NetBSD Problem Report #1851

From gnats  Tue Dec 19 16:36:53 1995
Received: from scrap.cs.colorado.edu by pain.lcs.mit.edu (8.6.12/8.6.9) with ESMTP id QAA10346 for <gnats-bugs@gnats.netbsd.org>; Tue, 19 Dec 1995 16:19:36 -0500
Message-Id: <199512192118.OAA25052@scrap.cs.colorado.edu>
Date: Tue, 19 Dec 1995 14:18:13 -0700 (MST)
From: millert@cs.colorado.edu
Reply-To: millert@cs.colorado.edu
To: gnats-bugs@gnats.netbsd.org
Cc: millert@cs.colorado.edu
Subject: (Fixed) patch to add "zero" functionality to skeyinit
X-Send-Pr-Version: 3.95

>Number:         1851
>Category:       security
>Synopsis:       Patch that adds ability to zero out a user's skey key
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    security-officer
>State:          closed
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Dec 19 16:50:02 +0000 1995
>Closed-Date:    Tue May 18 08:50:25 +0000 1999
>Last-Modified:  Tue May 18 08:51:04 +0000 1999
>Originator:     Todd C. Miller
>Release:        NetBSD-current as of 12/17/95
>Organization:
Todd C. Miller   Sysadmin--University of Colorado   Todd.Miller@cs.colorado.edu
>Environment:
System: NetBSD scrap.cs.colorado.edu 1.1A NetBSD 1.1A (PEECEE) #1: Mon Dec 18 15:09:44 MST 1995 millert@scrap.cs.colorado.edu:/usr/src/sys/arch/i386/compile/PEECEE i386
libskey.a
skeyinit

>Description:
	There is no way to remove a key from the skeykeys database
	without editing the file directly.  The enclosed patch adds
	a "-z" (zero) flag to skeyinit allowing users to zero out
	their keys (it actually just comments out the entries).
	The prevous patch I sent in did the wrong thing if the
	user had no entry in /etc/skeykeys.  Please disregard the
	older patch.
>How-To-Repeat:
	n/a
>Fix:
*** src/usr.bin/skeyinit/skeyinit.1.DIST	Fri Oct 13 21:24:50 1995
--- src/usr.bin/skeyinit/skeyinit.1	Tue Dec 19 13:44:20 1995
***************
*** 10,15 ****
--- 10,16 ----
  .Sh SYNOPSIS
  .Nm skeyinit
  .Op Fl s
+ .Op Fl z
  .Op Ar user
  .Sh DESCRIPTION
  .Nm skeyinit
***************
*** 28,33 ****
--- 29,36 ----
  in another window to generate the correct 6 english words
  for that count and seed.
  You can then "cut-and-paste" or type the words into the skeyinit window.
+ .It Fl z
+ allows the user to zero their S/Key entry.
  .It Ar user
  the username to be changed/added. By default the current user is
  operated on.
*** src/usr.bin/skeyinit/skeyinit.c.DIST	Fri Oct 13 21:24:51 1995
--- src/usr.bin/skeyinit/skeyinit.c	Tue Dec 19 14:11:16 1995
***************
*** 29,41 ****
  #define NAMELEN 2

  int skeylookup __ARGS((struct skey * mp, char *name));

  int
  main(argc, argv)
  	int     argc;
  	char   *argv[];
  {
! 	int     rval, n, nn, i, defaultsetup, l;
  	time_t  now;
  	char	hostname[MAXHOSTNAMELEN];
  	char    seed[18], tmp[80], key[8], defaultseed[17];
--- 29,42 ----
  #define NAMELEN 2

  int skeylookup __ARGS((struct skey * mp, char *name));
+ int skeyzero __ARGS((struct skey * mp, char *name));

