2 * $Id: uams_dhx_pam.c,v 1.13 2001-02-27 17:07:43 rufustfirefly Exp $
4 * Copyright (c) 1990,1993 Regents of The University of Michigan.
5 * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
6 * All Rights Reserved. See COPYRIGHT.
13 #if defined(USE_PAM) && defined(UAM_DHX)
21 #endif /* HAVE_UNISTD_H */
23 #include <security/pam_appl.h>
26 #include <openssl/bn.h>
27 #include <openssl/dh.h>
28 #include <openssl/cast.h>
35 #include <atalk/afp.h>
36 #include <atalk/uam.h>
40 #define CRYPTBUFLEN (KEYSIZE*2)
41 #define CRYPT2BUFLEN (KEYSIZE + PASSWDLEN)
42 #define CHANGEPWBUFLEN (KEYSIZE + 2*PASSWDLEN)
44 /* hash a number to a 16-bit quantity */
45 #define dhxhash(a) ((((unsigned long) (a) >> 8) ^ \
46 (unsigned long) (a)) & 0xffff)
49 static CAST_KEY castkey;
50 static struct passwd *dhxpwd;
51 static u_int8_t randbuf[KEYSIZE];
53 /* diffie-hellman bits */
54 static unsigned char msg2_iv[] = "CJalbert";
55 static unsigned char msg3_iv[] = "LWallace";
56 static const u_int8_t p[] = {0xBA, 0x28, 0x73, 0xDF, 0xB0, 0x60, 0x57, 0xD4,
57 0x3F, 0x20, 0x24, 0x74, 0x4C, 0xEE, 0xE7, 0x5B};
58 static const u_int8_t g = 0x07;
61 /* Static variables used to communicate between the conversation function
62 * and the server_login function
64 static pam_handle_t *pamh = NULL;
65 static char *PAM_username;
66 static char *PAM_password;
68 /* PAM conversation function
69 * Here we assume (for now, at least) that echo on means login name, and
70 * echo off means password.
72 static int PAM_conv (int num_msg,
73 const struct pam_message **msg,
74 struct pam_response **resp,
77 struct pam_response *reply;
79 #define COPY_STRING(s) (s) ? strdup(s) : NULL
83 syslog(LOG_INFO, "uams_dhx_pam.c :PAM DHX Conversation Err -- %m");
88 reply = (struct pam_response *)
89 calloc(num_msg, sizeof(struct pam_response));
93 syslog(LOG_INFO, "uams_dhx_pam.c :PAM DHX Conversation Err -- %m");
98 for (count = 0; count < num_msg; count++) {
101 switch (msg[count]->msg_style) {
102 case PAM_PROMPT_ECHO_ON:
103 if (!(string = COPY_STRING(PAM_username))) {
105 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: username failure -- %m");
110 case PAM_PROMPT_ECHO_OFF:
111 if (!(string = COPY_STRING(PAM_password))) {
113 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: passwd failure: --: %m");
119 #ifdef PAM_BINARY_PROMPT
120 case PAM_BINARY_PROMPT:
127 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Binary_Prompt -- %m");
133 reply[count].resp_retcode = 0;
134 reply[count].resp = string;
141 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM Success -- %m");
146 for (count = 0; count < num_msg; count++) {
147 if (!reply[count].resp)
149 switch (msg[count]->msg_style) {
150 case PAM_PROMPT_ECHO_OFF:
151 case PAM_PROMPT_ECHO_ON:
152 free(reply[count].resp);
158 syslog(LOG_INFO, "uams_dhx_pam.c :PAM DHX Conversation Err -- %m");
163 static struct pam_conv PAM_conversation = {
169 static int dhx_setup(void *obj, char *ibuf, int ibuflen,
170 char *rbuf, int *rbuflen)
174 BIGNUM *bn, *gbn, *pbn;
177 /* get the client's public key */
178 if (!(bn = BN_bin2bn(ibuf, KEYSIZE, NULL))) {
