||||
=========
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,5 +1,5 @@
|
||||
OPIE Software Distribution, Release 2.31 Installation Instructions
|
||||
======================================== =========================
|
||||
OPIE Software Distribution, Release 2.4 Installation Instructions
|
||||
======================================= =========================
|
||||
|
||||
Did you read the README file?
|
||||
|
||||
@ -26,11 +26,102 @@ hole, but a necessary evil for some sites), type:
|
||||
|
||||
If you'd like the file to go somewhere else, adjust this appropriately.
|
||||
|
||||
There are a number of configure-time options available for OPIE. To
|
||||
get a list, type:
|
||||
There are a number of configure-time options available for OPIE. You
|
||||
probably don't want to change the defaults. To get a complete listing of the
|
||||
currently available options, type:
|
||||
|
||||
sh configure --help
|
||||
|
||||
Some options that may be of interest are:
|
||||
|
||||
--enable-access-file=FILENAME: Enable the OPIE access file FILENAME
|
||||
The OPIE access file provides a system administrator with the ability
|
||||
to make the use of OTP optional for certain hosts. Note that individual
|
||||
users can create a file named ".opiealways" in their home directory to
|
||||
require that OTP be used to access to their account. Note also that the
|
||||
access file is based on addresses, but many of the clients that use it
|
||||
are only given hostnames. This opens this entire scheme up to DNS
|
||||
spoofing attacks, which is a major security problem. ALWAYS use a
|
||||
package such as tcp_wrappers configured to do paranoid checking on DNS
|
||||
information if you enable this option (it's good practice anyway).
|
||||
|
||||
--enable-server-md4: Use MD4 instead of MD5 for the server
|
||||
The old S/Key package used MD4 instead of MD5. MD4 is believed to be
|
||||
less secure than MD5. Use this option only for compatibility with old
|
||||
key files.
|
||||
|
||||
--disable-user-locking: Disable user locking
|
||||
OPIE only allows one session at a time to attempt to authenticate a
|
||||
principal; this prevents a possible race attack on OTP. This locking
|
||||
mechanism can cause problems in some applications, in which case you
|
||||
might want to disable the locking. This option also provides a work-
|
||||
around if the locking code doesn't work reliably on your system.
|
||||
|
||||
--enable-user-locking[=DIR]: Put user lock files in DIR [/etc/opielocks]
|
||||
The OPIE lock files need to be put in an isolated directory that is
|
||||
only accessable by the super-user and has a parent directory that is
|
||||
only writable by the super-user. If you are trying to use OPIE with
|
||||
the key file shared by NFS, you need to make the lock directory
|
||||
shared too. (But you read the README file, so you knew this)
|
||||
|
||||
--enable-retype: Ask users to re-type their secret pass phrases
|
||||
On the one hand, this helps prevent users from having to go generate
|
||||
an OTP, type it into a remote system, and then found out they
|
||||
mistyped. On the other hand, it's annoying. If this is enabled, users
|
||||
can simply hit return at the second prompt and the generator will skip
|
||||
the retype check, which allows users who don't like the retype check
|
||||
to mostly skip it.
|
||||
|
||||
--enable-su-star-check: Refuse to switch to disabled accounts
|
||||
On many systems, an asterisk means one thing and one thing only: this
|
||||
account is never meant for human users. Therefore, it doesn't make
|
||||
much sense for anyone other than an attacker to try to su to that
|
||||
account. Enabling this check causes su to refuse to switch to
|
||||
accounts with an asterisk in their password field. While probably
|
||||
better for security, this is not compatible with traditional *IX su
|
||||
behavior, so it is disabled by default
|
||||
|
||||
--disable-new-prompts: Use more compatible (but less informative) prompts
|
||||
OPIE uses login prompts that tell you exactly what kind of response
|
||||
(an OTP response and/or a cleartext password) it expects you to give.
|
||||
This can break automatic login scripts that look for 'Password:' as
|
||||
the prompt for the password. If you have users that use such scripts,
|
||||
you might want to disable the more informative responses so as not to
|
||||
break those scripts.
|
||||
|
||||
--enable-insecure-override: Allow users to override insecure checks
|
||||
While OPIE cannot determine whether or not a session is secure, it can
|
||||
check for fairly common signs that it isn't secure. If it believes the
|
||||
session is insecure, some programs like opiekey will refuse to run
|
||||
because they prompt the user to send a secret pass phrase. Sometimes
|
||||
these checks declare a session insecure when it is, and sometimes the
|
||||
user wants to continue anyway even if the session is insecure. If this
|
||||
option is enabled, many commands gain a '-f' option to force them to
|
||||
operate even if OPIE thinks the session is insecure.
|
||||
|
||||
--enable-anonymous-ftp Enable anonymous FTP support
|
||||
By default, the OPIE FTP daemon does not support anonymous FTP
|
||||
service. The FTP daemon contains many security related bug fixes
|
||||
relative to the original source, but bugs probably remain. It was not
|
||||
intended to be used for anonymous FTP, where it is more open to the
|
||||
commands of potentially hostile users. If you enable this option, it
|
||||
will once again support anonymous FTP, but it probably isn't secure
|
||||
when that way.
|
||||
|
||||
--disable-utmp Disable utmp logging
|
||||
--disable-wtmp Disable wtmp logging
|
||||
On some systems, logging to the utmp and/or wtmp files is just a lost
|
||||
cause. If this is the case on your system, you might be better off
|
||||
not having OPIE even try.
|
||||
|
||||
--enable-opieauto Enable support for opieauto
|
||||
opieauto is a facility that caches an intermediate result of the OTP
|
||||
generator so that a user-selected number of OTPs can be generated on
|
||||
demand for each time the user types in the secret pass phrase. This
|
||||
is great for user convenience, as typing a twenty or thirty character
|
||||
secret pass phrase can be annoying. It can also be a minor security
|
||||
hole (see the README for details).
|
||||
|
||||
2. Edit the Makefile
|
||||
|
||||
The Makefile contains some options that you may wish to modify. Also
|
||||
@ -75,7 +166,7 @@ Copyright
|
||||
=========
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -2,7 +2,7 @@
|
||||
# Makefile.source and Makefile: Directions for building and installing OPIE.
|
||||
#
|
||||
# %%% portions-copyright-cmetz-96
|
||||
# Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
# Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
# Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
# the software.
|
||||
# You should have received a copy of the license with this software. If
|
||||
@ -15,6 +15,9 @@
|
||||
#
|
||||
# History:
|
||||
#
|
||||
# Modified by cmetz for OPIE 2.4. Add libmissing to include header path.
|
||||
# Renamed realclean to distclean. Added opieauto rules. Made
|
||||
# system program install more tolerant of non-existent files.
|
||||
# Modified by cmetz for OPIE 2.31. Moved logwtmp.o into libopie.
|
||||
# Modified by cmetz for OPIE 2.3. Removed manual config -- it's
|
||||
# Autoconf or bust. Replaced user configuration options
|
||||
@ -80,9 +83,9 @@ SHELL=/bin/sh
|
||||
OWNER=0
|
||||
GROUP=bin
|
||||
|
||||
# Where should the OPIE standard and extended databases be stored?
|
||||
# Where should the OPIE standard and extended databases be stored?
|
||||
#
|
||||
# Some sites might want to put this elsewhere. If you want to use an old
|
||||
# Some sites might want to put this elsewhere. If you want to use an old
|
||||
# S/Key database, you should create a link from /etc/skeykeys to /etc/opiekeys.
|
||||
KEY_FILE=/etc/opiekeys
|
||||
|
||||
@ -115,10 +118,11 @@ SU=@SU@
|
||||
ALT_SU=@ALT_SU@
|
||||
LOGIN=@LOGIN@
|
||||
LOCK_DIR=@LOCK_DIR@
|
||||
OPIEAUTO=@OPIEAUTO@
|
||||
|
||||
BACKUP=opie.old
|
||||
|
||||
CFLAGS=$(DEBUG)
|
||||
CFLAGS=$(DEBUG) -Ilibmissing
|
||||
|
||||
LFLAGS=-Llibopie -Llibmissing -lopie $(LIBS) -lmissing -lopie
|
||||
LDEPS=libmissing/libmissing.a libopie/libopie.a
|
||||
@ -128,17 +132,19 @@ all: client server
|
||||
ifdefs:
|
||||
egrep '^#*if*def' *.c *.h | cut -f2 -d: | sort | uniq
|
||||
|
||||
client: libopie/libopie.a libmissing/libmissing.a opietest-passed opiekey opiegen
|
||||
client: libopie/libopie.a libmissing/libmissing.a opietest-passed opiekey opiegen $(OPIEAUTO)
|
||||
|
||||
client-install: client
|
||||
@echo "Installing OPIE client software..."
|
||||
@echo "Copying OPIE key-related files"
|
||||
@if test ! -d $(LOCALBIN); then $(MKDIR) $(LOCALBIN); chmod 755 $(LOCALBIN); fi
|
||||
@cp opiekey $(LOCALBIN)
|
||||
@cp opiekey $(OPIEAUTO) $(LOCALBIN)
|
||||
@$(CHOWN) $(OWNER) $(LOCALBIN)/opiekey
|
||||
@if test ! -z "$(OPIEAUTO)"; then $(CHOWN) $(OWNER) $(LOCALBIN)/opieauto; fi
|
||||
@chgrp $(GROUP) $(LOCALBIN)/opiekey
|
||||
@echo "Changing file permissions"
|
||||
@chmod 0511 $(LOCALBIN)/opiekey
|
||||
@if test ! -z "$(OPIEAUTO)"; then chmod 0511 $(LOCALBIN)/opieauto; fi
|
||||
@echo "Symlinking aliases to opiekey"
|
||||
@-ln -s $(LOCALBIN)/opiekey $(LOCALBIN)/otp-md4
|
||||
@-ln -s $(LOCALBIN)/opiekey $(LOCALBIN)/otp-md5
|
||||
@ -160,32 +166,75 @@ server-install: server
|
||||
@chmod 0555 $(LOCALBIN)/opieinfo
|
||||
@chmod 4511 $(LOCALBIN)/opiepasswd
|
||||
@echo "Installing OPIE system programs..."
|
||||
@if test ! $(EXISTS) $(LOGIN).$(BACKUP); then echo "Renaming existing $(LOGIN) to $(LOGIN).$(BACKUP)"; mv $(LOGIN) $(LOGIN).$(BACKUP); echo "Clearing permissions on old $(LOGIN)"; chmod 0 $(LOGIN).$(BACKUP); fi
|
||||
@echo "Copying opielogin to $(LOGIN)"
|
||||
@cp opielogin $(LOGIN)
|
||||
@echo "Changing ownership of $(LOGIN)"
|
||||
@$(CHOWN) $(OWNER) $(LOGIN)
|
||||
@chgrp $(GROUP) $(LOGIN)
|
||||
@echo "Changing file permissions of $(LOGIN)"
|
||||
@chmod 4111 $(LOGIN)
|
||||
@if test ! $(EXISTS) $(SU).$(BACKUP); then echo "Renaming existing su to su.$(BACKUP)"; mv $(SU) $(SU).$(BACKUP); echo "Clearing permissions on old su"; chmod 0 $(SU).$(BACKUP); fi
|
||||
@-if test ! -z "$(ALT_SU)"; then if test ! $(EXISTS) $(ALT_SU).$(BACKUP); then echo "Renaming existing su to su.$(BACKUP)"; mv $(ALT_SU) $(ALT_SU).$(BACKUP); fi; echo "Copying opiesu to su"; cp opiesu $(ALT_SU); echo "Changing ownership"; $(CHOWN) $(OWNER) $(ALT_SU); chgrp $(GROUP) $(ALT_SU); echo "Changing file permissions"; chmod 4111 $(ALT_SU); echo "Clearning permissions on old su"; chmod 0 $(ALT_SU).$(BACKUP); fi
|
||||
@echo "Copying opiesu to su"
|
||||
@cp opiesu $(SU)
|
||||
@echo "Changing ownership of su"
|
||||
@$(CHOWN) $(OWNER) $(SU)
|
||||
@chgrp $(GROUP) $(SU)
|
||||
@echo "Changing file permissions of su"
|
||||
@chmod 4111 $(SU)
|
||||
@if test ! $(EXISTS) $(FTPD).$(BACKUP); then echo "Renaming existing ftp daemon to $(FTPD).$(BACKUP)"; mv $(FTPD) $(FTPD).$(BACKUP); echo "Clearing permissions on old ftp daemon"; chmod 0 $(FTPD).$(BACKUP); fi
|
||||
@echo "Copying OPIE ftp daemon"
|
||||
@cp opieftpd $(FTPD)
|
||||
@echo "Changing ownership of ftpd"
|
||||
@$(CHOWN) $(OWNER) $(FTPD)
|
||||
@chgrp $(GROUP) $(FTPD)
|
||||
@echo "Changing file permissions of ftpd"
|
||||
@chmod 0100 $(FTPD)
|
||||
@echo "Making sure OPIE database file exists"
|
||||
@if test ! -z $(LOGIN); \
|
||||
then \
|
||||
if test ! $(EXISTS) $(LOGIN).$(BACKUP); \
|
||||
then \
|
||||
echo "Renaming existing $(LOGIN) to $(LOGIN).$(BACKUP)"; \
|
||||
mv $(LOGIN) $(LOGIN).$(BACKUP); \
|
||||
echo "Clearing permissions on $(LOGIN)"; \
|
||||
chmod 0 $(LOGIN).$(BACKUP); \
|
||||
fi; \
|
||||
echo "Copying OPIE login to $(LOGIN)"; \
|
||||
cp opielogin $(LOGIN); \
|
||||
echo "Changing ownership of $(LOGIN)"; \
|
||||
$(CHOWN) $(OWNER) $(LOGIN); \
|
||||
chgrp $(GROUP) $(LOGIN); \
|
||||
echo "Changing file permissions of $(LOGIN)"; \
|
||||
chmod 4111 $(LOGIN); \
|
||||
fi
|
||||
@if test ! -z $(SU); \
|
||||
then \
|
||||
if test ! $(EXISTS) $(SU).$(BACKUP); \
|
||||
then \
|
||||
echo "Renaming existing $(SU) to $(SU).$(BACKUP)"; \
|
||||
mv $(SU) $(SU).$(BACKUP); \
|
||||
echo "Clearing permissions on $(SU)"; \
|
||||
chmod 0 $(SU).$(BACKUP); \
|
||||
fi; \
|
||||
echo "Copying OPIE su to $(SU)"; \
|
||||
cp opiesu $(SU); \
|
||||
echo "Changing ownership of $(SU)"; \
|
||||
$(CHOWN) $(OWNER) $(SU); \
|
||||
chgrp $(GROUP) $(SU); \
|
||||
echo "Changing file permissions of $(SU)"; \
|
||||
chmod 4111 $(SU); \
|
||||
fi
|
||||
@if test ! -z $(ALT_SU); \
|
||||
then \
|
||||
if test ! $(EXISTS) $(ALT_SU).$(BACKUP); \
|
||||
then \
|
||||
echo "Renaming existing $(ALT_SU) to $(ALT_SU).$(BACKUP)"; \
|
||||
mv $(ALT_SU) $(ALT_SU).$(BACKUP); \
|
||||
echo "Clearing permissions on $(ALT_SU)"; \
|
||||
chmod 0 $(ALT_SU).$(BACKUP); \
|
||||
fi; \
|
||||
echo "Copying OPIE su to $(ALT_SU)"; \
|
||||
cp opiesu $(ALT_SU); \
|
||||
echo "Changing ownership of $(ALT_SU)"; \
|
||||
$(CHOWN) $(OWNER) $(ALT_SU); \
|
||||
chgrp $(GROUP) $(ALT_SU); \
|
||||
echo "Changing file permissions of $(ALT_SU)"; \
|
||||
chmod 4111 $(ALT_SU); \
|
||||
fi
|
||||
@if test ! -z $(FTPD); \
|
||||
then \
|
||||
if test ! $(EXISTS) $(FTPD).$(BACKUP); \
|
||||
then \
|
||||
echo "Renaming existing $(FTPD) to $(FTPD).$(BACKUP)"; \
|
||||
mv $(FTPD) $(FTPD).$(BACKUP); \
|
||||
echo "Clearing permissions on $(FTPD).$(BACKUP)"; \
|
||||
chmod 0 $(FTPD).$(BACKUP); \
|
||||
fi; \
|
||||
echo "Copying OPIE ftp daemon to $(FTPD)"; \
|
||||
cp opieftpd $(FTPD); \
|
||||
echo "Changing ownership of $(FTPD)"; \
|
||||
$(CHOWN) $(OWNER) $(FTPD); \
|
||||
chgrp $(GROUP) $(FTPD); \
|
||||
echo "Changing file permissions of $(FTPD)"; \
|
||||
chmod 0100 $(FTPD); \
|
||||
fi
|
||||
@echo "Making sure OPIE database file exists";
|
||||
@touch $(KEY_FILE)
|
||||
@echo "Changing permissions of OPIE database file"
|
||||
@chmod 0644 $(KEY_FILE)
|
||||
@ -230,16 +279,18 @@ libmissing/libmissing.a: libmissing/*.c
|
||||
|
||||
clean:
|
||||
-rm -f *.o opiekey opiegen opielogin opiepasswd opiesu opieftpd
|
||||
-rm -f opieserv opieinfo opietest *core* opietest-passed
|
||||
-rm -f opieserv opieinfo opietest opieauto *core* opietest-passed
|
||||
-rm -f Makefile.munge configure.munger y.tab.c .gdb*
|
||||
(cd libopie ; $(MAKE) clean)
|
||||
(cd libmissing ; $(MAKE) clean)
|
||||
|
||||
realclean: clean
|
||||
realclean: distclean
|
||||
|
||||
distclean: clean
|
||||
-rm -f *~ core* "\#*\#" Makefile make.log
|
||||
-rm -f config.log config.status config.cache config.h
|
||||
(cd libopie ; $(MAKE) realclean)
|
||||
(cd libmissing ; $(MAKE) realclean)
|
||||
(cd libopie ; $(MAKE) distclean)
|
||||
(cd libmissing ; $(MAKE) distclean)
|
||||
|
||||
opiekey: opiekey.o $(LDEPS)
|
||||
$(CC) $(CFLAGS) opiekey.o $(LFLAGS) -o opiekey
|
||||
@ -270,3 +321,7 @@ opieinfo: opieinfo.o $(LDEPS)
|
||||
|
||||
opietest: opietest.o $(LDEPS)
|
||||
$(CC) $(CFLAGS) opietest.o $(LFLAGS) -o opietest
|
||||
|
||||
opieauto: opieauto.o $(LDEPS)
|
||||
$(CC) $(CFLAGS) opieauto.o $(LFLAGS) -o opieauto
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
OPIE Software Distribution, Release 2.32 Important Information
|
||||
======================================== =====================
|
||||
OPIE Software Distribution, Release 2.4 Important Information
|
||||
======================================= =====================
|
||||
|
||||
Introduction
|
||||
============
|
||||
@ -75,87 +75,104 @@ original Bellcore S/Key(tm) Version 1 software:
