NetBSD Problem Report #1851
From gnats Tue Dec 19 16:36:53 1995
Received: from scrap.cs.colorado.edu by pain.lcs.mit.edu (8.6.12/8.6.9) with ESMTP id QAA10346 for <gnats-bugs@gnats.netbsd.org>; Tue, 19 Dec 1995 16:19:36 -0500
Message-Id: <199512192118.OAA25052@scrap.cs.colorado.edu>
Date: Tue, 19 Dec 1995 14:18:13 -0700 (MST)
From: millert@cs.colorado.edu
Reply-To: millert@cs.colorado.edu
To: gnats-bugs@gnats.netbsd.org
Cc: millert@cs.colorado.edu
Subject: (Fixed) patch to add "zero" functionality to skeyinit
X-Send-Pr-Version: 3.95
>Number: 1851
>Category: security
>Synopsis: Patch that adds ability to zero out a user's skey key
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: security-officer
>State: closed
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Tue Dec 19 16:50:02 +0000 1995
>Closed-Date: Tue May 18 08:50:25 +0000 1999
>Last-Modified: Tue May 18 08:51:04 +0000 1999
>Originator: Todd C. Miller
>Release: NetBSD-current as of 12/17/95
>Organization:
Todd C. Miller Sysadmin--University of Colorado Todd.Miller@cs.colorado.edu
>Environment:
System: NetBSD scrap.cs.colorado.edu 1.1A NetBSD 1.1A (PEECEE) #1: Mon Dec 18 15:09:44 MST 1995 millert@scrap.cs.colorado.edu:/usr/src/sys/arch/i386/compile/PEECEE i386
libskey.a
skeyinit
>Description:
There is no way to remove a key from the skeykeys database
without editing the file directly. The enclosed patch adds
a "-z" (zero) flag to skeyinit allowing users to zero out
their keys (it actually just comments out the entries).
The prevous patch I sent in did the wrong thing if the
user had no entry in /etc/skeykeys. Please disregard the
older patch.
>How-To-Repeat:
n/a
>Fix:
*** src/usr.bin/skeyinit/skeyinit.1.DIST Fri Oct 13 21:24:50 1995
--- src/usr.bin/skeyinit/skeyinit.1 Tue Dec 19 13:44:20 1995
***************
*** 10,15 ****
--- 10,16 ----
.Sh SYNOPSIS
.Nm skeyinit
.Op Fl s
+ .Op Fl z
.Op Ar user
.Sh DESCRIPTION
.Nm skeyinit
***************
*** 28,33 ****
--- 29,36 ----
in another window to generate the correct 6 english words
for that count and seed.
You can then "cut-and-paste" or type the words into the skeyinit window.
+ .It Fl z
+ allows the user to zero their S/Key entry.
.It Ar user
the username to be changed/added. By default the current user is
operated on.
*** src/usr.bin/skeyinit/skeyinit.c.DIST Fri Oct 13 21:24:51 1995
--- src/usr.bin/skeyinit/skeyinit.c Tue Dec 19 14:11:16 1995
***************
*** 29,41 ****
#define NAMELEN 2
int skeylookup __ARGS((struct skey * mp, char *name));
int
main(argc, argv)
int argc;
char *argv[];
{
! int rval, n, nn, i, defaultsetup, l;
time_t now;
char hostname[MAXHOSTNAMELEN];
char seed[18], tmp[80], key[8], defaultseed[17];
--- 29,42 ----
#define NAMELEN 2
int skeylookup __ARGS((struct skey * mp, char *name));
+ int skeyzero __ARGS((struct skey * mp, char *name));
int
main(argc, argv)
int argc;
char *argv[];
{
! int rval, n, nn, i, defaultsetup, l, zerokey = 0;
time_t now;
char hostname[MAXHOSTNAMELEN];
char seed[18], tmp[80], key[8], defaultseed[17];
***************
*** 63,76 ****
err(1, "Who are you?");
defaultsetup = 1;
! if (argc > 1) {
! if (strcmp("-s", argv[1]) == 0)
defaultsetup = 0;
! else
! pp = getpwnam(argv[1]);
!
! if (argc > 2)
! pp = getpwnam(argv[2]);
}
if (pp == NULL) {
err(1, "User unknown");
--- 64,78 ----
err(1, "Who are you?");
defaultsetup = 1;
! for (i=1; i < argc; i++) {
! if (strcmp("-s", argv[i]) == 0)
defaultsetup = 0;
! else if (strcmp("-z", argv[i]) == 0)
! zerokey = 1;
! else {
! pp = getpwnam(argv[i]);
! break;
! }
}
if (pp == NULL) {
err(1, "User unknown");
***************
*** 104,109 ****
--- 106,115 ----
case -1:
err(1, "cannot open database");
case 0:
+ /* comment out user if asked to */
+ if (zerokey)
+ exit(skeyzero(&skey, pp->pw_name));
+
printf("[Updating %s]\n", pp->pw_name);
printf("Old key: %s\n", skey.seed);
***************
*** 127,132 ****
--- 133,142 ----
}
break;
case 1:
+ if (zerokey) {
+ printf("You have no entry to zero.\n");
+ exit(1);
+ }
printf("[Adding %s]\n", pp->pw_name);
break;
}
*** src/lib/libskey/skeylogin.c.DIST Fri Oct 13 19:03:42 1995
--- src/lib/libskey/skeylogin.c Mon Dec 18 22:39:20 1995
***************
*** 364,366 ****
--- 364,394 ----
}
return -1;
}
+
+ /* Comment out user's entry in the s/key database
+ *
+ * Return codes:
+ * -1: Write error; database unchanged
+ * 0: Database updated
+ *
+ * The database file is always closed by this call.
+ */
+ int
+ skeyzero(mp,response)
+ struct skey *mp;
+ char *response;
+ {
+ /*
+ * Seek to the right place and write comment character
+ * which effectively zero's out the entry.
+ */
+ fseek(mp->keyfile,mp->recstart,0);
+ if (fputc('#', mp->keyfile) == EOF) {
+ fclose(mp->keyfile);
+ return -1;
+ }
+
+ fclose(mp->keyfile);
+
+ return 0;
+ }
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: misc-bug-people->security-officer
Responsible-Changed-By: fair
Responsible-Changed-When: Thu Jan 14 01:15:08 PST 1999
Responsible-Changed-Why:
This is not really a miscellaneous bug.
State-Changed-From-To: open->feedback
State-Changed-By: fair
State-Changed-When: Mon Mar 15 19:18:00 PST 1999
State-Changed-Why:
examination of the supplied patch suggests that this will actually zap the
first character of the user's record in the skeykeys file; I don't think
that's the right thing to do. Ideally, that character should be inserted in
a stream copy operation. Since this patch has not been acted upon in the
four years that it's been in the PR database, it will be closed unless there
is sufficient feedback to warrant pursuing this within 30 days.
State-Changed-From-To: feedback->closed
State-Changed-By: fair
State-Changed-When: Tue May 18 01:50:25 PDT 1999
State-Changed-Why:
As promised - closed for lack of feedback within the last 60 days.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.