180 syslog(LOG_INFO, "uams_dhx_pam.c :PAM No Public Key -- %m");
186 if (!(gbn = BN_bin2bn(&g, sizeof(g), NULL))) {
189 syslog(LOG_INFO, "uams_dhx_pam.c :PAM No Primes: GBN -- %m");
194 if (!(pbn = BN_bin2bn(p, sizeof(p), NULL))) {
198 syslog(LOG_INFO, "uams_dhx_pam.c :PAM No Primes: PBN -- %m");
203 /* okay, we're ready */
204 if (!(dh = DH_new())) {
209 syslog(LOG_INFO, "uams_dhx_pam.c :PAM DH was equal to DH_New... Go figure... -- %m");
214 /* generate key and make sure that we have enough space */
217 if (!DH_generate_key(dh) || (BN_num_bytes(dh->pub_key) > KEYSIZE)) {
219 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Err Generating Key -- Not enough Space? -- %m");
224 /* figure out the key. store the key in rbuf for now. */
225 i = DH_compute_key(rbuf, bn, dh);
228 CAST_set_key(&castkey, i, rbuf);
230 /* session id. it's just a hashed version of the object pointer. */
231 sessid = dhxhash(obj);
232 memcpy(rbuf, &sessid, sizeof(sessid));
233 rbuf += sizeof(sessid);
234 *rbuflen += sizeof(sessid);
237 BN_bn2bin(dh->pub_key, rbuf);
241 /* buffer to be encrypted */
243 if (uam_afpserver_option(obj, UAM_OPTION_RANDNUM, (void *) randbuf,
247 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Buffer Encryption Err. -- %m");
251 memcpy(rbuf, &randbuf, sizeof(randbuf));
253 /* get the signature. it's always 16 bytes. */
255 if (uam_afpserver_option(obj, UAM_OPTION_SIGNATURE,
256 (void *) &buf, NULL) < 0) {
259 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Signature Retieval Failure -- %m");
263 memcpy(rbuf + KEYSIZE, buf, KEYSIZE);
265 memset(rbuf + KEYSIZE, 0, KEYSIZE);
268 /* encrypt using cast */
269 CAST_cbc_encrypt(rbuf, rbuf, CRYPTBUFLEN, &castkey, msg2_iv,
271 *rbuflen += CRYPTBUFLEN;
274 return AFPERR_AUTHCONT;
280 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Fail - Cast Encryption -- %m");
286 /* dhx login: things are done in a slightly bizarre order to avoid
287 * having to clean things up if there's an error. */
288 static int pam_login(void *obj, struct passwd **uam_pwd,
289 char *ibuf, int ibuflen,
290 char *rbuf, int *rbuflen)
297 /* grab some of the options */
298 if (uam_afpserver_option(obj, UAM_OPTION_USERNAME, (void *) &buf,
301 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: uam_afpserver_option didn't meet uam_option_username -- %m");
306 len = (unsigned char) *ibuf++;
309 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Signature Retieval Failure -- %m");
311 return( AFPERR_PARAM );
314 memcpy(buf, ibuf, len );
317 if ((unsigned long) ibuf & 1) /* pad to even boundary */
320 if (( dhxpwd = uam_getname(buf, i)) == NULL ) {
322 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: User entered a null value -- %m");
328 syslog( LOG_INFO, "dhx login: %s", buf);
329 return dhx_setup(obj, ibuf, ibuflen, rbuf, rbuflen);
333 static int pam_logincont(void *obj, struct passwd **uam_pwd,
334 char *ibuf, int ibuflen,
335 char *rbuf, int *rbuflen)
338 BIGNUM *bn1, *bn2, *bn3;
344 /* check for session id */
345 memcpy(&sessid, ibuf, sizeof(sessid));
346 if (sessid != dhxhash(obj)) {
348 syslog(LOG_INFO, "uams_dhx_pam.c :PAM Session ID - DHXHash Mismatch -- %m");
352 ibuf += sizeof(sessid);
354 if (uam_afpserver_option(obj, UAM_OPTION_HOSTNAME,
355 (void *) &hostname, NULL) < 0)
358 CAST_cbc_encrypt(ibuf, rbuf, CRYPT2BUFLEN, &castkey,
359 msg3_iv, CAST_DECRYPT);
360 memset(&castkey, 0, sizeof(castkey));
362 /* check to make sure that the random number is the same. we
363 * get sent back an incremented random number. */
364 if (!(bn1 = BN_bin2bn(rbuf, KEYSIZE, NULL)))
367 if (!(bn2 = BN_bin2bn(randbuf, sizeof(randbuf), NULL))) {
372 /* zero out the random number */
373 memset(rbuf, 0, sizeof(randbuf));
374 memset(randbuf, 0, sizeof(randbuf));
377 if (!(bn3 = BN_new())) {
383 BN_sub(bn3, bn1, bn2);
387 /* okay. is it one more? */
388 if (!BN_is_one(bn3)) {
394 /* Set these things up for the conv function */
395 rbuf[PASSWDLEN] = '\0';
398 err = AFPERR_NOTAUTH;
399 PAM_error = pam_start("netatalk", PAM_username, &PAM_conversation,
401 if (PAM_error != PAM_SUCCESS) {
403 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", pam_strerror(pamh,PAM_error));
408 /* solaris craps out if PAM_TTY and PAM_RHOST aren't set. */
409 pam_set_item(pamh, PAM_TTY, "afpd");
410 pam_set_item(pamh, PAM_RHOST, hostname);
411 PAM_error = pam_authenticate(pamh,0);
412 if (PAM_error != PAM_SUCCESS) {
413 if (PAM_error == PAM_MAXTRIES)
414 err = AFPERR_PWDEXPR;
416 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", pam_strerror(pamh, PAM_error));
421 PAM_error = pam_acct_mgmt(pamh, 0);
422 if (PAM_error != PAM_SUCCESS) {
423 if (PAM_error == PAM_ACCT_EXPIRED)
424 err = AFPERR_PWDEXPR;
425 #ifdef PAM_AUTHTOKEN_REQD
426 else if (PAM_error == PAM_AUTHTOKEN_REQD)
427 err = AFPERR_PWDCHNG;
430 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", pam_strerror(pamh, PAM_error));
435 #ifndef PAM_CRED_ESTABLISH
436 #define PAM_CRED_ESTABLISH PAM_ESTABLISH_CRED
438 PAM_error = pam_setcred(pamh, PAM_CRED_ESTABLISH);
439 if (PAM_error != PAM_SUCCESS) {
441 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", pam_strerror(pamh, PAM_error));
446 PAM_error = pam_open_session(pamh, 0);
447 if (PAM_error != PAM_SUCCESS) {
449 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", pam_strerror(pamh, PAM_error));
454 memset(rbuf, 0, PASSWDLEN); /* zero out the password */
457 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM Auth OK!: %s -- %m", AFP_OK);
462 pam_end(pamh, PAM_error);
464 memset(rbuf, 0, CRYPT2BUFLEN);
469 static void pam_logout() {
470 pam_close_session(pamh, 0);
476 /* change pw for dhx needs a couple passes to get everything all
477 * right. basically, it's like the login/logincont sequence */
478 static int pam_changepw(void *obj, char *username,
479 struct passwd *pwd, char *ibuf, int ibuflen,
480 char *rbuf, int *rbuflen)
482 BIGNUM *bn1, *bn2, *bn3;
491 memcpy(&sessid, ibuf, sizeof(sessid));
492 ibuf += sizeof(sessid);
494 if (!sessid) { /* no sessid -> initialization phase */
495 PAM_username = username;
496 ibuflen -= sizeof(sessid);
497 return dhx_setup(obj, ibuf, ibuflen, rbuf, rbuflen);
501 /* otherwise, it's like logincont but different. */
