git: 0aa2700123e2 - main - Put OPIE to rest.
- Reply: Cy Schubert : "Re: git: 0aa2700123e2 - main - Put OPIE to rest."
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 02 Oct 2022 01:38:13 UTC
The branch main has been updated by des:
URL: https://cgit.FreeBSD.org/src/commit/?id=0aa2700123e22c2b0a977375e087dc2759b8e980
commit 0aa2700123e22c2b0a977375e087dc2759b8e980
Author: Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2022-10-02 01:37:29 +0000
Commit: Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2022-10-02 01:37:29 +0000
Put OPIE to rest.
Differential Revision: https://reviews.freebsd.org/D36592
---
Makefile.inc1 | 4 +-
ObsoleteFiles.inc | 30 +
contrib/opie/BUG-REPORT | 85 -
contrib/opie/COPYRIGHT.NRL | 68 -
contrib/opie/INSTALL | 178 -
contrib/opie/License.TIN | 45 -
contrib/opie/Makefile.in | 327 --
contrib/opie/README | 508 --
contrib/opie/acconfig.h | 226 -
contrib/opie/config.h.in | 450 --
contrib/opie/config.testeflag | 12 -
contrib/opie/configure | 5247 --------------------
contrib/opie/configure.in | 562 ---
contrib/opie/configure.munger.in | 16 -
contrib/opie/ftpcmd.y | 1290 -----
contrib/opie/glob.c | 668 ---
contrib/opie/install-sh | 238 -
contrib/opie/libmissing/Makefile.in | 34 -
contrib/opie/libmissing/bogus.c | 1 -
contrib/opie/libmissing/endutent.c | 19 -
contrib/opie/libmissing/getutline.c | 63 -
contrib/opie/libmissing/pututline.c | 64 -
contrib/opie/libmissing/setutent.c | 18 -
contrib/opie/libopie/Makefile.in | 35 -
contrib/opie/libopie/accessfile.c | 171 -
contrib/opie/libopie/atob8.c | 76 -
contrib/opie/libopie/btoa8.c | 34 -
contrib/opie/libopie/btoe.c | 2267 ---------
contrib/opie/libopie/btoh.c | 36 -
contrib/opie/libopie/challenge.c | 79 -
contrib/opie/libopie/generator.c | 398 --
contrib/opie/libopie/getsequence.c | 27 -
contrib/opie/libopie/getutmpentry.c | 85 -
contrib/opie/libopie/hash.c | 78 -
contrib/opie/libopie/hashlen.c | 69 -
contrib/opie/libopie/insecure.c | 172 -
contrib/opie/libopie/keycrunch.c | 66 -
contrib/opie/libopie/lock.c | 255 -
contrib/opie/libopie/login.c | 124 -
contrib/opie/libopie/logwtmp.c | 197 -
contrib/opie/libopie/lookup.c | 31 -
contrib/opie/libopie/md4c.c | 267 -
contrib/opie/libopie/md5c.c | 304 --
contrib/opie/libopie/newseed.c | 96 -
contrib/opie/libopie/open.c | 77 -
contrib/opie/libopie/parsechallenge.c | 82 -
contrib/opie/libopie/passcheck.c | 50 -
contrib/opie/libopie/passwd.c | 76 -
contrib/opie/libopie/randomchallenge.c | 50 -
contrib/opie/libopie/readpass.c | 315 --
contrib/opie/libopie/readrec.c | 167 -
contrib/opie/libopie/unlock.c | 103 -
contrib/opie/libopie/verify.c | 222 -
contrib/opie/libopie/version.c | 29 -
contrib/opie/libopie/writerec.c | 89 -
contrib/opie/opie.4 | 342 --
contrib/opie/opie.h | 179 -
contrib/opie/opie_cfg.h | 184 -
contrib/opie/opieaccess.5 | 92 -
contrib/opie/opieauto.c | 386 --
contrib/opie/opieftpd.8 | 294 --
contrib/opie/opieftpd.c | 1715 -------
contrib/opie/opiegen.1 | 90 -
contrib/opie/opiegen.c | 88 -
contrib/opie/opieinfo.1 | 103 -
contrib/opie/opieinfo.c | 105 -
contrib/opie/opiekey.1 | 176 -
contrib/opie/opiekey.c | 347 --
contrib/opie/opiekeys.5 | 72 -
contrib/opie/opielogin.1 | 131 -
contrib/opie/opielogin.c | 1458 ------
contrib/opie/opiepasswd.1 | 181 -
contrib/opie/opiepasswd.c | 442 --
contrib/opie/opieserv.1 | 82 -
contrib/opie/opieserv.c | 83 -
contrib/opie/opiesu.1 | 101 -
contrib/opie/opiesu.c | 512 --
contrib/opie/opietest.c | 310 --
contrib/opie/permsfile.c | 167 -
contrib/opie/popen.c | 216 -
contrib/telnet/telnet/telnet.1 | 4 -
etc/mtree/BSD.var.dist | 2 -
lib/Makefile | 4 +-
lib/libopie/Makefile | 40 -
lib/libopie/Makefile.depend | 18 -
lib/libopie/config.h | 381 --
lib/libopie/opieaccess | 13 -
lib/libopie/opieextra.c | 98 -
lib/libpam/modules/modules.inc | 2 -
lib/libpam/modules/pam_opie/Makefile | 36 -
lib/libpam/modules/pam_opie/Makefile.depend | 19 -
lib/libpam/modules/pam_opie/pam_opie.8 | 127 -