|
||||
A Glance at What's New
|
||||
======================
|
||||
|
||||
2.32 January 1, 1998.
|
||||
2.4 TEST VERSION -- NOT FOR REDISTRIBUTION
|
||||
|
||||
Indicate support for extended responses in challenges and check for
|
||||
such indication before generating any extended responses.
|
||||
Merged in opieauto, which is disabled by default.
|
||||
|
||||
Lots of portability and bug fixes.
|
||||
Lots of documentation updates.
|
||||
|
||||
2.31 March 20, 1997.
|
||||
Portability and bug fixes.
|
||||
|
||||
Removed active attack protection support due to patent problems.
|
||||
2.32 January 1, 1998.
|
||||
|
||||
Moved user locks to a separate directory.
|
||||
Indicate support for extended responses in challenges and check for such
|
||||
indication before generating any extended responses.
|
||||
|
||||
Moved user-serviceable configuration options to the configure script.
|
||||
Lots of portability and bug fixes.
|
||||
|
||||
Lots of portability and bug fixes.
|
||||
2.31 March 20, 1997.
|
||||
|
||||
2.3 September 22, 1996
|
||||
Removed active attack protection support due to patent problems.
|
||||
|
||||
Autoconf is now the only supported configuration method.
|
||||
Removed the supplemental key file; it did more harm than good.
|
||||
|
||||
Lots of internal functions got re-written in ways that will make some
|
||||
Moved user locks to a separate directory.
|
||||
|
||||
Moved user-serviceable configuration options to the configure script.
|
||||
|
||||
Lots of portability and bug fixes.
|
||||
|
||||
2.3 September 22, 1996
|
||||
|
||||
Autoconf is now the only supported configuration method.
|
||||
|
||||
Lots of internal functions got re-written in ways that will make some
|
||||
planned future changes easier.
|
||||
|
||||
OTP extended responses, such as automatic re-initialization.
|
||||
OTP extended responses, such as automatic re-initialization.
|
||||
|
||||
Support for a supplemental key file that stores information that was
|
||||
not in the original /etc/skeykeys file. This allows OPIE to store extra data
|
||||
needed for things like the OTP re-initialization extended response without
|
||||
breaking interoperability with other S/Key derived programs. This file is
|
||||
named "/etc/opiekeys.ext" by default. Unlike the standard key file, it MUST
|
||||
NOT be world readable.
|
||||
Support for a supplemental key file that stores information that was not
|
||||
in the original /etc/skeykeys file. This allows OPIE to store extra data needed
|
||||
for things like the OTP re-initialization extended response without breaking
|
||||
interoperability with other S/Key derived programs. This file is named
|
||||
"/etc/opiekeys.ext" by default. Unlike the standard key file, it MUST NOT be
|
||||
world readable.
|
||||
|
||||
OPIE should better support some of the native "features" of drain
|
||||
bamaged OSs such as AIX, HP-UX, and Solaris.
|
||||
OPIE should better support some of the native "features" of drain bamaged
|
||||
OSs such as AIX, HP-UX, and Solaris.
|
||||
|
||||
OPIE's utmp/wtmp handling has been completely re-written. This should
|
||||
solve many of the utmp/wtmp problems people have been having.
|
||||
OPIE's utmp/wtmp handling has been completely re-written. This should solve
|
||||
many of the utmp/wtmp problems people have been having.
|
||||
|
||||
Lots of cleanups.
|
||||
Lots of cleanups.
|
||||
|
||||
Bug fixes.
|
||||
Bug fixes.
|
||||
|
||||
2.22 May 3, 1996.
|
||||
2.22 May 3, 1996.
|
||||
|
||||
More minor bug fixes. OPIE once again works on Solaris 2.x.
|
||||
More minor bug fixes. OPIE once again works on Solaris 2.x.
|
||||
|
||||
2.21 April 27, 1996.
|
||||
2.21 April 27, 1996.
|
||||
|
||||
Minor bug fixes.
|
||||
Minor bug fixes.
|
||||
|
||||
2.2 April 11, 1996.
|
||||
2.2 April 11, 1996.
|
||||
|
||||
opiesubr.c, opiesubr2.c, and a few other functions moved into
|
||||
a subdirectory and split into files with fine granularity. Ditto with
|
||||
missing function replacements. This subdirectory structure changes a lot
|
||||
of things around and more splitting like this should be expected in the
|
||||
near future.
|
||||
opiesubr.c, opiesubr2.c, and a few other functions moved into a
|
||||
subdirectory and split into files with fine granularity. Ditto with missing
|
||||
function replacements. This subdirectory structure changes a lot of things
|
||||
around and more splitting like this should be expected in the near future.
|
||||
|
||||
Added opiegenerator() library function that should make it very easy
|
||||
to create OTP clients using the OPIE library (this function is subject to
|
||||
change: there are a few problems remaining to be solved). Just about re-write
|
||||
Added opiegenerator() library function that should make it very easy to
|
||||
create OTP clients using the OPIE library (this function is subject to change:
|
||||
there are a few problems remaining to be solved). Just about re-wrote
|
||||
opiegetpass() to use raw I/O and got most of the OPIE programs actually using
|
||||
that function. Autoconf build fixes. Lots of bug fixes. Lots of portability
|
||||
fixes. Function declarations should be ANSI style for ANSI compilers. Several
|
||||
fixes to bring OPIE in line with the latest OTP spec. MJR DES key crunch
|
||||
fixes to bring OPIE in line with the latest OTP spec. MJR DES key crunch
|
||||
de-implemented.
|
||||
|
||||
Added sample programs: opiegen (client) and opieserv (server).
|
||||
Added sample programs: opiegen (client) and opieserv (server).
|
||||
|
||||
Probably broke non-autoconf support along the way :(. I've tried to
|
||||
bring this back in sync, but it may still be broken.
|
||||
Probably broke non-autoconf support along the way :(. I've tried to bring
|
||||
this back in sync, but it may still be broken.
|
||||
|
||||
2.11 December 27, 1995.
|
||||
2.11 December 27, 1995.
|
||||
|
||||
Minor bug fixes.
|
||||
Minor bug fixes.
|
||||
|
||||
2.10 December 26, 1995.
|
||||
2.10 December 26, 1995.
|
||||
|
||||
Optional autoconf support. opieinfo is now a normal program.
|
||||
Bugs fixed -- should work much better on SunOS, HP-UX, and AIX.
|
||||
Optional autoconf support. opieinfo is now a normal program. Bugs fixed --
|
||||
should work much better on SunOS, HP-UX, and AIX.
|
||||
|
||||
2.01 -- 2.04
|
||||
|
||||
Bug fix releases.
|
||||
|
||||
2.00
|
||||
|
||||
Initial release of OPIE 2.0.
|
||||
|
||||
System Requirements
|
||||
===================
|
||||
@ -177,12 +194,15 @@ OPIE code.
|
||||
If OPIE Doesn't Work
|
||||
====================
|
||||
|
||||
First and foremost, make sure you have the latest version of OPIE. The
|
||||
latest version is available by anonymous FTP at:
|
||||
Under NO circumstances should you send trouble reports directly to the
|
||||
authors or contributors. They WILL BE IGNORED.
|
||||
|
||||
ftp://ftp.nrl.navy.mil/pub/security/opie
|
||||
and
|
||||
ftp://ftp.inner.net/pub/opie
|
||||
Make sure you have the latest version of OPIE. The latest version is
|
||||
available by HTTP at:
|
||||
|
||||
http://www.inner.net/pub/opie
|
||||
|
||||
(sorry, but anonymous FTP is no longer available)
|
||||
|
||||
If you have installed the OPIE software (either through "make test"
|
||||
in (7) above or "make install" in (14)), you can run "make uninstall" from the
|
||||
@ -194,7 +214,8 @@ installation procedure itself did not work properly.
|
||||
If you are running a release version, try installing the latest public
|
||||
test version (look around). These frequently have already fixed the problem
|
||||
you are seeing, but may have new problems of their own (that's why they're
|
||||
test versions!).
|
||||
test versions!). Similarly, if you are running a test version, try installing
|
||||
the latest released version.
|
||||
|
||||
OPIE is NOT supported software. We don't promise to support you or
|
||||
even to acknowledge your mail, but we are interested in bug reports and are
|
||||
@ -233,7 +254,7 @@ Gotchas
|
||||
=======
|
||||
|
||||
Solaris 2.x is just a lose. It does a lot of nonstandard and downright
|
||||
broken things. If you want OPIE to be reliable on your box, upgrade to NetBSD
|
||||
broken things. If you want OPIE to be reliable on your box, upgrade to OpenBSD
|
||||
or Linux.
|
||||
|
||||
While an almost universal "feature", most people remain unaware that
|
||||
@ -342,6 +363,25 @@ it puts them. The lock file directory must be a directory used only for OPIE
|
||||
lock files. It must be a directory, owned by the superuser, and must be mode
|
||||
0700.
|
||||
|
||||
opieauto is a potential security hole. It opens a limited window of
|
||||
exposure by transmitting and storing information that can be used to
|
||||
generate one or more OTPs earlier than the current sequence number. Every
|
||||
effort has been made to limit the potential for compromise to the user-
|
||||
specified window. However, an attacker with superuser priveleges or access to
|
||||
your account on the client system can still generate OTPs based on the
|
||||
information cached via opieauto. In practice, there are other ways for such an
|
||||
an attacker to get your entire secret pass phrase, so this is probably not
|
||||
creating a significant new security problem. However, because of this
|
||||
potential for problems and because opieauto uses system features that are not
|
||||
present on all systems, opieauto support is not compiled in by default and
|
||||
must be specifically enabled at compile time.
|
||||
|
||||
Many users are running OPIE with the key file on a shared NFS volume
|
||||
in order to use OTP as a single-login system for a cluster of machines. OPIE
|
||||
was NOT designed to be operated this way, though it does seem to work. If it
|
||||
fails or if this proves insecure, this is not OPIE's fault. Note that, if you
|
||||
do this, you probably want to share the OPIE lock files too.
|
||||
|
||||
Gripes
|
||||
======
|
||||
|
||||
@ -355,14 +395,12 @@ are complying to some or other "standard." My (cmetz) conclusion is that the
|
||||
only thing that is standard about utmp and wtmp handling is that it will be
|
||||
nonstandard on any given system. I've tried a lot of things and I've wasted
|
||||
*a lot* of time on trying to make utmp and wtmp handling work for everybody;
|
||||
my conclusion is that it will never happen. I personally am willing to stand
|
||||
behind the code for utmp/wtmp handling on reasonable Linux and 4.4BSD-Lite
|
||||
systems. If it breaks, tell me and I will fix it. While I am still interested
|
||||
in hearing about fixes for other OSs, I'm not likely to go out of my way to fix
|
||||
utmp/wtmp handling on them. If you want it fixed, the best way to do it is to
|
||||
fix it yourself and give me a patch. As long as the patch is reasonable, I'll
|
||||
include it in the next release. If you can't wait, use the --disable-utmp
|
||||
option.
|
||||
my conclusion is that it will never happen. While I am still interested in
|
||||
hearing about fixes for utmp/wtmp on systems where they don't work, I'm not
|
||||
likely to go out of my way to fix utmp/wtmp handling. If you want it fixed,
|
||||
the best way to do it is to fix it yourself and contribute a patch. As long as
|
||||
the patch is reasonable, it will be included in the next release. If you can't
|
||||
wait, use the --disable-utmp option.
|
||||
|
||||
Credits
|
||||
=======
|
||||
@ -396,23 +434,29 @@ community effort. These contributors include:
|
||||
Mowgli Assor
|
||||
Lawrie Brown
|
||||
Andrew Davis
|
||||
Taso N. Devetzis
|
||||
Carson Gaspar
|
||||
Dennis Glatting
|
||||
Ben Golding
|
||||
Axel Grewe
|
||||
"Hobbit"
|
||||
Kojima Hajime
|
||||
Darren Hosking
|
||||
Matt Hucke
|
||||
Matt Hucke
|
||||
Kenji Kamizono
|
||||
Charles Karney
|
||||
Jeff Kletsky
|
||||
Peter Koch
|
||||
Martijn Koster
|
||||
Osamu Kurati
|
||||
Ayamura Kikuchi
|
||||
Ronald van der Meer
|
||||
Bret Musser
|
||||
Hiroshi Nakano
|
||||
Ikuo Nakagawa
|
||||
Angelo Neri
|
||||
C. R. Oldham
|
||||
Ossama Othman
|
||||
D. Jason Penney
|
||||
John Perkins
|
||||
Steve Price
|
||||
@ -429,7 +473,7 @@ City, Virginia.
|
||||
|
||||
If you have problems with OPIE, please follow the instructions under
|
||||
"If OPIE Doesn't Work." Under NO circumstances should you send trouble
|
||||
reports directly to the authors or contributors.
|
||||
reports directly to the authors or contributors. They WILL BE IGNORED.
|
||||
|
||||
Trademarks
|
||||
==========
|
||||
@ -440,12 +484,12 @@ NRL is a trademark of the U. S. Naval Research Laboratory.
|
||||
All other trademarks are trademarks of their respective owners.
|
||||
|
||||
The term "OPIE" is in the public domain and hence cannot be legally
|
||||
trademarked by anyone.
|
||||
trademarked by anyone. Please do not abuse it.
|
||||
|
||||
Copyrights
|
||||
==========
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* acconfig.h: Extra commentary for Autoheader
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -117,6 +117,15 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
/* Define if there is a ut_host field in struct utmp */
|
||||
#undef HAVE_UT_HOST
|
||||
|
||||
/* Define if there is a ut_id field in struct utmp */
|
||||
#undef HAVE_UT_ID
|
||||
|
||||
/* Define if there is a ut_syslen field in struct utmp */
|
||||
#undef HAVE_UT_SYSLEN
|
||||
|
||||
/* Define if there is a utx_syslen field in struct utmpx */
|
||||
#undef HAVE_UTX_SYSLEN
|
||||
|
||||
/* Define if the system has getutline() */
|
||||
#undef HAVE_GETUTLINE
|
||||
|
||||
@ -149,3 +158,69 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
/* Defined if user locking is to be used */
|
||||
#undef USER_LOCKING
|
||||
|
||||
/* Defined if opieauto is to be used */
|
||||
#undef OPIEAUTO
|
||||
|
||||
/* Define if you have the atexit function. */
|
||||
#undef HAVE_ATEXIT
|
||||
|
||||
/* Define if you have the endutent function. */
|
||||
#undef HAVE_ENDUTENT
|
||||
|
||||
/* Define if you have the initgroups function. */
|
||||
#undef HAVE_INITGROUPS
|
||||
|
||||
/* Define if you have the memcmp function. */
|
||||
#undef HAVE_MEMCMP
|
||||
|
||||
/* Define if you have the memcpy function. */
|
||||
#undef HAVE_MEMCPY
|
||||
|
||||
/* Define if you have the memset function. */
|
||||
#undef HAVE_MEMSET
|
||||
|
||||
/* Define if you have the getcwd function. */
|
||||
#undef HAVE_GETCWD
|
||||
|
||||
/* Define if you have the getenv function. */
|
||||
#undef HAVE_GETENV
|
||||
|
||||
/* Define if you have the getutline function. */
|
||||
#undef HAVE_GETUTLINE
|
||||
|
||||
/* Define if you have the pututline function. */
|
||||
#undef HAVE_PUTUTLINE
|
||||
|
||||
/* Define if you have the setenv function. */
|
||||
#undef HAVE_SETENV
|
||||
|
||||
/* Define if you have the setegid function. */
|
||||
#undef HAVE_SETEGID
|
||||
|
||||
/* Define if you have the seteuid function. */
|
||||
#undef HAVE_SETEUID
|
||||
|
||||
/* Define if you have the setutent function. */
|
||||
#undef HAVE_SETUTENT
|
||||
|
||||
/* Define if you have the sigprocmask function. */
|
||||
#undef HAVE_SIGPROCMASK
|
||||
|
||||
/* Define if you have the strchr function. */
|
||||
#undef HAVE_STRCHR
|
||||
|
||||
/* Define if you have the strrchr function. */
|
||||
#undef HAVE_STRRCHR
|
||||
|
||||
/* Define if you have the strtoul function. */
|
||||
#undef HAVE_STRTOUL
|
||||
|
||||
/* Define if you have the sysconf function. */
|
||||
#undef HAVE_SYSCONF
|
||||
|
||||
/* Define if you have the uname function. */
|
||||
#undef HAVE_UNAME
|
||||
|
||||
/* Define if you have the unsetenv function. */
|
||||
#undef HAVE_UNSETENV
|
||||
|
@ -149,6 +149,12 @@
|
||||
/* Define if there is a ut_host field in struct utmp */
|
||||
#undef HAVE_UT_HOST
|
||||
|
||||
/* Define if there is a ut_id field in struct utmp */
|
||||
#undef HAVE_UT_ID
|
||||
|
||||
/* Define if there is a utx_syslen field in struct utmpx */
|
||||
#undef HAVE_UTX_SYSLEN
|
||||
|
||||
/* Define if the system has getutline() */
|
||||
#undef HAVE_GETUTLINE
|
||||
|
||||
@ -158,6 +164,9 @@
|
||||
/* Defined if you want to disable utmp support */
|
||||
#undef DISABLE_UTMP
|
||||
|
||||
/* Defined if you want to disable wtmp support */
|
||||
#undef DISABLE_WTMP
|
||||
|
||||
/* Defined if you want to allow users to override the insecure checks */
|
||||
#undef INSECURE_OVERRIDE
|
||||
|
||||
@ -176,6 +185,72 @@
|
||||
/* Defined if su should not switch to disabled accounts */
|
||||
#undef SU_STAR_CHECK
|
||||
|
||||
/* Defined if opieauto is to be used */
|
||||
#undef OPIEAUTO
|
||||
|
||||
/* Define if you have the atexit function. */
|
||||
#undef HAVE_ATEXIT
|
||||
|
||||
/* Define if you have the endutent function. */
|
||||
#undef HAVE_ENDUTENT
|
||||
|
||||
/* Define if you have the initgroups function. */
|
||||
#undef HAVE_INITGROUPS
|
||||
|
||||
/* Define if you have the memcmp function. */
|
||||
#undef HAVE_MEMCMP
|
||||
|
||||
/* Define if you have the memcpy function. */
|
||||
#undef HAVE_MEMCPY
|
||||
|
||||
/* Define if you have the memset function. */
|
||||
#undef HAVE_MEMSET
|
||||
|
||||
/* Define if you have the getcwd function. */
|
||||
#undef HAVE_GETCWD
|
||||
|
||||
/* Define if you have the getenv function. */
|
||||
#undef HAVE_GETENV
|
||||
|
||||
/* Define if you have the getutline function. */
|
||||
#undef HAVE_GETUTLINE
|
||||
|
||||
/* Define if you have the pututline function. */
|
||||
#undef HAVE_PUTUTLINE
|
||||
|
||||
/* Define if you have the setenv function. */
|
||||
#undef HAVE_SETENV
|
||||
|
||||
/* Define if you have the setegid function. */
|
||||
#undef HAVE_SETEGID
|
||||
|
||||
/* Define if you have the seteuid function. */
|
||||
#undef HAVE_SETEUID
|
||||
|
||||
/* Define if you have the setutent function. */
|
||||
#undef HAVE_SETUTENT
|
||||
|
||||
/* Define if you have the sigprocmask function. */
|
||||
#undef HAVE_SIGPROCMASK
|
||||
|
||||
/* Define if you have the strchr function. */
|
||||
#undef HAVE_STRCHR
|
||||
|
||||
/* Define if you have the strrchr function. */
|
||||
#undef HAVE_STRRCHR
|
||||
|
||||
/* Define if you have the strtoul function. */
|
||||
#undef HAVE_STRTOUL
|
||||
|
||||
/* Define if you have the sysconf function. */
|
||||
#undef HAVE_SYSCONF
|
||||
|
||||
/* Define if you have the uname function. */
|
||||
#undef HAVE_UNAME
|
||||
|
||||
/* Define if you have the unsetenv function. */
|
||||
#undef HAVE_UNSETENV
|
||||
|
||||
/* Define if you have the bcopy function. */
|
||||
#undef HAVE_BCOPY
|
||||
|
||||
|
945
contrib/opie/configure
vendored
945
contrib/opie/configure
vendored
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
||||
dnl configure.in: Input for Autoconf
|
||||
dnl
|
||||
dnl %%% portions-copyright-cmetz-96
|
||||
dnl Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
dnl Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
dnl Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
dnl the software.
|
||||
dnl You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,11 @@ dnl License Agreement applies to this software.
|
||||
dnl
|
||||
dnl History:
|
||||
dnl
|
||||
dnl Modified by cmetz for OPIE 2.4. Add --enable-opieauto option. Check
|
||||
dnl for ut_id and ut_syslen. Make disable-wtmp disable wtmp not utmp.
|
||||
dnl Define HAVE_foo if foo is found by the libmissing function check.
|
||||
dnl Added checks for libmissing functions that were there but never
|
||||
dnl actually checked for and therefore available.
|
||||
dnl Modified by cmetz for OPIE 2.32. Substitute default for LOCK_DIR.
|
||||
dnl Fix the --disable-user-locking bug. AC_DEFINE variables to 1.
|
||||
dnl Really check for ut_host.
|
||||
@ -72,9 +77,11 @@ AC_ARG_ENABLE(su-star-check, [ --enable-su-star-check Refuse to switch to disa
|
||||
AC_ARG_ENABLE(new-prompts, [ --disable-new-prompts Use more compatible (but less informative) prompts],, AC_DEFINE(NEW_PROMPTS, 1))
|
||||
AC_ARG_ENABLE(insecure-override, [ --enable-insecure-override
|
||||
Allow users to override insecure checks], AC_DEFINE(INSECURE_OVERRIDE, 1))
|
||||
AC_ARG_ENABLE(anonymous-ftp, [ --enable-anonymous-ftp Enable anonymous FTP support], AC_DEFINE(DOANONYMOUS, 1) echo "Enabling anonymous FTP support in ftp -- don't say we didn't warn you!")
|
||||
AC_ARG_ENABLE(utmp, [ --disable-utmp Disable utmp logging], AC_DEFINE(DISABLE_UTMP, 1) echo "Disabling utmp logging")
|
||||
AC_ARG_ENABLE(wtmp, [ --disable-wtmp Disable wtmp logging], AC_DEFINE(DISABLE_UTMP, 1) echo "Disabling wtmp logging")
|
||||
AC_ARG_ENABLE(anonymous-ftp, [ --enable-anonymous-ftp Enable anonymous FTP support], AC_DEFINE(DOANONYMOUS, 1) echo "enabling anonymous FTP support in ftp -- don't say we didn't warn you!")
|
||||
AC_ARG_ENABLE(utmp, [ --disable-utmp Disable utmp logging], AC_DEFINE(DISABLE_UTMP, 1) echo "disabling utmp logging")
|
||||
AC_ARG_ENABLE(wtmp, [ --disable-wtmp Disable wtmp logging], AC_DEFINE(DISABLE_WTMP, 1) echo "disabling wtmp logging")
|
||||
AC_ARG_ENABLE(opieauto, [ --enable-opieauto Enable support for opieauto], AC_DEFINE(OPIEAUTO, 1) OPIEAUTO=opieauto; echo "enabling opieauto support")
|
||||
AC_SUBST(OPIEAUTO)
|
||||
|
||||
dnl Checks for programs.
|
||||
AC_PROG_CC
|
||||
@ -484,6 +491,15 @@ dnl #include <utmp.h>], [struct utmp foo; return (int)foo.ut_user[0];], AC_DEFIN
|
||||
AC_MSG_CHECKING(for ut_host in struct utmp)
|
||||
AC_TRY_COMPILE([#include <sys/types.h>
|
||||
#include <utmp.h>], [struct utmp foo; return (int)foo.ut_host[0];], AC_DEFINE(HAVE_UT_HOST) AC_MSG_RESULT(yes), AC_MSG_RESULT(no))
|
||||
AC_MSG_CHECKING(for ut_id in struct utmp)
|
||||
AC_TRY_COMPILE([#include <sys/types.h>
|
||||
#include <utmp.h>], [struct utmp foo; return (int)foo.ut_id[0];], AC_DEFINE(HAVE_UT_ID) AC_MSG_RESULT(yes), AC_MSG_RESULT(no))
|
||||
#AC_MSG_CHECKING(for ut_syslen in struct utmp)
|
||||
#AC_TRY_COMPILE([#include <sys/types.h>
|
||||
##include <utmp.h>], [struct utmp foo; return (int)foo.ut_syslen;], AC_DEFINE(HAVE_UT_SYSLEN) AC_MSG_RESULT(yes), AC_MSG_RESULT(no))
|
||||
AC_MSG_CHECKING(for ut_syslen in struct utmpx)
|
||||
AC_TRY_COMPILE([#include <sys/types.h>
|
||||
#include <utmpx.h>], [struct utmpx foo; return (int)foo.ut_syslen;], AC_DEFINE(HAVE_UTX_SYSLEN) AC_MSG_RESULT(yes), AC_MSG_RESULT(no))
|
||||
|
||||
dnl Checks for library functions.
