Add S/Key support.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@585 ec53bebd-3082-4978-b11e-865c3cabbd6b
1996-06-15 09:46:58 +00:00
parent 373b4f76a5
commit 74f0d6362b
1 changed files with 29 additions and 16 deletions
--- a/appl/ftp/ftpd/ftpd.c
+++ b/appl/ftp/ftpd/ftpd.c
@@ -89,7 +89,9 @@ RCSID("$Id$");
 #include <kafs.h>
 #include "roken.h"
-#undef SKEY
+#if defined(SKEY)
 #include <skey.h>
 #endif
 void yyparse();
@@ -485,6 +487,10 @@ sgetpwnam(char *name)
 static int login_attempts;	/* number of failed login attempts */
 static int askpasswd;		/* had user command, ask for passwd */
 static char curname[10];	/* current USER name */
 #ifdef SKEY
 static struct skey sk;
 static int permit_passwd;
 #endif /* SKEY */
 /*
 * USER command.
@@ -558,21 +564,26 @@ user(char *name)
 	}
 	if (logging)
 		strncpy(curname, name, sizeof(curname)-1);
 #ifdef SKEY
 	if (!skey_haskey(name)) {
 		char *myskey, *skey_keyinfo (char *name);
 		myskey = skey_keyinfo(name);
 		reply(331, "Password [%s] for %s required.",
 		    myskey ? myskey : "error getting challenge", name);
 	} else
 #endif
 	if(auth_ok())
 		ct->userok(name);
-	     else{
+	else {
 #ifdef SKEY
 		char ss[256];
 		permit_passwd = skeyaccess(k_getpwnam (name), NULL,
 					   remotehost, NULL);
 		if (skeychallenge (&sk, name, ss) == 0) {
 			reply (331, "Password [%s] for %s required.",
 			       ss, name);
 			askpasswd = 1;
 		} else if (permit_passwd)
 #endif
 		{
 			reply(331, "Password required for %s.", name);
 			askpasswd = 1;
 		}
 	}
 	/*
 	 * Delay before reading passwd after first failed
 	 * attempt to slow down passwd-guessing programs.
@@ -729,10 +740,12 @@ pass(char *passwd)
 		if (rval == 0)
 			goto skip;
 #ifdef SKEY
-		if (skey_haskey(pw->pw_name) == 0 &&
+		if (skeyverify (&sk, passwd) == 0) {
 		   (skey_passcheck(pw->pw_name, passwd) != -1)) {
 			rval = 0;
 			goto skip;
 		} else if(!permit_passwd) {
 			rval = 1;
 			goto skip;
 		}
 #endif
 		/* the strcmp does not catch null passwords! */