--- /dev/null
+#include <stdlib.h>
+#include <time.h>
+
+char *insults[] = {
+
+ /*
+ * These insults were stolen from the Sudo project.
+ * The copyright header on those files states:
+ * ISC license
+ * Copyright (c) 1996-2018Todd C. Miller <Todd.Miller@sudo.ws>
+ */
+
+ "Just what do you think you're doing Dave?",
+ "It can only be attributed to human error.",
+ "That's something I cannot allow to happen.",
+ "My mind is going. I can feel it.",
+ "Sorry about this, I know it's a bit silly.",
+ "Take a stress pill and think things over.",
+ "This mission is too important for me to allow you to jeopardize it.",
+ "I feel much better now.",
+ "Wrong! You cheating scum!",
+ "And you call yourself a Rocket Scientist!",
+ "No soap, honkie-lips.",
+ "Where did you learn to type?",
+ "Are you on drugs?",
+ "My pet ferret can type better than you!",
+ "You type like i drive.",
+ "Do you think like you type?",
+ "Your mind just hasn't been the same since the electro-shock, has it?",
+ "Maybe if you used more than just two fingers...",
+ "BOB says: You seem to have forgotten your passwd, enter another!",
+ "stty: unknown mode: doofus",
+ "I can't hear you -- I'm using the scrambler.",
+ "The more you drive -- the dumber you get.",
+ "Listen, broccoli brains, I don't have time to listen to this trash.",
+ "I've seen penguins that can type better than that.",
+ "Have you considered trying to match wits with a rutabaga?",
+ "You speak an infinite deal of nothing",
+ "You silly, twisted boy you.",
+ "He has fallen in the water!",
+ "We'll all be murdered in our beds!",
+ "You can't come in. Our tiger has got flu",
+ "I don't wish to know that.",
+ "What, what, what, what, what, what, what, what, what, what?",
+ "You can't get the wood, you know.",
+ "You'll starve!",
+ "... and it used to be so popular...",
+ "Pauses for audience applause, not a sausage",
+ "Hold it up to the light --- not a brain in sight!",
+ "Have a gorilla...",
+ "There must be cure for it!",
+ "There's a lot of it about, you know.",
+ "You do that again and see what happens...",
+ "Ying Tong Iddle I Po",
+ "Harm can come to a young lad like that!",
+ "And with that remarks folks, the case of the Crown vs yourself was proven.",
+ "Speak English you fool --- there are no subtitles in this scene.",
+ "You gotta go owwwww!",
+ "I have been called worse.",
+ "It's only your word against mine.",
+ "I think ... err ... I think ... I think I'll go home",
+ "That is no basis for supreme executive power!",
+ "You empty-headed animal food trough wiper!",
+ "I fart in your general direction!",
+ "Your mother was a hamster and your father smelt of elderberries!",
+ "You must cut down the mightiest tree in the forest... with... a herring!",
+ "I wave my private parts at your aunties!",
+ "He's not the Messiah, he's a very naughty boy!",
+ "I wish to make a complaint.",
+ "When you're walking home tonight, and some homicidal maniac comes after you with a bunch of loganberries, don't come crying to me!",
+ "This man, he doesn't know when he's beaten! He doesn't know when he's winning, either. He has no... sort of... sensory apparatus...",
+ "There's nothing wrong with you that an expensive operation can't prolong.",
+ "I'm very sorry, but I'm not allowed to argue unless you've paid.",
+
+#ifndef DOAS_INSULTS_KISS
+#define DOAS_INSULTS_KISS
+
+ /*
+ * Insults from the KISS Linux community
+ */
+
+ "",
+
+#endif
+};
+
+const char *
+getinsult(void)
+{
+ srand(time(NULL));
+ return (insults[rand() % (sizeof(insults) / sizeof(insults[0]))]);
+}
#include "openbsd.h"
#include "doas.h"
+#include "insults.h"
#ifndef HOST_NAME_MAX
#define HOST_NAME_MAX _POSIX_HOST_NAME_MAX
#endif
if (!user || !myname)
- errx(1, "Authentication failed");
+ authfail();
ret = pam_start(PAM_SERVICE_NAME, myname, &conv, &pamh);
if (ret != PAM_SUCCESS)
if (!nopass) {
if (!interactive)
- errx(1, "Authentication required");
+ authfail();
/* doas style prompt for pam */
char host[HOST_NAME_MAX + 1];
if (ret != PAM_SUCCESS) {
pamcleanup(ret, sess, cred);
syslog(LOG_AUTHPRIV | LOG_NOTICE, "failed auth for %s", myname);
- errx(1, "Authentication failed");
+ authfail();
}
}
if (ret != PAM_SUCCESS) {
pamcleanup(ret, sess, cred);
syslog(LOG_AUTHPRIV | LOG_NOTICE, "failed auth for %s", myname);
- errx(1, "Authentication failed");
+ authfail();
}
/* set PAM_USER to the user we want to be */
hash = pw->pw_passwd;
if (hash[0] == 'x' && hash[1] == '\0') {
struct spwd *sp;
- if ((sp = getspnam(myname)) == NULL)
- errx(1, "Authentication failed");
+ if ((sp = getspnam(myname)) == NULL) {
+ authfail();
+ }
hash = sp->sp_pwdp;
} else if (hash[0] != '*') {
- errx(1, "Authentication failed");
+ authfail();
}
char host[HOST_NAME_MAX + 1];
err(1, "readpassphrase");
if ((encrypted = crypt(response, hash)) == NULL) {
explicit_bzero(rbuf, sizeof(rbuf));
- errx(1, "Authentication failed");
+ printf(getinsult());
+ authfail();
}
explicit_bzero(rbuf, sizeof(rbuf));
if (strcmp(encrypted, hash) != 0) {
syslog(LOG_AUTHPRIV | LOG_NOTICE, "failed auth for %s", myname);
- errx(1, "Authentication failed");
+ authfail();
}
#ifdef USE_TIMESTAMP