Add support for hashed passwords on server

.gitignore

@@ -37,3 +37,4 @@ src/mactelnetd
 src/mndp
 src/.deps/
 src/config.h
+doc/mactelnetd.1

config/mactelnetd.users

@@ -1,12 +1,12 @@
 # Users file for MAC-Telnetd
 #
 ####################################################################
-# WARNING: This file has passwords written in plain-text.          #
+# WARNING: This file may have passwords written in plain-text.     #
 #          Make sure this file is owned and only readable by root. #
 ####################################################################
 #
-# Each line consists of a username and a password seperated by :.
-# Usernames must be existing users from passwd.
+# Each line consists username, hash, and salt seperated by :.
+# If you need to add a new user, use the -a option in mactelnetd.
 #
 # Format:
-#username:password
+#username:hash:salt or username:password

configure.ac

@@ -66,6 +66,20 @@ AM_CONDITIONAL([BUILD_MACTELNETD], [test x"$enable_mactelnetd" != "xno"])
 # Checks for header files.
 AC_CHECK_HEADERS([arpa/inet.h fcntl.h sys/random.h float.h libintl.h locale.h linux/netlink.h netinet/in.h paths.h stdlib.h string.h sys/ioctl.h sys/socket.h sys/time.h syslog.h termios.h unistd.h utmp.h utmpx.h])
 
+dnl check for readpassphrase. If none is found, we use getpass (with a warning)
+AC_CHECK_HEADER([readpassphrase.h],
+    [READPASSPHRASE=native],
+    AC_CHECK_HEADER([bsd/readpassphrase.h],
+        [READPASSPHRASE=bsd],
+        [AC_MSG_WARN([falling back to obsoleted getpass(3)])]))
+
+AS_IF([test "x$READPASSPHRASE" = "xnative"],[
+    AC_DEFINE([HAVE_READPASSPHRASE], [1], [Enable readpassphrase])])
+
+AS_IF([test "x$READPASSPHRASE" = "xbsd"],[
+    AC_DEFINE([HAVE_BSDREADPASSPHRASE], [1], [Enable bsdreadpassphrase])
+    AC_SEARCH_LIBS([readpassphrase], [bsd], [], [AC_MSG_ERROR([library for bsd/readpassphrase.h not found])])])
+
 # Check if the target platform is macOS
 case "$host_os" in
   darwin*)

doc/Makefile.am

@@ -2,4 +2,9 @@ dist_man_MANS = mactelnet.1 mndp.1 macping.1
 
 if BUILD_MACTELNETD
 dist_man_MANS += mactelnetd.1
+CLEANFILES = mactelnetd.1
+
+mactelnetd.1: mactelnetd.1.in
+	$(AM_V_GEN)$(SED) -e 's|@sysconfdir[@]|$(sysconfdir)|g' mactelnetd.1.in > $@
+
 endif

doc/mactelnetd.1 → doc/mactelnetd.1.in

@@ -16,14 +16,36 @@ Do not use broadcast packets. A tad less insecure.
 This means that ethernet packets will have the mac-address of the client as the packet
 destination, instead of using the ethernet broadcast address.
 .TP
+.B \-o
+Use the older MD5 based authentication. This is less secure, and also requires your userfile to have the passwords in plaintext format. If you are running the server with this parameter, you cannot add users using the
+.B \-a
+option.
+.TP
+.B \-a
+Add a new user. The user should be an existing user in your system. You will be prompted for the username and password, or you can use one of the following options to specify them on the command line:
+.RS
+.TP
+.B \-u \fIusername\fR
+You can specify the new username to add on the command line using this option. If this is not used, you will be prompted for the username.
+.TP
+.B \-p \fIpassword\fR
+You can specify the new password for the new user to add on the command line using this option. If this is not used, you will be prompted for the password.
+.RE
+.TP
+.B \-d \fIusername\fR
+Delete the specified user.
+.TP
+.B \-l
+List the available users in the \fI@sysconfdir@/mactelnetd.users\fR file.
+.TP
 .B \-h
 Show summary of options.
 .TP
 .B \-v
 Show version of program.
 .SH FILES
 .TP
-.B /etc/mactelnetd.users
+.B @sysconfdir@/mactelnetd.users
 This file contains a line separated list of users that will have
 access to your machine. Usernames and passwords are separated
 by colon. This file is read each time a user connects.

po/bg.po

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: mactelnet\n"
 "Report-Msgid-Bugs-To: [email protected]\n"
-"POT-Creation-Date: 2024-04-22 21:15+0200\n"
+"POT-Creation-Date: 2024-07-30 10:37+0200\n"
 "PO-Revision-Date: 2024-04-22 19:42+0200\n"
 "Last-Translator: Chat GPT <[email protected]>\n"
 "Language-Team: Boian Bonev <[email protected]>\n"
@@ -177,7 +177,7 @@ msgstr "Парола: "
 msgid "Connecting to %s..."
 msgstr "Свързване към %s..."
 
