diff options
Diffstat (limited to 'libexec/ftpd')
| -rw-r--r-- | libexec/ftpd/Makefile | 9 | ||||
| -rw-r--r-- | libexec/ftpd/ftpd.c | 20 | ||||
| -rw-r--r-- | libexec/ftpd/skey-stuff.c | 23 |
3 files changed, 49 insertions, 3 deletions
diff --git a/libexec/ftpd/Makefile b/libexec/ftpd/Makefile index fe7ffd1a2c09..53cef2613b24 100644 --- a/libexec/ftpd/Makefile +++ b/libexec/ftpd/Makefile @@ -2,16 +2,19 @@ PROG= ftpd -CFLAGS+=-I${.CURDIR}/../../usr.bin/ftp -DSETPROCTITLE -SRCS= ftpd.c ftpcmd.c glob.c logwtmp.c popen.c vers.c +CFLAGS+=-I${.CURDIR}/../../usr.bin/ftp \ + -DSETPROCTITLE -DSKEY +SRCS= ftpd.c ftpcmd.c glob.c logwtmp.c popen.c vers.c skey-stuff.c MAN8= ftpd.8 CLEANFILES+=ftpcmd.c y.tab.h .PATH: ${.CURDIR}/../../usr.bin/ftp +DPADD+= /usr/lib/libskey.a +LDADD+= -lskey + .if exists(/usr/lib/libcrypt.a) DPADD+= ${LIBCRYPT} LDADD+= -lcrypt .endif - .include <bsd.prog.mk> diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 2638e8dd8b71..701d2a29a839 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -144,6 +144,11 @@ char *LastArgv = NULL; /* end of argv */ char proctitle[BUFSIZ]; /* initial part of title */ #endif /* SETPROCTITLE */ +#ifdef SKEY +int pwok = 0; +char *skey_challenge(); +char *skey_crypt(); +#endif main(argc, argv, envp) int argc; char *argv[]; @@ -151,6 +156,9 @@ main(argc, argv, envp) { int addrlen, on = 1, tos; char *cp; +#ifdef SKEY + char addr_string[20]; /* XXX */ +#endif /* * LOG_NDELAY sets up the logging connection immediately, @@ -162,6 +170,10 @@ main(argc, argv, envp) syslog(LOG_ERR, "getpeername (%s): %m",argv[0]); exit(1); } +#ifdef SKEY + strcpy(addr_string, inet_ntoa(his_addr.sin_addr)); + pwok = authfile(addr_string); +#endif addrlen = sizeof (ctrl_addr); if (getsockname(0, (struct sockaddr *)&ctrl_addr, &addrlen) < 0) { syslog(LOG_ERR, "getsockname (%s): %m",argv[0]); @@ -384,7 +396,11 @@ user(name) return; } } +#ifdef SKEY + reply(331, "%s", skey_challenge(name, pw, pwok)); +#else reply(331, "Password required for %s.", name); +#endif askpasswd = 1; /* * Delay before reading passwd after first failed @@ -448,7 +464,11 @@ pass(passwd) salt = "xx"; else salt = pw->pw_passwd; +#ifdef SKEY + xpasswd = skey_crypt(passwd, salt, pw, pwok); +#else xpasswd = crypt(passwd, salt); +#endif /* The strcmp does not catch null passwords! */ if (pw == NULL || *pw->pw_passwd == '\0' || strcmp(xpasswd, pw->pw_passwd)) { diff --git a/libexec/ftpd/skey-stuff.c b/libexec/ftpd/skey-stuff.c new file mode 100644 index 000000000000..fdec650bcef0 --- /dev/null +++ b/libexec/ftpd/skey-stuff.c @@ -0,0 +1,23 @@ +/* Author: Wietse Venema, Eindhoven University of Technology. */ + +#include <stdio.h> +#include <pwd.h> + +#include <skey.h> + +/* skey_challenge - additional password prompt stuff */ + +char *skey_challenge(name, pwd, pwok) +char *name; +struct passwd *pwd; +int pwok; +{ + static char buf[128]; + struct skey skey; + + /* Display s/key challenge where appropriate. */ + + if (pwd == 0 || skeychallenge(&skey, pwd->pw_name, buf) != 0) + sprintf(buf, "Password required for %s.", name); + return (buf); +} |