login_skey.c revision 1.25 
1/*	$OpenBSD: login_skey.c,v 1.25 2015/10/16 13:37:43 millert Exp $	*/
2
3/*
4 * Copyright (c) 2000, 2001, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include <sys/socket.h>
20#include <sys/stat.h>
21#include <sys/time.h>
22#include <sys/resource.h>
23
24#include <ctype.h>
25#include <errno.h>
26#include <fcntl.h>
27#include <paths.h>
28#include <pwd.h>
29#include <readpassphrase.h>
30#include <signal.h>
31#include <stdio.h>
32#include <stdlib.h>
33#include <string.h>
34#include <syslog.h>
35#include <unistd.h>
36#include <limits.h>
37#include <err.h>
38
39#include <login_cap.h>
40#include <bsd_auth.h>
41#include <skey.h>
42
43#define	MODE_LOGIN	0
44#define	MODE_CHALLENGE	1
45#define	MODE_RESPONSE	2
46
47void quit(int);
48void send_fd(int);
49void suspend(int);
50
51volatile sig_atomic_t resumed;
52struct skey skey;
53
54int
55main(int argc, char *argv[])
56{
57	FILE *back = NULL;
58	char *user = NULL, *cp, *ep;
59	char challenge[SKEY_MAX_CHALLENGE+17], response[SKEY_MAX_PW_LEN+1];
60	const char *errstr;
61	int ch, fd = -1, haskey = 0, mode = MODE_LOGIN;
62
63	(void)signal(SIGINT, quit);
64	(void)signal(SIGQUIT, quit);
65	(void)signal(SIGALRM, quit);
66	(void)signal(SIGTSTP, suspend);
67	(void)setpriority(PRIO_PROCESS, 0, 0);
68
69	if (pledge("stdio rpath wpath flock sendfd proc tty", NULL) == -1) {
70		syslog(LOG_AUTH|LOG_ERR, "pledge: %m");
71		exit(1);
72	}
73
74	openlog(NULL, LOG_ODELAY, LOG_AUTH);
75
76	while ((ch = getopt(argc, argv, "ds:v:")) != -1) {
77		switch (ch) {
78		case 'd':
79			back = stdout;
80			break;
81		case 's':	/* service */
82			if (strcmp(optarg, "login") == 0)
83				mode = MODE_LOGIN;
84			else if (strcmp(optarg, "challenge") == 0)
85				mode = MODE_CHALLENGE;
86			else if (strcmp(optarg, "response") == 0)
87				mode = MODE_RESPONSE;
88			else {
89				syslog(LOG_ERR, "%s: invalid service", optarg);
90				exit(1);
91			}
92			break;
93		case 'v':
94			if (strncmp(optarg, "fd=", 3) == 0) {
95				fd = strtonum(optarg + 3, 0, INT_MAX, &errstr);
96				if (errstr != NULL) {
97					syslog(LOG_ERR, "fd is %s: %s",
98					    errstr, optarg + 3);
99					fd = -1;
100				}
101			}
102			/* silently ignore unsupported variables */
103			break;
104		default:
105			syslog(LOG_ERR, "usage error");
106			exit(1);
107		}
108	}
109	argc -= optind;
110	argv += optind;
111
112	switch (argc) {
113	case 2:	/* silently ignore class */
114	case 1:
115		user = *argv;
116		break;
117	default:
118		syslog(LOG_ERR, "usage error");
119		exit(1);
120	}
121
122	if (back == NULL && (back = fdopen(3, "r+")) == NULL)  {
123		syslog(LOG_ERR, "reopening back channel: %m");
124		exit(1);
125	}
126
127	/*
128	 * Note: our skeychallenge2() will always fill in the challenge,
129	 *       even if it has to create a fake one.
130	 */
131	switch (mode) {
132	case MODE_LOGIN:
133		haskey = (skeychallenge2(fd, &skey, user, challenge) == 0);
134		strlcat(challenge, "\nS/Key Password:", sizeof(challenge));
135
136		/* time out getting passphrase after 2 minutes to avoid a DoS */
137		if (haskey)
138			alarm(120);
139		resumed = 0;
140		if (!readpassphrase(challenge, response, sizeof(response), 0))
141			exit(1);
142		if (response[0] == '\0')
143			readpassphrase("S/Key Password [echo on]: ",
144			    response, sizeof(response), RPP_ECHO_ON);
145		alarm(0);
146		if (resumed) {
147			/*
148			 * We were suspended by the user.  Our lock is
149			 * no longer valid so we must regain it so
150			 * an attacker cannot do a partial guess of
151			 * an S/Key response already in progress.
