1 /* accessfile.c: Handle trusted network access file and per-user
4 %%% portions-copyright-cmetz-96
5 Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
6 Reserved. The Inner Net License Version 2 applies to these portions of
8 You should have received a copy of the license with this software. If
9 you didn't get a copy, you may request one from <license@inner.net>.
11 Portions of this software are Copyright 1995 by Randall Atkinson and Dan
12 McDonald, All Rights Reserved. All Rights under this copyright are assigned
13 to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
14 License Agreement applies to this software.
18 Modified by cmetz for OPIE 2.31. Include syslog.h on debug.
19 Modified by cmetz for OPIE 2.3. Send debug info to syslog.
20 Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
21 Ifdef around some headers. Remove extra semicolon.
22 Modified at NRL for OPIE 2.2. Moved from accessfile.c to
23 libopie/opieaccessfile.c.
24 Modified at NRL for OPIE 2.0.
25 Written at Bellcore for the S/Key Version 1 software distribution
32 #include <sys/types.h>
33 #include <sys/socket.h>
34 #include <netinet/in.h>
35 #include <arpa/inet.h>
39 #endif /* HAVE_STRING_H */
42 #endif /* HAVE_UNISTD_H */
45 #endif /* HAVE_STDLIB_H */
53 int opieaccessfile FUNCTION((host), char *host)
55 #ifdef PATH_ACCESS_FILE
56 /* Turn host into an IP address and then look it up in the authorization
57 * database to determine if ordinary password logins are OK
65 syslog(LOG_DEBUG, "accessfile: host=%s", host);
68 /* Local login, okay */
74 hp = gethostbyname(host);
76 printf("Unknown host %s\n", host);
79 for (lp = hp->h_addr_list; *lp; lp++) {
80 memcpy((char *) &n, *lp, sizeof(n));
88 int rdnets FUNCTION((host), long host)
95 if (!(fp = fopen(PATH_ACCESS_FILE, "r")))
98 while (fgets(buf, sizeof(buf), fp), !feof(fp)) {
100 continue; /* Comment */
101 if (!(cp = strtok(buf, " \t")))
103 /* two choices permit of deny */
104 if (strncasecmp(cp, "permit", 4) == 0) {
107 if (strncasecmp(cp, "deny", 4) == 0) {
110 continue; /* ignore; it is not permit/deny */
113 if (!(cp = strtok(NULL, " \t")))
114 continue; /* Invalid line */
115 pattern = inet_addr(cp);
116 if (!(cp = strtok(NULL, " \t")))
117 continue; /* Invalid line */
118 mask = inet_addr(cp);
120 syslog(LOG_DEBUG, "accessfile: %08x & %08x == %08x (%s)", host, mask, pattern, ((host & mask) == pattern) ? "true" : "false");
122 if ((host & mask) == pattern) {
132 /* Return TRUE if string appears to be an IP address in dotted decimal;
133 * return FALSE otherwise (i.e., if string is a domain name)
135 int isaddr FUNCTION((s), register char *s)
140 return 1; /* Can't happen */
142 while ((c = *s++) != '\0') {
143 if (c != '[' && c != ']' && !isdigit(c) && c != '.')
147 #else /* PATH_ACCESS_FILE */
149 #endif /* PATH_ACCESS_FILE */
152 /* Returns the opposite of what you might expect */
153 /* Returns 1 on error (allow)... this might not be what you want */
154 int opiealways FUNCTION((homedir), char *homedir)
156 char *opiealwayspath;
162 if (!(opiealwayspath = malloc(strlen(homedir) + sizeof(OPIE_ALWAYS_FILE) + 1)))
165 strcpy(opiealwayspath, homedir);
166 strcat(opiealwayspath, "/");
167 strcat(opiealwayspath, OPIE_ALWAYS_FILE);
168 i = access(opiealwayspath, F_OK);
169 free(opiealwayspath);