|
||||
dnl AC_PROG_GCC_TRADITIONAL
|
||||
@ -495,25 +511,29 @@ AC_FUNC_MEMCMP
|
||||
AC_FUNC_ALLOCA
|
||||
AC_REPLACE_FUNCS(getusershell sigaddset sigemptyset strerror strncasecmp)
|
||||
MISSING="$LIBOBJS $ALLOCA " ;
|
||||
AC_CHECK_FUNC(atexit,, MISSING="${MISSING}atexit.o "; AC_CHECK_FUNCS(on_exit))
|
||||
AC_CHECK_FUNC(endutent,, MISSING="${MISSING}endutent.o ")
|
||||
AC_CHECK_FUNC(memcpy,, MISSING="${MISSING}memcpy.o "; AC_CHECK_FUNCS(bcopy))
|
||||
AC_CHECK_FUNC(memset,, MISSING="${MISSING}memset.o "; AC_CHECK_FUNCS(bzero))
|
||||
AC_CHECK_FUNC(getcwd,, MISSING="${MISSING}getcwd.o "; AC_CHECK_FUNCS(getwd))
|
||||
AC_CHECK_FUNC(getenv, AC_DEFINE(HAVE_GETENV), MISSING="${MISSING}env.o ")
|
||||
AC_CHECK_FUNC(getutline, AC_DEFINE(HAVE_GETUTLINE), MISSING="${MISSING}getutline.o "; AC_CHECK_FUNCS(ttyslot))
|
||||
AC_CHECK_FUNC(pututline,, MISSING="${MISSING}pututline.o "; AC_CHECK_FUNCS(ttyslot))
|
||||
AC_CHECK_FUNC(setenv, AC_DEFINE(HAVE_SETENV), MISSING="${MISSING}env.o ")
|
||||
AC_CHECK_FUNC(setegid,, MISSING="${MISSING}setegid.o "; AC_CHECK_FUNCS(setregid setresgid))
|
||||
AC_CHECK_FUNC(seteuid,, MISSING="${MISSING}seteuid.o "; AC_CHECK_FUNCS(setreuid setresuid))
|
||||
AC_CHECK_FUNC(setutent,, MISSING="${MISSING}setutent.o ")
|
||||
AC_CHECK_FUNC(sigprocmask,, MISSING="${MISSING}sigprocmask.o "; AC_CHECK_FUNCS(sigblock sigsetmask))
|
||||
AC_CHECK_FUNC(strchr,, MISSING="${MISSING}strchr.o "; AC_CHECK_FUNCS(index))
|
||||
AC_CHECK_FUNC(strrchr,, MISSING="${MISSING}strrchr.o "; AC_CHECK_FUNCS(rindex))
|
||||
AC_CHECK_FUNC(strtoul,, MISSING="${MISSING}strtoul.o ")
|
||||
AC_CHECK_FUNC(sysconf,, MISSING="${MISSING}sysconf.o "; AC_CHECK_FUNCS(getdtablesize))
|
||||
AC_CHECK_FUNC(uname,, MISSING="${MISSING}uname.o "; AC_CHECK_FUNCS(gethostname))
|
||||
AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV), MISSING="${MISSING}env.o ")
|
||||
|
||||
dnl These should be simplified by a macro
|
||||
AC_CHECK_FUNC(atexit, AC_DEFINE(HAVE_ATEXIT), MISSING="${MISSING}atexit.o "; AC_CHECK_FUNCS(on_exit))
|
||||
AC_CHECK_FUNC(endutent, AC_DEFINE(HAVE_ENDUTENT), MISSING="${MISSING}endutent.o ")
|
||||
AC_CHECK_FUNC(initgroups, AC_DEFINE(HAVE_INITGROUPS), MISSING="${MISSING}initgroups.o ")
|
||||
AC_CHECK_FUNC(memcmp, AC_DEFINE(HAVE_MEMCMP), MISSING="${MISSING}memcmp.o ")
|
||||
AC_CHECK_FUNC(memcpy, AC_DEFINE(HAVE_MEMCPY), MISSING="${MISSING}memcpy.o "; AC_CHECK_FUNCS(bcopy))
|
||||
AC_CHECK_FUNC(memset, AC_DEFINE(HAVE_MEMSET), MISSING="${MISSING}memset.o "; AC_CHECK_FUNCS(bzero))
|
||||
AC_CHECK_FUNC(getcwd, AC_DEFINE(HAVE_GETCWD), MISSING="${MISSING}getcwd.o "; AC_CHECK_FUNCS(getwd))
|
||||
AC_CHECK_FUNC(getenv, AC_DEFINE(HAVE_GETENV), MISSING="${MISSING}env.o ")
|
||||
AC_CHECK_FUNC(getutline, AC_DEFINE(HAVE_GETUTLINE), MISSING="${MISSING}getutline.o "; AC_CHECK_FUNCS(ttyslot))
|
||||
AC_CHECK_FUNC(pututline, AC_DEFINE(HAVE_PUTUTLINE), MISSING="${MISSING}pututline.o "; AC_CHECK_FUNCS(ttyslot))
|
||||
AC_CHECK_FUNC(setenv, AC_DEFINE(HAVE_SETENV), MISSING="${MISSING}env.o ")
|
||||
AC_CHECK_FUNC(setegid, AC_DEFINE(HAVE_SETEGID), MISSING="${MISSING}setegid.o "; AC_CHECK_FUNCS(setregid setresgid))
|
||||
AC_CHECK_FUNC(seteuid, AC_DEFINE(HAVE_SETEUID), MISSING="${MISSING}seteuid.o "; AC_CHECK_FUNCS(setreuid setresuid))
|
||||
AC_CHECK_FUNC(setutent, AC_DEFINE(HAVE_SETUTENT), MISSING="${MISSING}setutent.o ")
|
||||
AC_CHECK_FUNC(sigprocmask, AC_DEFINE(HAVE_SIGPROCMASK), MISSING="${MISSING}sigprocmask.o "; AC_CHECK_FUNCS(sigblock sigsetmask))
|
||||
AC_CHECK_FUNC(strchr, AC_DEFINE(HAVE_STRCHR), MISSING="${MISSING}strchr.o "; AC_CHECK_FUNCS(index))
|
||||
AC_CHECK_FUNC(strrchr, AC_DEFINE(HAVE_STRRCHR), MISSING="${MISSING}strrchr.o "; AC_CHECK_FUNCS(rindex))
|
||||
AC_CHECK_FUNC(strtoul, AC_DEFINE(HAVE_STRTOUL), MISSING="${MISSING}strtoul.o ")
|
||||
AC_CHECK_FUNC(sysconf, AC_DEFINE(HAVE_SYSCONF), MISSING="${MISSING}sysconf.o "; AC_CHECK_FUNCS(getdtablesize))
|
||||
AC_CHECK_FUNC(uname, AC_DEFINE(HAVE_UNAME), MISSING="${MISSING}uname.o "; AC_CHECK_FUNCS(gethostname))
|
||||
AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV), MISSING="${MISSING}env.o ")
|
||||
AC_SUBST(MISSING)
|
||||
|
||||
AC_MSG_CHECKING(for nonstandard gettimeofday)
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* glob.c: The csh et al glob pattern matching routines.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
|
@ -2,29 +2,33 @@
|
||||
# Makefile.in/Makefile: Directions for building libmissing.
|
||||
#
|
||||
# %%% copyright-cmetz-96
|
||||
# This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
# The Inner Net License Version 2 applies to this software.
|
||||
# This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
# The Inner Net License Version 3 applies to this software.
|
||||
# You should have received a copy of the license with this software. If
|
||||
# you didn't get a copy, you may request one from <license@inner.net>.
|
||||
#
|
||||
# History:
|
||||
#
|
||||
# Modified by cmetz for OPIE 2.4. Add current dir to include header path.
|
||||
# Use ar 'cr' instead of 'r'. Renamed realclean to distclean.
|
||||
# Created by cmetz for OPIE 2.3 using old Makefiles as a guide.
|
||||
|
||||
OBJS=bogus.o @MISSING@
|
||||
|
||||
CC=@CC@
|
||||
CFLAGS=$(CFL) -I..
|
||||
CFLAGS=$(CFL) -I.. -I.
|
||||
TARGET=libmissing.a
|
||||
|
||||
all: $(TARGET)
|
||||
|
||||
$(TARGET): $(OBJS)
|
||||
ar r $(TARGET) $(OBJS)
|
||||
ar cr $(TARGET) $(OBJS)
|
||||
@RANLIB@ $(TARGET)
|
||||
|
||||
clean:
|
||||
-rm -f $(OBJS) $(TARGET)
|
||||
|
||||
realclean: clean
|
||||
realclean: distclean
|
||||
|
||||
distclean: clean
|
||||
-rm -f *~ core* "\#*\#" *.o *.a Makefile
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* endutent.c: A replacement for the endutent function
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* getutline.c: A replacement for the getutline() function
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* pututline.c: A replacement for the pututline() function
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* setutent.c: A replacement for the setutent function
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
|
@ -2,30 +2,34 @@
|
||||
# Makefile.in/Makefile: Directions for building libopie.
|
||||
#
|
||||
# %%% copyright-cmetz-96
|
||||
# This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
# The Inner Net License Version 2 applies to this software.
|
||||
# This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
# The Inner Net License Version 3 applies to this software.
|
||||
# You should have received a copy of the license with this software. If
|
||||
# you didn't get a copy, you may request one from <license@inner.net>.
|
||||
#
|
||||
# History:
|
||||
#
|
||||
# Modified by cmetz for OPIE 2.4. Add libmissing to include header path.
|
||||
# Use ar 'cr' instead of 'r'. Renamed realclean to distclean.
|
||||
# Modified by cmetz for OPIE 2.31. Added logwtmp.o
|
||||
# Created by cmetz for OPIE 2.3 using old Makefiles as a guide.
|
||||
|
||||
OBJS=md4c.o md5c.o atob8.o btoa8.o btoh.o challenge.o getsequence.o hash.o hashlen.o keycrunch.o lock.o lookup.o newseed.o parsechallenge.o passcheck.o passwd.o randomchallenge.o readpass.o unlock.o verify.o version.o btoe.o accessfile.o generator.o insecure.o getutmpentry.o readrec.o writerec.o login.o open.o logwtmp.o # sha.o
|
||||
|
||||
CC=@CC@
|
||||
CFLAGS=$(CFL) -I..
|
||||
CFLAGS=$(CFL) -I.. -I../libmissing
|
||||
TARGET=libopie.a
|
||||
|
||||
all: $(TARGET)
|
||||
|
||||
$(TARGET): $(OBJS)
|
||||
ar r $(TARGET) $(OBJS)
|
||||
ar cr $(TARGET) $(OBJS)
|
||||
@RANLIB@ $(TARGET)
|
||||
|
||||
clean:
|
||||
-rm -f $(OBJS) $(TARGET)
|
||||
|
||||
realclean: clean
|
||||
realclean: distclean
|
||||
|
||||
distclean: clean
|
||||
-rm -f *~ core* "\#*\#" *.o *.a Makefile
|
||||
|
@ -2,7 +2,7 @@
|
||||
overrides.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* atob8.c: The opieatob8() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,7 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg.
|
||||
Modified by cmetz for OPIE 2.3. Return the output variable.
|
||||
Don't check parameters.
|
||||
Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
|
||||
@ -27,10 +28,11 @@ License Agreement applies to this software.
|
||||
|
||||
/* Convert 8-byte hex-ascii string to binary array
|
||||
*/
|
||||
char *opieatob8 FUNCTION((out, in), char *out AND char *in)
|
||||
char *opieatob8 FUNCTION((out, in), struct opie_otpkey *outkey AND char *in)
|
||||
{
|
||||
register int i;
|
||||
register int val;
|
||||
unsigned char *out = (unsigned char *)outkey;
|
||||
|
||||
for (i = 0; i < 8; i++) {
|
||||
while (*in == ' ' || *in == '\t')
|
||||
|
@ -1,13 +1,14 @@
|
||||
/* btoa8.c: The opiebtoa8() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg.
|
||||
Created by cmetz for OPIE 2.3 (quick re-write).
|
||||
*/
|
||||
|
||||
@ -17,9 +18,10 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
static char hextochar[16] =
|
||||
{'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
|
||||
|
||||
char *opiebtoa8 FUNCTION((out, in), char *out AND char *in)
|
||||
char *opiebtoa8 FUNCTION((out, in), char *out AND struct opie_otpkey *inkey)
|
||||
{
|
||||
int i;
|
||||
unsigned char *in = (unsigned char *)inkey;
|
||||
char *c = out;
|
||||
|
||||
for (i = 0; i < 8; i++) {
|
||||
|
@ -3,7 +3,7 @@
|
||||
64 bit OTP.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -16,6 +16,7 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for binary arg.
|
||||
Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
|
||||
Remove unnecessary address futzing with Wp in opiebtoe.
|
||||
Changed unsigned long to UINT4 for Alpha.
|
||||
@ -2088,13 +2089,13 @@ static char Wp[2048][4] =
|
||||
};
|
||||
|
||||
/* Encode 8 bytes in 'c' as a string of English words. */
|
||||
char *opiebtoe FUNCTION((engout, c), char *engout AND char *c)
|
||||
char *opiebtoe FUNCTION((engout, c), char *engout AND struct opie_otpkey *c)
|
||||
{
|
||||
char cp[9]; /* add in room for the parity 2 bits */
|
||||
char cp[sizeof(struct opie_otpkey) + 1]; /* add in room for the parity 2 bits */
|
||||
int p, i;
|
||||
|
||||
engout[0] = '\0';
|
||||
memcpy(cp, c, 8);
|
||||
memcpy(cp, c, sizeof(struct opie_otpkey));
|
||||
/* compute parity */
|
||||
for (p = 0, i = 0; i < 64; i += 2)
|
||||
p += extract(cp, i, 2);
|
||||
@ -2120,7 +2121,7 @@ char *opiebtoe FUNCTION((engout, c), char *engout AND char *c)
|
||||
* -1 badly formed in put ie > 4 char word
|
||||
* -2 words OK but parity is wrong
|
||||
*/
|
||||
int opieetob FUNCTION((out, e), char *out AND char *e)
|
||||
int opieetob FUNCTION((out, e), struct opie_otpkey *out AND char *e)
|
||||
{
|
||||
char *word, *c, *input, b[9];
|
||||
int i, p, v, l, low, high, rval = -1;
|
||||
@ -2137,7 +2138,7 @@ int opieetob FUNCTION((out, e), char *out AND char *e)
|
||||
strncpy(input, e, i);
|
||||
input[i] = 0;
|
||||
memset(b, 0, sizeof(b));
|
||||
memset(out, 0, 8);
|
||||
memset(out, 0, sizeof(struct opie_otpkey));
|
||||
|
||||
for (i = 0, p = 0, word = c = input; i < 6; i++, p += 11) {
|
||||
while (*c && !isalpha(*c)) c++;
|
||||
@ -2187,7 +2188,7 @@ int opieetob FUNCTION((out, e), char *out AND char *e)
|
||||
goto opiebtoeret;
|
||||
}
|
||||
|
||||
memcpy(out, b, 8);
|
||||
memcpy(out, b, sizeof(struct opie_otpkey));
|
||||
|
||||
rval = 1;
|
||||
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* btoh.c: The opiebtoh() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
@ -17,10 +17,11 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
static char hextochar[16] =
|
||||
{'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'};
|
||||
|
||||
char *opiebtoh FUNCTION((out, in), char *out AND char *in)
|
||||
char *opiebtoh FUNCTION((out, in), char *out AND struct opie_otpkey *inkey)
|
||||
{
|
||||
int i;
|
||||
char *c = out;
|
||||
unsigned char *in = (unsigned char *)inkey;
|
||||
|
||||
for (i = 0; i < 4; i++) {
|
||||
*(c++) = hextochar[((*in) >> 4) & 0x0f];
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* getsequence.c: The opiegetsequence() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* getutmpentry.c: The __opiegetutmpentry() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
|
@ -1,13 +1,14 @@
|
||||
/* keycrunch.c: The opiekeycrunch() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for arg.