-#: src/mactelnet.c:762 src/mactelnetd.c:258 src/mactelnetd.c:1163
+#: src/mactelnet.c:762 src/mactelnetd.c:259 src/mactelnetd.c:1179
 #, c-format
 msgid "Error binding to %s:%d, %s\n"
 msgstr "Грешка при свързване от %s:%d, %s\n"
@@ -197,111 +197,111 @@ msgstr "готово\n"
 msgid "Username too long\n"
 msgstr "Потребителското име е твърде дълго\n"
 
-#: src/mactelnetd.c:260
+#: src/mactelnetd.c:261
 #, c-format
 msgid "Error binding to %s:%d on %s\n"
 msgstr "Грешка при свързване към %s:%d на %s\n"
 
-#: src/mactelnetd.c:264
+#: src/mactelnetd.c:265
 #, c-format
 msgid "Using %s to transmit packets from %s\n"
 msgstr "Използване на %s за предаване на пакети от %s\n"
 
-#: src/mactelnetd.c:469
+#: src/mactelnetd.c:473
 #, c-format
 msgid "(%d) Invalid login by %s."
 msgstr "(%d) Неправилен вход от %s."
 
-#: src/mactelnetd.c:472
+#: src/mactelnetd.c:476
 msgid "Login failed, incorrect username or password\r\n"
 msgstr "Неуспешен вход, невалиден потребител или парола\r\n"
 
-#: src/mactelnetd.c:489
+#: src/mactelnetd.c:493
 msgid "Terminal error\r\n"
 msgstr "Грешка в терминала\r\n"
 
-#: src/mactelnetd.c:503 src/mactelnetd.c:511
+#: src/mactelnetd.c:507 src/mactelnetd.c:515
 #, c-format
 msgid "(%d) Error allocating memory."
 msgstr "(%d) Грешка при заделяне на памет."
 
-#: src/mactelnetd.c:505 src/mactelnetd.c:513
+#: src/mactelnetd.c:509 src/mactelnetd.c:517
 msgid "System error, out of memory\r\n"
 msgstr "Системна грешка, недостатъчно памет\r\n"
 
-#: src/mactelnetd.c:518
+#: src/mactelnetd.c:522
 #, c-format
 msgid "(%d) Login ok, but local user not accessible (%s)."
 msgstr "(%d) Успешен вход, но локалният потребител не е достъпен (%s)."
 
-#: src/mactelnetd.c:521
+#: src/mactelnetd.c:525
 msgid "Local user not accessible\r\n"
 msgstr "Локалният потребител не е достъпен\r\n"
 
-#: src/mactelnetd.c:532
+#: src/mactelnetd.c:536
 #, c-format
 msgid "Error opening %s: %s"
 msgstr "Грешка при отваряне %s: %s"
 
-#: src/mactelnetd.c:534
+#: src/mactelnetd.c:538
 msgid "Error opening terminal\r\n"
 msgstr "Грешка при отваряне на терминал\r\n"
 
-#: src/mactelnetd.c:545
+#: src/mactelnetd.c:549
 #, c-format
 msgid "(%d) User %s logged in."
 msgstr "(%d) Потребител %s влезе."
 
-#: src/mactelnetd.c:580
+#: src/mactelnetd.c:584
 #, c-format
 msgid "(%d) Could not log in %s (%d:%d): setuid/setgid: %s"
 msgstr "(%d) Неуспешен вход %s (%d:%d): setuid/setgid: %s"
 
-#: src/mactelnetd.c:583
+#: src/mactelnetd.c:587
 msgid "Internal error\r\n"
 msgstr "Вътрешна грешка\r\n"
 
-#: src/mactelnetd.c:589
+#: src/mactelnetd.c:593
 #, c-format
 msgid "(%d) User %s disconnected with "
 msgstr "(%d) Потребител %s е изхвърлен с "
 
-#: src/mactelnetd.c:715
+#: src/mactelnetd.c:731
 #, c-format
 msgid "(%d) Invalid mtwei key by %s."
 msgstr "(%d) Невалиден ключ mtwei от %s."
 
-#: src/mactelnetd.c:738
+#: src/mactelnetd.c:754
 #, c-format
 msgid "(%d) Unhandeled control packet type: %d, length: %d"
 msgstr "(%d) Необработен тип на контролен пакет: %d, дължина: %d"
 
-#: src/mactelnetd.c:742
+#: src/mactelnetd.c:758
 #, c-format
 msgid "(%d) Unhandeled control packet type: %d, in state: %d, length: %d"
 msgstr ""
 "(%d) Необработен тип на контролен пакет: %d, в състояние: %d, дължина: %d"
 
-#: src/mactelnetd.c:798
+#: src/mactelnetd.c:814
 #, c-format
 msgid "(%d) New connection from %s."
 msgstr "(%d) Нова връзка от %s."
 
-#: src/mactelnetd.c:827 src/mactelnetd.c:1318
+#: src/mactelnetd.c:843 src/mactelnetd.c:1334
 #, c-format
 msgid "(%d) Connection closed."
 msgstr "(%d) Връзката е затворена."
 
-#: src/mactelnetd.c:882
+#: src/mactelnetd.c:898
 #, c-format
 msgid "(%d) Unhandeled packet type: %d"
 msgstr "(%d) Необработваем пакет от тип: %d"
 
-#: src/mactelnetd.c:957
+#: src/mactelnetd.c:973
 msgid "Was not able to send any MNDP packets"
 msgstr "Не успях да изпратя нито един MNDP пакет"
 
-#: src/mactelnetd.c:966
+#: src/mactelnetd.c:982
 msgid ""
 "\r\n"
 "\r\n"
@@ -311,29 +311,29 @@ msgstr ""
 "\r\n"
 "Демон процеса прекратява работата си.\r\n"
 
-#: src/mactelnetd.c:968
+#: src/mactelnetd.c:984
 msgid "Daemon shutting down"
 msgstr "Демон процеса прекратява работата си"
 
-#: src/mactelnetd.c:1001
+#: src/mactelnetd.c:1017
 msgid "SIGHUP: Reloading interfaces"
 msgstr "SIGHUP: Презареждане на интерфейсите"
 
-#: src/mactelnetd.c:1016
+#: src/mactelnetd.c:1032
 msgid "No devices found! Exiting.\n"
 msgstr "Няма намерени устройства! Изход.\n"
 
-#: src/mactelnetd.c:1030
+#: src/mactelnetd.c:1046
 #, c-format
 msgid "(%d) Connection closed because interface %s is gone."
 msgstr "(%d) Връзката е затворена поради изчезнал интерфейс %s."
 
-#: src/mactelnetd.c:1090
+#: src/mactelnetd.c:1106
 #, c-format
 msgid "Usage: %s [-fnoh]\n"
 msgstr "Използване: %s [-fnoh]\n"
 
-#: src/mactelnetd.c:1095
+#: src/mactelnetd.c:1111
 #, c-format
 msgid ""
 "\n"
@@ -352,7 +352,7 @@ msgstr ""
 "  -h        Тази инструкция.\n"
 "\n"
 
-#: src/mactelnetd.c:1104
+#: src/mactelnetd.c:1120
 #, c-format
 msgid ""
 "\n"
@@ -369,45 +369,45 @@ msgstr ""
 "  -h        Тази инструкция.\n"
 "\n"
 
-#: src/mactelnetd.c:1115 src/macping.c:189
+#: src/mactelnetd.c:1131 src/macping.c:189
 #, c-format
 msgid "You need to have root privileges to use %s.\n"
 msgstr "Необходими са права на потребител root, за да използвате %s.\n"
 
-#: src/mactelnetd.c:1185
+#: src/mactelnetd.c:1201
 #, c-format
 msgid "MNDP: Error binding to %s:%d, %s\n"
 msgstr "MNDP: Грешка при свързване от %s:%d, %s\n"
 
-#: src/mactelnetd.c:1190
+#: src/mactelnetd.c:1206
 #, c-format
 msgid "Bound to %s:%d"
 msgstr "Свързване от %s:%d"
 
-#: src/mactelnetd.c:1224
+#: src/mactelnetd.c:1240
 msgid "Unable to find any valid network interfaces\n"
 msgstr "Няма валидни мрежови интерфейси\n"
 
-#: src/mactelnetd.c:1269 src/interfaces.c:284
+#: src/mactelnetd.c:1285 src/interfaces.c:284
 msgid "Network change detected"
 msgstr "Промяна в мрежата открита"
 
-#: src/mactelnetd.c:1316
+#: src/mactelnetd.c:1332
 #, c-format
 msgid "(%d) Connection to user %s closed."
 msgstr "(%d) Връзката към потребител %s е прекъсната."
 
-#: src/mactelnetd.c:1324
+#: src/mactelnetd.c:1340
 #, c-format
 msgid "(%d) Waiting for ack\n"
 msgstr "(%d) Изчакване на потвърждение\n"
 
-#: src/mactelnetd.c:1340
+#: src/mactelnetd.c:1356
 #, c-format
 msgid "(%d) Session timed out"
 msgstr "(%d) Изтекло време за изчакване на сесията"
 
-#: src/mactelnetd.c:1343
+#: src/mactelnetd.c:1359
 msgid "Timeout\r\n"
 msgstr "Изтекло време за изчакване\r\n"
 
@@ -619,12 +619,12 @@ msgstr "намерен\n"
 msgid "FATAL ERROR: Function returned NULL at %s:%d: %s;\n"
 msgstr "ФАТАЛНА ГРЕШКА: Функцията върна NULL на %s:%d: %s;\n"
 
-#: src/mtwei.c:154
+#: src/mtwei.c:162
 #, c-format
 msgid "Cannot mix gamma into pubkey: %s\n"
 msgstr "Не може да се смеси гама в обща ключ: %s\n"
 
-#: src/mtwei.c:192
+#: src/mtwei.c:200
 #, c-format
 msgid "Cannot make a public key: %s\n"
 msgstr "Не може да се направи общ ключ: %s\n"