lib/libpam/modules/pam_opie/pam_opie.c | 157 -
lib/libpam/modules/pam_opieaccess/Makefile | 11 -
lib/libpam/modules/pam_opieaccess/Makefile.depend | 18 -
lib/libpam/modules/pam_opieaccess/pam_opieaccess.8 | 146 -
lib/libpam/modules/pam_opieaccess/pam_opieaccess.c | 97 -
lib/libpam/pam.d/ftpd | 2 -
lib/libpam/pam.d/other | 2 -
lib/libpam/pam.d/sshd | 2 -
lib/libpam/pam.d/system | 2 -
lib/libpam/static_libpam/Makefile.depend | 2 -
lib/libsysdecode/Makefile.depend | 1 -
libexec/ftpd/Makefile | 5 +-
libexec/ftpd/Makefile.depend | 1 -
libexec/ftpd/ftpd.8 | 10 -
libexec/ftpd/ftpd.c | 34 +-
share/examples/etc/README.examples | 1 -
share/mk/bsd.libnames.mk | 1 -
share/mk/src.libnames.mk | 4 +-
targets/pseudo/userland/lib/Makefile.depend | 3 -
usr.bin/Makefile | 3 -
usr.bin/opieinfo/Makefile | 21 -
usr.bin/opieinfo/Makefile.depend | 19 -
usr.bin/opiekey/Makefile | 23 -
usr.bin/opiekey/Makefile.depend | 19 -
usr.bin/opiepasswd/Makefile | 21 -
usr.bin/opiepasswd/Makefile.depend | 19 -
usr.sbin/pw/pw_user.c | 35 -
usr.sbin/pw/tests/pw_userdel_test.sh | 2 -
120 files changed, 39 insertions(+), 25502 deletions(-)
diff --git a/Makefile.inc1 b/Makefile.inc1
index 98cb357946f7..63e9b574eaaa 100644
--- a/Makefile.inc1
+++ b/Makefile.inc1
@@ -2953,7 +2953,7 @@ _prebuild_libs= ${_kerberos5_lib_libasn1} \
lib/ncurses/tinfo \
lib/ncurses/ncurses \
lib/ncurses/form \
- lib/libopie lib/libpam/libpam lib/libthr \
+ lib/libpam/libpam lib/libthr \
${_lib_libradius} lib/libsbuf lib/libtacplus \
lib/libgeom \
${_cddl_lib_libumem} ${_cddl_lib_libnvpair} \
@@ -3026,7 +3026,7 @@ _generic_libs+= ${_DIR}
.endif
.endfor
-lib/libopie__L lib/libtacplus__L: lib/libmd__L
+lib/libtacplus__L: lib/libmd__L
.if ${MK_CDDL} != "no"
_cddl_lib_libumem= cddl/lib/libumem
diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc
index 0a0c6dfb044a..3d9e7d4c6dd4 100644
--- a/ObsoleteFiles.inc
+++ b/ObsoleteFiles.inc
@@ -52,6 +52,36 @@
# xargs -n1 | sort | uniq -d;
# done
+# 20221001: deorbit opie
+OLD_FILES+=etc/opieaccess
+OLD_FILES+=etc/opiekeys
+OLD_FILES+=usr/bin/opieinfo
+OLD_FILES+=usr/bin/opiekey
+OLD_FILES+=usr/bin/opiepasswd
+OLD_FILES+=usr/bin/otp-md4
+OLD_FILES+=usr/bin/otp-md5
+OLD_FILES+=usr/bin/otp-sha1
+OLD_FILES+=usr/lib/libopie.a
+OLD_FILES+=usr/lib/libopie.so
+OLD_LIBS+=usr/lib/libopie.so.8
+OLD_FILES+=usr/lib/libopie_p.a
+OLD_FILES+=usr/bin/opieinfo
+OLD_FILES+=usr/lib/pam_opie.so
+OLD_LIBS+=usr/lib/pam_opie.so.6
+OLD_FILES+=usr/lib/pam_opieaccess.so
+OLD_LIBS+=usr/lib/pam_opieaccess.so.6
+OLD_FILES+=usr/share/man/man1/opieinfo.1.gz
+OLD_FILES+=usr/share/man/man1/opiekey.1.gz
+OLD_FILES+=usr/share/man/man1/opiepasswd.1.gz
+OLD_FILES+=usr/share/man/man1/otp-md4.1.gz
+OLD_FILES+=usr/share/man/man1/otp-md5.1.gz
+OLD_FILES+=usr/share/man/man1/otp-sha1.1.gz
+OLD_FILES+=usr/share/man/man4/opie.4.gz
+OLD_FILES+=usr/share/man/man5/opieaccess.5.gz
+OLD_FILES+=usr/share/man/man5/opiekeys.5.gz
+OLD_FILES+=usr/share/man/man8/pam_opie.8.gz
+OLD_FILES+=usr/share/man/man8/pam_opieaccess.8.gz
+
# 20220928: telnetd(8) removed
OLD_FILES+=etc/pam.d/telnetd
OLD_FILES+=usr/libexec/telnetd
diff --git a/contrib/opie/BUG-REPORT b/contrib/opie/BUG-REPORT
deleted file mode 100644
index c772d2d504fe..000000000000
--- a/contrib/opie/BUG-REPORT
+++ /dev/null
@@ -1,85 +0,0 @@
-OPIE Software Distribution, Release 2.4 Bug Reporting Form
-======================================= ==================
-
- Before submitting a bug report, please check the README file and make
-sure that your "bug" is not a known problem.
-
- Please make a copy of this file and then edit it with your favorite
-text editor (NOT a word processor; the end result needs to be reasonable ASCII
-text) to include the answers to the following questions:
-
-1. Your name and electronic mail address, in case we need more information.
- If you can provide multiple addresses, please do so in case we
- are unable to reply to the first one.
