Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Fetching latest commit…

Cannot retrieve the latest commit at this time

..
Failed to load latest commit information.
README
linux-skey-wuftpd.patch
netmatch.patch
norb.patch
pam_skey.c

README

I am including here patches contributed by Norbert Preining,
<preining@logic.at>. I had to rewrite some code to make it smooth after
Norbert's `verbose' patch for pam_skey, so I am including it here, too.

Here follows his description:

Patches for pam_skey:

I found one thing: Using wuftpd 1.6.1 with pam is not very good, because
you DON'T get the challange sent, you only see passwd:

If you type in the right skey, then you are right, but you have to
know which number is the current. If I compile wuftpd with --enable-skey
then it is very nice, because it says one of the following possibilities:

If ONLY skey is allowed and initialized:
331 s/key 93 alpha395403 required for preining.
Password:

if skey and passwd is allowed:
331 s/key 93 alpha23872 allowed for salzer.
Password: 

if skey is not initialized.
331 Password required for leitsch.
Password: 

This is very nice and helpful! the patch norb.patch implements this
functionality in pam_skey.c: This way you get
the above challenge for telnet/login if you use pam:
login: preining
challenge s/key 92 alpha395403 required

or
login: salzer
challenge s/key 93 alpha23872 allowed

If it is working for ftp/pam I don't know, but with wuftpd and --enable-skey
you get it directly!



===========================================================================
Patches for the linux-skey-0.2 package 
THIS IS NOT THE pam_skey PACKAGE AND IS DISTRIBUTED SEPERATELY!!!
These patches were sent to the author of linux-skey but I got no response!
The package seems to be outdated and not improved anymore, please
use pam_skey!

netmatch.patch:
The problem was that the IP address was
never saved within the struct login and therefore the check for the
ip-addr always failed. I just made a bcopy, it works, but I am not
sure if this is the prefered method, since I am definitely NOT a
ip-hacker, although I know a bit of C. 

linux-skey-wuftpd.patch:
The second patch is for
wuftpd 1.6 or so, which just changes the calls to the skey functions
from the Venema package to the linux-skey package (slightly different
calliong convention). It works for linux/x86 and linux/alpha (tested),   
but for NO other platform (the #ifdefs are only changed for linux!).

Something went wrong with that request. Please try again.