[src/trunk]: src/usr.bin/skey allow passwords less than SKEY_MIN_PW_LEN to wo...

[lukem <lukem%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/b9dcd2ba7053
branches:  trunk
changeset: 513134:b9dcd2ba7053
user:      lukem <lukem%NetBSD.org@localhost>
date:      Tue Jul 24 23:53:25 2001 +0000

description:
allow passwords less than SKEY_MIN_PW_LEN to work (with a warning),
per PR 11417 and subsequent discussion with Robert Elz & others.
the length check is still enforced in skeyinit(1), but at least this
change allows older skeykeys to be used. -f is now a no-op.

diffstat:

 usr.bin/skey/skey.1 |  11 ++---------
 usr.bin/skey/skey.c |  19 ++++++++++---------
 2 files changed, 12 insertions(+), 18 deletions(-)

diffs (96 lines):

diff -r 993dabedd282 -r b9dcd2ba7053 usr.bin/skey/skey.1
--- a/usr.bin/skey/skey.1       Tue Jul 24 23:13:33 2001 +0000
+++ b/usr.bin/skey/skey.1       Tue Jul 24 23:53:25 2001 +0000
@@ -1,8 +1,8 @@
-.\"    $NetBSD: skey.1,v 1.15 2001/04/09 12:34:14 wiz Exp $
+.\"    $NetBSD: skey.1,v 1.16 2001/07/24 23:53:25 lukem Exp $
 .\"
 .\"    from: @(#)skey.1        1.1     10/28/93
 .\"
-.Dd June 7, 2000
+.Dd July 25, 2001
 .Dt SKEY 1
 .Os
 .Sh NAME
@@ -10,7 +10,6 @@
 .Nd respond to an OTP challenge
 .Sh SYNOPSIS
 .Nm
-.Op Fl f
 .Op Fl n Ar count
 .Op Fl p Ar password
 .Op Fl t Ar hash
@@ -110,12 +109,6 @@
 use the
 .Fl x
 option.
-.Pp
-The
-.Fl f
-option can be used to override the
-strict length checking for passwords. Do not use this option until you have
-very good reason to do so, as shorter passwords violate RFC2289.
 .Sh EXAMPLE
 Initialize generation of one time passwords:
 .Bd -literal -offset indent
diff -r 993dabedd282 -r b9dcd2ba7053 usr.bin/skey/skey.c
--- a/usr.bin/skey/skey.c       Tue Jul 24 23:13:33 2001 +0000
+++ b/usr.bin/skey/skey.c       Tue Jul 24 23:53:25 2001 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: skey.c,v 1.14 2001/01/08 14:12:06 itojun Exp $ */
+/*     $NetBSD: skey.c,v 1.15 2001/07/24 23:53:25 lukem Exp $  */
 
 /*
  * S/KEY v1.1b (skey.c)
@@ -23,7 +23,7 @@
 
 #include <sys/cdefs.h>
 #ifndef lint
-__RCSID("$NetBSD: skey.c,v 1.14 2001/01/08 14:12:06 itojun Exp $");
+__RCSID("$NetBSD: skey.c,v 1.15 2001/07/24 23:53:25 lukem Exp $");
 #endif
 
 #include <ctype.h>
@@ -41,7 +41,7 @@
 int
 main(int       argc, char **argv)
 {
-       int     n, cnt, i, pass = 0, hexmode = 0, force = 0;
+       int     n, cnt, i, pass = 0, hexmode = 0;
        char    passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE];
        char    buf[33], *seed, *slash, *t;
 
@@ -50,9 +50,8 @@
        while ((i = getopt(argc, argv, "fn:p:t:x")) != -1) {
                switch (i) {
                case 'f':
-                       force = 1;
+                               /* this option is ignored now */
                        break;
-
                case 'n':
                        cnt = atoi(optarg);
                        break;
@@ -124,8 +123,10 @@
                        exit(1);
        }
 
-       if(strlen(passwd) < SKEY_MIN_PW_LEN && !force)
-               errx(1, "password must be at least %d long", SKEY_MIN_PW_LEN);
+       if (strlen(passwd) < SKEY_MIN_PW_LEN)
+               warnx(
+       "password should be at least %d characters long according to RFC2289",
+                   SKEY_MIN_PW_LEN);
 
        /* Crunch seed and password into starting key */
        if (keycrunch(key, seed, passwd) != 0)
@@ -154,7 +155,7 @@
 {
 
        fprintf(stderr,
-           "Usage: %s [-f] [-n count] [-p password] [-t hash] [-x] sequence#"
-               "[/] key\n", s);
+    "Usage: %s [-n count] [-p password] [-t hash] [-x] sequence# [/] key\n",
+           s);
        exit(1);
 }