1/*
2 * Copyright (c) 1995-1997, 1999 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 *    may be used to endorse or promote products derived from this software
19 *    without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#include "otp_locl.h"
35#include <getarg.h>
36
37RCSID("$Id$");
38
39static int listp;
40static int deletep;
41static int openp;
42static int renewp;
43static char* alg_string;
44static char *user;
45static int version_flag;
46static int help_flag;
47
48struct getargs args[] = {
49    { "list", 'l', arg_flag, &listp, "list OTP status" },
50    { "delete", 'd', arg_flag, &deletep, "delete OTP" },
51    { "open", 'o', arg_flag, &openp, "open a locked OTP" },
52    { "renew", 'r', arg_flag, &renewp, "securely renew OTP" },
53    { "hash", 'f', arg_string, &alg_string,
54      "hash algorithm (md4, md5, or sha)", "algorithm"},
55    { "user", 'u', arg_string, &user,
56      "user other than current user (root only)", "user" },
57    { "version", 0, arg_flag, &version_flag },
58    { "help", 'h', arg_flag, &help_flag }
59};
60
61int num_args = sizeof(args) / sizeof(args[0]);
62
63static void
64usage(int code)
65{
66    arg_printusage(args, num_args, NULL, "[num seed]");
67    exit(code);
68}
69
70/*
71 * Renew the OTP for a user.
72 * The pass-phrase is not required (RFC 1938/8.0)
73 */
74
75static int
76renew (int argc, char **argv, OtpAlgorithm *alg, char *user)
77{
78    OtpContext newctx, *ctx;
79    char prompt[128];
80    char pw[64];
81    void *dbm;
82    int ret;
83
84    newctx.alg = alg;
85    newctx.user = user;
86    newctx.n = atoi (argv[0]);
87    strlcpy (newctx.seed, argv[1], sizeof(newctx.seed));
88    strlwr(newctx.seed);
89    snprintf (prompt, sizeof(prompt),
90	      "[ otp-%s %u %s ]",
91	      newctx.alg->name,
92	      newctx.n,
93	      newctx.seed);
94    if (UI_UTIL_read_pw_string (pw, sizeof(pw), prompt, 0) == 0 &&
95	otp_parse (newctx.key, pw, alg) == 0) {
96	ctx = &newctx;
97	ret = 0;
98    } else
99	return 1;
100
101    dbm = otp_db_open ();
102    if (dbm == NULL) {
103	warnx ("otp_db_open failed");
104	return 1;
105    }
106    otp_put (dbm, ctx);
107    otp_db_close (dbm);
108    return ret;
109}
110
111/*
112 * Return 0 if the user could enter the next OTP.
113 * I would rather have returned !=0 but it's shell-like here around.
114 */
115
116static int
117verify_user_otp(char *username)
118{
119    OtpContext ctx;
120    char passwd[OTP_MAX_PASSPHRASE + 1];
121    char prompt[128], ss[256];
122
123    if (otp_challenge (&ctx, username, ss, sizeof(ss)) != 0) {
124	warnx("no otp challenge found for %s", username);
125	return 1;
126    }
127
128    snprintf (prompt, sizeof(prompt), "%s's %s Password: ", username, ss);
129    if(UI_UTIL_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0))
130	return 1;
131    return otp_verify_user (&ctx, passwd);
132}
133
134/*
135 * Set the OTP for a user
136 */
137
138static int
139set (int argc, char **argv, OtpAlgorithm *alg, char *user)
140{
141    void *db;
142    OtpContext ctx;
143    char pw[OTP_MAX_PASSPHRASE + 1];
144    int ret;
145    int i;
146
147    ctx.alg = alg;
148    ctx.user = strdup (user);
149    if (ctx.user == NULL)
150	err (1, "out of memory");
151
152    ctx.n = atoi (argv[0]);
153    strlcpy (ctx.seed, argv[1], sizeof(ctx.seed));
154    strlwr(ctx.seed);
155    do {
156	if (UI_UTIL_read_pw_string (pw, sizeof(pw), "Pass-phrase: ", 1))
157	    return 1;
158	if (strlen (pw) < OTP_MIN_PASSPHRASE)
159	    printf ("Too short pass-phrase.  Use at least %d characters\n",
160		    OTP_MIN_PASSPHRASE);
161    } while(strlen(pw) < OTP_MIN_PASSPHRASE);
162    ctx.alg->init (ctx.key, pw, ctx.seed);
163    for (i = 0; i < ctx.n; ++i)
164	ctx.alg->next (ctx.key);
165    db = otp_db_open ();
166    if(db == NULL) {
167	free (ctx.user);
168	err (1, "otp_db_open failed");
169    }
170    ret = otp_put (db, &ctx);
171    otp_db_close (db);
172    free (ctx.user);
173    return ret;
174}
175
176/*
177 * Delete otp of user from the database
178 */
179
180static int
181delete_otp (int argc, char **argv, char *user)
182{
183    void *db;
184    OtpContext ctx;
185    int ret;
186
187    db = otp_db_open ();
