login_skey.c revision 1.25
1/* $OpenBSD: login_skey.c,v 1.25 2015/10/16 13:37:43 millert Exp $ */ 2 3/* 4 * Copyright (c) 2000, 2001, 2004 Todd C. Miller <Todd.Miller@courtesan.com> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#include <sys/socket.h> 20#include <sys/stat.h> 21#include <sys/time.h> 22#include <sys/resource.h> 23 24#include <ctype.h> 25#include <errno.h> 26#include <fcntl.h> 27#include <paths.h> 28#include <pwd.h> 29#include <readpassphrase.h> 30#include <signal.h> 31#include <stdio.h> 32#include <stdlib.h> 33#include <string.h> 34#include <syslog.h> 35#include <unistd.h> 36#include <limits.h> 37#include <err.h> 38 39#include <login_cap.h> 40#include <bsd_auth.h> 41#include <skey.h> 42 43#define MODE_LOGIN 0 44#define MODE_CHALLENGE 1 45#define MODE_RESPONSE 2 46 47void quit(int); 48void send_fd(int); 49void suspend(int); 50 51volatile sig_atomic_t resumed; 52struct skey skey; 53 54int 55main(int argc, char *argv[]) 56{ 57 FILE *back = NULL; 58 char *user = NULL, *cp, *ep; 59 char challenge[SKEY_MAX_CHALLENGE+17], response[SKEY_MAX_PW_LEN+1]; 60 const char *errstr; 61 int ch, fd = -1, haskey = 0, mode = MODE_LOGIN; 62 63 (void)signal(SIGINT, quit); 64 (void)signal(SIGQUIT, quit); 65 (void)signal(SIGALRM, quit); 66 (void)signal(SIGTSTP, suspend); 67 (void)setpriority(PRIO_PROCESS, 0, 0); 68 69 if (pledge("stdio rpath wpath flock sendfd proc tty", NULL) == -1) { 70 syslog(LOG_AUTH|LOG_ERR, "pledge: %m"); 71 exit(1); 72 } 73 74 openlog(NULL, LOG_ODELAY, LOG_AUTH); 75 76 while ((ch = getopt(argc, argv, "ds:v:")) != -1) { 77 switch (ch) { 78 case 'd': 79 back = stdout; 80 break; 81 case 's': /* service */ 82 if (strcmp(optarg, "login") == 0) 83 mode = MODE_LOGIN; 84 else if (strcmp(optarg, "challenge") == 0) 85 mode = MODE_CHALLENGE; 86 else if (strcmp(optarg, "response") == 0) 87 mode = MODE_RESPONSE; 88 else { 89 syslog(LOG_ERR, "%s: invalid service", optarg); 90 exit(1); 91 } 92 break; 93 case 'v': 94 if (strncmp(optarg, "fd=", 3) == 0) { 95 fd = strtonum(optarg + 3, 0, INT_MAX, &errstr); 96 if (errstr != NULL) { 97 syslog(LOG_ERR, "fd is %s: %s", 98 errstr, optarg + 3); 99 fd = -1; 100 } 101 } 102 /* silently ignore unsupported variables */ 103 break; 104 default: 105 syslog(LOG_ERR, "usage error"); 106 exit(1); 107 } 108 } 109 argc -= optind; 110 argv += optind; 111 112 switch (argc) { 113 case 2: /* silently ignore class */ 114 case 1: 115 user = *argv; 116 break; 117 default: 118 syslog(LOG_ERR, "usage error"); 119 exit(1); 120 } 121 122 if (back == NULL && (back = fdopen(3, "r+")) == NULL) { 123 syslog(LOG_ERR, "reopening back channel: %m"); 124 exit(1); 125 } 126 127 /* 128 * Note: our skeychallenge2() will always fill in the challenge, 129 * even if it has to create a fake one. 130 */ 131 switch (mode) { 132 case MODE_LOGIN: 133 haskey = (skeychallenge2(fd, &skey, user, challenge) == 0); 134 strlcat(challenge, "\nS/Key Password:", sizeof(challenge)); 135 136 /* time out getting passphrase after 2 minutes to avoid a DoS */ 137 if (haskey) 138 alarm(120); 139 resumed = 0; 140 if (!readpassphrase(challenge, response, sizeof(response), 0)) 141 exit(1); 142 if (response[0] == '\0') 143 readpassphrase("S/Key Password [echo on]: ", 144 response, sizeof(response), RPP_ECHO_ON); 145 alarm(0); 146 if (resumed) { 147 /* 148 * We were suspended by the user. Our lock is 149 * no longer valid so we must regain it so 150 * an attacker cannot do a partial guess of 151 * an S/Key response already in progress. 