|
||||
Created by cmetz for OPIE 2.3 using the old keycrunch.c as a guide.
|
||||
*/
|
||||
|
||||
@ -23,7 +24,8 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
#include "opie.h"
|
||||
|
||||
int opiekeycrunch FUNCTION((algorithm, result, seed, secret), int algorithm AND char *result AND char *seed AND char *secret)
|
||||
int opiekeycrunch FUNCTION((algorithm, result, seed, secret), int algorithm AND
|
||||
struct opie_otpkey *result AND char *seed AND char *secret)
|
||||
{
|
||||
int i, rval = -1;
|
||||
char *c;
|
||||
|
@ -1,13 +1,15 @@
|
||||
/* login.c: The opielogin() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Add support for ut_id and
|
||||
ut_syslen. Don't zero-terminate ut_name and ut_host.
|
||||
Modified by cmetz for OPIE 2.31. If the OS won't tell us where
|
||||
_PATH_WTMP[X] is, try playing the SVID game, then use
|
||||
Autoconf-discovered values. Fixed gettimeofday() call
|
||||
@ -38,12 +40,15 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
#endif /* DEBUG */
|
||||
#include "opie.h"
|
||||
|
||||
#define IDLEN 4
|
||||
|
||||
int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *host)
|
||||
{
|
||||
struct utmp u;
|
||||
int rval = 0;
|
||||
|
||||
#if !DISABLE_UTMP
|
||||
struct utmp u;
|
||||
char id[IDLEN + 1] = "";
|
||||
|
||||
if (__opiegetutmpentry(line, &u)) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "opielogin: __opiegetutmpentry(line=%s, &u) failed", line);
|
||||
@ -58,6 +63,11 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
|
||||
#endif /* DEBUG */
|
||||
}
|
||||
|
||||
#if DOUTMPX || HAVE_UT_ID
|
||||
strncpy(id, u.ut_id, sizeof(u.ut_id));
|
||||
id[sizeof(id)-1] = 0;
|
||||
#endif /* DOUTMPX || HAVE_UT_ID */
|
||||
|
||||
#if HAVE_UT_TYPE && defined(USER_PROCESS)
|
||||
u.ut_type = USER_PROCESS;
|
||||
#endif /* HAVE_UT_TYPE && defined(USER_PROCESS) */
|
||||
@ -67,15 +77,16 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
|
||||
|
||||
#if HAVE_UT_NAME
|
||||
strncpy(u.ut_name, name, sizeof(u.ut_name));
|
||||
u.ut_name[sizeof(u.ut_name)-1] = 0;
|
||||
#else /* HAVE_UT_NAME */
|
||||
#error No ut_name field in struct utmp? (Please send in a bug report)
|
||||
#endif /* HAVE_UT_NAME */
|
||||
|
||||
#if HAVE_UT_HOST
|
||||
strncpy(u.ut_host, host, sizeof(u.ut_host));
|
||||
u.ut_host[sizeof(u.ut_host)-1] = 0;
|
||||
#endif /* HAVE_UT_HOST */
|
||||
#if DOUTMPX && HAVE_UTX_SYSLEN
|
||||
u.ut_syslen = strlen(host) + 1;
|
||||
#endif /* DOUTMPX && HAVE_UT_SYSLEN */
|
||||
|
||||
#if DOUTMPX
|
||||
#ifdef HAVE_ONE_ARG_GETTIMEOFDAY
|
||||
@ -96,7 +107,7 @@ int opielogin FUNCTION((line, name, host), char *line AND char *name AND char *h
|
||||
#endif /* !DISABLE_UTMP */
|
||||
|
||||
dowtmp:
|
||||
opielogwtmp(line, name, host);
|
||||
opielogwtmp(line, name, host, id);
|
||||
opielogwtmp(NULL, NULL, NULL);
|
||||
|
||||
dosetlogin:
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* logwtmp.c: Put an entry in the wtmp file.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,8 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Set process to dead if name is null.
|
||||
Added support for ut_id and ut_syslen.
|
||||
Modified by cmetz for OPIE 2.32. Don't leave line=NULL, skip
|
||||
past /dev/ in line. Fill in ut_host on systems with UTMPX and
|
||||
ut_host.
|
||||
@ -110,7 +112,7 @@ static int fdx = -1;
|
||||
* after first call, for use with ftp (which may chroot
|
||||
* after login, but before logout).
|
||||
*/
|
||||
VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND char *host)
|
||||
VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND char *host AND char *id)
|
||||
{
|
||||
#if !DISABLE_WTMP
|
||||
struct utmp ut;
|
||||
@ -136,8 +138,15 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c
|
||||
return;
|
||||
if (fstat(fd, &buf) == 0) {
|
||||
#if HAVE_UT_TYPE && defined(USER_PROCESS)
|
||||
ut.ut_type = USER_PROCESS;
|
||||
if (name && *name)
|
||||
ut.ut_type = USER_PROCESS;
|
||||
else
|
||||
ut.ut_type = DEAD_PROCESS;
|
||||
#endif /* HAVE_UT_TYPE && defined(USER_PROCESS) */
|
||||
#if HAVE_UT_ID
|
||||
if (id)
|
||||
strncpy(ut.ut_id, id, sizeof(ut.ut_id));
|
||||
#endif /* HAVE_UT_ID */
|
||||
#if HAVE_UT_PID
|
||||
ut.ut_pid = getpid();
|
||||
#endif /* HAVE_UT_PID */
|
||||
@ -161,6 +170,18 @@ VOIDRET opielogwtmp FUNCTION((line, name, host), char *line AND char *name AND c
|
||||
strncpy(utx.ut_line, line, sizeof(utx.ut_line));
|
||||
strncpy(utx.ut_name, name, sizeof(utx.ut_name));
|
||||
strncpy(utx.ut_host, host, sizeof(utx.ut_host));
|
||||
#ifdef USER_PROCESS
|
||||
if (name && *name)
|
||||
utx.ut_type = USER_PROCESS;
|
||||
else
|
||||
utx.ut_type = DEAD_PROCESS;
|
||||
#endif /* USER_PROCESS */
|
||||
if (id)
|
||||
strncpy(utx.ut_id, id, sizeof(utx.ut_id));
|
||||
utx.ut_pid = getpid();
|
||||
#if HAVE_UTX_SYSLEN
|
||||
utx.ut_syslen = strlen(utx.ut_host) + 1;
|
||||
#endif /* HAVE_UTX_SYSLEN */
|
||||
#if HAVE_GETTIMEOFDAY
|
||||
#if HAVE_ONE_ARG_GETTIMEOFDAY
|
||||
gettimeofday(&utx.ut_tv);
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* lookup.c: The opielookup() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* md4c.c: "RSA Data Security, Inc. MD4 Message-Digest Algorithm"
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -2,7 +2,7 @@
|
||||
"derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm"
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,13 +1,15 @@
|
||||
/* open.c: The __opieopen() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. More portable way to get the mode
|
||||
string for fopen.
|
||||
Created by cmetz for OPIE 2.3.
|
||||
*/
|
||||
#include "opie_cfg.h"
|
||||
@ -51,9 +53,23 @@ FILE *__opieopen FUNCTION((file, rw, mode), char *file AND int rw AND int mode)
|
||||
return NULL;
|
||||
|
||||
{
|
||||
char *fmodes[] = { "r", "r+", "a" };
|
||||
char *fmode;
|
||||
|
||||
if (!(f = fopen(file, fmodes[rw])))
|
||||
switch(rw) {
|
||||
case 0:
|
||||
fmode = "r";
|
||||
break;
|
||||
case 1:
|
||||
fmode = "r+";
|
||||
break;
|
||||
case 2:
|
||||
fmode = "a";
|
||||
break;
|
||||
default:
|
||||
return NULL;
|
||||
};
|
||||
|
||||
if (!(f = fopen(file, fmode)))
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
@ -1,13 +1,15 @@
|
||||
/* parsechallenge.c: The __opieparsechallenge() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use OPIE_SEQUENCE_MAX, check for
|
||||
sequence number of zero.
|
||||
Modified by cmetz for OPIE 2.32. Check for extended response sets.
|
||||
Change prefix to double underscore.
|
||||
Created by cmetz for OPIE 2.3 using generator.c as a guide.
|
||||
@ -48,7 +50,7 @@ int __opieparsechallenge FUNCTION((buffer, algorithm, sequence, seed, exts), cha
|
||||
*algorithm = a->num;
|
||||
}
|
||||
|
||||
if ((*sequence = strtoul(++c, &c, 10)) > 9999)
|
||||
if (((*sequence = strtoul(++c, &c, 10)) > OPIE_SEQUENCE_MAX) || !*sequence)
|
||||
return -1;
|
||||
|
||||
while(*c && isspace(*c)) c++;
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* passcheck.c: The opiepasscheck() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,8 +1,8 @@
|
||||
/* passwd.c: The opiepasswd() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
@ -46,19 +46,19 @@ int opiepasswd FUNCTION((old, flags, principal, n, seed, ks), struct opie *old A
|
||||
opie.opie_seed = seed;
|
||||
|
||||
if (ks) {
|
||||
char key[8];
|
||||
struct opie_otpkey key;
|
||||
|
||||
if (flags & OPIEPASSWD_CONSOLE) {
|
||||
if (opiekeycrunch(MDX, key, seed, ks))
|
||||
if (opiekeycrunch(MDX, &key, seed, ks))
|
||||
return -1;
|
||||
for (i = n; i; i--)
|
||||
opiehash(key, MDX);
|
||||
if (!(opie.opie_val = opiebtoa8(opie.opie_buf, key)))
|
||||
opiehash(&key, MDX);
|
||||
if (!(opie.opie_val = opiebtoa8(opie.opie_buf, &key)))
|
||||
return -1;
|
||||
} else {
|
||||
if ((opieetob(key, ks) != 1) && !opieatob8(key, ks))
|
||||
if ((opieetob(&key, ks) != 1) && !opieatob8(&key, ks))
|
||||
return 1;
|
||||
if (!(opie.opie_val = opiebtoa8(opie.opie_buf, key)))
|
||||
if (!(opie.opie_val = opiebtoa8(opie.opie_buf, &key)))
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* randomchallenge.c: The opierandomchallenge() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,7 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use snprintf().
|
||||
Modified by cmetz for OPIE 2.32. Initialize algids[] with 0s
|
||||
instead of NULL.
|
||||
Modified by cmetz for OPIE 2.3. Add sha support.
|
||||
@ -35,11 +36,12 @@ static char *algids[] = { 0, 0, 0, "sha1", "md4", "md5" };
|
||||
most situations; it is certainly better than a fixed string */
|
||||
VOIDRET opierandomchallenge FUNCTION((prompt), char *prompt)
|
||||
{
|
||||
char buf[OPIE_SEED_MAX + 1];
|
||||
char buf[OPIE_SEED_MAX+1];
|
||||
|
||||
buf[0] = 0;
|
||||
if (opienewseed(buf))
|
||||
strcpy(buf, "ke4452");
|
||||
|
||||
sprintf(prompt, "otp-%s %d %s ext", algids[MDX], (rand() % 499) + 1, buf);
|
||||
snprintf(prompt, OPIE_CHALLENGE_MAX+1, "otp-%s %d %s ext", algids[MDX],
|
||||
(rand() % 499) + 1, buf);
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* readpass.c: The opiereadpass() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,13 +1,15 @@
|
||||
/* readrec.c: The __opiereadrec() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Check that seed, sequence number, and
|
||||
response values are valid.
|
||||
Modified by cmetz for OPIE 2.31. Removed active attack protection
|
||||
support. Fixed a debug message typo. Keep going after bogus
|
||||
records. Set read flag.
|
||||
@ -57,7 +59,7 @@ static int parserec FUNCTION((opie), struct opie *opie)
|
||||
|
||||
opie->opie_n = strtoul(c, &c3, 10);
|
||||
|
||||
if (*c3)
|
||||
if (*c3 || (opie->opie_n <= 0) || (opie->opie_n > 9999))
|
||||
return -1;
|
||||
};
|
||||
|
||||
@ -66,6 +68,10 @@ static int parserec FUNCTION((opie), struct opie *opie)
|
||||
|
||||
*(c2++) = 0;
|
||||
|
||||
for (c = opie->opie_seed; *c; c++)
|
||||
if (!isalnum(*c))
|
||||
return -1;
|
||||
|
||||
while(*c2 == ' ') c2++;
|
||||
|
||||
if (!(c2 = strchr(opie->opie_val = c2, ' ')))
|
||||
@ -73,6 +79,13 @@ static int parserec FUNCTION((opie), struct opie *opie)
|
||||
|
||||
*(c2++) = 0;
|
||||
|
||||
{
|
||||
struct opie_otpkey otpkey;
|
||||
|
||||
if (!opieatob8(&otpkey, opie->opie_val))
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* unlock.c: The opieunlock() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,13 +1,15 @@
|
||||
/* verify.c: The opieverify() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_otpkey for keys.
|
||||
Check that seed and sequence number are valid.
|
||||
Modified by cmetz for OPIE 2.32. Renamed _opieparsechallenge() to
|
||||
__opieparsechallenge() and handle new argument. Fixed init
|
||||
response parsing bug.
