1 /* accessfile.c: Handle trusted network access file and per-user
4 %%% portions-copyright-cmetz-96
5 Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
6 Reserved. The Inner Net License Version 2 applies to these portions of
8 You should have received a copy of the license with this software. If
9 you didn't get a copy, you may request one from <license@inner.net>.
11 Portions of this software are Copyright 1995 by Randall Atkinson and Dan
12 McDonald, All Rights Reserved. All Rights under this copyright are assigned
13 to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
14 License Agreement applies to this software.
18 Modified by cmetz for OPIE 2.31. Include syslog.h on debug.
19 Modified by cmetz for OPIE 2.3. Send debug info to syslog.
20 Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
21 Ifdef around some headers. Remove extra semicolon.
22 Modified at NRL for OPIE 2.2. Moved from accessfile.c to
23 libopie/opieaccessfile.c.
24 Modified at NRL for OPIE 2.0.
25 Written at Bellcore for the S/Key Version 1 software distribution
31 #include <sys/types.h>
32 #include <sys/socket.h>
33 #include <netinet/in.h>
34 #include <arpa/inet.h>
38 #endif /* HAVE_STRING_H */
41 #endif /* HAVE_UNISTD_H */
44 #endif /* HAVE_STDLIB_H */
52 int opieaccessfile FUNCTION((host), char *host)
54 #ifdef PATH_ACCESS_FILE
55 /* Turn host into an IP address and then look it up in the authorization
56 * database to determine if ordinary password logins are OK
64 syslog(LOG_DEBUG, "accessfile: host=%s", host);
67 /* Local login, okay */
73 hp = gethostbyname(host);
75 printf("Unknown host %s\n", host);
78 for (lp = hp->h_addr_list; *lp; lp++) {
79 memcpy((char *) &n, *lp, sizeof(n));
87 int rdnets FUNCTION((host), long host)
94 if (!(fp = fopen(PATH_ACCESS_FILE, "r")))
97 while (fgets(buf, sizeof(buf), fp), !feof(fp)) {
99 continue; /* Comment */
100 if (!(cp = strtok(buf, " \t")))
102 /* two choices permit of deny */
103 if (strncasecmp(cp, "permit", 4) == 0) {
106 if (strncasecmp(cp, "deny", 4) == 0) {
109 continue; /* ignore; it is not permit/deny */
112 if (!(cp = strtok(NULL, " \t")))
113 continue; /* Invalid line */
114 pattern = inet_addr(cp);
115 if (!(cp = strtok(NULL, " \t")))
116 continue; /* Invalid line */
117 mask = inet_addr(cp);
119 syslog(LOG_DEBUG, "accessfile: %08x & %08x == %08x (%s)", host, mask, pattern, ((host & mask) == pattern) ? "true" : "false");
121 if ((host & mask) == pattern) {
131 /* Return TRUE if string appears to be an IP address in dotted decimal;
132 * return FALSE otherwise (i.e., if string is a domain name)
134 int isaddr FUNCTION((s), register char *s)
139 return 1; /* Can't happen */
141 while ((c = *s++) != '\0') {
142 if (c != '[' && c != ']' && !isdigit(c) && c != '.')
146 #else /* PATH_ACCESS_FILE */
148 #endif /* PATH_ACCESS_FILE */
151 /* Returns the opposite of what you might expect */
152 /* Returns 1 on error (allow)... this might not be what you want */
153 int opiealways FUNCTION((homedir), char *homedir)
155 char *opiealwayspath;
161 if (!(opiealwayspath = malloc(strlen(homedir) + sizeof(OPIE_ALWAYS_FILE) + 1)))
164 strcpy(opiealwayspath, homedir);
165 strcat(opiealwayspath, "/");
166 strcat(opiealwayspath, OPIE_ALWAYS_FILE);
167 i = access(opiealwayspath, F_OK);
168 free(opiealwayspath);