=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/skeyinit/skeyinit.c,v retrieving revision 1.59 retrieving revision 1.60 diff -c -r1.59 -r1.60 *** src/usr.bin/skeyinit/skeyinit.c 2015/10/03 13:10:47 1.59 --- src/usr.bin/skeyinit/skeyinit.c 2015/10/06 15:09:08 1.60 *************** *** 1,4 **** ! /* $OpenBSD: skeyinit.c,v 1.59 2015/10/03 13:10:47 tim Exp $ */ /* OpenBSD S/Key (skeyinit.c) * --- 1,4 ---- ! /* $OpenBSD: skeyinit.c,v 1.60 2015/10/06 15:09:08 tim Exp $ */ /* OpenBSD S/Key (skeyinit.c) * *************** *** 41,53 **** void usage(void); void secure_mode(int *, char *, char *, size_t, char *, size_t); void normal_mode(char *, int, char *, char *); - void convert_db(void); void enable_db(int); int main(int argc, char **argv) { ! int rval, i, l, n, defaultsetup, rmkey, hexmode, enable, convert; char hostname[HOST_NAME_MAX+1]; char seed[SKEY_MAX_SEED_LEN + 1]; char buf[256], key[SKEY_BINKEY_SIZE], filename[PATH_MAX], *ht; --- 41,52 ---- void usage(void); void secure_mode(int *, char *, char *, size_t, char *, size_t); void normal_mode(char *, int, char *, char *); void enable_db(int); int main(int argc, char **argv) { ! int rval, i, l, n, defaultsetup, rmkey, hexmode, enable; char hostname[HOST_NAME_MAX+1]; char seed[SKEY_MAX_SEED_LEN + 1]; char buf[256], key[SKEY_BINKEY_SIZE], filename[PATH_MAX], *ht; *************** *** 56,62 **** struct skey skey; struct passwd *pp; ! n = rmkey = hexmode = enable = convert = 0; defaultsetup = 1; ht = auth_type = NULL; --- 55,61 ---- struct skey skey; struct passwd *pp; ! n = rmkey = hexmode = enable = 0; defaultsetup = 1; ht = auth_type = NULL; *************** *** 106,114 **** errx(1, "count must be > 0 and < %d", SKEY_MAX_SEQ); break; - case 'C': - convert = 1; - break; case 'D': enable = -1; break; --- 105,110 ---- *************** *** 130,145 **** argv += i; argc -= i; ! if (argc > 1 || (enable && convert) || (enable && argc) || ! (convert && argc)) usage(); ! /* Handle -C, -D, and -E */ ! if (convert || enable) { ! if (convert) ! convert_db(); ! else ! enable_db(enable); exit(0); } --- 126,137 ---- argv += i; argc -= i; ! if (argc > 1 || (enable && argc)) usage(); ! /* Handle -D and -E */ ! if (enable) { ! enable_db(enable); exit(0); } *************** *** 477,558 **** } } - #define _PATH_SKEYKEYS "/etc/skeykeys" void - convert_db(void) - { - struct passwd *pp; - uid_t uid; - FILE *keyfile; - FILE *newfile; - char buf[256], *logname, *hashtype, *seed, *val, *cp; - char filename[PATH_MAX]; - const char *errstr; - int fd, n; - - if ((keyfile = fopen(_PATH_SKEYKEYS, "r")) == NULL) - err(1, "can't open %s", _PATH_SKEYKEYS); - if (flock(fileno(keyfile), LOCK_EX) != 0) - err(1, "can't lock %s", _PATH_SKEYKEYS); - enable_db(1); - - /* - * Loop over each entry in _PATH_SKEYKEYS, creating a file - * in _PATH_SKEYDIR for each one. - */ - while (fgets(buf, sizeof(buf), keyfile) != NULL) { - if (buf[0] == '#') - continue; - if ((logname = strtok(buf, " \t")) == NULL) - continue; - if ((cp = strtok(NULL, " \t")) == NULL) - continue; - if (!isalpha((unsigned char)*cp)) - continue; - hashtype = cp; - if ((cp = strtok(NULL, " \t")) == NULL) - continue; - n = strtonum(cp, 0, SKEY_MAX_SEQ, &errstr); - if (errstr) - continue; - if ((seed = strtok(NULL, " \t")) == NULL) - continue; - if ((val = strtok(NULL, " \t")) == NULL) - continue; - - if ((pp = getpwnam(logname)) != NULL) - uid = pp->pw_uid; - else - uid = 0; - - /* Now write the new-style record. */ - if (snprintf(filename, sizeof(filename), "%s/%s", _PATH_SKEYDIR, - logname) >= sizeof(filename)) { - warnc(ENAMETOOLONG, "%s", logname); - continue; - } - fd = open(filename, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR); - if (fd == -1 || flock(fd, LOCK_EX) != 0 || - (newfile = fdopen(fd, "r+")) == NULL) { - warn("%s", logname); - continue; - } - (void)fprintf(newfile, "%s\n%s\n%04d\n%s\n%s\n", logname, - hashtype, n, seed, val); - (void)fchown(fileno(newfile), uid, -1); - (void)fclose(newfile); - } - printf("%s has been populated. NOTE: %s has *not* been removed.\n" - "It should be removed once you have verified that the new keys " - "work.\n", _PATH_SKEYDIR, _PATH_SKEYKEYS); - } - - void usage(void) { extern char *__progname; ! (void)fprintf(stderr, "usage: %s [-CDErsx] [-a auth-type] [-n count]" "\n\t[-md5 | -rmd160 | -sha1] [user]\n", __progname); exit(1); } --- 469,480 ---- } } void usage(void) { extern char *__progname; ! (void)fprintf(stderr, "usage: %s [-DErsx] [-a auth-type] [-n count]" "\n\t[-md5 | -rmd160 | -sha1] [user]\n", __progname); exit(1); }