  int
  main(argc, argv)
  	int     argc;
  	char   *argv[];
  {
! 	int     rval, n, nn, i, defaultsetup, l, zerokey = 0;
  	time_t  now;
  	char	hostname[MAXHOSTNAMELEN];
  	char    seed[18], tmp[80], key[8], defaultseed[17];
***************
*** 63,76 ****
  		err(1, "Who are you?");

  	defaultsetup = 1;
! 	if (argc > 1) {
! 		if (strcmp("-s", argv[1]) == 0)
  			defaultsetup = 0;
! 		else
! 			pp = getpwnam(argv[1]);
! 
! 		if (argc > 2)
! 			pp = getpwnam(argv[2]);
  	}
  	if (pp == NULL) {
  		err(1, "User unknown");
--- 64,78 ----
  		err(1, "Who are you?");

  	defaultsetup = 1;
! 	for (i=1; i < argc; i++) {
! 		if (strcmp("-s", argv[i]) == 0)
  			defaultsetup = 0;
! 		else if (strcmp("-z", argv[i]) == 0)
! 			zerokey = 1;
! 		else {
! 			pp = getpwnam(argv[i]);
! 			break;
! 		}
  	}
  	if (pp == NULL) {
  		err(1, "User unknown");
***************
*** 104,109 ****
--- 106,115 ----
  	case -1:
  		err(1, "cannot open database");
  	case 0:
+ 		/* comment out user if asked to */
+ 		if (zerokey)
+ 			exit(skeyzero(&skey, pp->pw_name));
+ 
  		printf("[Updating %s]\n", pp->pw_name);
  		printf("Old key: %s\n", skey.seed);

***************
*** 127,132 ****
--- 133,142 ----
  		}
  		break;
  	case 1:
+ 		if (zerokey) {
+ 			printf("You have no entry to zero.\n");
+ 			exit(1);
+ 		}
  		printf("[Adding %s]\n", pp->pw_name);
  		break;
  	}
*** src/lib/libskey/skeylogin.c.DIST	Fri Oct 13 19:03:42 1995
--- src/lib/libskey/skeylogin.c	Mon Dec 18 22:39:20 1995
***************
*** 364,366 ****
--- 364,394 ----
  	}
  	return -1;
  }
+ 
+ /* Comment out user's entry in the s/key database
+  *
+  * Return codes:
+  * -1: Write error; database unchanged
+  *  0:  Database updated
+  *
+  * The database file is always closed by this call.
+  */
+ int
+ skeyzero(mp,response)
+ 	struct skey *mp;
+ 	char *response;
+ {
+ 	/*
+ 	 * Seek to the right place and write comment character
+ 	 * which effectively zero's out the entry.
+ 	 */
+ 	fseek(mp->keyfile,mp->recstart,0);
+ 	if (fputc('#', mp->keyfile) == EOF) {
+ 		fclose(mp->keyfile);
+ 		return -1;
+ 	}
+ 
+ 	fclose(mp->keyfile);
+ 	
+ 	return 0;
+ }
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: misc-bug-people->security-officer 
Responsible-Changed-By: fair 
Responsible-Changed-When: Thu Jan 14 01:15:08 PST 1999 
Responsible-Changed-Why:  
This is not really a miscellaneous bug. 
State-Changed-From-To: open->feedback 
State-Changed-By: fair 
State-Changed-When: Mon Mar 15 19:18:00 PST 1999 
State-Changed-Why:  
examination of the supplied patch suggests that this will actually zap the 
first character of the user's record in the skeykeys file; I don't think 
that's the right thing to do. Ideally, that character should be inserted in 
a stream copy operation. Since this patch has not been acted upon in the 
four years that it's been in the PR database, it will be closed unless there 
is sufficient feedback to warrant pursuing this within 30 days. 
State-Changed-From-To: feedback->closed 
State-Changed-By: fair 
State-Changed-When: Tue May 18 01:50:25 PDT 1999 
State-Changed-Why:  
As promised - closed for lack of feedback within the last 60 days. 
>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.