NetBSD Problem Report #15736
Received: (qmail 3544 invoked from network); 26 Feb 2002 00:33:56 -0000
Message-Id: <20020226003442.9F50F11110@www.netbsd.org>
Date: Mon, 25 Feb 2002 16:34:42 -0800 (PST)
From: vkhr@rawsocket.net
Sender: nobody@netbsd.org
Reply-To: vkhr@rawsocket.net
To: gnats-bugs@gnats.netbsd.org
Subject: Patch for skeyinit(1) extending command line features.
X-Send-Pr-Version: www-1.0
>Number: 15736
>Category: security
>Synopsis: Patch for skeyinit(1) extending command line features.
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: security-officer
>State: closed
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Tue Feb 26 00:35:01 +0000 2002
>Closed-Date: Sun Sep 18 21:53:03 +0000 2005
>Last-Modified: Fri Apr 28 21:29:03 +0000 2006
>Originator: V. Hari
>Release: 1.5ZA
>Organization:
>Environment:
NetBSD burnt.rawsocket.net 1.5ZA NetBSD 1.5ZA (BURNT) #3: Fri Feb 22 19:01:37 EST 2002 root@burnt.rawsocket.net:/usr/src/sys/arch/i386/compile/BURNT i386
>Description:
I found it convenient to have passwords and secret passwords entered over the command-line rather than having skeyinit(1) prompt for them. It's handy just for general usage, and especially for scripting.
>How-To-Repeat:
Use skeyinit(1).
>Fix:
*** skeyinit.c~ Mon Feb 25 17:58:26 2002
--- skeyinit.c Mon Feb 25 17:59:02 2002
***************
*** 10,15 ****
--- 10,16 ----
*
* Modifications:
* Todd C. Miller <Todd.Miller@courtesan.com>
+ * vkhr <vkhr@rawsocket.net>
*
* S/KEY initialization and seed update
*/
***************
*** 52,57 ****
--- 53,59 ----
struct passwd *pp;
struct tm *tm;
int c;
+ unsigned char argpass=0, argkey=0;
if (geteuid() != 0)
errx(1, "must be setuid root.");
***************
*** 86,92 ****
err(1, "Who are you?");
salt = pp->pw_passwd;
! while((c = getopt(argc, argv, "n:t:sxz")) != -1) {
switch(c) {
case 'n':
n = atoi(optarg);
--- 88,94 ----
err(1, "Who are you?");
salt = pp->pw_passwd;
! while((c = getopt(argc, argv, "n:t:p:k:sxz")) != -1) {
switch(c) {
case 'n':
n = atoi(optarg);
***************
*** 107,114 ****
case 'z':
zerokey = 1;
break;
default:
! err(1, "Usage: %s [-n count] [-t md4|md5|sha1] [-s] [-x] [-z] [user]\n", argv[0]);
}
}
--- 109,126 ----
case 'z':
zerokey = 1;
break;
+ case 'p':
+ argpass = 1;
+ pw=malloc(SKEY_MAX_PW_LEN+2);
+ strncpy(pw,optarg,sizeof(SKEY_MAX_PW_LEN));
+ break;
+ case 'k':
+ argkey = 1;
+ strncpy(passwd,optarg,sizeof(passwd));
+ strncpy(passwd2,optarg,sizeof(passwd2));
+ break;
default:
! err(1, "Usage: %s [-n count] [-t md4|md5|sha1] [-s] [-x] [-z] [-p password] [-k secret] [user]\n", argv[0]);
}
}
***************
*** 126,132 ****
}
if (getuid() != 0) {
! pw = getpass("Password:");
p = crypt(pw, salt);
if (strcmp(p, pp->pw_passwd)) {
--- 138,145 ----
}
if (getuid() != 0) {
! if(!argpass)
! pw = getpass("Password:");
p = crypt(pw, salt);
if (strcmp(p, pp->pw_passwd)) {
***************
*** 255,264 ****
if (i >= 2)
exit(1);
! printf("Enter secret password: ");
! readpass(passwd, sizeof(passwd));
! if (passwd[0] == '\0')
! exit(1);
if (strlen(passwd) < SKEY_MIN_PW_LEN) {
(void)fprintf(stderr,
--- 268,279 ----
if (i >= 2)
exit(1);
! if(!argkey) {
! printf("Enter secret password: ");
! readpass(passwd, sizeof(passwd));
! if (passwd[0] == '\0')
! exit(1);
! }
if (strlen(passwd) < SKEY_MIN_PW_LEN) {
(void)fprintf(stderr,
***************
*** 275,284 ****
continue;
}
#endif
! printf("Again secret password: ");
! readpass(passwd2, sizeof(passwd));
! if (passwd2[0] == '\0')
! exit(1);
if (strcmp(passwd, passwd2) == 0)
break;
--- 290,301 ----
continue;
}
#endif
! if(!argkey) {
! printf("Again secret password: ");
! readpass(passwd2, sizeof(passwd));
! if (passwd2[0] == '\0')
! exit(1);
! }
if (strcmp(passwd, passwd2) == 0)
break;
>Release-Note:
>Audit-Trail:
From: Elad Efrat <elad@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: PR/15736 CVS commit: src/usr.bin/skeyinit
Date: Sun, 18 Sep 2005 21:50:20 +0000 (UTC)
Module Name: src
Committed By: elad
Date: Sun Sep 18 21:50:20 UTC 2005
Modified Files:
src/usr.bin/skeyinit: skeyinit.c
Log Message:
Add -k key and -p password.
Slightly modified diff from V. Hari.
PR/15736.
To generate a diff of this commit:
cvs rdiff -r1.24 -r1.25 src/usr.bin/skeyinit/skeyinit.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: elad@netbsd.org
State-Changed-When: Sun, 18 Sep 2005 21:53:03 +0000
State-Changed-Why:
Added -k key and -p password based on a slightly modified patch.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.