From 79e290c37ead164c43015ea00e1d79d42def84a3 Mon Sep 17 00:00:00 2001 From: Assar Westerlund Date: Sat, 16 Nov 1996 18:38:00 +0000 Subject: [PATCH] removed skey and added otp git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@985 ec53bebd-3082-4978-b11e-865c3cabbd6b --- appl/popper/Makefile.in | 6 +++--- appl/popper/pop_pass.c | 21 +++++++++------------ appl/popper/pop_user.c | 24 +++++++++--------------- appl/popper/popper.h | 10 +++------- 4 files changed, 24 insertions(+), 37 deletions(-) diff --git a/appl/popper/Makefile.in b/appl/popper/Makefile.in index 500ee059e..6b7da1d85 100644 --- a/appl/popper/Makefile.in +++ b/appl/popper/Makefile.in @@ -9,11 +9,10 @@ CC = @CC@ AR = ar RANLIB = @RANLIB@ DEFS = @DEFS@ -CFLAGS = @CFLAGS@ @SKEYINCLUDE@ +CFLAGS = @CFLAGS@ LD_FLAGS = @LD_FLAGS@ INSTALL = @INSTALL@ LIBS = @LIBS@ -SKEYLIB = @SKEYLIB@ MKINSTALLDIRS = @top_srcdir@/mkinstalldirs prefix = @prefix@ @@ -76,8 +75,9 @@ dist: $(DISTFILES) done KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes -L../../lib/roken -lroken +OTPLIB=-L../../lib/otp -lotp popper: $(OBJECTS) - $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS) $(KLIB) $(LIBS) $(SKEYLIB) + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS) $(OTPLIB) $(KLIB) $(LIBS) $(OBJECTS): ../../config.h diff --git a/appl/popper/pop_pass.c b/appl/popper/pop_pass.c index c2f08fb01..d43e0e1cb 100644 --- a/appl/popper/pop_pass.c +++ b/appl/popper/pop_pass.c @@ -51,22 +51,19 @@ pop_pass (POP *p) sprintf (tkt, TKT_ROOT "_popper.%d", (int)getpid()); krb_set_tkt_string (tkt); -#ifdef SKEY - if (skeyverify (&p->sk, p->pop_parm[1]) == 0) + if (otp_verify_user (&p->otp_ctx, p->pop_parm[1]) == 0) ; - else if(!p->permit_passwd) + else if(p->no_passwd) return pop_msg(p, POP_FAILURE, "Password supplied for \"%s\" is incorrect.", p->user); - else -#endif - - if (krb_verify_user(p->user, "", lrealm, p->pop_parm[1], 1, "pop") && - unix_verify_user(p->user, p->pop_parm[1])) { - dest_tkt (); - return (pop_msg(p,POP_FAILURE, - "Password supplied for \"%s\" is incorrect.", - p->user)); + else if (krb_verify_user(p->user, "", lrealm, p->pop_parm[1], + 1, "pop") && + unix_verify_user(p->user, p->pop_parm[1])) { + dest_tkt (); + return (pop_msg(p,POP_FAILURE, + "Password supplied for \"%s\" is incorrect.", + p->user)); } dest_tkt (); } else { diff --git a/appl/popper/pop_user.c b/appl/popper/pop_user.c index ae746f8fa..eaf149f67 100644 --- a/appl/popper/pop_user.c +++ b/appl/popper/pop_user.c @@ -14,23 +14,17 @@ RCSID("$Id$"); int pop_user (POP *p) { -#ifdef SKEY - char ss[256], msg[256]; -#endif + char ss[256]; - /* Save the user name */ strcpy(p->user, p->pop_parm[1]); -#ifdef SKEY - p->permit_passwd = skeyaccess(k_getpwnam (p->user), NULL, - p->client, NULL); - if (skeychallenge (&p->sk, p->user, ss) == 0) { - return pop_msg(p, POP_SUCCESS, "Password [%s] required for %s.", + if (otp_challenge (&p->otp_ctx, p->user, ss, sizeof(ss)) == 0) { + return pop_msg(p, POP_SUCCESS, "Password %s required for %s.", ss, p->user); - } else if (!p->permit_passwd) - return pop_msg(p, POP_FAILURE, "Access unauthorized for %s.", - p->user); -#endif - /* Tell the user that the password is required */ - return pop_msg(p, POP_SUCCESS, "Password required for %s.", p->user); + } else if (p->no_passwd) { + char *s = otp_error(&p->otp_ctx); + return pop_msg(p, POP_FAILURE, "Permission denied%s%s", + s ? ":" : "", s); + } else + return pop_msg(p, POP_SUCCESS, "Password required for %s.", p->user); } diff --git a/appl/popper/popper.h b/appl/popper/popper.h index bbf90e072..5711e1ef1 100644 --- a/appl/popper/popper.h +++ b/appl/popper/popper.h @@ -122,9 +122,7 @@ #include #endif -#if defined(SKEY) -#include -#endif +#include #if defined(KRB4_MAILDIR) #define POP_MAILDIR KRB4_MAILDIR @@ -232,10 +230,8 @@ typedef struct { /* POP parameter block */ #ifdef KERBEROS AUTH_DAT kdata; #endif -#ifdef SKEY - struct skey sk; /* Skey state */ - int permit_passwd; /* allow cleartext pwd? */ -#endif + int no_passwd; /* Dont allow cleartext */ + OtpContext otp_ctx; /* OTP context */ } POP; typedef struct { /* State information for