oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

conditionalize otp

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3875 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1997-11-09 09:04:45 +00:00
parent e0c54c119f
commit 6171864f27
1 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
appl/ftp/ftpd/ftpd.c
View File

@@ -135,7 +135,9 @@ RCSID("$Id$");
#include <kafs.h> #include <kafs.h>
#include "roken.h" #include "roken.h"
#ifdef OTP
#include <otp.h> #include <otp.h>
#endif
#ifdef SOCKS #ifdef SOCKS
#include <socks.h> #include <socks.h>
@@ -274,8 +276,10 @@ parse_auth_level(char *str)
p = strtok_r(NULL, ",", &foo)) { p = strtok_r(NULL, ",", &foo)) {
if(strcmp(p, "user") == 0) if(strcmp(p, "user") == 0)
; ;
#ifdef OTP
else if(strcmp(p, "otp") == 0) else if(strcmp(p, "otp") == 0)
ret |= AUTH_PLAIN|AUTH_OTP; ret |= AUTH_PLAIN|AUTH_OTP;
#endif
else if(strcmp(p, "ftp") == 0 || else if(strcmp(p, "ftp") == 0 ||
strcmp(p, "safe") == 0) strcmp(p, "safe") == 0)
ret |= AUTH_FTP; ret |= AUTH_FTP;
@@ -551,7 +555,9 @@ sgetpwnam(char *name)
static int login_attempts; /* number of failed login attempts */ static int login_attempts; /* number of failed login attempts */
static int askpasswd; /* had user command, ask for passwd */ static int askpasswd; /* had user command, ask for passwd */
static char curname[10]; /* current USER name */ static char curname[10]; /* current USER name */
#ifdef OTP
OtpContext otp_ctx; OtpContext otp_ctx;
#endif
/* /*
* USER command. * USER command.
@@ -635,20 +641,28 @@ user(char *name)
else { else {
char ss[256]; char ss[256];
#ifdef OTP
if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) { if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) {
reply(331, "Password %s for %s required.", reply(331, "Password %s for %s required.",
ss, name); ss, name);
askpasswd = 1; askpasswd = 1;
} else if ((auth_level & AUTH_OTP) == 0) { } else
#endif
if ((auth_level & AUTH_OTP) == 0) {
reply(331, "Password required for %s.", name); reply(331, "Password required for %s.", name);
askpasswd = 1; askpasswd = 1;
} else { } else {
char *s; char *s;
#ifdef OTP
if (s = otp_error (&otp_ctx)) if (s = otp_error (&otp_ctx))
lreply(530, "OTP: %s", s); lreply(530, "OTP: %s", s);
#endif
reply(530, reply(530,
"Only authorized, anonymous and OTP " "Only authorized, anonymous"
#ifdef OTP
" and OTP "
#endif
"login allowed."); "login allowed.");
} }
@@ -868,9 +882,12 @@ pass(char *passwd)
if (!guest) { /* "ftp" is only account allowed no password */ if (!guest) { /* "ftp" is only account allowed no password */
if (pw == NULL) if (pw == NULL)
rval = 1; /* failure below */ rval = 1; /* failure below */
#ifdef OTP
else if (otp_verify_user (&otp_ctx, passwd) == 0) { else if (otp_verify_user (&otp_ctx, passwd) == 0) {
rval = 0; rval = 0;
} else if((auth_level & AUTH_OTP) == 0) { }
#endif
else if((auth_level & AUTH_OTP) == 0) {
char realm[REALM_SZ]; char realm[REALM_SZ];
if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS) if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS)
rval = krb_verify_user(pw->pw_name, "", realm, rval = krb_verify_user(pw->pw_name, "", realm,
@@ -884,8 +901,10 @@ pass(char *passwd)
} else { } else {
char *s; char *s;
#ifdef OTP
if (s = otp_error(&otp_ctx)) if (s = otp_error(&otp_ctx))
lreply(530, "OTP: %s", s); lreply(530, "OTP: %s", s);
#endif
} }
memset (passwd, 0, strlen(passwd)); memset (passwd, 0, strlen(passwd));