-
-2. Your exact operating system vendor, name, and version number. If available,
- please provide the output of "uname -a" and/or the version of your C
- runtime library. Please be more specific than "UNIX".
-
-3. The exact hardware the system was installed upon.
-
-4. Which compiler and C runtime you used and its version number.
- For instance, some systems have been known to have the GNU libc
- installed as well as its native one, or to have a "BSD
- compatibility" environment.
-
-5. What version of OPIE you are using (the output of opiepasswd -v) and,
- if you used the Autoconf install, a copy of the config.h, config.log,
- and Makefile that Autoconf created.
-
-6. A clear description of what you did and what bug then appeared.
- If your system has the script(1) command, please run a session
- under that to demonstrate the bug. Window-system cut-and-paste
- also works well. Sometimes, the exact output is critical to
- finding the bug.
-
-If you can provide any of the following things, it will greatly assist
-us in fixing the problem and improve the chances that we'll get back to you:
-
-7. A diagnosis of what is causing the problem.
-
-8. A test case that can repeatably demonstrate the problem.
-
-9. A fix for the problem.
-
- Bug reports should be sent by Internet electronic mail to
-<opie-bugs@inner.net>. This mail is run through an automated sorter that helps
-get the bug report into the hands of someone who can help you. In order to
-make that program work, we ask that you:
-
- * Send this is normal RFC822 plain text or MIME text/plain.
-
- * DO NOT send this or any other file as an "attachment" from
- your mailer.
-
- * DO NOT send a copy of your bug report to ANYONE other than
- <opie-bugs@inner.net>. This includes listing more than one recipient
- or sending it as a carbon-copy ("Cc:") to someone else.
-
- * DO NOT send a copy of your bug report directly to the
- authors or to any mailing lists. This really makes the
- authors angry, and will be interpreted as a request to not
- provide you with any help.
-
- * DO NOT re-send bug reports because you didn't receive a
- response. We attempt to respond to ALL properly submitted
- bug reports. If we can't send mail back to you or you
- didn't bother to follow the directions for submitting a
- bug report, you won't receive a response.
-
- While OPIE is NOT a supported program, we generally try to respond
-to all properly submitted bug reports as soon as we can. If your bug report
-is properly submitted so our machine sorter can process it, this usually
-takes one working day. If our machine sorter can't process your bug report,
-it usually takes a week or two.
-
-Copyright
-=========
-
-%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
-Reserved. The Inner Net License Version 2 applies to these portions of
-the software.
-You should have received a copy of the license with this software. If
-you didn't get a copy, you may request one from <license@inner.net>.
-
diff --git a/contrib/opie/COPYRIGHT.NRL b/contrib/opie/COPYRIGHT.NRL
deleted file mode 100644
index cfbffc348760..000000000000
--- a/contrib/opie/COPYRIGHT.NRL
+++ /dev/null
@@ -1,68 +0,0 @@
-# @(#)COPYRIGHT 1.1 (NRL) 17 January 1995
-
-COPYRIGHT NOTICE
-
-All of the documentation and software included in this software
-distribution from the US Naval Research Laboratory (NRL) are
-copyrighted by their respective developers.
-
-Portions of the software are derived from the Net/2 and 4.4 Berkeley
-Software Distributions (BSD) of the University of California at
-Berkeley and those portions are copyright by The Regents of the
-University of California. All Rights Reserved. The UC Berkeley
-Copyright and License agreement is binding on those portions of the
-software. In all cases, the NRL developers have retained the original
-UC Berkeley copyright and license notices in the respective files in
-accordance with the UC Berkeley copyrights and license.
-
-Portions of this software and documentation were developed at NRL by
-various people. Those developers have each copyrighted the portions
-that they developed at NRL and have assigned All Rights for those
-portions to NRL. Outside the USA, NRL has copyright on some of the
-software developed at NRL. The affected files all contain specific
-copyright notices and those notices must be retained in any derived
-work.
-
-NRL LICENSE
-
-NRL grants permission for redistribution and use in source and binary
-forms, with or without modification, of the software and documentation
-created at NRL provided that the following conditions are met:
-
-1. All terms of the UC Berkeley copyright and license must be followed.
-2. Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
-3. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-4. All advertising materials mentioning features or use of this software
- must display the following acknowledgements:
-
- This product includes software developed by the University of
- California, Berkeley and its contributors.
-
- This product includes software developed at the Information
- Technology Division, US Naval Research Laboratory.
-
-5. Neither the name of the NRL nor the names of its contributors
- may be used to endorse or promote products derived from this software
- without specific prior written permission.
-
-THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS
-IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
-PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR
-CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
-PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-The views and conclusions contained in the software and documentation
-are those of the authors and should not be interpreted as representing
-official policies, either expressed or implied, of the US Naval
-Research Laboratory (NRL).
-
-----------------------------------------------------------------------
diff --git a/contrib/opie/INSTALL b/contrib/opie/INSTALL
deleted file mode 100644
index db23f84a2b76..000000000000
--- a/contrib/opie/INSTALL
+++ /dev/null
@@ -1,178 +0,0 @@
-OPIE Software Distribution, Release 2.4 Installation Instructions
-======================================= =========================
-
- Did you read the README file?
-
- If not, please go do so, then come back here. There is information in
-the README file that you will probably need to know in order to build and use
-OPIE, and you are better off doing it before you try to compile and install
-it.
-
- OPIE uses Autoconf to automagically figure out as much as possible
-about your system. There are four steps to installing OPIE. Please read them
-all first before attempting to do them.
-
-1. Run the "configure" script.
