Patch fix: FreeBSD Port: tac_plus4-F4.0.4 - is OPIE support really there?

[Charles Gillet]

Hello again,

I have to apologize to Marcus, since this is the second time I've asked 
him for help, just to retract the question later.  I had to make some 
small changes to config.c in the tacacs source to get things working. 
Attached is the patch that got it working for me.  I submit it for 
review and possible inclusion in your tac_plus4 port.

-charles

Charles Gillet wrote:
> 
> Hello,
> 
> My apologies on (possibly?) wide distribution.
> 
> Does OPIE support really work with this port?  According to the commit 
> history at http://www.freshports.org/net/tac_plus4, it should, but 
> whether I use pkg_add, or manually patch the source from Cisco, opie 
> support isn't in there.  It looks to me like there needs to be a patch 
> to config.c to parse opie statements, but I don't see one in the 
> distribution.  Please help.
> 
> charles:/h/charles>% uname -a
> FreeBSD pfraval-bsd 4.10-RELEASE FreeBSD 4.10-RELEASE #0: Tue May 25 
> 22:47:12 GMT 2004 
> root at perseus.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
> 
> charles:/h/charles/release/tacacs+>% cat test.cf
> 
> user = charles {
>       login = opie
>     }
> 
> charles:/h/charles/release/tacacs+>% which tac_plus
> /usr/local/sbin/tac_plus
> charles:/h/charles/release/tacacs+>% ldd /usr/local/sbin/tac_plus
> /usr/local/sbin/tac_plus:
>         libskey.so.2 => /usr/lib/libskey.so.2 (0x2807c000)
>         libmd.so.2 => /usr/lib/libmd.so.2 (0x28083000)
>         libopie.so.2 => /usr/lib/libopie.so.2 (0x2808c000) <--- Opie
>         libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x28095000)
>         libc.so.4 => /usr/lib/libc.so.4 (0x280ae000)
> 
> [root /h/charles/release/tacacs+]# tac_plus -C test.cf
> Error: expecting 'file', 'cleartext', 'nopassword', 'skey', or 'des' 
> keyword after 'login =' on line 3
> 
> 
>  From the patched users_guide file:
> 
> 4. Authentication using opie.
> 
> If you have successfully built tac_plus with opie support, you can specify
> a user be authenticated via opie, as follows:
> 
>     user = marcus {
>       login = opie
>     }
> 
> 
> Thanks,
> 
> -charles
> 
> 
> 
-------------- next part --------------
--- config.c.old	2004-07-15 13:38:32.806000000 -0700
+++ config.c	2004-07-15 13:44:45.754000000 -0700
@@ -49,6 +49,7 @@
 
    <password_spec>  := file <filename> | 
 		       skey | 
+		       opie | 
 		       cleartext <password> | 
 		       des <password> |
 		       nopassword
@@ -692,6 +693,10 @@
 	    parse(S_separator);
 	    switch(sym_code) {
 
+	    case S_opie:
+		user->login = tac_strdup(sym_buf);
+		break;
+
 	    case S_skey:
 		user->login = tac_strdup(sym_buf);
 		break;
@@ -715,7 +720,7 @@
 
 	    default:
 		parse_error(
- "expecting 'file', 'cleartext', 'nopassword', 'skey', or 'des' keyword after 'login =' on line %d", 
+ "expecting 'file', 'cleartext', 'nopassword', 'skey', 'opie', or 'des' keyword after 'login =' on line %d", 
 			    sym_line);
 	    }
 	    sym_get();
@@ -1418,7 +1423,7 @@
 
     if ((cf = fopen(cfile, "r")) == NULL) {
 	report(LOG_ERR, "read_config: fopen() error for file %s %s, exiting",
-	       cfile, sys_errlist[errno]);
+	       cfile);
 	return (1);
     }
     if (parse_decls() || sym_error) {