Reviewed by: guido

Submitted by:	Wietse Venema <wietse@wzv.win.tue.nl>

Sometimes skey logins just fails due to a premature closing of the
keyfile.

lib/libskey/skey_crypt.c

@@ -20,7 +20,7 @@ int     pwok;
 
     /* Try s/key authentication even when the UNIX password is permitted. */
 
-    if (pwd != 0 && skeylookup(&skey, pwd->pw_name) == 0
+    if (pwd != 0 && skeyinfo(&skey, pwd->pw_name, (char *) 0) == 0
 	&& skeyverify(&skey, pp) == 0) {
 	/* s/key authentication succeeded */
 	return (pwd->pw_passwd);

lib/libskey/skey_getpass.c

@@ -16,7 +16,7 @@ int     pwok;
     int     sflag;
 
     /* Attempt an s/key challenge. */
-    sflag = skeychallenge(&skey, username, buf);
+    sflag = skeyinfo(&skey, username, buf);
     if (!sflag)
 	printf("%s\n", buf);
 

lib/libskey/skeyaccess.c

@@ -69,6 +69,10 @@ static struct in_addr *lookup_internet_addr();
 #define PERMIT		1
 #define DENY		0
 
+#ifndef CONSOLE
+#define CONSOLE		"console"
+#endif
+
 struct login_info {
     char   *host_name;			/* host name */
     struct in_addr *internet_addr;	/* null terminated list */
@@ -163,7 +167,7 @@ struct login_info *login_info;
     int     permission;
 
 #ifdef PERMIT_CONSOLE
-    if (login_info->port != 0 && strcasecmp(login_info->port, "console") == 0)
+    if (login_info->port != 0 && strcasecmp(login_info->port, CONSOLE) == 0)
 	return (1);
 #endif
 

lib/libskey/skeylogin.c

@@ -26,29 +26,30 @@ int skeylookup __P((struct skey *mp,char *name));
 
 #define setpriority(x,y,z)	/* nothing */
 
-/* Issue a skey challenge for user 'name'. If successful,
- * fill in the caller's skey structure and return 0. If unsuccessful
- * (e.g., if name is unknown) return -1.
+/* Look up skey info for user 'name'. If successful, fill in the caller's
+ * skey structure and return 0. If unsuccessful (e.g., if name is unknown)
+ * return -1. If an optional challenge string buffer is given, update it.
  *
  * The file read/write pointer is left at the start of the
  * record.
  */
 int
-getskeyprompt(mp,name,prompt)
+skeyinfo(mp,name,ss)
 struct skey *mp;
 char *name;
-char *prompt;
+char *ss;
 {
 	int rval;
 
-	sevenbit(name);
 	rval = skeylookup(mp,name);
-	strcpy(prompt,"s/key 55 latour1\n");
 	switch(rval){
 	case -1:	/* File error */
 		return -1;
-	case 0:		/* Lookup succeeded, return challenge */
-		sprintf(prompt,"s/key %d %s\n",mp->n - 1,mp->seed);
+	case 0:		/* Lookup succeeded */
+		if (ss != 0) {
+			sprintf(ss, "s/key %d %s",mp->n - 1,mp->seed);
+			fclose(mp->keyfile);
+		}
 		return 0;
 	case 1:		/* User not found */
 		fclose(mp->keyfile);
@@ -173,7 +174,6 @@ char *response;
 {
  struct timeval startval;
  struct timeval endval;
-long microsec;
 	char key[8];
 	char fkey[8];
 	char filekey[8];
@@ -211,9 +211,6 @@ long microsec;
 	*/
 
 	setpriority(PRIO_PROCESS, 0, -4);
-/*
-  gettimeofday(&startval, (char *)0 );
-*/
 
 	/* reread the file record NOW*/
 
@@ -256,12 +253,6 @@ long microsec;
 	fseek(mp->keyfile,mp->recstart,0);
 	fprintf(mp->keyfile,"%s %04d %-16s %s %-21s\n",mp->logname,mp->n,mp->seed,
 	 mp->val, tbuf);
-/*
-gettimeofday(&endval, (char *)0 );
- microsec = (endval.tv_sec - startval.tv_sec) * 1000000 + (endval.tv_usec - startval.tv_usec);
-fprintf(stderr, "window= %d micro seconds \n"  , microsec);
-*/
-
 
 	fclose(mp->keyfile);
 

lib/libskey/skeysubr.c

@@ -1,20 +1,15 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef	__MSDOS__
-#include <dos.h>
-#endif
-#ifdef unix
 #include <fcntl.h>
 #include <termios.h>
 #include <signal.h>
-#endif
 
 #include "skey.h"
 #include "mdx.h"
 
 /* Crunch a key:
- * concatenate the seed and the password, run through MD4 and
+ * concatenate the seed and the password, run through MDX and
  * collapse to 64 bits. This is defined as the user's starting key.
  */
 int
@@ -64,7 +59,6 @@ char *x;
 	results[0] ^= results[2];
 	results[1] ^= results[3];
 
-	/* Only works on byte-addressed little-endian machines!! */
 	memcpy(x,(char *)results,8);
 }
 
@@ -73,36 +67,13 @@ void
 rip(buf)
 char *buf;
 {
-	char *cp;
-
-	if((cp = strchr(buf,'\r')) != NULL)
-		*cp = '\0';
-
-	if((cp = strchr(buf,'\n')) != NULL)
-		*cp = '\0';
+	buf[strcspn(buf, "\r\n")] = 0;
 }
-/************************/
-#ifdef	__MSDOS__
-char *
-readpass(buf,n)
-char *buf;
-int n;
-{
-	int i;
-	char *cp;
 
-	for(cp=buf,i = 0; i < n ; i++)
-		if ((*cp++ = bdos(7,0,0)) == '\r')
-			break;
-	*cp = '\0';
-	printf("\n");
-	rip(buf);
-	return buf;
-}
-#else
 static struct termios saved_ttymode;
 
-static void interrupt()
+static void interrupt(sig)
+int sig;
 {
 	tcsetattr(0, TCSANOW, &saved_ttymode);
 	exit(1);
@@ -147,14 +118,12 @@ int n;
 	return buf;
 }
 
-#endif
-
 sevenbit(s)
 char *s;
 {
 	/* make sure there are only 7 bit code in the line*/
 	while(*s){
-		*s = 0x7f & ( *s);
+		*s &= 0x7f;
 		s++;
 	}
 }