-
- Normally, you will need to type:
-
- sh configure
-
- If you would like to use an access file to allow users from some hosts
-to log into your system without using OTPs (thus opening up a big security
-hole, but a necessary evil for some sites), type:
-
- sh configure --enable-access-file=/etc/opieaccess
-
- If you'd like the file to go somewhere else, adjust this appropriately.
-
- There are a number of configure-time options available for OPIE. You
-probably don't want to change the defaults. To get a complete listing of the
-currently available options, type:
-
- sh configure --help
-
- Some options that may be of interest are:
-
- --enable-access-file=FILENAME: Enable the OPIE access file FILENAME
- The OPIE access file provides a system administrator with the ability
- to make the use of OTP optional for certain hosts. Note that individual
- users can create a file named ".opiealways" in their home directory to
- require that OTP be used to access to their account. Note also that the
- access file is based on addresses, but many of the clients that use it
- are only given hostnames. This opens this entire scheme up to DNS
- spoofing attacks, which is a major security problem. ALWAYS use a
- package such as tcp_wrappers configured to do paranoid checking on DNS
- information if you enable this option (it's good practice anyway).
-
- --enable-server-md4: Use MD4 instead of MD5 for the server
- The old S/Key package used MD4 instead of MD5. MD4 is believed to be
- less secure than MD5. Use this option only for compatibility with old
- key files.
-
- --disable-user-locking: Disable user locking
- OPIE only allows one session at a time to attempt to authenticate a
- principal; this prevents a possible race attack on OTP. This locking
- mechanism can cause problems in some applications, in which case you
- might want to disable the locking. This option also provides a work-
- around if the locking code doesn't work reliably on your system.
-
- --enable-user-locking[=DIR]: Put user lock files in DIR [/etc/opielocks]
- The OPIE lock files need to be put in an isolated directory that is
- only accessable by the super-user and has a parent directory that is
- only writable by the super-user. If you are trying to use OPIE with
- the key file shared by NFS, you need to make the lock directory
- shared too. (But you read the README file, so you knew this)
-
- --enable-retype: Ask users to re-type their secret pass phrases
- On the one hand, this helps prevent users from having to go generate
- an OTP, type it into a remote system, and then found out they
- mistyped. On the other hand, it's annoying. If this is enabled, users
- can simply hit return at the second prompt and the generator will skip
- the retype check, which allows users who don't like the retype check
- to mostly skip it.
-
- --enable-su-star-check: Refuse to switch to disabled accounts
- On many systems, an asterisk means one thing and one thing only: this
- account is never meant for human users. Therefore, it doesn't make
- much sense for anyone other than an attacker to try to su to that
- account. Enabling this check causes su to refuse to switch to
- accounts with an asterisk in their password field. While probably
- better for security, this is not compatible with traditional *IX su
- behavior, so it is disabled by default
-
- --disable-new-prompts: Use more compatible (but less informative) prompts
- OPIE uses login prompts that tell you exactly what kind of response
- (an OTP response and/or a cleartext password) it expects you to give.
- This can break automatic login scripts that look for 'Password:' as
- the prompt for the password. If you have users that use such scripts,
- you might want to disable the more informative responses so as not to
- break those scripts.
-
- --enable-insecure-override: Allow users to override insecure checks
- While OPIE cannot determine whether or not a session is secure, it can
- check for fairly common signs that it isn't secure. If it believes the
- session is insecure, some programs like opiekey will refuse to run
- because they prompt the user to send a secret pass phrase. Sometimes
- these checks declare a session insecure when it is, and sometimes the
- user wants to continue anyway even if the session is insecure. If this
- option is enabled, many commands gain a '-f' option to force them to
- operate even if OPIE thinks the session is insecure.
-
- --enable-anonymous-ftp Enable anonymous FTP support
- By default, the OPIE FTP daemon does not support anonymous FTP
- service. The FTP daemon contains many security related bug fixes
- relative to the original source, but bugs probably remain. It was not
- intended to be used for anonymous FTP, where it is more open to the
- commands of potentially hostile users. If you enable this option, it
- will once again support anonymous FTP, but it probably isn't secure
- when that way.
-
- --disable-utmp Disable utmp logging
- --disable-wtmp Disable wtmp logging
- On some systems, logging to the utmp and/or wtmp files is just a lost
- cause. If this is the case on your system, you might be better off
- not having OPIE even try.
-
- --enable-opieauto Enable support for opieauto
- opieauto is a facility that caches an intermediate result of the OTP
- generator so that a user-selected number of OTPs can be generated on
- demand for each time the user types in the secret pass phrase. This
- is great for user convenience, as typing a twenty or thirty character
- secret pass phrase can be annoying. It can also be a minor security
- hole (see the README for details).
-
-2. Edit the Makefile
-
- The Makefile contains some options that you may wish to modify. Also
-verify that Autoconf chose the correct options for your system.
-
- The Makefile created by Autoconf should be correct for most users
-as-is.
-
-3. Build OPIE
-
- Normally, you will need to type:
-
- make
-
- If you only want to build the client programs, type:
-
- make client
-
- If you only want to build the server programs, type:
-
- make server
-
-4. Verify that OPIE works on your system and install
-
- Normall, you will need to type:
-
- make install
-
- If you only want to install the client programs, type:
-
- make client-install
-
- If you only want to install the server programs, type:
-
- make server-install
-
- If you encounter any problems, you may be able to run "make uninstall"
-to remove the OPIE software from your system and revert back to almost the
-way things were before.
-
-Copyright
-=========
-
-%%% portions-copyright-cmetz-96
-Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
-Reserved. The Inner Net License Version 2 applies to these portions of
-the software.
-You should have received a copy of the license with this software. If
-you didn't get a copy, you may request one from <license@inner.net>.
