1 /*- 2 * Copyright (c) 1991, 1993 3 * Dave Safford. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $FreeBSD: src/crypto/telnet/libtelnet/sra.c,v 1.1.2.7 2002/05/16 08:46:49 markm Exp $ 30 */ 31 32 #ifdef SRA 33 #ifdef ENCRYPTION 34 #include <sys/types.h> 35 #include <arpa/telnet.h> 36 #include <pwd.h> 37 #include <stdio.h> 38 #include <stdlib.h> 39 #include <string.h> 40 #include <syslog.h> 41 #include <ttyent.h> 42 43 #ifndef NOPAM 44 #include <security/pam_appl.h> 45 #else 46 #include <unistd.h> 47 #endif 48 49 #include "auth.h" 50 #include "misc.h" 51 #include "encrypt.h" 52 #include "pk.h" 53 54 char pka[HEXKEYBYTES+1], ska[HEXKEYBYTES+1], pkb[HEXKEYBYTES+1]; 55 char *user, *pass, *xuser, *xpass; 56 DesData ck; 57 IdeaData ik; 58 59 #define PASS_SIZE 256 60 61 extern int auth_debug_mode; 62 extern char line[]; 63 64 static int sra_valid = 0; 65 static int passwd_sent = 0; 66 67 static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, 68 AUTHTYPE_SRA, }; 69 70 #define SRA_KEY 0 71 #define SRA_USER 1 72 #define SRA_CONTINUE 2 73 #define SRA_PASS 3 74 #define SRA_ACCEPT 4 75 #define SRA_REJECT 5 76 77 static int check_user(char *, char *); 78 79 /* support routine to send out authentication message */ 80 static int 81 Data(Authenticator *ap, int type, void *d, int c) 82 { 83 unsigned char *p = str_data + 4; 84 unsigned char *cd = (unsigned char *)d; 85 86 if (c == -1) 87 c = strlen((char *)cd); 88 89 if (auth_debug_mode) { 90 printf("%s:%d: [%d] (%d)", 91 str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", 92 str_data[3], 93 type, c); 94 printd(d, c); 95 printf("\r\n"); 96 } 97 *p++ = ap->type; 98 *p++ = ap->way; 99 *p++ = type; 100 while (c-- > 0) { 101 if ((*p++ = *cd++) == IAC) 102 *p++ = IAC; 103 } 104 *p++ = IAC; 105 *p++ = SE; 106 if (str_data[3] == TELQUAL_IS) 107 printsub('>', &str_data[2], p - (&str_data[2])); 108 return(net_write(str_data, p - str_data)); 109 } 110 111 int 112 sra_init(Authenticator *ap __unused, int server) 113 { 114 if (server) 115 str_data[3] = TELQUAL_REPLY; 116 else 117 str_data[3] = TELQUAL_IS; 118 119 user = (char *)malloc(256); 120 xuser = (char *)malloc(513); 121 pass = (char *)malloc(PASS_SIZE); 122 xpass = (char *)malloc(513); 123 124 if (user == NULL || xuser == NULL || pass == NULL || xpass == 125 NULL) 126 return 0; /* malloc failed */ 127 128 passwd_sent = 0; 129 130 genkeys(pka,ska); 131 return(1); 132 } 133 134 /* client received a go-ahead for sra */ 135 int 136 sra_send(Authenticator *ap) 137 { 138 /* send PKA */ 139 140 if (auth_debug_mode) 141 printf("Sent PKA to server.\r\n" ); 142 printf("Trying SRA secure login:\r\n"); 143 if (!Data(ap, SRA_KEY, (void *)pka, HEXKEYBYTES)) { 144 if (auth_debug_mode) 145 printf("Not enough room for authentication data\r\n"); 146 return(0); 147 } 148 149 return(1); 150 } 151 152 /* server received an IS -- could be SRA KEY, USER, or PASS */ 153 void 154 sra_is(Authenticator *ap, unsigned char *data, int cnt) 155 { 156 int valid; 157 Session_Key skey; 158 159 if (cnt-- < 1) 160 goto bad; 161 switch (*data++) { 162 163 case SRA_KEY: 164 if (cnt < HEXKEYBYTES) { 165 Data(ap, SRA_REJECT, (void *)0, 0); 166 auth_finished(ap, AUTH_USER); 167 if (auth_debug_mode) { 168 printf("SRA user rejected for bad PKB\r\n"); 169 } 170 return; 171 } 172 if (auth_debug_mode) 173 printf("Sent pka\r\n"); 174 if (!Data(ap, SRA_KEY, (void *)pka, HEXKEYBYTES)) { 175 if (auth_debug_mode) 176 printf("Not enough room\r\n"); 177 return; 178 } 179 memcpy(pkb,data,HEXKEYBYTES); 180 pkb[HEXKEYBYTES] = '\0'; 181 common_key(ska,pkb,&ik,&ck); 182 return; 183 184 case SRA_USER: 185 /* decode KAB(u) */ 186 if (cnt > 512) /* Attempted buffer overflow */ 187 break; 188 memcpy(xuser,data,cnt); 189 xuser[cnt] = '\0'; 190 pk_decode(xuser,user,&ck); 191 auth_encrypt_user(user); 192 Data(ap, SRA_CONTINUE, (void *)0, 0); 193 194 return; 195 196 case SRA_PASS: 197 if (cnt > 512) /* Attempted buffer overflow */ 198 break; 199 /* decode KAB(P) */ 200 memcpy(xpass,data,cnt); 201 xpass[cnt] = '\0'; 202 pk_decode(xpass,pass,&ck); 203 204 /* check user's password */ 205 valid = check_user(user,pass); 206 207 if(valid) { 208 Data(ap, SRA_ACCEPT, (void *)0, 0); 209 skey.data = ck; 210 skey.type = SK_DES; 211 skey.length = 8; 212 encrypt_session_key(&skey, 1); 213 214 sra_valid = 1; 215 auth_finished(ap, AUTH_VALID); 216 if (auth_debug_mode) { 217 printf("SRA user accepted\r\n"); 218 } 219 } 220 else { 221 Data(ap, SRA_CONTINUE, (void *)0, 0); 222 /* 223 Data(ap, SRA_REJECT, (void *)0, 0); 224 sra_valid = 0; 225 auth_finished(ap, AUTH_REJECT); 226 */ 227 if (auth_debug_mode) { 228 printf("SRA user failed\r\n"); 229 } 230 } 231 return; 232 233 default: 234 if (auth_debug_mode) 235 printf("Unknown SRA option %d\r\n", data[-1]); 236 } 237 bad: 238 Data(ap, SRA_REJECT, 0, 0); 239 sra_valid = 0; 240 auth_finished(ap, AUTH_REJECT); 241 } 242 243 /* client received REPLY -- could be SRA KEY, CONTINUE, ACCEPT, or REJECT */ 244 void 245 sra_reply(Authenticator *ap, unsigned char *data, int cnt) 246 { 247 char uprompt[256],tuser[256]; 248 Session_Key skey; 249 size_t i; 250 251 if (cnt-- < 1) 252 return; 253 switch (*data++) { 254 255 case SRA_KEY: 256 /* calculate common key */ 257 if (cnt < HEXKEYBYTES) { 258 if (auth_debug_mode) { 259 printf("SRA user rejected for bad PKB\r\n"); 260 } 261 return; 262 } 263 memcpy(pkb,data,HEXKEYBYTES); 264 pkb[HEXKEYBYTES] = '\0'; 265 266 common_key(ska,pkb,&ik,&ck); 267 268 enc_user: 269 270 /* encode user */ 271 memset(tuser,0,sizeof(tuser)); 272 sprintf(uprompt,"User (%s): ",UserNameRequested); 273 telnet_gets(uprompt,tuser,255,1); 274 if (tuser[0] == '\n' || tuser[0] == '\r' ) 275 strcpy(user,UserNameRequested); 276 else { 277 /* telnet_gets leaves the newline on */ 278 for(i=0;i<sizeof(tuser);i++) { 279 if (tuser[i] == '\n') { 280 tuser[i] = '\0'; 281 break; 282 } 283 } 284 strcpy(user,tuser); 285 } 286 pk_encode(user,xuser,&ck); 287 288 /* send it off */ 289 if (auth_debug_mode) 290 printf("Sent KAB(U)\r\n"); 291 if (!Data(ap, SRA_USER, xuser, strlen(xuser))) { 292 if (auth_debug_mode) 293 printf("Not enough room\r\n"); 294 return; 295 } 296 break; 297 298 case SRA_CONTINUE: 299 if (passwd_sent) { 300 passwd_sent = 0; 301 printf("[ SRA login failed ]\r\n"); 302 goto enc_user; 303 } 304 /* encode password */ 305 memset(pass,0,PASS_SIZE); 306 telnet_gets("Password: ",pass,PASS_SIZE-1,0); 307 pk_encode(pass,xpass,&ck); 308 /* send it off */ 309 if (auth_debug_mode) 310 printf("Sent KAB(P)\r\n"); 311 if (!Data(ap, SRA_PASS, xpass, strlen(xpass))) { 312 if (auth_debug_mode) 313 printf("Not enough room\r\n"); 314 return; 315 } 316 passwd_sent = 1; 317 break; 318 319 case SRA_REJECT: 320 printf("[ SRA refuses authentication ]\r\n"); 321 printf("Trying plaintext login:\r\n"); 322 auth_finished(0,AUTH_REJECT); 