From owner-freebsd-bugs Sun Dec 23 17: 0: 7 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D507037B419 for ; Sun, 23 Dec 2001 17:00:00 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id fBO100Z83173; Sun, 23 Dec 2001 17:00:00 -0800 (PST) (envelope-from gnats) Received: from raven.robbins.dropbear.id.au (030.c.010.mel.iprimus.net.au [210.50.202.30]) by hub.freebsd.org (Postfix) with ESMTP id 3081037B416 for ; Sun, 23 Dec 2001 16:50:30 -0800 (PST) Received: (from tim@localhost) by raven.robbins.dropbear.id.au (8.11.6/8.11.6) id fBO0kpM20550; Mon, 24 Dec 2001 11:46:51 +1100 (EST) (envelope-from tim) Message-Id: <200112240046.fBO0kpM20550@raven.robbins.dropbear.id.au> Date: Mon, 24 Dec 2001 11:46:51 +1100 (EST) From: "Tim J. Robbins" Reply-To: "Tim J. Robbins" To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: bin/33133: keyinit outputs wrong next login password Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 33133 >Category: bin >Synopsis: keyinit outputs wrong next login password >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Dec 23 17:00:00 PST 2001 >Closed-Date: >Last-Modified: >Originator: Tim J. Robbins >Release: FreeBSD 4.4-STABLE i386 >Organization: >Environment: System: FreeBSD raven.robbins.dropbear.id.au 4.4-STABLE FreeBSD 4.4-STABLE #1: Thu Dec 20 19:34:48 EST 2001 root@raven.robbins.dropbear.id.au:/usr/obj/usr/src/sys/RAVEN i386 >Description: Bug is same as OpenBSD PR number 2050 (reported 4 months ago, still not fixed). http://cvs.openbsd.org/cgi-bin/wwwgnats.pl/full/2050 >How-To-Repeat: Setting up skey on an account for the first item, keyinit from 4.4-STABLE: $ keyinit Adding tim: Reminder - Only use this method if you are directly connected. If you are using telnet or rlogin exit with no password and use keyinit -s. Enter secret password: Again secret password: ID tim s/key is 99 ra54494 RAP PAT WOLF HILL MIST SILO Telnet'ing in: FreeBSD/i386 (raven.robbins.dropbear.id.au) (ttyp3) login: tim s/key 98 ra54494 Password: RAP PAT WOLF HILL MIST SILO Login incorrect login: Setting up skey on an account for the first time, patched keyinit: $ keyinit.new Adding tim: Reminder - Only use this method if you are directly connected. If you are using telnet or rlogin exit with no password and use keyinit -s. Enter secret password: Again secret password: ID tim s/key is 99 ra54671 TILL MITT GUS RON LONE TUG FreeBSD/i386 (raven.robbins.dropbear.id.au) (ttyp3) login: tim s/key 99 ra54671 Password: TILL MITT GUS RON LONE TUG Last login: Mon Dec 24 11:42:22 from localhost Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.4-STABLE (RAVEN) #1: Thu Dec 20 19:34:48 EST 2001 You have new mail. $ Why has nobody noticed this flaw before? >Fix: --- skeyinit.c.old Mon Dec 24 11:31:47 2001 +++ skeyinit.c Mon Dec 24 11:37:56 2001 @@ -176,15 +176,19 @@ if (skey.val == NULL) skey.val = (char *) malloc(16+1); - - btoa8(skey.val,key); - fprintf(skey.keyfile,"%s %04d %-16s %s %-21s\n",pp->pw_name,n, - seed,skey.val, tbuf); - fclose(skey.keyfile); printf("\nID %s s/key is %d %s\n",pp->pw_name,n,seed); printf("%s\n",btoe(buf,key)); #ifdef HEXIN printf("%s\n",put8(buf,key)); #endif + + /* XXX Because skeylogin uses n-1 */ + f(key); + n++; + + btoa8(skey.val,key); + fprintf(skey.keyfile,"%s %04d %-16s %s %-21s\n",pp->pw_name,n, + seed,skey.val, tbuf); + fclose(skey.keyfile); return 0; } >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message