|
||||
@ -67,7 +69,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
|
||||
{
|
||||
int i, rval = -1;
|
||||
char *c;
|
||||
char key[8], fkey[8], lastkey[8];
|
||||
struct opie_otpkey key, fkey, lastkey;
|
||||
struct opie nopie;
|
||||
|
||||
if (!opie || !response)
|
||||
@ -80,7 +82,14 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
|
||||
goto verret;
|
||||
#endif /* DEBUG */
|
||||
|
||||
if (!opieatob8(lastkey, opie->opie_val))
|
||||
if (!opieatob8(&lastkey, opie->opie_val))
|
||||
goto verret;
|
||||
|
||||
for (c = opie->opie_seed; *c; c++)
|
||||
if (!isalnum(*c))
|
||||
goto verret;
|
||||
|
||||
if (opie->opie_n <= 0)
|
||||
goto verret;
|
||||
|
||||
if (c = strchr(response, ':')) {
|
||||
@ -97,33 +106,33 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
|
||||
case RESPONSE_STANDARD:
|
||||
i = 1;
|
||||
|
||||
if (opieetob(key, response) == 1) {
|
||||
memcpy(fkey, key, sizeof(key));
|
||||
opiehash(fkey, MDX);
|
||||
i = memcmp(fkey, lastkey, sizeof(key));
|
||||
if (opieetob(&key, response) == 1) {
|
||||
memcpy(&fkey, &key, sizeof(struct opie_otpkey));
|
||||
opiehash(&fkey, MDX);
|
||||
i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey));
|
||||
}
|
||||
if (i && opieatob8(key, response)) {
|
||||
memcpy(fkey, key, sizeof(key));
|
||||
opiehash(fkey, MDX);
|
||||
i = memcmp(fkey, lastkey, sizeof(key));
|
||||
if (i && opieatob8(&key, response)) {
|
||||
memcpy(&fkey, &key, sizeof(struct opie_otpkey));
|
||||
opiehash(&fkey, MDX);
|
||||
i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey));
|
||||
}
|
||||
break;
|
||||
case RESPONSE_WORD:
|
||||
i = 1;
|
||||
|
||||
if (opieetob(key, c) == 1) {
|
||||
memcpy(fkey, key, sizeof(key));
|
||||
opiehash(fkey, MDX);
|
||||
i = memcmp(fkey, lastkey, sizeof(key));
|
||||
if (opieetob(&key, c) == 1) {
|
||||
memcpy(&fkey, &key, sizeof(struct opie_otpkey));
|
||||
opiehash(&fkey, MDX);
|
||||
i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey));
|
||||
}
|
||||
break;
|
||||
case RESPONSE_HEX:
|
||||
i = 1;
|
||||
|
||||
if (opieatob8(key, c)) {
|
||||
memcpy(fkey, key, sizeof(key));
|
||||
opiehash(fkey, MDX);
|
||||
i = memcmp(fkey, lastkey, sizeof(key));
|
||||
if (opieatob8(&key, c)) {
|
||||
memcpy(&fkey, &key, sizeof(struct opie_otpkey));
|
||||
opiehash(&fkey, MDX);
|
||||
i = memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey));
|
||||
}
|
||||
break;
|
||||
case RESPONSE_INIT_HEX:
|
||||
@ -137,17 +146,17 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
|
||||
*(c2++) = 0;
|
||||
|
||||
if (i == RESPONSE_INIT_HEX) {
|
||||
if (!opieatob8(key, c))
|
||||
if (!opieatob8(&key, c))
|
||||
goto verret;
|
||||
} else {
|
||||
if (opieetob(key, c) != 1)
|
||||
if (opieetob(&key, c) != 1)
|
||||
goto verret;
|
||||
}
|
||||
|
||||
memcpy(fkey, key, sizeof(key));
|
||||
opiehash(fkey, MDX);
|
||||
memcpy(&fkey, &key, sizeof(struct opie_otpkey));
|
||||
opiehash(&fkey, MDX);
|
||||
|
||||
if (memcmp(fkey, lastkey, sizeof(key)))
|
||||
if (memcmp(&fkey, &lastkey, sizeof(struct opie_otpkey)))
|
||||
goto verret;
|
||||
|
||||
if (changed(opie))
|
||||
@ -155,7 +164,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
|
||||
|
||||
opie->opie_n--;
|
||||
|
||||
if (!opiebtoa8(opie->opie_val, key))
|
||||
if (!opiebtoa8(opie->opie_val, &key))
|
||||
goto verret;
|
||||
|
||||
if (__opiewriterec(opie))
|
||||
@ -174,10 +183,10 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
|
||||
}
|
||||
|
||||
if (i == RESPONSE_INIT_HEX) {
|
||||
if (!opieatob8(key, c2))
|
||||
if (!opieatob8(&key, c2))
|
||||
goto verret;
|
||||
} else {
|
||||
if (opieetob(key, c2) != 1)
|
||||
if (opieetob(&key, c2) != 1)
|
||||
goto verret;
|
||||
}
|
||||
}
|
||||
@ -201,7 +210,7 @@ int opieverify FUNCTION((opie, response), struct opie *opie AND char *response)
|
||||
opie->opie_n--;
|
||||
|
||||
verwrt:
|
||||
if (!opiebtoa8(opie->opie_val, key))
|
||||
if (!opiebtoa8(opie->opie_val, &key))
|
||||
goto verret;
|
||||
rval = __opiewriterec(opie);
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* version.c: The opieversion() library function.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,13 +1,15 @@
|
||||
/* writerec.c: The __opiewriterec() library function.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Check that seed and sequence number are
|
||||
valid.
|
||||
Modified by cmetz for OPIE 2.31. Removed active attack protection
|
||||
support. Fixed passwd bug.
|
||||
Created by cmetz for OPIE 2.3 from passwd.c.
|
||||
@ -30,6 +32,7 @@ you didn't get a copy, you may request one from <license@inner.net>.
|
||||
#if HAVE_STDLIB_H
|
||||
#include <stdlib.h>
|
||||
#endif /* HAVE_STDLIB_H */
|
||||
#include <ctype.h>
|
||||
#include "opie.h"
|
||||
|
||||
char *__opienone = "****************";
|
||||
@ -40,6 +43,7 @@ int __opiewriterec FUNCTION((opie), struct opie *opie)
|
||||
time_t now;
|
||||
FILE *f, *f2 = NULL;
|
||||
int i = 0;
|
||||
char *c;
|
||||
|
||||
time(&now);
|
||||
if (strftime(buf2, sizeof(buf2), " %b %d,%Y %T", localtime(&now)) < 1)
|
||||
@ -51,7 +55,14 @@ int __opiewriterec FUNCTION((opie), struct opie *opie)
|
||||
opie->opie_flags = opie2.opie_flags;
|
||||
opie->opie_recstart = opie2.opie_recstart;
|
||||
}
|
||||
|
||||
|
||||
for (c = opie->opie_seed; *c; c++)
|
||||
if (!isalnum(*c))
|
||||
return -1;
|
||||
|
||||
if ((opie->opie_n < 0) || (opie->opie_n > 9999))
|
||||
return -1;
|
||||
|
||||
switch(i) {
|
||||
case 0:
|
||||
if (!(f = __opieopen(KEY_FILE, 1, 0644)))
|
||||
|
386
contrib/opie/opieauto.c
Normal file
386
contrib/opie/opieauto.c
Normal file
@ -0,0 +1,386 @@
|
||||
/* opieauto.c: The opieauto program.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Created by cmetz for OPIE 2.4 based on previously released
|
||||
test code. Use opiestrncpy().
|
||||
*/
|
||||
|
||||
#include "opie_cfg.h"
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/un.h>
|
||||
#if HAVE_SYS_TIME_H
|
||||
#include <sys/time.h>
|
||||
#endif /* HAVE_SYS_TIME_H */
|
||||
#include <stdio.h>
|
||||
#include <errno.h>
|
||||
#if HAVE_STRING_H
|
||||
#include <string.h>
|
||||
#endif /* HAVE_STRING_H */
|
||||
#include <getopt.h>
|
||||
#if HAVE_STDLIB_H
|
||||
#include <stdlib.h>
|
||||
#endif /* HAVE_STDLIB_H */
|
||||
#if HAVE_UNISTD_H
|
||||
#include <unistd.h>
|
||||
#endif /* HAVE_UNISTD_H */
|
||||
#include <sys/stat.h>
|
||||
|
||||
#include "opie.h"
|
||||
|
||||
#ifndef max
|
||||
#define max(x, y) (((x) > (y)) ? (x) : (y))
|
||||
#endif /* max */
|
||||
|
||||
int window = 10;
|
||||
char *myname = NULL;
|
||||
|
||||
uid_t myuid = 0;
|
||||
|
||||
#define MAXCLIENTS 2
|
||||
int parents, s[MAXCLIENTS + 1];
|
||||
|
||||
char cmd[1+1+1+1+4+1+OPIE_SEED_MAX+1+4+1+4+1+4+1+4+1];
|
||||
|
||||
struct cachedotp {
|
||||
struct cachedotp *next;
|
||||
int algorithm, base, current;
|
||||
struct opie_otpkey basekey;
|
||||
char seed[OPIE_SEED_MAX+1];
|
||||
};
|
||||
|
||||
struct cachedotp *head = NULL;
|
||||
|
||||
char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" };
|
||||
|
||||
void baile(x) {
|
||||
fprintf(stderr, "%s: %s: %s(%d)\n", myname, x, strerror(errno), errno);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
void bail(x) {
|
||||
fprintf(stderr, "%s: %s\n", myname, x);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
void zerocache(void)
|
||||
{
|
||||
struct cachedotp *c = head, *c2;
|
||||
|
||||
while(c) {
|
||||
c2 = c->next;
|
||||
memset(c, 0, sizeof(struct cachedotp));
|
||||
c = c2;
|
||||
};
|
||||
};
|
||||
|
||||
int doreq(int fd)
|
||||
{
|
||||
int algorithm, sequence, i;
|
||||
char *seed = NULL, *response = NULL;
|
||||
|
||||
if (((cmd[0] != 'S') && (cmd[0] != 's')) || (cmd[1] != '=') || (cmd[2] != ' ')) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "%s: got bogus command: %s\n", myname, cmd);
|
||||
#endif /* DEBUG */
|
||||
goto error;
|
||||
};
|
||||
|
||||
{
|
||||
char *c;
|
||||
|
||||
if (((algorithm = strtoul(&cmd[3], &c, 10)) < 3) || (algorithm > 5) || (*c != ' ')) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "%s: got bogus algorithm: %s\n", myname, cmd);
|
||||
#endif /* DEBUG */
|
||||
goto error;
|
||||
};
|
||||
|
||||
if (((sequence = strtoul(c + 1, &c, 10)) <= OPIE_SEQUENCE_RESTRICT) || (sequence > OPIE_SEQUENCE_MAX)) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "%s: got bogus sequence: %s\n", myname, cmd);
|
||||
#endif /* DEBUG */
|
||||
goto error;
|
||||
};
|
||||
|
||||
if (cmd[0] == 'S') {
|
||||
if (!(c = strchr(seed = c + 1, ' '))) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "%s: got bogus seed: %s\n", myname, cmd);
|
||||
#endif /* DEBUG */
|
||||
goto error;
|
||||
};
|
||||
|
||||
*c = 0;
|
||||
|
||||
if (!(c = strchr(response = c + 1, '\n'))) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "%s: got bogus response: %s\n", myname, cmd);
|
||||
#endif /* DEBUG */
|
||||
goto error;
|
||||
};
|
||||
|
||||
*c = 0;
|
||||
} else {
|
||||
if (!(c = strchr(seed = c + 1, '\n'))) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "%s: got bogus seed: %s\n", myname, cmd);
|
||||
#endif /* DEBUG */
|
||||
goto error;
|
||||
};
|
||||
|
||||
*c = 0;
|
||||
};
|
||||
};
|
||||
|
||||
#if DEBUG
|
||||
fprintf(stderr, "got cmd=%c, algorithm=%d sequence=%d seed=+%s+ response=+%s+ on fd %d\n", cmd[0], algorithm, sequence, seed, response, fd);
|
||||
#endif /* DEBUG */
|
||||
|
||||
seed = strdup(seed);
|
||||
|
||||
if (sequence < 10) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "sequence < 10; can't do it\n");
|
||||
#endif /* DEBUG */
|
||||
sprintf(cmd, "%c- %d %d %s\n", cmd[0], algorithm, sequence, seed);
|
||||
};
|
||||
|
||||
{
|
||||
struct cachedotp **c;
|
||||
|
||||
for (c = &head; *c && (strcmp((*c)->seed, seed) || ((*c)->algorithm != algorithm)); c = &((*c)->next));
|
||||
if (!(*c)) {
|
||||
if (cmd[0] == 's') {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "(seed, algorithm) not found for s command\n");
|
||||
#endif /* DEBUG */
|
||||
sprintf(cmd, "s- %d %d %s\n", algorithm, sequence, seed);
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!(*c = malloc(sizeof(struct cachedotp))))
|
||||
baile("malloc");
|
||||
memset(*c, 0, sizeof(struct cachedotp));
|
||||
|
||||
(*c)->algorithm = algorithm;
|
||||
opiestrncpy((*c)->seed, seed, OPIE_SEED_MAX);
|
||||
};
|
||||
|
||||
if (cmd[0] == 'S') {
|
||||
(*c)->base = max(sequence - window + 1, OPIE_SEQUENCE_RESTRICT);
|
||||
(*c)->current = sequence;
|
||||
|
||||
if (!opieatob8(&(*c)->basekey, response))
|
||||
goto error;
|
||||
|
||||
sprintf(cmd, "S+ %d %d %s\n", algorithm, sequence, (*c)->seed);
|
||||
} else {
|
||||
if (sequence != ((*c)->current - 1)) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "out of sequence: sequence=%d, base=%d, current=%d\n", sequence, (*c)->base, (*c)->current);
|
||||
#endif /* DEBUG */
|
||||
sprintf(cmd, "s- %d %d %s\n", algorithm, sequence, (*c)->seed);
|
||||
goto out;
|
||||
};
|
||||
|
||||
if (sequence < (*c)->base) {
|
||||
#if DEBUG
|
||||
fprintf(stderr, "attempt to generate below base: sequence=%d, base=%d, current=%d\n", sequence, (*c)->base, (*c)->current);
|
||||
#endif /* DEBUG */
|
||||
sprintf(cmd, "s- %d %d %s\n", algorithm, sequence, (*c)->seed);
|
||||
goto out;
|
||||
};
|
||||
|
||||
(*c)->current = sequence;
|
||||
i = sequence - (*c)->base;
|
||||
{
|
||||
struct opie_otpkey key;
|
||||
char buffer[16+1];
|
||||
|
||||
key = (*c)->basekey;
|
||||
while(i--)
|
||||
opiehash(&key, algorithm);
|
||||
|
||||
opiebtoa8(buffer, &key);
|
||||
sprintf(cmd, "s+ %d %d %s %s\n", algorithm, sequence, (*c)->seed, buffer);
|
||||
};
|
||||
};
|
||||
|
||||
printf("%c otp-%s %d %s (%d/%d)\n", cmd[0], algids[algorithm], sequence, (*c)->seed, sequence - (*c)->base, window);
|
||||
fflush(stdout);
|
||||
|
||||
if (sequence == (*c)->base) {
|
||||
struct cachedotp *c2 = *c;
|
||||
*c = (*c)->next;
|
||||
memset(c2, 0, sizeof(struct cachedotp));
|
||||
free(c2);
|
||||
};
|
||||
};
|
||||
|
||||
out:
|
||||
write(fd, cmd, i = strlen(cmd));
|
||||
free(seed);
|
||||
return 0;
|
||||
|
||||
error:
|
||||
fprintf(stderr, "Invalid command on fd %d\n", fd);
|
||||
if (seed)
|
||||
free(seed);
|
||||
return -1;
|
||||
}
|
||||
|
||||
static void usage()
|
||||
{
|
||||