152 */ 153 haskey = (skeylookup(&skey, user) == 0); 154 } 155 break; 156 157 case MODE_CHALLENGE: 158 haskey = (skeychallenge2(fd, &skey, user, challenge) == 0); 159 strlcat(challenge, "\nS/Key Password:", sizeof(challenge)); 160 fprintf(back, BI_VALUE " challenge %s\n", 161 auth_mkvalue(challenge)); 162 fprintf(back, BI_CHALLENGE "\n"); 163 fprintf(back, BI_FDPASS "\n"); 164 fflush(back); 165 send_fd(fileno(back)); 166 exit(0); 167 168 case MODE_RESPONSE: 169 /* read challenge */ 170 mode = -1; 171 cp = challenge; 172 ep = challenge + sizeof(challenge); 173 while (cp < ep && read(fileno(back), cp, 1) == 1) { 174 if (*cp++ == '\0') { 175 mode = MODE_CHALLENGE; 176 break; 177 } 178 } 179 if (mode != MODE_CHALLENGE) { 180 syslog(LOG_ERR, 181 "protocol error: bad/missing challenge"); 182 exit(1); 183 } 184 185 /* read response */ 186 cp = response; 187 ep = response + sizeof(response); 188 while (cp < ep && read(fileno(back), cp, 1) == 1) { 189 if (*cp++ == '\0') { 190 mode = MODE_RESPONSE; 191 break; 192 } 193 } 194 if (mode != MODE_RESPONSE) { 195 syslog(LOG_ERR, 196 "protocol error: bad/missing response"); 197 exit(1); 198 } 199 200 /* 201 * Since the entry is locked we do not need to compare 202 * the passed in challenge to the S/Key database but 203 * maybe we should anyway? 204 */ 205 haskey = (skeychallenge2(fd, &skey, user, challenge) == 0); 206 break; 207 } 208 209 /* 210 * Ignore keyboard interrupt/suspend during database update. 211 */ 212 signal(SIGINT, SIG_IGN); 213 signal(SIGQUIT, SIG_IGN); 214 signal(SIGTSTP, SIG_IGN); 215 216 if (haskey && skeyverify(&skey, response) == 0) { 217 if (mode == MODE_LOGIN) { 218 if (skey.n <= 1) 219 printf("Warning! You MUST change your " 220 "S/Key password now!\n"); 221 else if (skey.n < 5) 222 printf("Warning! Change S/Key password soon\n"); 223 } 224 fprintf(back, BI_AUTH "\n"); 225 fprintf(back, BI_SECURE "\n"); 226 exit(0); 227 } 228 fprintf(back, BI_REJECT "\n"); 229 exit(1); 230} 231 232/* ARGSUSED */ 233void 234quit(int signo) 235{ 236 237 _exit(1); 238} 239 240/* ARGSUSED */ 241void 242suspend(int signo) 243{ 244 sigset_t nset; 245 int save_errno = errno; 246 247 /* 248 * Unlock the skey record so we don't sleep holding the lock. 249 * Unblock SIGTSTP, set it to the default action and then 250 * resend it so we are suspended properly. 251 * When we resume, reblock SIGTSTP, reset the signal handler, 252 * set a flag and restore errno. 253 */ 254 alarm(0); 255 skey_unlock(&skey); 256 (void)signal(signo, SIG_DFL); 257 (void)sigemptyset(&nset); 258 (void)sigaddset(&nset, signo); 259 (void)sigprocmask(SIG_UNBLOCK, &nset, NULL); 260 (void)kill(getpid(), signo); 261 (void)sigprocmask(SIG_BLOCK, &nset, NULL); 262 (void)signal(signo, suspend); 263 resumed = 1; 264 errno = save_errno; 265} 266 267void 268send_fd(int sock) 269{ 270 struct msghdr msg; 271 struct cmsghdr *cmp; 272 union { 273 struct cmsghdr hdr; 274 char buf[CMSG_SPACE(sizeof(int))]; 275 } cmsgbuf; 276 277 memset(&msg, 0, sizeof(msg)); 278 msg.msg_control = &cmsgbuf.buf; 279 msg.msg_controllen = sizeof(cmsgbuf.buf); 280 281 cmp = CMSG_FIRSTHDR(&msg); 282 cmp->cmsg_len = CMSG_LEN(sizeof(int)); 283 cmp->cmsg_level = SOL_SOCKET; 284 cmp->cmsg_type = SCM_RIGHTS; 285 286 *(int *)CMSG_DATA(cmp) = fileno(skey.keyfile); 287 288 if (sendmsg(sock, &msg, 0) < 0) 289 syslog(LOG_ERR, "sendmsg: %m"); 290} 291