188    if(db == NULL)
189	errx (1, "otp_db_open failed");
190
191    ctx.user = user;
192    ret = otp_delete(db, &ctx);
193    otp_db_close (db);
194    return ret;
195}
196
197/*
198 * Tell whether the user has an otp
199 */
200
201static int
202has_an_otp(char *user)
203{
204    void *db;
205    OtpContext ctx;
206    int ret;
207
208    db = otp_db_open ();
209    if(db == NULL) {
210	warnx ("otp_db_open failed");
211	return 0; /* if no db no otp! */
212    }
213
214    ctx.user = user;
215    ret = otp_simple_get(db, &ctx);
216
217    otp_db_close (db);
218    return !ret;
219}
220
221/*
222 * Get and print out the otp entry for some user
223 */
224
225static void
226print_otp_entry_for_name (void *db, char *user)
227{
228    OtpContext ctx;
229
230    ctx.user = user;
231    if (!otp_simple_get(db, &ctx)) {
232	fprintf(stdout,
233		"%s\totp-%s %d %s",
234		ctx.user, ctx.alg->name, ctx.n, ctx.seed);
235	if (ctx.lock_time)
236	    fprintf(stdout,
237		    "\tlocked since %s",
238		    ctime(&ctx.lock_time));
239	else
240	    fprintf(stdout, "\n");
241    }
242}
243
244static int
245open_otp (int argc, char **argv, char *user)
246{
247    void *db;
248    OtpContext ctx;
249    int ret;
250
251    db = otp_db_open ();
252    if (db == NULL)
253	errx (1, "otp_db_open failed");
254
255    ctx.user = user;
256    ret = otp_simple_get (db, &ctx);
257    if (ret == 0)
258	ret = otp_put (db, &ctx);
259    otp_db_close (db);
260    return ret;
261}
262
263/*
264 * Print otp entries for one or all users
265 */
266
267static int
268list_otps (int argc, char **argv, char *user)
269{
270    void *db;
271    struct passwd *pw;
272
273    db = otp_db_open ();
274    if(db == NULL)
275	errx (1, "otp_db_open failed");
276
277    if (user)
278	print_otp_entry_for_name(db, user);
279    else
280	/* scans all users... so as to get a deterministic order */
281	while ((pw = getpwent()))
282	    print_otp_entry_for_name(db, pw->pw_name);
283
284    otp_db_close (db);
285    return 0;
286}
287
288int
289main (int argc, char **argv)
290{
291    int defaultp = 0;
292    int uid = getuid();
293    OtpAlgorithm *alg = otp_find_alg (OTP_ALG_DEFAULT);
294    int optind = 0;
295
296    setprogname (argv[0]);
297    if(getarg(args, num_args, argc, argv, &optind))
298	usage(1);
299    if(help_flag)
300	usage(0);
301    if(version_flag) {
302	print_version(NULL);
303	exit(0);
304    }
305
306    if(deletep && uid != 0)
307	errx (1, "Only root can delete OTPs");
308    if(alg_string) {
309	alg = otp_find_alg (alg_string);
310	if (alg == NULL)
311	    errx (1, "Unknown algorithm: %s", alg_string);
312    }
313    if (user && uid != 0)
314	errx (1, "Only root can use `-u'");
315    argc -= optind;
316    argv += optind;
317
318    if (!(listp || deletep || renewp || openp))
319	defaultp = 1;
320
321    if ( listp + deletep + renewp + defaultp + openp != 1)
322	usage(1); /* one of -d or -l or -r or none */
323
324    if(deletep || openp || listp) {
325	if(argc != 0)
326	    errx(1, "delete, open, and list requires no arguments");
327    } else {
328	if(argc != 2)
329	    errx(1, "setup, and renew requires `num', and `seed'");
330    }
331    if (listp)
332	return list_otps (argc, argv, user);
333
334    if (user == NULL) {
335	struct passwd *pwd;
336
337	pwd = k_getpwuid(uid);
338	if (pwd == NULL)
339	    err (1, "You don't exist");
340	user = pwd->pw_name;
341    }
342
343    /*
344     * users other that root must provide the next OTP to update the sequence.
345     * it avoids someone to use a pending session to change an OTP sequence.
346     * see RFC 1938/8.0.
347     */
348    if (uid != 0 && (defaultp || renewp)) {
349	if (!has_an_otp(user)) {
350	    errx (1, "Only root can set an initial OTP");
351	} else { /* Check the next OTP (RFC 1938/8.0: SHOULD) */
352	    if (verify_user_otp(user) != 0) {
353		errx (1, "User authentification failed");
354	    }
355	}
356    }
357
358    if (deletep)
359	return delete_otp (argc, argv, user);
360    else if (renewp)
361	return renew (argc, argv, alg, user);
362    else if (openp)
363	return open_otp (argc, argv, user);
364    else
365	return set (argc, argv, alg, user);
366}
367