ftp/wu-ftpd+ipv6/files/patch-aa


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

--- src/ftpd.c.orig	Tue Oct  2 22:21:17 2001
+++ src/ftpd.c	Tue Oct  2 22:21:17 2001
@@ -447,7 +447,6 @@
 #ifdef OPIE
 #include <opie.h>
 int pwok = 0;
-int af_pwok = 0;
 struct opie opiestate;
 #endif
 
@@ -1219,10 +1218,6 @@
 	exit(0);
     }
 
-#ifdef OPIE
-    af_pwok = opieaccessfile(remotehost);
-#endif
-
 #ifdef HAVE_LIBRESOLV
     /* check permitted access based on remote host DNS information */
     if (!check_reverse_dns()) {
@@ -1662,9 +1657,9 @@
     /* Display s/key challenge where appropriate. */
 
     if (pwd == NULL || skeychallenge(&skey, pwd->pw_name, sbuf))
-	sprintf(buf, "Password required for %s.", name);
+	snprintf(buf, 128, "Password required for %s.", name);
     else
-	sprintf(buf, "%s %s for %s.", sbuf,
+	snprintf(buf, 128, "%s %s for %s.", sbuf,
 		pwok ? "allowed" : "required", name);
     return (buf);
 }
@@ -2105,16 +2100,17 @@
 #ifdef OPIE
 	{
 	    char prompt[OPIE_CHALLENGE_MAX + 1];
-	    opiechallenge(&opiestate, name, prompt);
 
-	    if (askpasswd == -1) {
-		syslog(LOG_WARNING, "Invalid FTP user name %s attempted from %s", name, remotehost);
-		pwok = 0;
+	    if (opiechallenge(&opiestate, name, prompt) == 0) {
+		pwok = (pw != NULL) &&
+		       opieaccessfile(remotehost) &&
+		       opiealways(pw->pw_dir);
+		reply(331, "Response to %s %s for %s.",
+		      prompt, pwok ? "requested" : "required", name);
+	    } else {
+		pwok = 1;
+		reply(331, "Password required for %s.", name);
 	    }
-	    else
-		pwok = af_pwok && opiealways(pw->pw_dir);
-	    reply(331, "Response to %s %s for %s.",
-		  prompt, pwok ? "requested" : "required", name);
 	}
 #else
 	reply(331, "Password required for %s.", name);
@@ -2593,8 +2589,8 @@
 	    if (pw == NULL)
 		salt = "xx";
 	    else
-#ifndef OPIE
 		salt = pw->pw_passwd;
+#ifndef OPIE
 #ifdef SECUREOSF
 	    if ((pr = getprpwnam(pw->pw_name)) != NULL) {
 		if (pr->uflg.fg_newcrypt)
@@ -2627,9 +2623,15 @@
 	    xpasswd = crypt(passwd, salt);
 #endif /* SKEY */
 #else /* OPIE */
-	    if (!opieverify(&opiestate, passwd))
-		rval = 0;
-	    xpasswd = crypt(passwd, pw->pw_passwd);
+	    if (pw != NULL) {
+		if (opieverify(&opiestate, passwd) == 0)
+		    xpasswd = pw->pw_passwd;
+		else if (pwok)
+		    xpasswd = crypt(passwd, salt);
+		else
+		    pw = NULL;
+	    }
+	    pwok = 0;
 #endif /* OPIE */
 #ifdef ULTRIX_AUTH
 	    if ((numfails = ultrix_check_pass(passwd, xpasswd)) >= 0) {