From dc978c56e3fbbe9c8e3f8da4eef6c5fd3f8a509c Mon Sep 17 00:00:00 2001 From: "Eric S. Raymond" Date: Fri, 23 Jan 1998 16:47:42 +0000 Subject: Corrected OTP support. svn path=/trunk/; revision=1610 --- pop3.c | 53 +++++++++++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 22 deletions(-) (limited to 'pop3.c') diff --git a/pop3.c b/pop3.c index ce9d7999..8a36d352 100644 --- a/pop3.c +++ b/pop3.c @@ -19,9 +19,9 @@ #include "fetchmail.h" #include "socket.h" -#if HAVE_LIBOPIE -#include -#endif /* HAVE_LIBOPIE */ +#if OPIE +#include +#endif /* OPIE */ #ifndef strstr /* glibc-2.1 declares this as a macro */ extern char *strstr(); /* needed on sysV68 R3V7.1. */ @@ -35,9 +35,9 @@ static int phase; #define PHASE_LOGOUT 4 static int last; -#if HAVE_LIBOPIE +#if OPIE static char lastok[POPBUFSIZE+1]; -#endif /* HAVE_LIBOPIE */ +#endif /* OPIE */ int pop3_ok (int sock, char *argbuf) /* parse command response */ @@ -62,9 +62,9 @@ int pop3_ok (int sock, char *argbuf) if (strcmp(buf,"+OK") == 0) { -#if HAVE_LIBOPIE +#if OPIE strcpy(lastok, bufp); -#endif /* HAVE_LIBOPIE */ +#endif /* OPIE */ ok = 0; } else if (strcmp(buf,"-ERR") == 0) @@ -104,9 +104,9 @@ int pop3_getauth(int sock, struct query *ctl, char *greeting) int ok; char *start,*end; char *msg; -#if HAVE_LIBOPIE +#if OPIE char *challenge; -#endif /* HAVE_LIBOPIE */ +#endif /* OPIE */ phase = PHASE_GETAUTH; @@ -146,22 +146,31 @@ int pop3_getauth(int sock, struct query *ctl, char *greeting) } #endif /* RPA_ENABLE */ -#if defined(HAVE_LIBOPIE) && defined(OPIE_ENABLE) +#if OPIE /* see RFC1938: A One-Time Password System */ - if (challenge = strstr(lastok, "otp-")) - { - char response[OPIE_RESPONSE_MAX+1]; - - if (opiegenerator(challenge, ctl->password, response)) - { - ok = PS_ERROR; - break; - } - - ok = gen_transact(sock, "PASS %s", response); + if (challenge = strstr(lastok, "otp-")) { + char response[OPIE_RESPONSE_MAX+1]; + int i; + + i = opiegenerator(challenge, !strcmp(ctl->password, "opie") ? "" : ctl->password, response); + if ((i == -2) && (cmd_daemon == -1)) { + char secret[OPIE_SECRET_MAX+1]; + fprintf(stderr, "Secret pass phrase: "); + if (opiereadpass(secret, sizeof(secret), 0)) { + i = opiegenerator(challenge, secret, response); + memset(secret, 0, sizeof(secret)); + }; + }; + + if (i) { + ok = PS_ERROR; break; + }; + + ok = gen_transact(sock, "PASS %s", response); + break; } -#endif /* defined(HAVE_LIBOPIE) && defined(OPIE_ENABLE) */ +#endif /* OPIE */ /* ordinary validation, no one-time password or RPA */ ok = gen_transact(sock, "PASS %s", ctl->password); -- cgit v1.2.3