-
-Portions of this document are Copyright 1995 by Randall Atkinson and Dan
-McDonald, All Rights Reserved. All Rights under this copyright are assigned
-to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
-License Agreement applies to this software.
diff --git a/contrib/opie/License.TIN b/contrib/opie/License.TIN
deleted file mode 100644
index 0ec9d214e272..000000000000
--- a/contrib/opie/License.TIN
+++ /dev/null
@@ -1,45 +0,0 @@
-The Inner Net License, Version 2
-================================
-
- The author(s) grant permission for redistribution and use in source and
-binary forms, with or without modification, of the software and documentation
-provided that the following conditions are met:
-
-0. If you receive a version of the software that is specifically labelled
- as not being for redistribution (check the version message and/or README),
- you are not permitted to redistribute that version of the software in any
- way or form.
-1. All terms of the all other applicable copyrights and licenses must be
- followed.
-2. Redistributions of source code must retain the authors' copyright
- notice(s), this list of conditions, and the following disclaimer.
-3. Redistributions in binary form must reproduce the authors' copyright
- notice(s), this list of conditions, and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-4. All advertising materials mentioning features or use of this software
- must display the following acknowledgement with the name(s) of the
- authors as specified in the copyright notice(s) substituted where
- indicated:
-
- This product includes software developed by <name(s)>, The Inner
- Net, and other contributors.
-
-5. Neither the name(s) of the author(s) nor the names of its contributors
- may be used to endorse or promote products derived from this software
- without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY ITS AUTHORS AND CONTRIBUTORS ``AS IS'' AND ANY
-EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR ANY
-DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
-ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
- Please distribute a copy of this license with the software and make it
-reasonably easy for others to find.
-
- If these license terms cause you a real problem, contact the author.
diff --git a/contrib/opie/Makefile.in b/contrib/opie/Makefile.in
deleted file mode 100644
index 77e0fc3b1bb1..000000000000
--- a/contrib/opie/Makefile.in
+++ /dev/null
@@ -1,327 +0,0 @@
-##
-# Makefile.source and Makefile: Directions for building and installing OPIE.
-#
-# %%% portions-copyright-cmetz-96
-# Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
-# Reserved. The Inner Net License Version 2 applies to these portions of
-# the software.
-# You should have received a copy of the license with this software. If
-# you didn't get a copy, you may request one from <license@inner.net>.
-#
-# Portions of this software are Copyright 1995 by Randall Atkinson and Dan
-# McDonald, All Rights Reserved. All Rights under this copyright are assigned
-# to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
-# License Agreement applies to this software.
-#
-# History:
-#
-# Modified by cmetz for OPIE 2.4. Add libmissing to include header path.
-# Renamed realclean to distclean. Added opieauto rules. Made
-# system program install more tolerant of non-existent files.
-# Modified by cmetz for OPIE 2.31. Moved logwtmp.o into libopie.
-# Modified by cmetz for OPIE 2.3. Removed manual config -- it's
-# Autoconf or bust. Replaced user configuration options
-# with options.h. Eliminated unused variables. Pass down
-# $(DEBUG) instead of several other variables to the
-# subdirs. Extended/standard key file support. Added
-# dependencies on subdir files. Made opietest call silent.
-# Removed opie-md4, opie-md5, and key aliases. Removed
-# test target. Make uninstall remove man page aliases.
-# Modified by cmetz for OPIE 2.22. Removed @LIBOBJS@ from MISSING for
-# Autoconf target. Re-ordered LFLAGS because some ld's won't
-# include libmissing properly if it's not at the end.
-# Modified by cmetz for OPIE 2.21. Added getusershell.o to IRIX
-# missing functions.
-# Modified by cmetz for OPIE 2.2. Added NEW_PROMPTS definition.
-# Added MISSING and new flags-passing for libmissing.
-# Quote MISSING or lose. Update TEST target for FTPD
-# variable. Removed line formatting for compile commands
-# since macro expansion confuses the issue anyway.
-# Added targets for opieserv. Added targets for opietest.
-# Removed obselete options.h target. Swapped libmissing
-# and libopie. Updated manual config options. Added more
-# explanatory text. Fixed uses of old SYSV and BSD4_3
-# symbols.
-# Modified at NRL for OPIE 2.2: Renamed LDFLAGS setting to LIBS,
-# renamed LDFLAGS in targets to LFLAGS. Added targets for
-# libopie and libmissing directories. Got rid of PROTOTYPES.
-# Added opiegen. Fixed RANLIB Autoconf target.
-# Modified at NRL for OPIE 2.11: Fixed fatal mistype of Autoconf.
-# Modified at NRL for OPIE 2.1: Changed targets to reflect source
-# file name changes. Changed explanation and flags for static
-# linking. Changed opieinfo target. Removed WHOAMI. Added
-# Autoconf targets. Changed if conditionals to use test
-# instead of [. Changed SU_DIR to SU to help autoconf.
-# Changed FTPDIR and FTPDNAME to FTPD to help autoconf.
-# Changed HP-UX to HP-UX9 and HP-UX10. Make uninstall
-# target depend on config. HPUX *is* no longer necessary, but
-# something does have to be there. Sub in Autoconf @CC@.
-# Modified at NRL for OPIE 2.04: Re-worded explanation of SU_STAR_CHECK.
-# Modified at NRL for OPIE 2.02: Added SU_STAR_CHECK flag.
-# Modified at NRL for OPIE 2.01: Test target makes opiesu and opielogin
-# setuid. install target clears that. uninstall target needs to
-# remove the opiekey symlinks. opieinfo target needs to
-# substitute for $(EXISTS). ifdefs target needs to check for
-# starting hash. $(LFLAGS) and -o should be at the end of all
-# link commands to spoon-feed drain bamaged link editors. Added
-# A/UX defaults.
