[prev in list] [next in list] [prev in thread] [next in thread]
List: fwtk-users
Subject: Re: US-Only version of the fwtk
From: root () mail ! diginsite ! com
Date: 1997-12-18 1:33:46
[Download RAW message or body]
[To be removed from this list send the message "unsubscribe fwtk-users" in the
BODY of a mail message to majordomo@ex.tis.com.]
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
Send mail to mime@docserver.cac.washington.edu for more info.
here is a copy I was sent when I asked the same question a couple of
months ago. I never have seen how to get the full set of tools.
you will also need to get the patches from TIS for authsrv
David Lang
On Wed, 17 Dec 1997, Tom Lojewski wrote:
> [To be removed from this list send the message "unsubscribe fwtk-users" in the
> BODY of a mail message to majordomo@ex.tis.com.]
>
>
> Dear fwtk user,
>
> We're trying to build a version of tn-gw that will support the Digital Pathways
> encrypting calculator. The auth/README file says that I need snk.c from the
> US-ONLY distribution. Can you tell me how I go about obtaining that version
> of fwtk?
>
> Thanks for your help.
>
> ...Tom Lojewski (thl@atmsys.com)
>
["snk.c" (TEXT/PLAIN)]
/*-
* Copyright (c) 1993, Trusted Information Systems, Incorporated
* All rights reserved.
*
* Redistribution and use are governed by the terms detailed in the
* license document ("LICENSE") included with the toolkit.
*/
/*
* Author: Marcus J. Ranum, Trusted Information Systems, Inc.
*/
static char RcsId[] = "$Header: snk.c,v 1.3 93/11/12 09:51:58 mjr rel $";
#include <ctype.h>
#include "firewall.h"
#include "auth.h"
#ifdef AUTHPROTO_SNK
#include "des.h"
extern long randomnumber();
static int challenged = 0;
static char challbuf[32];
snkchallng(user,buf,bs)
char *user;
char *buf;
int bs;
{
challenged = 1;
strcpy(buf,"SNK Challenge \"");
sprintf(challbuf,"%6.6lu",randomnumber() % 999999);
strcat(buf,challbuf);
strcat(buf,"\": ");
return(0);
}
/* is this ugly or what? it's late and I don't feel clever */
static int
make_key_sched(s,k)
char *s;
des_cblock k;
{
int k0;
int k1;
int k2;
int k3;
int k4;
int k5;
int k6;
int k7;
int x;
x = sscanf(s, "%o %o %o %o %o %o %o %o",
&k0, &k1, &k2, &k3, &k4, &k5, &k6, &k7);
if(x != 8)
return(1);
k[0] = k0;
k[1] = k1;
k[2] = k2;
k[3] = k3;
k[4] = k4;
k[5] = k5;
k[6] = k6;
k[7] = k7;
return(0);
}
snkverify(user,pass,ap,rbuf)
char *user;
char *pass;
Auth *ap;
char *rbuf;
{
des_key_schedule keysched;
des_cblock kblock;
/*char buf[12];
char cbuf[12];*/
des_cblock buf;
des_cblock cbuf;
int i;
int j;
unsigned long kval = 0;
strcpy(rbuf,"Permission Denied.");
if(!challenged)
return(1);
challenged = 0;
/* lowercase the response code, in case it's hex */
for(i=0; pass[i]; i++)
if(isupper(pass[i]))
pass[i] = tolower(pass[i]);
/* set up a key from the shared secret */
if(make_key_sched(ap->pw,kblock)) {
strcpy(rbuf,"Cannot decode user secret key");
return(1);
}
des_set_key(&kblock,keysched);
/* zeroize the entire buffer */
for(i = 0; i < 9; i++)
buf[i] = '\0';
strncpy(buf,challbuf,8);
/* push it through the rotating knives */
des_ecb_encrypt(&buf,&cbuf,keysched,DES_ENCRYPT);
/* pull some bits out of the ciphertext into a long */
for(i=0; i<4; i++)
for(j = 0; j < 8; j++)
kval = (kval << 1) | ((cbuf[i] >> (7 - j)) & 1);
/* crunch it into a hex string */
sprintf(buf,"%08x",kval);
if(!strcmp(pass,buf)) {
strcpy(rbuf,"ok");
return(0);
}
/* crunch hex to decimal and try that */
for(i=0; buf[i]; i++)
if(buf[i] == 'a' || buf[i] == 'b' || buf[i] == 'c')
buf[i] = '2';
else
if(buf[i] == 'd' || buf[i] == 'e' || buf[i] == 'f')
buf[i] = '3';
if(strcmp(pass,buf))
return(1);
strcpy(rbuf,"ok");
return(0);
}
snkset(user,pass,ap,rbuf)
char *user;
char *pass;
Auth *ap;
char *rbuf;
{
des_cblock kblock;
if(make_key_sched(pass,kblock)) {
strcpy(rbuf,"Cannot decode user secret key");
return(0);
}
if(strlen(pass) >= AUTH_PWSIZ) {
strcpy(rbuf,"Secret key too long");
return(0);
}
strcpy(ap->pw,pass);
if(auth_dbputu(user,ap) == 0)
strcpy(rbuf,"Secret key changed");
else
strcpy(rbuf,"Database error.");
return(0);
}
#endif
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic