freebsd-dev/lib/libpam/modules/pam_opie/pam_opie.c

/*-
 * Copyright 2000 James Bloom
 * All rights reserved.
 * Based upon code Copyright 1998 Juniper Networks, Inc.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");

#include <sys/types.h>
#include <opie.h>
#include <pwd.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>

#define PAM_SM_AUTH
#include <security/pam_modules.h>
#include "pam_mod_misc.h"

enum { PAM_OPT_AUTH_AS_SELF=PAM_OPT_STD_MAX };

static struct opttab other_options[] = {
	{ "auth_as_self",	PAM_OPT_AUTH_AS_SELF },
	{ NULL, 0 }
};

PAM_EXTERN int
pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
	struct opie opie;
	struct options options;
	struct passwd *pwd;
	int retval, i;
	char *(promptstr[]) = { "%s\nPassword: ", "%s\nPassword [echo on]: "};
	char challenge[OPIE_CHALLENGE_MAX];
	char prompt[OPIE_CHALLENGE_MAX+22];
	char resp[OPIE_SECRET_MAX];
	const char *user;
	const char *response;

	pam_std_option(&options, other_options, argc, argv);

	PAM_LOG("Options processed");

	/*
	 * It doesn't make sense to use a password that has already been
	 * typed in, since we haven't presented the challenge to the user
	 * yet.
	 */
	if (pam_test_option(&options, PAM_OPT_USE_FIRST_PASS, NULL) ||
	    pam_test_option(&options, PAM_OPT_TRY_FIRST_PASS, NULL))
		PAM_RETURN(PAM_AUTH_ERR);

	user = NULL;
	if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) {
		pwd = getpwnam(getlogin());
		user = pwd->pw_name;
	}
	else {
		retval = pam_get_user(pamh, (const char **)&user, NULL);
		if (retval != PAM_SUCCESS)
			PAM_RETURN(retval);
	}

	PAM_LOG("Got user: %s", user);

	/*
	 * Don't call the OPIE atexit() handler when our program exits,
	 * since the module has been unloaded and we will SEGV.
	 */
	opiedisableaeh();

	opiechallenge(&opie, (char *)user, challenge);
	for (i = 0; i < 2; i++) {
		snprintf(prompt, sizeof prompt, promptstr[i], challenge);
		retval = pam_get_pass(pamh, &response, prompt, &options);
		if (retval != PAM_SUCCESS) {
			opieunlock();
			PAM_RETURN(retval);
		}

		PAM_LOG("Completed challenge %d: %s", i, response);

		if (response[0] != '\0')
			break;

		/* Second time round, echo the password */
		pam_set_option(&options, PAM_OPT_ECHO_PASS);
	}

	/* We have to copy the response, because opieverify mucks with it. */
	snprintf(resp, sizeof resp, "%s", response);

	/*
	 * Opieverify is supposed to return -1 only if an error occurs.
	 * But it returns -1 even if the response string isn't in the form
	 * it expects.  Thus we can't log an error and can only check for
	 * success or lack thereof.
	 */
	retval = opieverify(&opie, resp) == 0 ? PAM_SUCCESS : PAM_AUTH_ERR;
	PAM_RETURN(retval);
}

PAM_EXTERN int
pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
	struct options options;

	pam_std_option(&options, other_options, argc, argv);

	PAM_LOG("Options processed");

	PAM_RETURN(PAM_SUCCESS);
}

PAM_MODULE_ENTRY("pam_opie");
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`/*-`
			`* Copyright 2000 James Bloom`
			`* All rights reserved.`
			`* Based upon code Copyright 1998 Juniper Networks, Inc.`
			`*`
			`* Redistribution and use in source and binary forms, with or without`
			`* modification, are permitted provided that the following conditions`
			`* are met:`
			`* 1. Redistributions of source code must retain the above copyright`
			`* notice, this list of conditions and the following disclaimer.`
			`* 2. Redistributions in binary form must reproduce the above copyright`
			`* notice, this list of conditions and the following disclaimer in the`
			`* documentation and/or other materials provided with the distribution.`
			`*`
			* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
			`* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE`
			`* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE`
			`* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE`
			`* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL`
			`* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS`
			`* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)`
			`* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT`
			`* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY`
			`* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
			`* SUCH DAMAGE.`
			`*/`

Add __FBSDID()s to libpam 2001-09-30 22:11:06 +00:00			`#include <sys/cdefs.h>`
			`__FBSDID("$FreeBSD$");`

Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`#include <sys/types.h>`
			`#include <opie.h>`
			`#include <pwd.h>`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`#include <stdio.h>`
			`#include <string.h>`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`#include <unistd.h>`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00
			`#define PAM_SM_AUTH`
			`#include <security/pam_modules.h>`
			`#include "pam_mod_misc.h"`

Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`enum { PAM_OPT_AUTH_AS_SELF=PAM_OPT_STD_MAX };`

			`static struct opttab other_options[] = {`
			`{ "auth_as_self", PAM_OPT_AUTH_AS_SELF },`
			`{ NULL, 0 }`
			`};`

Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`PAM_EXTERN int`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`pam_sm_authenticate(pam_handle_t pamh, int flags, int argc, const char *argv)`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`{`
			`struct opie opie;`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`struct options options;`
			`struct passwd *pwd;`
			`int retval, i;`
			`char *(promptstr[]) = { "%s\nPassword: ", "%s\nPassword [echo on]: "};`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`char challenge[OPIE_CHALLENGE_MAX];`
			`char prompt[OPIE_CHALLENGE_MAX+22];`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`char resp[OPIE_SECRET_MAX];`
			`const char *user;`
			`const char *response;`

			`pam_std_option(&options, other_options, argc, argv);`

			`PAM_LOG("Options processed");`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00
			`/*`
			`* It doesn't make sense to use a password that has already been`
			`* typed in, since we haven't presented the challenge to the user`
			`* yet.`
			`*/`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`if (pam_test_option(&options, PAM_OPT_USE_FIRST_PASS, NULL) \|\|`
			`pam_test_option(&options, PAM_OPT_TRY_FIRST_PASS, NULL))`
			`PAM_RETURN(PAM_AUTH_ERR);`

			`user = NULL;`
			`if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) {`
Use a better method to get user credentials to account for (legal) duplications of UID's in /etc/*passwd. 2001-07-14 08:38:24 +00:00			`pwd = getpwnam(getlogin());`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`user = pwd->pw_name;`
			`}`
			`else {`
			`retval = pam_get_user(pamh, (const char **)&user, NULL);`
			`if (retval != PAM_SUCCESS)`
			`PAM_RETURN(retval);`
			`}`

			`PAM_LOG("Got user: %s", user);`

Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`/*`
			`* Don't call the OPIE atexit() handler when our program exits,`
			`* since the module has been unloaded and we will SEGV.`
			`*/`
			`opiedisableaeh();`

Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`opiechallenge(&opie, (char *)user, challenge);`
			`for (i = 0; i < 2; i++) {`
			`snprintf(prompt, sizeof prompt, promptstr[i], challenge);`
			`retval = pam_get_pass(pamh, &response, prompt, &options);`
			`if (retval != PAM_SUCCESS) {`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`opieunlock();`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`PAM_RETURN(retval);`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`}`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00
			`PAM_LOG("Completed challenge %d: %s", i, response);`

			`if (response[0] != '\0')`
			`break;`

			`/* Second time round, echo the password */`
			`pam_set_option(&options, PAM_OPT_ECHO_PASS);`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`}`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`/* We have to copy the response, because opieverify mucks with it. */`
Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. 2001-07-09 18:20:51 +00:00			`snprintf(resp, sizeof resp, "%s", response);`

Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`/*`
			`* Opieverify is supposed to return -1 only if an error occurs.`
			`* But it returns -1 even if the response string isn't in the form`
			`* it expects. Thus we can't log an error and can only check for`
			`* success or lack thereof.`
			`*/`
1) repair the return value in the PAM_RETURN() macro (Side effects!!). 2) canonicalise the options use in pam_options(). Submitted by: Gunnar Kreitz <gunnark@chello.se> PR: 30250 2001-09-04 17:05:08 +00:00			`retval = opieverify(&opie, resp) == 0 ? PAM_SUCCESS : PAM_AUTH_ERR;`
			`PAM_RETURN(retval);`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`}`

			`PAM_EXTERN int`
			`pam_sm_setcred(pam_handle_t pamh, int flags, int argc, const char *argv)`
			`{`
Verbose logging, overridable verbose error reporting. 2001-08-10 19:12:59 +00:00			`struct options options;`

1) repair the return value in the PAM_RETURN() macro (Side effects!!). 2) canonicalise the options use in pam_options(). Submitted by: Gunnar Kreitz <gunnark@chello.se> PR: 30250 2001-09-04 17:05:08 +00:00			`pam_std_option(&options, other_options, argc, argv);`
Verbose logging, overridable verbose error reporting. 2001-08-10 19:12:59 +00:00
			`PAM_LOG("Options processed");`

			`PAM_RETURN(PAM_SUCCESS);`
Add pam_opie, a PAM module using the OPIE one-time-password scheme. Submitted by: Jim Bloom <bloom@acm.org> 2000-04-17 00:14:42 +00:00			`}`

			`PAM_MODULE_ENTRY("pam_opie");`