https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191511
--- Comment #2 from commit-h...@freebsd.org --- A commit references this bug: Author: ache Date: Mon Aug 18 02:13:46 UTC 2014 New revision: 270120 URL: http://svnweb.freebsd.org/changeset/base/270120 Log: MFC: r269806,r269809,r269811,r269810 r269806: Fix too long (seed length >12 chars) challenge handling. 1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places of opie code expects that). 2) Overflow check in challenge.c is off by 1 even with corrected OPIE_CHALLENGE_MAX 3) When fallback to randomchallenge() happens and rval is 0 (i.e. challenge is too long), its value should be set to error state too. To demonstrate the bug, run opiepasswd with valid seed: opiepasswd -s 1234567890123456 and notice that it falls back to randomchallenge() (i.e. no 1234567890123456 in the prompt). r269809: When sha1 support was added, they forget to increase OPIE_HASHNAME_MAX r269811: Last '/' for program name, not first one. r269810: Link otp-sha1 to match real challenge prompt, not otp-sha. PR: 191511 Submitted by: mitsurur...@gmail.com (partially, PR 269806) Changes: _U stable/10/ stable/10/contrib/opie/libopie/challenge.c stable/10/contrib/opie/opie.h stable/10/contrib/opie/opiekey.c stable/10/usr.bin/opiekey/Makefile -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