fprintf(stderr, "usage: %s [-v] [-h] [-q] [-n <number of OTPs>]\n", myname);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
int i;
|
||||
struct stat st;
|
||||
char *sockpath;
|
||||
|
||||
if (myname = strrchr(argv[0], '/'))
|
||||
myname++;
|
||||
else
|
||||
myname = argv[0];
|
||||
|
||||
while((i = getopt(argc, argv, "w:hv")) != EOF) {
|
||||
switch(i) {
|
||||
case 'v':
|
||||
opieversion();
|
||||
|
||||
case 'w':
|
||||
if (!(window = atoi(optarg))) {
|
||||
fprintf(stderr, "%s: invalid number of OTPs: %s\n", myname, optarg);
|
||||
exit(1);
|
||||
};
|
||||
break;
|
||||
|
||||
default:
|
||||
usage();
|
||||
}
|
||||
};
|
||||
|
||||
{
|
||||
uid_t myeuid;
|
||||
|
||||
if (!(myuid = getuid()) || !(myeuid = geteuid()) || (myuid != myeuid))
|
||||
bail("this program must not be run with superuser priveleges or setuid.");
|
||||
};
|
||||
|
||||
if (atexit(zerocache) < 0)
|
||||
baile("atexit");
|
||||
|
||||
{
|
||||
struct sockaddr_un sun;
|
||||
|
||||
memset(&sun, 0, sizeof(struct sockaddr_un));
|
||||
sun.sun_family = AF_UNIX;
|
||||
|
||||
{
|
||||
char *c;
|
||||
char *c2 = "/.opieauto";
|
||||
|
||||
if (!(c = getenv("HOME")))
|
||||
bail("getenv(HOME) failed -- no HOME variable?");
|
||||
|
||||
if (strlen(c) > (sizeof(sun.sun_path) - strlen(c2) - 1))
|
||||
bail("your HOME is too long");
|
||||
|
||||
strcpy(sun.sun_path, c);
|
||||
strcat(sun.sun_path, c2);
|
||||
sockpath = strdup(sun.sun_path);
|
||||
};
|
||||
|
||||
if ((parents = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
|
||||
baile("socket");
|
||||
|
||||
if (unlink(sockpath) && (errno != ENOENT))
|
||||
baile("unlink");
|
||||
|
||||
if (umask(0177) < 0)
|
||||
baile("umask");
|
||||
|
||||
if (bind(parents, (struct sockaddr *)&sun, sizeof(struct sockaddr_un)))
|
||||
baile("bind");
|
||||
|
||||
if (stat(sockpath, &st) < 0)
|
||||
baile("stat");
|
||||
|
||||
if ((st.st_uid != myuid) || (!S_ISSOCK(st.st_mode)) || ((st.st_mode & 07777) != 0600))
|
||||
bail("socket permissions and/or ownership were not correctly created.");
|
||||
|
||||
if (listen(parents, 1) < 0)
|
||||
baile("listen");
|
||||
};
|
||||
|
||||
{
|
||||
fd_set fds, rfds, efds;
|
||||
int maxfd = parents;
|
||||
int i, j;
|
||||
|
||||
FD_ZERO(&fds);
|
||||
FD_SET(parents, &fds);
|
||||
|
||||
while(1) {
|
||||
memcpy(&rfds, &fds, sizeof(fd_set));
|
||||
|
||||
if (select(maxfd + 1, &rfds, NULL, NULL, NULL) < 0)
|
||||
baile("select");
|
||||
|
||||
for (i = 0; s[i]; i++) {
|
||||
if (!FD_ISSET(s[i], &rfds))
|
||||
continue;
|
||||
|
||||
if (((j = read(s[i], cmd, sizeof(cmd)-1)) <= 0) || ((cmd[j] = 0) || doreq(s[i]))) {
|
||||
close(s[i]);
|
||||
FD_CLR(s[i], &fds);
|
||||
|
||||
if (s[i] == maxfd)
|
||||
maxfd--;
|
||||
|
||||
for (j = i; s[j]; s[j] = s[j + 1], j++);
|
||||
FD_SET(parents, &fds);
|
||||
i--;
|
||||
continue;
|
||||
};
|
||||
};
|
||||
|
||||
if (FD_ISSET(parents, &rfds)) {
|
||||
for (i = 0; s[i]; i++)
|
||||
if (i > MAXCLIENTS)
|
||||
bail("this message never printed");
|
||||
|
||||
if (stat(sockpath, &st) < 0)
|
||||
baile("stat");
|
||||
|
||||
if ((st.st_uid != myuid) || (!S_ISSOCK(st.st_mode)) || ((st.st_mode & 07777) != 0600))
|
||||
bail("socket permissions and/or ownership has been messed with.");
|
||||
|
||||
if ((s[i] = accept(parents, NULL, 0)) < 0)
|
||||
baile("accept");
|
||||
|
||||
FD_SET(s[i], &fds);
|
||||
if (s[i] > maxfd)
|
||||
maxfd = s[i];
|
||||
|
||||
sprintf(cmd, "C+ %d\n", window);
|
||||
if (write(s[i], cmd, j = strlen(cmd)) != j)
|
||||
baile("write");
|
||||
|
||||
if (++i == MAXCLIENTS)
|
||||
FD_CLR(parents, &fds);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
@ -1,5 +1,13 @@
|
||||
.\" opieftpd.8: Manual page describing the FTP daemon.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-98
|
||||
.\" Portions of this software are Copyright 1998-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
.\" you didn't get a copy, you may request one from <license@inner.net>.
|
||||
.\"
|
||||
.\"
|
||||
.\" Portions of this software are Copyright 1995 by Randall Atkinson and Dan
|
||||
.\" McDonald, All Rights Reserved. All Rights under this copyright are assigned
|
||||
.\" to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
|
||||
@ -7,6 +15,7 @@
|
||||
.\"
|
||||
.\" History:
|
||||
.\"
|
||||
.\" Modified by cmetz for OPIE 2.4. Document -u option.
|
||||
.\" Modified at NRL for OPIE 2.0.
|
||||
.\" Originally from BSD.
|
||||
.\"
|
||||
@ -59,6 +68,8 @@ opieftpd \- File Transfer Protocol server that uses OPIE authentication
|
||||
.I timeout
|
||||
] [\-T
|
||||
.I maxtimeout
|
||||
] [\-u
|
||||
.I umask
|
||||
]
|
||||
|
||||
.SH DESCRIPTION
|
||||
@ -90,6 +101,9 @@ the maximum period allowed may be set to
|
||||
seconds with the
|
||||
.B \-T
|
||||
option. The default limit is 2 hours.
|
||||
.B \-u
|
||||
Set the default umask value to
|
||||
.I umask.
|
||||
.SH COMMANDS
|
||||
The ftp server currently supports the following ftp
|
||||
requests; case is not distinguished:
|
||||
|
@ -1,7 +1,7 @@
|
||||
.\" opiegen.1: Manual page for the opiegen(1) program.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-96
|
||||
.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,7 @@
|
||||
.\"
|
||||
.\" History:
|
||||
.\"
|
||||
.\" Modified by cmetz for OPIE 2.4. Fixed *roff bug.
|
||||
.\" Created by cmetz for OPIE 2.2 from opiekey.1.
|
||||
.\"
|
||||
.ll 6i
|
||||
@ -56,7 +57,8 @@ wintermute$
|
||||
.BR opiegen(1)
|
||||
can lull a user into revealing his/her password when remotely logged in, thus
|
||||
defeating the purpose of OPIE. This is especially a problem with xterm.
|
||||
.BR opiegen(1) implements simple checks to reduce the risk of a user making
|
||||
.BR opiegen(1)
|
||||
implements simple checks to reduce the risk of a user making
|
||||
this mistake. Better checks are needed.
|
||||
.LP
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
library routine.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
@ -1,7 +1,7 @@
|
||||
.\" opielogin.1: Manual page for the opielogin(1) program.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-96
|
||||
.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* opielogin.c: The infamous /bin/login
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,13 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Omit "/dev/" in lastlog entry.
|
||||
Don't chdir for invalid users. Fixed bug where getloginname()
|
||||
didn't actually change spaces to underscores. Use struct
|
||||
opie_key for key blocks. Do the home directory chdir() after
|
||||
doing the setuid() in case we're on superuser-mapped NFS.
|
||||
Initialize some variables explicitly. Call opieverify() if
|
||||
login times out. Use opiestrncpy().
|
||||
Modified by cmetz for OPIE 2.32. Partially handle environment
|
||||
variables on the command line (a better implementation is
|
||||
coming soon). Handle failure to issue a challenge more
|
||||
@ -157,13 +164,13 @@ License Agreement applies to this software.
|
||||
|
||||
static int rflag = 0;
|
||||
static int usererr = -1;
|
||||
static int stopmotd;
|
||||
static int stopmotd = 0;
|
||||
static char rusername[NMAX + 1];
|
||||
static char name[NMAX + 1] = "";
|
||||
static char minusnam[16] = "-";
|
||||
static char *envinit[1]; /* now set by setenv calls */
|
||||
static char term[64] = "\0"; /* important to initialise to a NULL string */
|
||||
static char host[HMAX + 1] = "\0";
|
||||
static char term[64] = ""; /* important to initialise to a NULL string */
|
||||
static char host[HMAX + 1] = "";
|
||||
static struct passwd nouser;
|
||||
static struct passwd thisuser;
|
||||
|
||||
@ -208,6 +215,9 @@ static void getstr __P((char *, int, char *));
|
||||
#undef TRUE
|
||||
#define TRUE -1
|
||||
|
||||
static int need_opieverify = 0;
|
||||
static struct opie opie;
|
||||
|
||||
#ifdef TIOCSWINSZ
|
||||
/* Windowing variable relating to JWINSIZE/TIOCSWINSZ/TIOCGWINSZ. This is
|
||||
available on BSDish systems and at least Solaris 2.x, but portability to
|
||||
@ -276,8 +286,7 @@ static int lookupuser FUNCTION_NOARGS
|
||||
|
||||
static VOIDRET getloginname FUNCTION_NOARGS
|
||||
{
|
||||
register char *namep;
|
||||
char c, d;
|
||||
char *namep, d;
|
||||
int flags;
|
||||
static int first = 1;
|
||||
|
||||
@ -291,7 +300,7 @@ static VOIDRET getloginname FUNCTION_NOARGS
|
||||
flags = 4;
|
||||
first--;
|
||||
} else
|
||||
printf("%s", ttyprompt);
|
||||
printf(ttyprompt);
|
||||
} else
|
||||
printf("login: ");
|
||||
fflush(stdout);
|
||||
@ -302,8 +311,8 @@ static VOIDRET getloginname FUNCTION_NOARGS
|
||||
exit(0);
|
||||
}
|
||||
for (namep = name; *namep; namep++) {
|
||||
if (c == ' ')
|
||||
c = '_';
|
||||
if (*namep == ' ')
|
||||
*namep = '_';
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -313,6 +322,10 @@ static VOIDRET timedout FUNCTION((i), int i)
|
||||
/* input variable declared just to keep the compiler quiet */
|
||||
printf("Login timed out after %d seconds\n", timeout);
|
||||
syslog(LOG_CRIT, "Login timed out after %d seconds!", timeout);
|
||||
|
||||
if (need_opieverify)
|
||||
opieverify(&opie, NULL);
|
||||
|
||||
exit(0);
|
||||
}
|
||||
|
||||
@ -632,7 +645,6 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
{
|
||||
extern char **environ;
|
||||
register char *namep;
|
||||
struct opie opie;
|
||||
|
||||
int invalid, quietlog;
|
||||
FILE *nlfd;
|
||||
@ -643,7 +655,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
char *p;
|
||||
char opieprompt[OPIE_CHALLENGE_MAX + 1];
|
||||
int af_pwok;
|
||||
int authsok;
|
||||
int authsok = 0;
|
||||
char *pp;
|
||||
char buf[256];
|
||||
int uid;
|
||||
@ -651,7 +663,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
|
||||
#ifndef DEBUG
|
||||
if (geteuid()) {
|
||||
fprintf(stderr, "This program requires super-user priveleges.\n");
|
||||
fprintf(stderr, "This program requires super-user privileges.\n");
|
||||
exit(1);
|
||||
}
|
||||
#endif /* DEBUG */
|
||||
@ -669,7 +681,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
#ifdef DEBUG
|
||||
syslog(LOG_DEBUG, "environment TERM=%s", p);
|
||||
#endif /* DEBUG */
|
||||
strncpy(term, p, sizeof(term));
|
||||
opiestrncpy(term, p, sizeof(term));
|
||||
};
|
||||
|
||||
memset(&nouser, 0, sizeof(nouser));
|
||||
@ -696,13 +708,9 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
#endif
|
||||
|
||||
#ifdef DEBUG
|
||||
{
|
||||
int foo;
|
||||
|
||||
syslog(LOG_DEBUG, "my args are: (argc=%d)", foo = argc);
|
||||
while (--foo)
|
||||
syslog(LOG_DEBUG, "%d: %s", foo, argv[foo]);
|
||||
}
|
||||
syslog(LOG_DEBUG, "my args are: (argc=%d)", i = argc);
|
||||
while (--i)
|
||||
syslog(LOG_DEBUG, "%d: %s", i, argv[i]);
|
||||
#endif /* DEBUG */
|
||||
|
||||
/* Implement our own getopt()-like functionality, but do so in a much more
|
||||
@ -742,7 +750,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
if (!doremotelogin(ouroptarg))
|
||||
rflag = 1;
|
||||
|
||||
strncpy(host, ouroptarg, sizeof(host));
|
||||
opiestrncpy(host, ouroptarg, sizeof(host));
|
||||
break;
|
||||
|
||||
case 'h':
|
||||
@ -759,7 +767,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
if (!(ouroptarg = argv[ouroptind]))
|
||||
exit(1);
|
||||
|
||||
strncpy(host, ouroptarg, sizeof(host));
|
||||
opiestrncpy(host, ouroptarg, sizeof(host));
|
||||
}
|
||||
break;
|
||||
|
||||
@ -776,7 +784,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
if (!(ouroptarg = argv[ouroptind]))
|
||||
exit(1);
|
||||
|
||||
strncpy(name, ouroptarg, sizeof(name));
|
||||
opiestrncpy(name, ouroptarg, sizeof(name));
|
||||
break;
|
||||
case 'p':
|
||||
pflag = 1;
|
||||
@ -788,8 +796,8 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
|
||||
if (strchr(argv[ouroptind], '=')) {
|
||||
if (!strncmp(argv[ouroptind], "TERM=", 5)) {
|
||||
strncpy(term, &(argv[ouroptind][5]), sizeof(term));
|
||||
term[sizeof(term) - 1] = 0;
|
||||
opiestrncpy(term, &(argv[ouroptind][5]), sizeof(term));
|
||||
|
||||
#ifdef DEBUG
|
||||
syslog(LOG_DEBUG, "passed TERM=%s, ouroptind = %d", term, ouroptind);
|
||||
#endif /* DEBUG */
|
||||
@ -801,7 +809,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
continue;
|
||||
};
|
||||
|
||||
strncpy(name, argv[ouroptind], sizeof(name));
|
||||
opiestrncpy(name, argv[ouroptind], sizeof(name));
|
||||
};
|
||||
|
||||
#ifdef TIOCNXCL