-# Modified heavily at NRL for OPIE 2.0.
-# Written at Bellcore for the S/Key Version 1 software distribution
-# (Makefile).
-
-#============================================================================
-# CONFIGURATION PARAMETERS -- CHANGE THESE TO SUIT YOUR MACHINE
-
-# Shell to use for make(1)
-# It's usually a good idea to leave this as-is. On some systems, ksh or bash
-# may be necessary
-SHELL=/bin/sh
-
-# OWNER is the username who should own the OPIE binaries.
-# GROUP is the groupname associated with the OPIE binaries.
-#
-OWNER=0
-GROUP=bin
-
-# Where should the OPIE standard and extended databases be stored?
-#
-# Some sites might want to put this elsewhere. If you want to use an old
-# S/Key database, you should create a link from /etc/skeykeys to /etc/opiekeys.
-KEY_FILE=/etc/opiekeys
-
-# Are we debugging?
-#
-# The first line will build a normal version of OPIE. You should use it.
-#
-# The second is for brave souls porting OPIE to a new system or trying to
-# debug it and should definitely NOT be used to build a production copy
-# of OPIE.
-#
-# The third is the above using nifty heap debugger called "Electric Fence".
-DEBUG=-O
-#DEBUG=-DDEBUG=1 -g
-#DEBUG=-DDEBUG=1 -g -lefence
-
-# These parameters are determined by Autoconf and are probably correct.
-# If OPIE doesn't build or work right, try tweaking these.
-CC=@CC@
-YACC=@YACC@
-FTPD=@FTPD@
-LIBS=@LIBS@
-OPTIONS=@DEFS@
-EXISTS=@EXISTS@
-MKDIR=@MKDIR@
-CHOWN=@CHOWN@
-LOCALBIN=@LOCALBIN@
-LOCALMAN=@LOCALMAN@
-SU=@SU@
-ALT_SU=@ALT_SU@
-LOGIN=@LOGIN@
-LOCK_DIR=@LOCK_DIR@
-OPIEAUTO=@OPIEAUTO@
-
-BACKUP=opie.old
-
-CFLAGS=$(DEBUG) -Ilibmissing
-
-LFLAGS=-Llibopie -Llibmissing -lopie $(LIBS) -lmissing -lopie
-LDEPS=libmissing/libmissing.a libopie/libopie.a
-
-all: client server
-
-ifdefs:
- egrep '^#*if*def' *.c *.h | cut -f2 -d: | sort | uniq
-
-client: libopie/libopie.a libmissing/libmissing.a opietest-passed opiekey opiegen $(OPIEAUTO)
-
-client-install: client
- @echo "Installing OPIE client software..."
- @echo "Copying OPIE key-related files"
- @if test ! -d $(LOCALBIN); then $(MKDIR) $(LOCALBIN); chmod 755 $(LOCALBIN); fi
- @cp opiekey $(OPIEAUTO) $(LOCALBIN)
- @$(CHOWN) $(OWNER) $(LOCALBIN)/opiekey
- @if test ! -z "$(OPIEAUTO)"; then $(CHOWN) $(OWNER) $(LOCALBIN)/opieauto; fi
- @chgrp $(GROUP) $(LOCALBIN)/opiekey
- @echo "Changing file permissions"
- @chmod 0511 $(LOCALBIN)/opiekey
- @if test ! -z "$(OPIEAUTO)"; then chmod 0511 $(LOCALBIN)/opieauto; fi
- @echo "Symlinking aliases to opiekey"
- @-ln -s $(LOCALBIN)/opiekey $(LOCALBIN)/otp-md4
- @-ln -s $(LOCALBIN)/opiekey $(LOCALBIN)/otp-md5
- @echo "Installing manual pages"
- @-for i in otp-md4 otp-md5; do ln -s opiekey.1 $(LOCALMAN)/man1/$$i.1; done
- @if test ! -d $(LOCALMAN)/man1; then $(MKDIR) $(LOCALMAN)/man1; chmod 755 $(LOCALMAN)/man1; fi; cp opiekey.1 $(LOCALMAN)/man1/opiekey.1; $(CHOWN) $(OWNER) $(LOCALMAN)/man1/opiekey.1; chgrp $(GROUP) $(LOCALMAN)/man1/opiekey.1; chmod 644 $(LOCALMAN)/man1/opiekey.1
-
-server: libopie/libopie.a libmissing/libmissing.a opietest-passed opielogin opiesu opiepasswd opieinfo opieftpd opieserv
-
-server-install: server
- @echo "Installing OPIE server software..."
- @echo "Copying OPIE user programs"
- @if test ! -d $(LOCALBIN); then $(MKDIR) $(LOCALBIN); chmod 755 $(LOCALBIN); fi
- @cp opiepasswd opieinfo $(LOCALBIN)
- @echo "Changing ownership"
- @$(CHOWN) $(OWNER) $(LOCALBIN)/opiepasswd $(LOCALBIN)/opieinfo
- @chgrp $(GROUP) $(LOCALBIN)/opiepasswd $(LOCALBIN)/opieinfo
- @echo "Changing file permissions"
- @chmod 0555 $(LOCALBIN)/opieinfo
- @chmod 4511 $(LOCALBIN)/opiepasswd
- @echo "Installing OPIE system programs..."
