Date: Thu, 15 Jul 2004 13:55:48 -0700 From: Charles Gillet <charles@routescience.com> To: marcus@freebsd.org Cc: ports@freebsd.org Subject: Patch fix: FreeBSD Port: tac_plus4-F4.0.4 - is OPIE support really there? Message-ID: <40F6EF54.3040001@routescience.com> In-Reply-To: <40F6CB86.4010300@routescience.com> References: <40F6CB86.4010300@routescience.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------060302080806030403000409 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hello again, I have to apologize to Marcus, since this is the second time I've asked him for help, just to retract the question later. I had to make some small changes to config.c in the tacacs source to get things working. Attached is the patch that got it working for me. I submit it for review and possible inclusion in your tac_plus4 port. -charles Charles Gillet wrote: > > Hello, > > My apologies on (possibly?) wide distribution. > > Does OPIE support really work with this port? According to the commit > history at http://www.freshports.org/net/tac_plus4, it should, but > whether I use pkg_add, or manually patch the source from Cisco, opie > support isn't in there. It looks to me like there needs to be a patch > to config.c to parse opie statements, but I don't see one in the > distribution. Please help. > > charles:/h/charles>% uname -a > FreeBSD pfraval-bsd 4.10-RELEASE FreeBSD 4.10-RELEASE #0: Tue May 25 > 22:47:12 GMT 2004 > root@perseus.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 > > charles:/h/charles/release/tacacs+>% cat test.cf > > user = charles { > login = opie > } > > charles:/h/charles/release/tacacs+>% which tac_plus > /usr/local/sbin/tac_plus > charles:/h/charles/release/tacacs+>% ldd /usr/local/sbin/tac_plus > /usr/local/sbin/tac_plus: > libskey.so.2 => /usr/lib/libskey.so.2 (0x2807c000) > libmd.so.2 => /usr/lib/libmd.so.2 (0x28083000) > libopie.so.2 => /usr/lib/libopie.so.2 (0x2808c000) <--- Opie > libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x28095000) > libc.so.4 => /usr/lib/libc.so.4 (0x280ae000) > > [root /h/charles/release/tacacs+]# tac_plus -C test.cf > Error: expecting 'file', 'cleartext', 'nopassword', 'skey', or 'des' > keyword after 'login =' on line 3 > > > From the patched users_guide file: > > 4. Authentication using opie. > > If you have successfully built tac_plus with opie support, you can specify > a user be authenticated via opie, as follows: > > user = marcus { > login = opie > } > > > Thanks, > > -charles > > > --------------060302080806030403000409 Content-Type: text/plain; name="patch-config.c" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="patch-config.c" --- config.c.old 2004-07-15 13:38:32.806000000 -0700 +++ config.c 2004-07-15 13:44:45.754000000 -0700 @@ -49,6 +49,7 @@ <password_spec> := file <filename> | skey | + opie | cleartext <password> | des <password> | nopassword @@ -692,6 +693,10 @@ parse(S_separator); switch(sym_code) { + case S_opie: + user->login = tac_strdup(sym_buf); + break; + case S_skey: user->login = tac_strdup(sym_buf); break; @@ -715,7 +720,7 @@ default: parse_error( - "expecting 'file', 'cleartext', 'nopassword', 'skey', or 'des' keyword after 'login =' on line %d", + "expecting 'file', 'cleartext', 'nopassword', 'skey', 'opie', or 'des' keyword after 'login =' on line %d", sym_line); } sym_get(); @@ -1418,7 +1423,7 @@ if ((cf = fopen(cfile, "r")) == NULL) { report(LOG_ERR, "read_config: fopen() error for file %s %s, exiting", - cfile, sys_errlist[errno]); + cfile); return (1); } if (parse_decls() || sym_error) { --------------060302080806030403000409--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40F6EF54.3040001>