323 return; 324 325 case SRA_ACCEPT: 326 printf("[ SRA accepts you ]\r\n"); 327 skey.data = ck; 328 skey.type = SK_DES; 329 skey.length = 8; 330 encrypt_session_key(&skey, 0); 331 332 auth_finished(ap, AUTH_VALID); 333 return; 334 default: 335 if (auth_debug_mode) 336 printf("Unknown SRA option %d\r\n", data[-1]); 337 return; 338 } 339 } 340 341 int 342 sra_status(Authenticator *ap __unused, char *name, int level) 343 { 344 if (level < AUTH_USER) 345 return(level); 346 if (UserNameRequested && sra_valid) { 347 strcpy(name, UserNameRequested); 348 return(AUTH_VALID); 349 } else 350 return(AUTH_USER); 351 } 352 353 #define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} 354 #define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} 355 356 void 357 sra_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) 358 { 359 char lbuf[32]; 360 int i; 361 362 buf[buflen-1] = '\0'; /* make sure its NULL terminated */ 363 buflen -= 1; 364 365 switch(data[3]) { 366 367 case SRA_CONTINUE: 368 strncpy((char *)buf, " CONTINUE ", buflen); 369 goto common; 370 371 case SRA_REJECT: /* Rejected (reason might follow) */ 372 strncpy((char *)buf, " REJECT ", buflen); 373 goto common; 374 375 case SRA_ACCEPT: /* Accepted (name might follow) */ 376 strncpy((char *)buf, " ACCEPT ", buflen); 377 378 common: 379 BUMP(buf, buflen); 380 if (cnt <= 4) 381 break; 382 ADDC(buf, buflen, '"'); 383 for (i = 4; i < cnt; i++) 384 ADDC(buf, buflen, data[i]); 385 ADDC(buf, buflen, '"'); 386 ADDC(buf, buflen, '\0'); 387 break; 388 389 case SRA_KEY: /* Authentication data follows */ 390 strncpy((char *)buf, " KEY ", buflen); 391 goto common2; 392 393 case SRA_USER: 394 strncpy((char *)buf, " USER ", buflen); 395 goto common2; 396 397 case SRA_PASS: 398 strncpy((char *)buf, " PASS ", buflen); 399 goto common2; 400 401 default: 402 sprintf(lbuf, " %d (unknown)", data[3]); 403 strncpy((char *)buf, lbuf, buflen); 404 common2: 405 BUMP(buf, buflen); 406 for (i = 4; i < cnt; i++) { 407 sprintf(lbuf, " %d", data[i]); 408 strncpy((char *)buf, lbuf, buflen); 409 BUMP(buf, buflen); 410 } 411 break; 412 } 413 } 414 415 static int 416 isroot(const char *usr) 417 { 418 struct passwd *pwd; 419 420 if ((pwd=getpwnam(usr))==NULL) 421 return 0; 422 return (!pwd->pw_uid); 423 } 424 425 static int 426 rootterm(char *ttyn) 427 { 428 struct ttyent *t; 429 430 return ((t = getttynam(ttyn)) && t->ty_status & TTY_SECURE); 431 } 432 433 #ifdef NOPAM 434 static int 435 check_user(char *name, char *cred) 436 { 437 char *cp; 438 char *xpasswd, *salt; 439 440 if (isroot(name) && !rootterm(line)) 441 { 442 crypt("AA","*"); /* Waste some time to simulate success */ 443 return(0); 444 } 445 446 if (pw = sgetpwnam(name)) { 447 if (pw->pw_shell == NULL) { 448 pw = NULL; 449 return(0); 450 } 451 452 salt = pw->pw_passwd; 453 xpasswd = crypt(cred, salt); 454 /* The strcmp does not catch null passwords! */ 455 if (pw == NULL || *pw->pw_passwd == '\0' || 456 strcmp(xpasswd, pw->pw_passwd)) { 457 pw = NULL; 458 return(0); 459 } 460 return(1); 461 } 462 return(0); 463 } 464 #else 465 466 /* 467 * The following is stolen from ftpd, which stole it from the imap-uw 468 * PAM module and login.c. It is needed because we can't really 469 * "converse" with the user, having already gone to the trouble of 470 * getting their username and password through an encrypted channel. 