openwrt/upstream - upstream openwrt

	Commit message (Expand)	Author	Age	Files	Lines
*	ramips: convert mtd-mac-address to nvmem implementation	Ansuel Smith	2021-07-19	1	-1/+12
*	ramips: drop redundant definitions of serial0 in aliases	Adrian Schmutzler	2021-02-22	1	-1/+0
*	ramips: do not enable unused GPIO controllers	Adrian Schmutzler	2020-12-17	1	-4/+0
*	ramips: remove redundant status for USB controllers	Adrian Schmutzler	2020-12-07	1	-8/+0
*	ramips: dts: use generic node name for flash	Sungbo Eo	2020-05-09	1	-1/+1
*	ramips: use hex notation for *-mtd-eeprom property	Sungbo Eo	2020-05-08	1	-1/+1
*	ramips: replace pinctrl property names	Chuanhong Guo	2020-04-12	1	-4/+4
*	ramips: simplify state_default/pinctrl0 in device DTS files	Adrian Schmutzler	2019-12-23	1	-10/+8
*	ramips: fix whitespace issues in DTS files	Adrian Schmutzler	2019-10-21	1	-2/+0
*	ramips/rt305x: Name DTS files based on scheme	Adrian Schmutzler	2019-07-10	1	-0/+99

/* Add passphrases to the tpasswd file. Use the last entry in the config file by default or a particular one specified by index. */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <sys/types.h> #include <sys/stat.h> #include "config.h" #include "t_pwd.h" #include "t_read.h" #include "t_sha.h" #include "t_defines.h" char *Progname; char Usage[] = "usage: %s [-n configindex] [-p passfile] user\n"; #define USAGE() fprintf(stderr, Usage, Progname) void doit(char *); int Configindex = -1; char *Passfile = DEFAULT_PASSWD; int main(int argc, char **argv) { int c; Progname = *argv; /* Parse option arguments. */ while ((c = getopt(argc, argv, "n:p:")) != EOF) { switch (c) { case 'n': Configindex = atoi(optarg); break; case 'p': Passfile = optarg; break; default: USAGE(); exit(1); } } argc -= optind; argv += optind; if (argc != 1) { USAGE(); exit(1); } doit(argv[0]); return 0; } void doit(char *name) { char passphrase[128], passphrase1[128]; FILE *f; struct t_confent *tcent; struct t_pw eps_passwd; /* Get the config entry. */ if (Configindex <= 0) { Configindex = t_getprecount(); } tcent = gettcid(Configindex); if (tcent == NULL) { fprintf(stderr, "Invalid configuration file entry.\n"); exit(1); } /* Ask for the passphrase twice. */ printf("Setting passphrase for %s\n", name); if (t_getpass(passphrase, sizeof(passphrase), "Enter passphrase: ") < 0) { exit(1); } if (t_getpass(passphrase1, sizeof(passphrase1), "Verify: ") < 0) { exit(1); } if (strcmp(passphrase, passphrase1) != 0) { fprintf(stderr, "mismatch\n"); exit(1); } /* Create the passphrase verifier. */ t_makepwent(&eps_passwd, name, passphrase, NULL, tcent); /* Don't need these anymore. */ memset(passphrase, 0, sizeof(passphrase)); memset(passphrase1, 0, sizeof(passphrase1)); /* See if the passphrase file is there; create it if not. */ if ((f = fopen(Passfile, "r+")) == NULL) { creat(Passfile, 0400); } else { fclose(f); } /* Change the passphrase. */ if (t_changepw(Passfile, &eps_passwd.pebuf) < 0) { fprintf(stderr, "Error changing passphrase\n"); exit(1); } } /* TODO: Implement a more general method to handle delete/change */ _TYPE( int ) t_changepw(pwname, diff) const char * pwname; const struct t_pwent * diff; { char * bakfile; char * bakfile2; struct stat st; FILE * passfp; FILE * bakfp; if(pwname == NULL) pwname = DEFAULT_PASSWD; if((passfp = fopen(pwname, "rb")) == NULL || fstat(fileno(passfp), &st) < 0) return -1; if((bakfile = malloc(strlen(pwname) + 5)) == NULL) { fclose(passfp); return -1; } else if((bakfile2 = malloc(strlen(pwname) + 5)) == NULL) { fclose(passfp); free(bakfile); return -1; } sprintf(bakfile, "%s.bak", pwname); sprintf(bakfile2, "%s.sav", pwname); if((bakfp = fopen(bakfile2, "wb")) == NULL && (unlink(bakfile2) < 0 || (bakfp = fopen(bakfile2, "wb")) == NULL)) { fclose(passfp); free(bakfile); free(bakfile2); return -1; } #ifdef NO_FCHMOD chmod(bakfile2, st.st_mode & 0777); #else fchmod(fileno(bakfp), st.st_mode & 0777); #endif t_pwcopy(bakfp, passfp, diff); fclose(bakfp); fclose(passfp); #ifdef