- @if test ! -z $(LOGIN); \
- then \
- if test ! $(EXISTS) $(LOGIN).$(BACKUP); \
- then \
- echo "Renaming existing $(LOGIN) to $(LOGIN).$(BACKUP)"; \
- mv $(LOGIN) $(LOGIN).$(BACKUP); \
- echo "Clearing permissions on $(LOGIN)"; \
- chmod 0 $(LOGIN).$(BACKUP); \
- fi; \
- echo "Copying OPIE login to $(LOGIN)"; \
- cp opielogin $(LOGIN); \
- echo "Changing ownership of $(LOGIN)"; \
- $(CHOWN) $(OWNER) $(LOGIN); \
- chgrp $(GROUP) $(LOGIN); \
- echo "Changing file permissions of $(LOGIN)"; \
- chmod 4111 $(LOGIN); \
- fi
- @if test ! -z $(SU); \
- then \
- if test ! $(EXISTS) $(SU).$(BACKUP); \
- then \
- echo "Renaming existing $(SU) to $(SU).$(BACKUP)"; \
- mv $(SU) $(SU).$(BACKUP); \
- echo "Clearing permissions on $(SU)"; \
- chmod 0 $(SU).$(BACKUP); \
- fi; \
- echo "Copying OPIE su to $(SU)"; \
- cp opiesu $(SU); \
- echo "Changing ownership of $(SU)"; \
- $(CHOWN) $(OWNER) $(SU); \
- chgrp $(GROUP) $(SU); \
- echo "Changing file permissions of $(SU)"; \
- chmod 4111 $(SU); \
- fi
- @if test ! -z $(ALT_SU); \
- then \
- if test ! $(EXISTS) $(ALT_SU).$(BACKUP); \
- then \
- echo "Renaming existing $(ALT_SU) to $(ALT_SU).$(BACKUP)"; \
- mv $(ALT_SU) $(ALT_SU).$(BACKUP); \
- echo "Clearing permissions on $(ALT_SU)"; \
- chmod 0 $(ALT_SU).$(BACKUP); \
- fi; \
- echo "Copying OPIE su to $(ALT_SU)"; \
- cp opiesu $(ALT_SU); \
- echo "Changing ownership of $(ALT_SU)"; \
- $(CHOWN) $(OWNER) $(ALT_SU); \
- chgrp $(GROUP) $(ALT_SU); \
- echo "Changing file permissions of $(ALT_SU)"; \
- chmod 4111 $(ALT_SU); \
- fi
- @if test ! -z $(FTPD); \
- then \
- if test ! $(EXISTS) $(FTPD).$(BACKUP); \
- then \
- echo "Renaming existing $(FTPD) to $(FTPD).$(BACKUP)"; \
- mv $(FTPD) $(FTPD).$(BACKUP); \
- echo "Clearing permissions on $(FTPD).$(BACKUP)"; \
- chmod 0 $(FTPD).$(BACKUP); \
- fi; \
- echo "Copying OPIE ftp daemon to $(FTPD)"; \
- cp opieftpd $(FTPD); \
- echo "Changing ownership of $(FTPD)"; \
- $(CHOWN) $(OWNER) $(FTPD); \
- chgrp $(GROUP) $(FTPD); \
- echo "Changing file permissions of $(FTPD)"; \
- chmod 0100 $(FTPD); \
- fi
- @echo "Making sure OPIE database file exists";
- @touch $(KEY_FILE)
- @echo "Changing permissions of OPIE database file"
- @chmod 0644 $(KEY_FILE)
- @echo "Changing ownership of OPIE database file"
- @$(CHOWN) $(OWNER) $(KEY_FILE)
- @chgrp $(GROUP) $(KEY_FILE)
- @-if test ! -z "$(LOCK_DIR)"; then echo "Creating OPIE lock directory"; mkdir $(LOCK_DIR); $(CHOWN) 0 $(LOCK_DIR); chgrp 0 $(LOCK_DIR); chmod 0700 $(LOCK_DIR); fi;
- @-if test ! -z "$(ACCESS_FILE)"; then echo "Creating OPIE access file (don't say we didn't warn you)"; touch $(ACCESS_FILE); $(CHOWN) 0 $(ACCESS_FILE); chgrp 0 $(ACCESS_FILE); chmod 0444 $(ACCESS_FILE); fi;
- @echo "Installing manual pages"
- @if test ! -d $(LOCALMAN); then $(MKDIR) $(LOCALMAN); chmod 755 $(LOCALMAN); fi
- @for i in 1 4 5 8; do for j in *.$$i; do if test ! -d $(LOCALMAN)/man$$i; then $(MKDIR) $(LOCALMAN)/man$$i; chmod 755 $(LOCALMAN)/man$$i; fi; cp $$j $(LOCALMAN)/man$$i/$$j; $(CHOWN) $(OWNER) $(LOCALMAN)/man$$i/$$j; chgrp $(GROUP) $(LOCALMAN)/man$$i/$$j; chmod 644 $(LOCALMAN)/man$$i/$$j; done; done
- @echo "REMEMBER to run opiepasswd on your users immediately."
-
-install: client-install server-install
-
-uninstall:
- @echo "Un-installing OPIE..."
- @echo "Removing symlinks"
- @-for i in otp-md4 otp-md5; do rm $(LOCALBIN)/$$i; done
- @echo "Removing OPIE programs"
- @-for i in opiekey opiepasswd opieinfo; do rm $(LOCALBIN)/$$i; done
- @echo "Removing OPIE manual pages"
- @-for i in 1 4 5 8; do for j in *.$$i; do rm $(LOCALMAN)/man$$i/$$j; done; done
- @-rm $(LOCALMAN)/man1/otp-md4.1 $(LOCALMAN)/man1/otp-md5.1
- @echo "Restoring old binaries"
- @-for i in $(SU) $(ALT_SU) $(LOGIN) $(FTPD); do FILE=`basename $$i`; if test ! $(EXISTS) $$i.$(BACKUP); then echo "No $$i.$(BACKUP)! Aborting."; exit 1; else echo "Removing $$FILE"; rm $$i || true; echo "Restoring old $$FILE"; mv $$i.$(BACKUP) $$i; fi; done
- @echo "Resetting permissions"
- @chmod 4111 $(SU) $(LOGIN)
- @chmod 0100 $(FTPD)
- @if test ! -z "$(ALT_SU)"; then chmod 4111 $(ALT_SU); fi
- @echo "OPIE is now un-installed."