503 /* check out the session id */
504 if (sessid != dhxhash(obj)) {
506 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Session ID not Equal to DHX Hash -- %m");
511 /* we need this for pam */
512 if (uam_afpserver_option(obj, UAM_OPTION_HOSTNAME,
513 (void *) &hostname, NULL) < 0) {
515 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Hostname Null?? -- %m");
520 /* grab the client's nonce, old password, and new password. */
521 CAST_cbc_encrypt(ibuf, ibuf, CHANGEPWBUFLEN, &castkey,
522 msg3_iv, CAST_DECRYPT);
523 memset(&castkey, 0, sizeof(castkey));
525 /* check to make sure that the random number is the same. we
526 * get sent back an incremented random number. */
527 if (!(bn1 = BN_bin2bn(ibuf, KEYSIZE, NULL))) {
529 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Random Number Not the same or not incremented-- %m");
534 if (!(bn2 = BN_bin2bn(randbuf, sizeof(randbuf), NULL))) {
537 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Random Number Not the same or not incremented -- %m");
542 /* zero out the random number */
543 memset(rbuf, 0, sizeof(randbuf));
544 memset(randbuf, 0, sizeof(randbuf));
546 if (!(bn3 = BN_new())) {
550 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Random Number did not Zero -- %m");
555 BN_sub(bn3, bn1, bn2);
559 /* okay. is it one more? */
561 if (!BN_is_one(bn3)) {
564 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: After Random Number not Zero, is it one more? -- %m");
571 /* Set these things up for the conv function. the old password
574 ibuf[PASSWDLEN + PASSWDLEN] = '\0';
575 PAM_password = ibuf + PASSWDLEN;
577 PAM_error = pam_start("netatalk", username, &PAM_conversation,
579 if (PAM_error != PAM_SUCCESS) {
581 syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Needless to say, PAM_error is != to PAM_SUCCESS -- %m");
585 pam_set_item(lpamh, PAM_TTY, "afpd");
586 pam_set_item(lpamh, PAM_RHOST, hostname);
588 /* we might need to do this as root */
591 PAM_error = pam_authenticate(lpamh, 0);
592 if (PAM_error != PAM_SUCCESS) {
594 pam_end(lpamh, PAM_error);
595 return AFPERR_NOTAUTH;
598 /* clear out old passwd */
599 memset(ibuf + PASSWDLEN, 0, PASSWDLEN);
603 ibuf[PASSWDLEN] = '\0';
605 /* this really does need to be done as root */
606 PAM_error = pam_chauthtok(lpamh, 0);
607 seteuid(uid); /* un-root ourselves. */
608 memset(ibuf, 0, PASSWDLEN);
609 if (PAM_error != PAM_SUCCESS) {
610 pam_end(lpamh, PAM_error);
611 return AFPERR_ACCESS;
619 static int uam_setup(const char *path)
621 if (uam_register(UAM_SERVER_LOGIN, path, "DHCAST128", pam_login,
622 pam_logincont, pam_logout) < 0)
625 if (uam_register(UAM_SERVER_CHANGEPW, path, "DHCAST128",
627 uam_unregister(UAM_SERVER_LOGIN, "DHCAST128");
631 /*uam_register(UAM_SERVER_PRINTAUTH, path, "DHCAST128",
637 static void uam_cleanup(void)
639 uam_unregister(UAM_SERVER_LOGIN, "DHCAST128");
640 uam_unregister(UAM_SERVER_CHANGEPW, "DHCAST128");
641 /*uam_unregister(UAM_SERVER_PRINTAUTH, "DHCAST128"); */
644 UAM_MODULE_EXPORT struct uam_export uams_dhx = {
647 uam_setup, uam_cleanup
650 #endif /* USE_PAM && UAM_DHX */