From: Art Cancro <ajc@citadel.org>
Date: Wed, 26 Jan 2011 22:18:31 +0000 (-0500)
Subject: Removed nonce/apop/pas2, no longer used by anyone
X-Git-Tag: v8.11~969
X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=c37006aac2a4cc8a31643883b2e8d128441a5069

Removed nonce/apop/pas2, no longer used by anyone
---

diff --git a/citadel/citserver.c b/citadel/citserver.c
index 9570e3066..3bec05b1e 100644
--- a/citadel/citserver.c
+++ b/citadel/citserver.c
@@ -289,7 +289,7 @@ void cmd_info(char *cmdbuf) {
 	cprintf("%s\n", config.c_moreprompt);
 	cprintf("1\n");	/* 1 = yes, this system supports floors */
 	cprintf("1\n"); /* 1 = we support the extended paging options */
-	cprintf("%s\n", CC->cs_nonce);
+	cprintf("\n");	/* nonce no longer supported */
 	cprintf("1\n"); /* 1 = yes, this system supports the QNOP command */
 
 #ifdef HAVE_LDAP
@@ -890,22 +890,6 @@ void cmd_asyn(char *argbuf)
 }
 
 
-/*
- * Generate a "nonce" for APOP-style authentication.
- *
- * RFC 1725 et al specify a PID to be placed in front of the nonce.
- * Quoth BTX: That would be stupid.
- */
-void generate_nonce(CitContext *con) {
-	struct timeval tv;
-
-	memset(con->cs_nonce, NONCE_SIZE, 0);
-	gettimeofday(&tv, NULL);
-	memset(con->cs_nonce, NONCE_SIZE, 0);
-	snprintf(con->cs_nonce, NONCE_SIZE, "<%d%ld@%s>",
-		rand(), (long)tv.tv_usec, config.c_fqdn);
-}
-
 
 /*
  * Back-end function for starting a session
@@ -933,7 +917,6 @@ void begin_session(CitContext *con)
 	*con->fake_hostname = '\0';
 	*con->fake_roomname = '\0';
 	*con->cs_clientinfo = '\0';
-	generate_nonce(con);
 	safestrncpy(con->cs_host, config.c_fqdn, sizeof con->cs_host);
 	safestrncpy(con->cs_addr, "", sizeof con->cs_addr);
 	con->cs_UDSclientUID = -1;
diff --git a/citadel/context.h b/citadel/context.h
index 679f90e99..205cf4f1e 100644
--- a/citadel/context.h
+++ b/citadel/context.h
@@ -109,10 +109,6 @@ struct CitContext {
 	struct ctdluser user;	/* Database record buffers */
 	struct ctdlroom room;
 