152			 */
153			haskey = (skeylookup(&skey, user) == 0);
154		}
155		break;
156
157	case MODE_CHALLENGE:
158		haskey = (skeychallenge2(fd, &skey, user, challenge) == 0);
159		strlcat(challenge, "\nS/Key Password:", sizeof(challenge));
160		fprintf(back, BI_VALUE " challenge %s\n",
161		    auth_mkvalue(challenge));
162		fprintf(back, BI_CHALLENGE "\n");
163		fprintf(back, BI_FDPASS "\n");
164		fflush(back);
165		send_fd(fileno(back));
166		exit(0);
167
168	case MODE_RESPONSE:
169		/* read challenge */
170		mode = -1;
171		cp = challenge;
172		ep = challenge + sizeof(challenge);
173		while (cp < ep && read(fileno(back), cp, 1) == 1) {
174			if (*cp++ == '\0') {
175				mode = MODE_CHALLENGE;
176				break;
177			}
178		}
179		if (mode != MODE_CHALLENGE) {
180			syslog(LOG_ERR,
181			    "protocol error: bad/missing challenge");
182			exit(1);
183		}
184
185		/* read response */
186		cp = response;
187		ep = response + sizeof(response);
188		while (cp < ep && read(fileno(back), cp, 1) == 1) {
189			if (*cp++ == '\0') {
190				mode = MODE_RESPONSE;
191				break;
192			}
193		}
194		if (mode != MODE_RESPONSE) {
195			syslog(LOG_ERR,
196			    "protocol error: bad/missing response");
197			exit(1);
198		}
199
200		/*
201		 * Since the entry is locked we do not need to compare
202		 * the passed in challenge to the S/Key database but
203		 * maybe we should anyway?
204		 */
205		haskey = (skeychallenge2(fd, &skey, user, challenge) == 0);
206		break;
207	}
208
209	/*
210	 * Ignore keyboard interrupt/suspend during database update.
211	 */
212	signal(SIGINT, SIG_IGN);
213	signal(SIGQUIT, SIG_IGN);
214	signal(SIGTSTP, SIG_IGN);
215
216	if (haskey && skeyverify(&skey, response) == 0) {
217		if (mode == MODE_LOGIN) {
218			if (skey.n <= 1)
219				printf("Warning! You MUST change your "
220				    "S/Key password now!\n");
221			else if (skey.n < 5)
222				printf("Warning! Change S/Key password soon\n");
223		}
224		fprintf(back, BI_AUTH "\n");
225		fprintf(back, BI_SECURE "\n");
226		exit(0);
227	}
228	fprintf(back, BI_REJECT "\n");
229	exit(1);
230}
231
232/* ARGSUSED */
233void
234quit(int signo)
235{
236
237	_exit(1);
238}
239
240/* ARGSUSED */
241void
242suspend(int signo)
243{
244	sigset_t nset;
245	int save_errno = errno;
246
247	/*
248	 * Unlock the skey record so we don't sleep holding the lock.
249	 * Unblock SIGTSTP, set it to the default action and then
250	 * resend it so we are suspended properly.
251	 * When we resume, reblock SIGTSTP, reset the signal handler,
252	 * set a flag and restore errno.
253	 */
254	alarm(0);
255	skey_unlock(&skey);
256	(void)signal(signo, SIG_DFL);
257	(void)sigemptyset(&nset);
258	(void)sigaddset(&nset, signo);
259	(void)sigprocmask(SIG_UNBLOCK, &nset, NULL);
260	(void)kill(getpid(), signo);
261	(void)sigprocmask(SIG_BLOCK, &nset, NULL);
262	(void)signal(signo, suspend);
263	resumed = 1;
264	errno = save_errno;
265}
266
267void
268send_fd(int sock)
269{
270	struct msghdr msg;
271	struct cmsghdr *cmp;
272	union {
273		struct cmsghdr hdr;
274		char buf[CMSG_SPACE(sizeof(int))];
275	} cmsgbuf;
276
277	memset(&msg, 0, sizeof(msg));
278	msg.msg_control = &cmsgbuf.buf;
279	msg.msg_controllen = sizeof(cmsgbuf.buf);
280
281	cmp = CMSG_FIRSTHDR(&msg);
282	cmp->cmsg_len = CMSG_LEN(sizeof(int));
283	cmp->cmsg_level = SOL_SOCKET;
284	cmp->cmsg_type = SCM_RIGHTS;
285
286	*(int *)CMSG_DATA(cmp) = fileno(skey.keyfile);
287
288	if (sendmsg(sock, &msg, 0) < 0)
289		syslog(LOG_ERR, "sendmsg: %m");
290}
291