1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
SKEY + pw_expire patches
*** pop_pass.c.orig Fri May 24 22:26:25 1996
--- pop_pass.c Tue Dec 10 23:52:23 1996
***************
*** 482,497 ****
POP * p;
struct passwd * pw;
{
/* We don't accept connections from users with null passwords */
/* Compare the supplied password with the password file entry */
! if ((pw->pw_passwd == NULL) || (*pw->pw_passwd == '\0') ||
! strcmp(crypt(p->pop_parm[1], pw->pw_passwd), pw->pw_passwd)) {
! sleep(SLEEP_SECONDS);
! return (pop_msg(p,POP_FAILURE, pwerrmsg, p->user));
}
return(POP_SUCCESS);
}
#endif /* AUTH */
--- 482,530 ----
POP * p;
struct passwd * pw;
{
+ #ifdef SKEY
+ int pass_ok;
+ #endif
+ #if defined(BSD) && (BSD >= 199306)
+ /* Check password change and expire times before granting access */
+ time_t now = time((time_t *) NULL);
+
+ if ((pw->pw_change && now > pw->pw_change) ||
+ (pw->pw_expire && now > pw->pw_expire))
+ goto error;
+ #endif
+
/* We don't accept connections from users with null passwords */
+ if ((pw->pw_passwd == NULL) || (*pw->pw_passwd == '\0'))
+ goto error;
+
/* Compare the supplied password with the password file entry */
+ #ifdef SKEY
+ pass_ok = skeyaccess(p->user, NULL, p->client, p->ipaddr);
+ if (strcmp(skey_crypt(p->pop_parm[1], pw->pw_passwd, pw, pass_ok),
+ pw->pw_passwd)) {
+ static char buf[128];
+ struct skey skey;
! if (skeychallenge(&skey, p->user, buf))
! goto error;
! if (pass_ok)
! sleep(SLEEP_SECONDS);
! return (pop_msg(p,POP_FAILURE,
! "\"%s\" %s%s, password is incorrect.",
! p->user, buf,
! pass_ok ? "" : " (required)"));
}
+ #else
+ if (strcmp(crypt(p->pop_parm[1], pw->pw_passwd), pw->pw_passwd))
+ goto error;
+ #endif
return(POP_SUCCESS);
+
+ error:
+ sleep(SLEEP_SECONDS);
+ return (pop_msg(p,POP_FAILURE, pwerrmsg, p->user));
}
#endif /* AUTH */
*** pop_user.c.orig Sat Mar 29 07:30:36 1997
--- pop_user.c Wed Apr 23 07:03:37 1997
***************
*** 163,168 ****
--- 163,180 ----
}
#endif /* APOP */
+ #ifdef SKEY
+ {
+ static char buf[128];
+ struct skey skey;
+
+ if (!skeychallenge(&skey, p->user, buf))
+ return(pop_msg(p,POP_SUCCESS,"%s%s", buf,
+ skeyaccess(p->user, NULL, p->client, p->ipaddr) ?
+ "" : " (required)"));
+ }
+ #endif
+
/* Tell the user that the password is required */
return (pop_msg(p,POP_SUCCESS,"Password required for %s.",p->user));
}
*** popper.h.orig Thu Nov 20 00:20:39 1997
--- popper.h Thu Nov 20 16:27:10 1997
***************
*** 31,41 ****
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
- # if (defined(BSD) && (BSD >= 199103))
- # define HAVE_UNISTD_H
- # define HAVE_VPRINTF
- # define BIND43
- # endif
#endif
#ifdef BSDI
--- 31,36 ----
***************
*** 308,313 ****
--- 303,311 ----
extern AUTH_DAT kdata;
#endif /* KERBEROS */
+ #if defined(SKEY)
+ #include <skey.h>
+ #endif
#if defined(AUTHFILE)
extern int checkauthfile();
#endif
|