|
||||
@ -1088,6 +1096,7 @@ completeness, but these are set within appropriate defines for portability. */
|
||||
|
||||
/* Attempt a one-time password challenge */
|
||||
i = opiechallenge(&opie, name, opieprompt);
|
||||
need_opieverify = TRUE;
|
||||
|
||||
if ((i < 0) || (i > 1)) {
|
||||
syslog(LOG_ERR, "error: opiechallenge() returned %d, errno=%d!\n", i, errno);
|
||||
@ -1126,7 +1135,7 @@ completeness, but these are set within appropriate defines for portability. */
|
||||
if (!opiereadpass(buf, sizeof(buf), !(authsok & 2)))
|
||||
invalid = TRUE;
|
||||
#else /* NEW_PROMPTS */
|
||||
if (!(authsok & 1) && authsok)
|
||||
if ((authsok & 3) == 1)
|
||||
printf("(OTP response required)\n");
|
||||
printf("Password:");
|
||||
fflush(stdout);
|
||||
@ -1150,6 +1159,7 @@ completeness, but these are set within appropriate defines for portability. */
|
||||
if (authsok & 1) {
|
||||
i = opiegetsequence(&opie);
|
||||
opiepassed = !opieverify(&opie, buf);
|
||||
need_opieverify = 0;
|
||||
|
||||
#ifdef DEBUG
|
||||
syslog(LOG_DEBUG, "opiepassed = %d", opiepassed);
|
||||
@ -1209,15 +1219,6 @@ completeness, but these are set within appropriate defines for portability. */
|
||||
}
|
||||
if (*thisuser.pw_shell == '\0')
|
||||
thisuser.pw_shell = "/bin/sh";
|
||||
if ((chdir(thisuser.pw_dir) < 0) && !invalid) {
|
||||
if (chdir("/") < 0) {
|
||||
printf("No directory!\n");
|
||||
invalid = TRUE;
|
||||
} else {
|
||||
printf("No directory! %s\n", "Logging in with HOME=/");
|
||||
strcpy(thisuser.pw_dir, "/");
|
||||
}
|
||||
}
|
||||
/* Remote login invalid must have been because of a restriction of some
|
||||
sort, no extra chances. */
|
||||
if (invalid) {
|
||||
@ -1271,8 +1272,11 @@ completeness, but these are set within appropriate defines for portability. */
|
||||
lseek(f, (long)thisuser.pw_uid * sizeof(struct lastlog), 0);
|
||||
|
||||
time(&ll.ll_time);
|
||||
strncpy(ll.ll_line, tty, sizeof(ll.ll_line));
|
||||
strncpy(ll.ll_host, host, sizeof(ll.ll_host));
|
||||
if (!strncmp(tty, "/dev/", 5))
|
||||
opiestrncpy(ll.ll_line, tty + 5, sizeof(ll.ll_line));
|
||||
else
|
||||
opiestrncpy(ll.ll_line, tty, sizeof(ll.ll_line));
|
||||
opiestrncpy(ll.ll_host, host, sizeof(ll.ll_host));
|
||||
write(f, (char *) &ll, sizeof ll);
|
||||
close(f);
|
||||
}
|
||||
@ -1312,6 +1316,21 @@ interested in hearing of a more portable approach. rja */
|
||||
environ = envinit;
|
||||
setenv("HOME", thisuser.pw_dir, 1);
|
||||
setenv("SHELL", thisuser.pw_shell, 1);
|
||||
|
||||
if (chdir(thisuser.pw_dir) < 0) {
|
||||
#if DEBUG
|
||||
syslog(LOG_DEBUG, "chdir(%s): %s(%d)", thisuser.pw_dir, strerror(errno),
|
||||
errno);
|
||||
#endif /* DEBUG */
|
||||
if (chdir("/") < 0) {
|
||||
printf("No directory!\n");
|
||||
invalid = TRUE;
|
||||
} else {
|
||||
printf("No directory! %s\n", "Logging in with HOME=/");
|
||||
strcpy(thisuser.pw_dir, "/");
|
||||
}
|
||||
}
|
||||
|
||||
if (!term[0]) {
|
||||
#if HAVE_GETTTYNAM
|
||||
/*
|
||||
@ -1328,7 +1347,7 @@ interested in hearing of a more portable approach. rja */
|
||||
c = tty;
|
||||
|
||||
if (t = getttynam(c))
|
||||
strncpy(term, t->ty_type, sizeof(term));
|
||||
opiestrncpy(term, t->ty_type, sizeof(term));
|
||||
else
|
||||
#endif /* HAVE_GETTTYNAM */
|
||||
strcpy(term, "unknown");
|
||||
@ -1407,8 +1426,7 @@ interested in hearing of a more portable approach. rja */
|
||||
char buf[128];
|
||||
int len;
|
||||
|
||||
strncpy(buf, PATH_MAIL, sizeof(buf) - 2);
|
||||
buf[sizeof(buf) - 2] = 0;
|
||||
opiestrncpy(buf, PATH_MAIL, sizeof(buf) - 2);
|
||||
|
||||
len = strlen(buf);
|
||||
if (*(buf + len - 1) != '/') {
|
||||
|
@ -1,7 +1,7 @@
|
||||
.\" opieserv.1: Manual page for the opieserv(1) program.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-96
|
||||
.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
|
@ -2,8 +2,8 @@
|
||||
opieverify() library routines.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
.\" opiesu.c: Manual page for the opiesu(1) program.
|
||||
.\"
|
||||
.\" %%% portions-copyright-cmetz-96
|
||||
.\" Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
.\" Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
.\" the software.
|
||||
.\" You should have received a copy of the license with this software. If
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* opiesu.c: main body of code for the su(1m) program
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -14,6 +14,8 @@ License Agreement applies to this software.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Check euid on startup. Use
|
||||
opiestrncpy().
|
||||
Modified by cmetz for OPIE 2.32. Set up TERM and PATH correctly.
|
||||
Modified by cmetz for OPIE 2.31. Fix sulog(). Replaced Getlogin() with
|
||||
currentuser. Fixed fencepost error in month printed by sulog().
|
||||
@ -302,6 +304,7 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
argv++;
|
||||
}
|
||||
|
||||
|
||||
{
|
||||
struct passwd *pwd;
|
||||
char *p = getlogin();
|
||||
@ -314,14 +317,12 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
#endif /* HAVE_SULOG */
|
||||
exit(1);
|
||||
}
|
||||
strncpy(buf, pwd->pw_name, sizeof(buf)-1);
|
||||
buf[sizeof(buf)-1] = 0;
|
||||
opiestrncpy(buf, pwd->pw_name, sizeof(buf));
|
||||
|
||||
if (!p)
|
||||
p = "unknown";
|
||||
|
||||
strncpy(currentuser, p, 31);
|
||||
currentuser[31] = 0;
|
||||
opiestrncpy(currentuser, p, 31);
|
||||
|
||||
if (p && *p && strcmp(currentuser, buf)) {
|
||||
strcat(currentuser, "(");
|
||||
@ -338,6 +339,15 @@ int main FUNCTION((argc, argv), int argc AND char *argv[])
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if (geteuid()) {
|
||||
syslog(LOG_CRIT, "'%s' failed for %s on %s: not running with superuser priveleges", argvbuf, currentuser, ttyname(2));
|
||||
#if HAVE_SULOG
|
||||
sulog(0, NULL);
|
||||
#endif /* HAVE_SULOG */
|
||||
fprintf(stderr, "You do not have permission to su %s\n", user);
|
||||
exit(1);
|
||||
};
|
||||
|
||||
/* Implement the BSD "wheel group" su restriction. */
|
||||
#if DOWHEEL
|
||||
/* Only allow those in group zero to su to root? */
|
||||
|
@ -9,13 +9,14 @@
|
||||
on your system. The converse is not such a safe statement.
|
||||
|
||||
%%% copyright-cmetz-96
|
||||
This software is Copyright 1996-1998 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 2 applies to this software.
|
||||
This software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
|
||||
The Inner Net License Version 3 applies to this software.
|
||||
You should have received a copy of the license with this software. If
|
||||
you didn't get a copy, you may request one from <license@inner.net>.
|
||||
|
||||
History:
|
||||
|
||||
Modified by cmetz for OPIE 2.4. Use struct opie_key for key blocks.
|
||||
Modified by cmetz for OPIE 2.31. Added a couple of new checks,
|
||||
removed a few commented-out checks for functions that
|
||||
no longer exist, added test-skip capability.
|
||||
@ -34,12 +35,13 @@ char buffer[1024];
|
||||
int testatob8()
|
||||
{
|
||||
static char testin[] = "0123456789abcdef";
|
||||
static unsigned char testout[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
|
||||
if (!opieatob8(buffer, testin))
|
||||
static unsigned char testout[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
struct opie_otpkey key;
|
||||
|
||||
if (!opieatob8(&key, testin))
|
||||
return -1;
|
||||
|
||||
if (memcmp(buffer, testout, sizeof(testout)))
|
||||
if (memcmp(&key, testout, sizeof(testout)))
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
@ -47,10 +49,13 @@ int testatob8()
|
||||
|
||||
int testbtoa8()
|
||||
{
|
||||
static unsigned char testin[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
static unsigned char testin[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
static char testout[] = "0123456789abcdef";
|
||||
struct opie_otpkey testin_aligned;
|
||||
|
||||
memcpy(&testin_aligned, testin, sizeof(struct opie_otpkey));
|
||||
|
||||
if (!opiebtoa8(buffer, testin))
|
||||
if (!opiebtoa8(buffer, &testin_aligned))
|
||||
return -1;
|
||||
|
||||
if (memcmp(buffer, testout, sizeof(testout)))
|
||||
@ -61,10 +66,13 @@ int testbtoa8()
|
||||
|
||||
int testbtoe()
|
||||
{
|
||||
static unsigned char testin[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
static unsigned char testin[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
static char testout[] = "AIM HEW BLUM FED MITE WARM";
|
||||
struct opie_otpkey testin_aligned;
|
||||
|
||||
memcpy(&testin_aligned, testin, sizeof(struct opie_otpkey));
|
||||
|
||||
if (!opiebtoe(buffer, testin))
|
||||
if (!opiebtoe(buffer, &testin_aligned))
|
||||
return -1;
|
||||
|
||||
if (memcmp(buffer, testout, sizeof(testout)))
|
||||
@ -76,12 +84,13 @@ int testbtoe()
|
||||
int testetob()
|
||||
{
|
||||
static char testin[] = "AIM HEW BLUM FED MITE WARM";
|
||||
static unsigned char testout[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
static unsigned char testout[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
struct opie_otpkey key;
|
||||
|
||||
if (opieetob(buffer, testin) != 1)
|
||||
if (opieetob(&key, testin) != 1)
|
||||
return -1;
|
||||
|
||||
if (memcmp(buffer, testout, sizeof(testout)))
|
||||
if (memcmp(&key, testout, sizeof(testout)))
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
@ -116,12 +125,15 @@ int testgetsequence()
|
||||
|
||||
int testhashmd4()
|
||||
{
|
||||
static unsigned char testin[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
static unsigned char testout[] = { 0x9f, 0x40, 0xfb, 0x84, 0xb, 0xf8, 0x7f, 0x4b };
|
||||
static unsigned char testin[sizeof(struct opie_otpkey)] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
static unsigned char testout[sizeof(struct opie_otpkey)] = { 0x9f, 0x40, 0xfb, 0x84, 0xb, 0xf8, 0x7f, 0x4b };
|
||||
struct opie_otpkey testin_aligned;
|
||||
|
||||
opiehash(testin, 4);
|
||||
memcpy(&testin_aligned, testin, sizeof(struct opie_otpkey));
|
||||
|
||||
if (memcmp(testin, testout, sizeof(testout)))
|
||||
opiehash(&testin_aligned, 4);
|
||||
|
||||
if (memcmp(&testin_aligned, testout, sizeof(struct opie_otpkey)))
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
@ -131,10 +143,13 @@ int testhashmd5()
|
||||
{
|
||||
static unsigned char testin[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
static unsigned char testout[] = { 0x78, 0xdd, 0x1a, 0x37, 0xf8, 0x91, 0x54, 0xe1 };
|
||||
struct opie_otpkey testin_aligned;
|
||||
|
||||
opiehash(testin, 5);
|
||||
memcpy(&testin_aligned, testin, sizeof(struct opie_otpkey));
|
||||
|
||||
if (memcmp(testin, testout, sizeof(testout)))
|
||||
opiehash(&testin_aligned, 5);
|
||||
|
||||
if (memcmp(&testin_aligned, testout, sizeof(struct opie_otpkey)))
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
@ -151,12 +166,13 @@ int testkeycrunch()
|
||||
{
|
||||
static char testin1[] = "ke1234";
|
||||
static char testin2[] = "this is a test";
|
||||
static unsigned char testout[] = { 0x2e, 0xd3, 0x5d, 0x74, 0x3e, 0xa9, 0xe9, 0xe8 };
|
||||
static unsigned char testout[sizeof(struct opie_otpkey)] = { 0x2e, 0xd3, 0x5d, 0x74, 0x3e, 0xa9, 0xe9, 0xe8 };
|
||||
struct opie_otpkey opie_otpkey;
|
||||
|
||||
if (opiekeycrunch(5, buffer, testin1, testin2))
|
||||
if (opiekeycrunch(5, &opie_otpkey, testin1, testin2))
|
||||
return -1;
|
||||
|
||||
if (memcmp(buffer, testout, sizeof(testout)))
|
||||
if (memcmp(&opie_otpkey, testout, sizeof(struct opie_otpkey)))
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
|
@ -2,7 +2,7 @@
|
||||
functionality to set device permissions on login
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
@ -48,7 +48,7 @@ char **ftpglob __P((char *));
|
||||
|
||||
VOIDRET opiefatal FUNCTION((x), char *x)
|
||||
{
|
||||
fprintf(stderr, "%s", x);
|
||||
fprintf(stderr, x);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* popen.c: A "safe" pipe open routine.
|
||||
|
||||
%%% portions-copyright-cmetz-96
|
||||
Portions of this software are Copyright 1996-1998 by Craig Metz, All Rights
|
||||
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
|
||||
Reserved. The Inner Net License Version 2 applies to these portions of
|
||||
the software.
|
||||
You should have received a copy of the license with this software. If
|
||||
|
Loading…
Reference in New Issue
Block a user