- @echo "Please verify by hand that this process worked."
-
-opietest-passed: opietest
- -./opietest && touch opietest-passed
-
-libopie/libopie.a: libopie/*.c *.h
- (cd libopie ; $(MAKE) libopie.a CFL='$(CFLAGS) -DKEY_FILE=\"$(KEY_FILE)\"')
-
-libmissing/libmissing.a: libmissing/*.c
- (cd libmissing ; $(MAKE) libmissing.a CFL='$(CFLAGS)')
-
-clean:
- -rm -f *.o opiekey opiegen opielogin opiepasswd opiesu opieftpd
- -rm -f opieserv opieinfo opietest opieauto *core* opietest-passed
- -rm -f Makefile.munge configure.munger y.tab.c .gdb*
- (cd libopie ; $(MAKE) clean)
- (cd libmissing ; $(MAKE) clean)
-
-realclean: distclean
-
-distclean: clean
- -rm -f *~ core* "\#*\#" Makefile make.log
- -rm -f config.log config.status config.cache config.h
- (cd libopie ; $(MAKE) distclean)
- (cd libmissing ; $(MAKE) distclean)
-
-opiekey: opiekey.o $(LDEPS)
- $(CC) $(CFLAGS) opiekey.o $(LFLAGS) -o opiekey
-
-opiegen: opiegen.o $(LDEPS)
- $(CC) $(CFLAGS) opiegen.o $(LFLAGS) -o opiegen
-
-opieserv: opieserv.o $(LDEPS)
- $(CC) $(CFLAGS) opieserv.o $(LFLAGS) -o opieserv
-
-opieftpd: opieftpd.o glob.o popen.o y.tab.o $(LDEPS)
- $(CC) $(CFLAGS) opieftpd.o glob.o popen.o y.tab.o $(LFLAGS) -o opieftpd
-
-opielogin: opielogin.o permsfile.o $(LDEPS)
- $(CC) $(CFLAGS) opielogin.o permsfile.o $(LFLAGS) -o opielogin
-
-opiepasswd: opiepasswd.o $(LDEPS)
- $(CC) $(CFLAGS) opiepasswd.o $(LFLAGS) -o opiepasswd
-
-opiesu: opiesu.o $(LDEPS)
- $(CC) $(CFLAGS) opiesu.o $(LFLAGS) -o opiesu
-
-y.tab.c: ftpcmd.y
- $(YACC) ftpcmd.y
-
-opieinfo: opieinfo.o $(LDEPS)
- $(CC) $(CFLAGS) opieinfo.o $(LFLAGS) -o opieinfo
-
-opietest: opietest.o $(LDEPS)
- $(CC) $(CFLAGS) opietest.o $(LFLAGS) -o opietest
-
-opieauto: opieauto.o $(LDEPS)
- $(CC) $(CFLAGS) opieauto.o $(LFLAGS) -o opieauto
-
diff --git a/contrib/opie/README b/contrib/opie/README
deleted file mode 100644
index a89e168adadb..000000000000
--- a/contrib/opie/README
+++ /dev/null
@@ -1,508 +0,0 @@
-OPIE Software Distribution, Release 2.4 Important Information
-======================================= =====================
-
-Introduction
-============
-
- "One-time Passwords In Everything" (OPIE) is a freely distributable
-software package originally developed at and for the US Naval Research
-Laboratory (NRL). Recent versions are the result of a cooperative effort
-between of NRL, several of the original NRL authors, The Inner Net, and many
-other contributors from the Internet community.
-
- OPIE is an implementation of the One-Time Password (OTP) System that
-is being considered for the Internet standards-track. OPIE provides a one-time
-password system. The system should be secure against the passive attacks
-now commonplace on the Internet (see RFC 1704 for more details). The system
-is vulnerable to active dictionary attacks, though these are not widespread
-at present and can be detected through proper use of system audit
-software.
-
- OPIE is primarily written for UNIX-like operating systems, but
-we are working to make applicable portions portable to other operating systems.
-The OPIE software is derived in part from and is fully interoperable with the
-Bell Communications Research (Bellcore) S/Key Release 1 software. Because
-Bellcore claims "S/Key" as a trademark for their software, NRL was forced to
-use a different name (we picked "OPIE") for this software distribution.
-
- OPIE includes the following additions/modifications to the
-original Bellcore S/Key(tm) Version 1 software:
-
-* Just about three command installation (unpack the software, run the
- configure script, and run make install). While we still recommend that you
- follow instructions and test things by hand, the more adventurous can
- install OPIE quickly.
-
-* A modified BSD FTP daemon that does OTP.
-
-* A version of su that uses OTP by default.
-
-* MD5 support. MD5 is now the default algorithm, though MD4 is still supported
- by changing a parameter in the Makefile. This change was made because MD5 is
- widely believed to be cryptographically stronger than MD4 (see RFC 1321).
-
-* A more portable version of MD4 has been substituted for the original MD4.
- This should solve the endian problems that were in S/Key.
-
-* Most of the system-dependencies have been moved to a new file "opie_cfg.h".
-
-* Configuration options have been moved to the Makefile.
*** 25609 LINES SKIPPED ***