-	/* Beginning of cryptography - session nonce */
-	char cs_nonce[NONCE_SIZE];	/* The nonce for this session's next auth transaction */
-
-
 	/* A linked list of all instant messages sent to us. */
 	struct ExpressMessage *FirstExpressMessage;
 	int disable_exp;	/* Set to 1 to disable incoming pages */
diff --git a/citadel/modules/pas2/.gitignore b/citadel/modules/pas2/.gitignore
deleted file mode 100644
index 5761abcfd..000000000
--- a/citadel/modules/pas2/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-*.o
diff --git a/citadel/modules/pas2/serv_pas2.c b/citadel/modules/pas2/serv_pas2.c
deleted file mode 100644
index 29fd2e47f..000000000
--- a/citadel/modules/pas2/serv_pas2.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * cmd_pas2 - MD5 APOP style auth keyed off of the hash of the password
- *            plus a nonce displayed at the login banner.
- *
- * Copyright (c) 1994-2009 by the citadel.org team
- *
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 3 of the License, or
- *  (at your option) any later version.
- *
- *  This program is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, write to the Free Software
- *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- */
-
-#include <stdlib.h>
-#include <unistd.h>
-#include <stdio.h>
-
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-#  include <sys/time.h>
-# else
-#  include <time.h>
-# endif
-#endif
-
-#include <ctype.h>
-#include <string.h>
-#include <errno.h>
-#include <libcitadel.h>
-#include "citadel.h"
-#include "server.h"
-#include "citserver.h"
-#include "support.h"
-#include "user_ops.h"
-#include "md5.h"
-
-
-#include "ctdl_module.h"
-
-
-void cmd_pas2(char *argbuf)
-{
-	char pw[256];
-	char hexstring[MD5_HEXSTRING_SIZE];
-	
-
-	if (!strcmp(CC->curr_user, NLI))
-	{
-		cprintf("%d You must enter a user with the USER command first.\n", ERROR + USERNAME_REQUIRED);
-		return;
-	}
-	
-	if (CC->logged_in)
-	{
-		cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
-		return;
-	}
-	
-	extract_token(pw, argbuf, 0, '|', sizeof pw);
-	
-	if (CtdlGetUser(&CC->user, CC->curr_user))
-	{
-		cprintf("%d Unable to find user record for %s.\n", ERROR + NO_SUCH_USER, CC->curr_user);
-		return;
-	}
-	
-	strproc(pw);
-	strproc(CC->user.password);
-	
-	if (strlen(pw) != (MD5_HEXSTRING_SIZE-1))
-	{
-		cprintf("%d Auth string of length %ld is the wrong length (should be %d).\n", ERROR + ILLEGAL_VALUE, (long)strlen(pw), MD5_HEXSTRING_SIZE-1);
-		return;
-	}
-	
-	make_apop_string(CC->user.password, CC->cs_nonce, hexstring, sizeof hexstring);
-	
-	if (!strcmp(hexstring, pw))
-	{
-		do_login();
-		return;
-	}
-	else
-	{
-		cprintf("%d Wrong password.\n", ERROR + PASSWORD_REQUIRED);
-		return;
-	}
-}
-
-
-
-
-
-CTDL_MODULE_INIT(pas2)
-{
-	if (!threading)
-	{
-	        CtdlRegisterProtoHook(cmd_pas2, "PAS2", "APOP-based login");
-	}
-	
-	/* return our Subversion id for the Log */
-        return "pas2";
-}
diff --git a/citadel/modules/pop3/serv_pop3.c b/citadel/modules/pop3/serv_pop3.c
index fe67455e1..89bfef80e 100644
--- a/citadel/modules/pop3/serv_pop3.c
+++ b/citadel/modules/pop3/serv_pop3.c
@@ -98,8 +98,7 @@ void pop3_greeting(void) {
 	CC->session_specific_data = malloc(sizeof(struct citpop3));
 	memset(POP3, 0, sizeof(struct citpop3));
 
-	cprintf("+OK Citadel POP3 server %s\r\n",
-		CC->cs_nonce);
+	cprintf("+OK Citadel POP3 server ready.\r\n");
 }
 
 
@@ -221,60 +220,6 @@ void pop3_login(void)
 	
 }
 
-void pop3_apop(char *argbuf)
-{
-   char username[SIZ];
-   char userdigest[MD5_HEXSTRING_SIZE];
-   char realdigest[MD5_HEXSTRING_SIZE];
-   char *sptr;
-   
-   if (CC->logged_in)
-   {
-   	cprintf("-ERR You are already logged in; not in the AUTHORIZATION phase.\r\n");
-   	return;
-   }
-   
-   if ((sptr = strchr(argbuf, ' ')) == NULL)
-   {
-   	cprintf("-ERR Invalid APOP line.\r\n");
-   	return;
-   }
-   
-   *sptr++ = '\0';
-   
-   while ((*sptr) && isspace(*sptr))
-      sptr++;
-   
-   strncpy(username, argbuf, sizeof(username)-1);
-   username[sizeof(username)-1] = '\0';
-   
-   memset(userdigest, 0, MD5_HEXSTRING_SIZE);
-   strncpy(userdigest, sptr, MD5_HEXSTRING_SIZE-1);
-   
-   if (CtdlLoginExistingUser(NULL, username) != login_ok)
-   {
-   	cprintf("-ERR No such user.\r\n");
-   	return;
-   }
-   
-   if (CtdlGetUser(&CC->user, CC->curr_user))
-   {
-   	cprintf("-ERR No such user.\r\n");
-   	return;
-   }
-   
-   make_apop_string(CC->user.password, CC->cs_nonce, realdigest, sizeof realdigest);
-   if (!strncasecmp(realdigest, userdigest, MD5_HEXSTRING_SIZE-1))
-   {
-	do_login();
-   	pop3_login();
-   }
-   else
-   {
-	cprintf("-ERR That is NOT the password.\r\n");
-   }
-}
-
 
 /*
  * Authorize with password (implements POP3 "PASS" command)
@@ -659,11 +604,6 @@ void pop3_command_loop(void) {
 		pop3_pass(&cmdbuf[5]);
 	}
 
-	else if (!strncasecmp(cmdbuf, "APOP", 4))
-	{
-		pop3_apop(&cmdbuf[5]);
-	}
-
 #ifdef HAVE_OPENSSL
 	else if (!strncasecmp(cmdbuf, "STLS", 4)) {
 		pop3_stls();