1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
SKEY + pw_expire patches
*** pop_pass.c.orig Fri May 24 22:26:25 1996
--- pop_pass.c Tue Dec 10 23:52:23 1996
***************
*** 482,497 ****
POP * p;
struct passwd * pw;
{
/* We don't accept connections from users with null passwords */
/* Compare the supplied password with the password file entry */
! if ((pw->pw_passwd == NULL) || (*pw->pw_passwd == '\0') ||
! strcmp(crypt(p->pop_parm[1], pw->pw_passwd), pw->pw_passwd)) {
! sleep(SLEEP_SECONDS);
! return (pop_msg(p,POP_FAILURE, pwerrmsg, p->user));
}
return(POP_SUCCESS);
}
#endif /* AUTH */
--- 482,530 ----
POP * p;
struct passwd * pw;
{
+ #ifdef SKEY
+ int pass_ok;
+ #endif
+ #if defined(BSD) && (BSD >= 199306)
+ /* Check password change and expire times before granting access */
+ time_t now = time((time_t *) NULL);
+
+ if ((pw->pw_change && now > pw->pw_change) ||
+ (pw->pw_expire && now > pw->pw_expire))
+ goto error;
+ #endif
+
/* We don't accept connections from users with null passwords */
+ if ((pw->pw_passwd == NULL) || (*pw->pw_passwd == '\0'))
+ goto error;
+
/* Compare the supplied password with the password file entry */
+ #ifdef SKEY
+ pass_ok = skeyaccess(p->user, NULL, p->client, p->ipaddr);
+ if (strcmp(skey_crypt(p->pop_parm[1], pw->pw_passwd, pw, pass_ok),
+ pw->pw_passwd)) {
+ static char buf[128];
+ struct skey skey;
! if (skeychallenge(&skey, p->user, buf))
! goto error;
! if (pass_ok)
! sleep(SLEEP_SECONDS);
! return (pop_msg(p,POP_FAILURE,
! "\"%s\" %s%s, password is incorrect.",
! p->user, buf,
! pass_ok ? "" : " (required)"));
}
+ #else
+ if (strcmp(crypt(p->pop_parm[1], pw->pw_passwd), pw->pw_passwd))
+ goto error;
+ #endif
return(POP_SUCCESS);
+
+ error:
+ sleep(SLEEP_SECONDS);
+ return (pop_msg(p,POP_FAILURE, pwerrmsg, p->user));
}
#endif /* AUTH */
*** pop_user.c.orig Sat Mar 29 07:30:36 1997
--- pop_user.c Wed Apr 23 07:03:37 1997
***************
*** 163,168 ****
--- 163,180 ----
}
#endif /* APOP */
+ #ifdef SKEY
+ {
+ static char buf[128];
+ struct skey skey;
+
+ if (!skeychallenge(&skey, p->user, buf))
+ return(pop_msg(p,POP_SUCCESS,"%s%s", buf,
+ skeyaccess(p->user, NULL, p->client, p->ipaddr) ?
+ "" : " (required)"));
+ }
+ #endif
+
/* Tell the user that the password is required */
return (pop_msg(p,POP_SUCCESS,"Password required for %s.",p->user));
}
*** popper.h.orig Tue Apr 1 00:10:18 1997
--- popper.h Wed Apr 23 07:33:12 1997
***************
*** 35,40 ****
--- 35,43 ----
# define HAVE_VSPRINTF
# define BIND43
# endif
+ # if (defined(BSD) && (BSD >= 199306))
+ # define BSD44_DBM
+ # endif
#endif
#ifdef BSDI
***************
*** 114,120 ****
# define POP_MAILDIR "/var/mail"
# define POP_DROP "/var/mail/.%s.pop"
# define POP_TMPDROP "/var/mail/tmpXXXXXX"
! # define POP_TMPXMIT "/var/mail/xmitXXXXXX"
# define MAIL_COMMAND "/usr/sbin/sendmail"
# define OSDONE
#endif
--- 117,123 ----
# define POP_MAILDIR "/var/mail"
# define POP_DROP "/var/mail/.%s.pop"
# define POP_TMPDROP "/var/mail/tmpXXXXXX"
! # define POP_TMPXMIT "/var/tmp/xmitXXXXXX"
# define MAIL_COMMAND "/usr/sbin/sendmail"
# define OSDONE
#endif
***************
*** 353,358 ****
--- 356,364 ----
extern AUTH_DAT kdata;
#endif /* KERBEROS */
+ #if defined(SKEY)
+ #include <skey.h>
+ #endif
#if defined(AUTHFILE)
extern int checkauthfile();
#endif
|