471 */ 472 473 #define COPY_STRING(s) (s ? strdup(s):NULL) 474 475 struct cred_t { 476 const char *uname; 477 const char *pass; 478 }; 479 typedef struct cred_t cred_t; 480 481 static int 482 auth_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata) 483 { 484 int i; 485 cred_t *cred = (cred_t *) appdata; 486 struct pam_response *reply = 487 malloc(sizeof(struct pam_response) * num_msg); 488 489 if (reply == NULL) 490 return PAM_BUF_ERR; 491 492 for (i = 0; i < num_msg; i++) { 493 switch (msg[i]->msg_style) { 494 case PAM_PROMPT_ECHO_ON: /* assume want user name */ 495 reply[i].resp_retcode = PAM_SUCCESS; 496 reply[i].resp = COPY_STRING(cred->uname); 497 /* PAM frees resp. */ 498 break; 499 case PAM_PROMPT_ECHO_OFF: /* assume want password */ 500 reply[i].resp_retcode = PAM_SUCCESS; 501 reply[i].resp = COPY_STRING(cred->pass); 502 /* PAM frees resp. */ 503 break; 504 case PAM_TEXT_INFO: 505 case PAM_ERROR_MSG: 506 reply[i].resp_retcode = PAM_SUCCESS; 507 reply[i].resp = NULL; 508 break; 509 default: /* unknown message style */ 510 free(reply); 511 return PAM_CONV_ERR; 512 } 513 } 514 515 *resp = reply; 516 return PAM_SUCCESS; 517 } 518 519 /* 520 * The PAM version as a side effect may put a new username in *name. 521 */ 522 static int 523 check_user(char *name, char *cred) 524 { 525 pam_handle_t *pamh = NULL; 526 const void *item; 527 int rval; 528 int e; 529 cred_t auth_cred = { name, cred }; 530 struct pam_conv conv = { &auth_conv, &auth_cred }; 531 532 e = pam_start("telnetd", name, &conv, &pamh); 533 if (e != PAM_SUCCESS) { 534 syslog(LOG_ERR, "pam_start: %s", pam_strerror(pamh, e)); 535 return 0; 536 } 537 538 #if 0 /* Where can we find this value? */ 539 e = pam_set_item(pamh, PAM_RHOST, remotehost); 540 if (e != PAM_SUCCESS) { 541 syslog(LOG_ERR, "pam_set_item(PAM_RHOST): %s", 542 pam_strerror(pamh, e)); 543 return 0; 544 } 545 #endif 546 547 e = pam_authenticate(pamh, 0); 548 switch (e) { 549 case PAM_SUCCESS: 550 /* 551 * With PAM we support the concept of a "template" 552 * user. The user enters a login name which is 553 * authenticated by PAM, usually via a remote service 554 * such as RADIUS or TACACS+. If authentication 555 * succeeds, a different but related "template" name 556 * is used for setting the credentials, shell, and 557 * home directory. The name the user enters need only 558 * exist on the remote authentication server, but the 559 * template name must be present in the local password 560 * database. 561 * 562 * This is supported by two various mechanisms in the 563 * individual modules. However, from the application's 564 * point of view, the template user is always passed 565 * back as a changed value of the PAM_USER item. 566 */ 567 if ((e = pam_get_item(pamh, PAM_USER, &item)) == 568 PAM_SUCCESS) { 569 strcpy(name, item); 570 } else 571 syslog(LOG_ERR, "Couldn't get PAM_USER: %s", 572 pam_strerror(pamh, e)); 573 if (isroot(name) && !rootterm(line)) 574 rval = 0; 575 else 576 rval = 1; 577 break; 578 579 case PAM_AUTH_ERR: 580 case PAM_USER_UNKNOWN: 581 case PAM_MAXTRIES: 582 rval = 0; 583 break; 584 585 default: 586 syslog(LOG_ERR, "auth_pam: %s", pam_strerror(pamh, e)); 587 rval = 0; 588 break; 589 } 590 591 if ((e = pam_end(pamh, e)) != PAM_SUCCESS) { 592 syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e)); 593 rval = 0; 594 } 595 return rval; 596 } 597 598 #endif 599 600 #endif /* ENCRYPTION */ 601 #endif /* SRA */ 602