USE_RENAME unlink(bakfile); if(rename(pwname, bakfile) < 0) { free(bakfile); free(bakfile2); return -1; } if(rename(bakfile2, pwname) < 0) { free(bakfile); free(bakfile2); return -1; } #else unlink(bakfile); link(pwname, bakfile); unlink(pwname); link(bakfile2, pwname); unlink(bakfile2); #endif free(bakfile); free(bakfile2); return 0; } _TYPE( struct t_pwent * ) t_makepwent(tpw, user, pass, salt, confent) struct t_pw * tpw; const char * user; const char * pass; const struct t_num * salt; const struct t_confent * confent; { BigInteger x, v, n, g; unsigned char dig[SHA_DIGESTSIZE]; SHA1_CTX ctxt; tpw->pebuf.name = tpw->userbuf; tpw->pebuf.password.data = tpw->pwbuf; tpw->pebuf.salt.data = tpw->saltbuf; strncpy(tpw->pebuf.name, user, MAXUSERLEN); tpw->pebuf.index = confent->index; if(salt) { tpw->pebuf.salt.len = salt->len; memcpy(tpw->pebuf.salt.data, salt->data, salt->len); } else { memset(dig, 0, SALTLEN); /* salt is 80 bits */ tpw->pebuf.salt.len = SALTLEN; do { t_random(tpw->pebuf.salt.data, SALTLEN); } while(memcmp(tpw->pebuf.salt.data, dig, SALTLEN) == 0); if(tpw->pebuf.salt.data[0] == 0) tpw->pebuf.salt.data[0] = 0xff; } n = BigIntegerFromBytes(confent->modulus.data, confent->modulus.len); g = BigIntegerFromBytes(confent->generator.data, confent->generator.len); v = BigIntegerFromInt(0); SHA1Init(&ctxt); SHA1Update(&ctxt, user, strlen(user)); SHA1Update(&ctxt, ":", 1); SHA1Update(&ctxt, pass, strlen(pass)); SHA1Final(dig, &ctxt); SHA1Init(&ctxt); SHA1Update(&ctxt, tpw->pebuf.salt.data, tpw->pebuf.salt.len); SHA1Update(&ctxt, dig, sizeof(dig)); SHA1Final(dig, &ctxt); /* x = H(s, H(u, ':', p)) */ x = BigIntegerFromBytes(dig, sizeof(dig)); BigIntegerModExp(v, g, x, n); tpw->pebuf.password.len = BigIntegerToBytes(v, tpw->pebuf.password.data); BigIntegerFree(v); BigIntegerFree(x); BigIntegerFree(g); BigIntegerFree(n); return &tpw->pebuf; } int t_pwcopy(pwdest, pwsrc, diff) FILE * pwdest; FILE * pwsrc; struct t_pwent * diff; { struct t_pw * src; struct t_pwent * ent; if((src = t_openpw(pwsrc)) == NULL) return -1; while((ent = t_getpwent(src)) != NULL) if(diff && strcmp(diff->name, ent->name) == 0) { t_putpwent(diff, pwdest); diff = NULL; } else t_putpwent(ent, pwdest); if(diff) t_putpwent(diff, pwdest); return 0; } _TYPE( struct t_pwent * ) t_getpwent(tpw) struct t_pw * tpw; { char indexbuf[16]; char passbuf[MAXB64PARAMLEN]; char saltstr[MAXB64SALTLEN]; #ifdef ENABLE_YP struct t_passwd * nisent; /* FIXME: should tell caller to get conf entry from NIS also */ if(tpw->state == IN_NIS) { nisent = _yp_gettpent(); if(nisent != NULL) { savepwent(tpw, &nisent->tp); return &tpw->pebuf; } tpw->state = FILE_NIS; } #endif while(1) { if(t_nextfield(tpw->instream, tpw->userbuf, MAXUSERLEN) > 0) { #ifdef ENABLE_YP if(tpw->state == FILE_NIS && *tpw->userbuf == '+') { t_nextline(tpw->instream); if(strlen(tpw->userbuf) > 1) { /* +name:... */ nisent = _yp_gettpnam(tpw->userbuf + 1); if(nisent != NULL) { savepwent(tpw, nisent); return &tpw->pebuf; } } else { /* +:... */ tpw->state = IN_NIS; _yp_settpent(); return t_getpwent(tpw); } } #endif if(t_nextfield(tpw->instream, passbuf, MAXB64PARAMLEN) > 0 && (tpw->pebuf.password.len = t_fromb64(tpw->pwbuf, passbuf)) > 0 && t_nextfield(tpw->instream, saltstr, MAXB64SALTLEN) > 0 && (tpw->pebuf.salt.len = t_fromb64(tpw->saltbuf, saltstr)) > 0 && t_nextfield(tpw->instream, indexbuf, 16) > 0 && (tpw->pebuf.index = atoi(indexbuf)) > 0) { tpw->pebuf.name = tpw->userbuf; tpw->pebuf.password.data = tpw->pwbuf; tpw->pebuf.salt.data = tpw->saltbuf; t_nextline(tpw->instream); return &tpw->pebuf; } } if(t_nextline(tpw->instream) < 0) return NULL; } } _TYPE( void ) t_putpwent(ent, fp) const struct t_pwent * ent; FILE * fp; { char strbuf[MAXB64PARAMLEN]; char saltbuf[MAXB64SALTLEN]; fprintf(fp, "%s:%s:%s:%d\n", ent->name, t_tob64(strbuf, ent->password.data, ent->password.len), t_tob64(saltbuf, ent->salt.data, ent->salt.len), ent->index); }