3 * Copyright (c) 1990,1993 Regents of The University of Michigan.
4 * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
5 * All Rights Reserved. See COPYRIGHT.
10 #endif /* HAVE_CONFIG_H */
12 #if defined(USE_PAM) && defined(UAM_DHX)
16 #include <atalk/logger.h>
20 #endif /* HAVE_UNISTD_H */
22 #ifdef HAVE_SECURITY_PAM_APPL_H
23 #include <security/pam_appl.h>
25 #ifdef HAVE_PAM_PAM_APPL_H
26 #include <pam/pam_appl.h>
28 #include <arpa/inet.h>
30 #if defined(GNUTLS_DHX)
31 #include <gnutls/openssl.h>
32 #elif defined(OPENSSL_DHX)
33 #include <openssl/bn.h>
34 #include <openssl/dh.h>
35 #include <openssl/cast.h>
36 #include <openssl/err.h>
37 #else /* OPENSSL_DHX */
42 #endif /* OPENSSL_DHX */
44 #include <atalk/afp.h>
45 #include <atalk/uam.h>
49 #define CRYPTBUFLEN (KEYSIZE*2)
50 #define CRYPT2BUFLEN (KEYSIZE + PASSWDLEN)
51 #define CHANGEPWBUFLEN (KEYSIZE + 2*PASSWDLEN)
53 /* hash a number to a 16-bit quantity */
54 #define dhxhash(a) ((((unsigned long) (a) >> 8) ^ \
55 (unsigned long) (a)) & 0xffff)
58 static CAST_KEY castkey;
59 static struct passwd *dhxpwd;
60 static uint8_t randbuf[KEYSIZE];
62 /* diffie-hellman bits */
63 static unsigned char msg2_iv[] = "CJalbert";
64 static unsigned char msg3_iv[] = "LWallace";
65 static const uint8_t p[] = {0xBA, 0x28, 0x73, 0xDF, 0xB0, 0x60, 0x57, 0xD4,
66 0x3F, 0x20, 0x24, 0x74, 0x4C, 0xEE, 0xE7, 0x5B};
67 static const uint8_t g = 0x07;
70 /* Static variables used to communicate between the conversation function
71 * and the server_login function
73 static pam_handle_t *pamh = NULL;
74 static char *PAM_username;
75 static char *PAM_password;
77 /* PAM conversation function
78 * Here we assume (for now, at least) that echo on means login name, and
79 * echo off means password.
81 static int PAM_conv (int num_msg,
83 const struct pam_message **msg,
85 struct pam_message **msg,
87 struct pam_response **resp,
88 void *appdata_ptr _U_) {
90 struct pam_response *reply;
92 #define COPY_STRING(s) (s) ? strdup(s) : NULL
98 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM DHX Conversation Err -- %s",
104 reply = (struct pam_response *)
105 calloc(num_msg, sizeof(struct pam_response));
109 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM DHX Conversation Err -- %s",
115 for (count = 0; count < num_msg; count++) {
118 switch (msg[count]->msg_style) {
119 case PAM_PROMPT_ECHO_ON:
120 if (!(string = COPY_STRING(PAM_username))) {
122 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: username failure -- %s",
128 case PAM_PROMPT_ECHO_OFF:
129 if (!(string = COPY_STRING(PAM_password))) {
131 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: passwd failure: --: %s",
138 #ifdef PAM_BINARY_PROMPT
139 case PAM_BINARY_PROMPT:
140 #endif /* PAM_BINARY_PROMPT */
146 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Binary_Prompt -- %s",
153 reply[count].resp_retcode = 0;
154 reply[count].resp = string;
161 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: PAM Success");
166 for (count = 0; count < num_msg; count++) {
167 if (!reply[count].resp)
169 switch (msg[count]->msg_style) {
170 case PAM_PROMPT_ECHO_OFF:
171 case PAM_PROMPT_ECHO_ON:
172 free(reply[count].resp);
178 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM DHX Conversation Err -- %s",
184 static struct pam_conv PAM_conversation = {
190 static int dhx_setup(void *obj, char *ibuf, size_t ibuflen _U_,
191 char *rbuf, size_t *rbuflen)
195 BIGNUM *bn, *gbn, *pbn;
198 /* get the client's public key */
199 if (!(bn = BN_bin2bn((unsigned char *)ibuf, KEYSIZE, NULL))) {
201 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM No Public Key -- %s",
208 if (!(gbn = BN_bin2bn(&g, sizeof(g), NULL))) {
211 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM No Primes: GBN -- %s",
217 if (!(pbn = BN_bin2bn(p, sizeof(p), NULL))) {
221 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM No Primes: PBN -- %s",
227 /* okay, we're ready */
228 if (!(dh = DH_new())) {
233 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM DH was equal to DH_New... Go figure... -- %s",
239 /* generate key and make sure that we have enough space */
242 if (DH_generate_key(dh) == 0) {
243 unsigned long dherror;
246 ERR_load_crypto_strings();
247 dherror = ERR_get_error();
248 ERR_error_string_n(dherror, errbuf, 256);
250 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Err Generating Key (OpenSSL error code: %u, %s)", dherror, errbuf);
255 if (BN_num_bytes(dh->pub_key) > KEYSIZE) {
256 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Err Generating Key -- Not enough Space? -- %s", strerror(errno));
260 /* figure out the key. store the key in rbuf for now. */
261 i = DH_compute_key((unsigned char *)rbuf, bn, dh);
264 CAST_set_key(&castkey, i, (unsigned char *)rbuf);
266 /* session id. it's just a hashed version of the object pointer. */
267 sessid = dhxhash(obj);
268 memcpy(rbuf, &sessid, sizeof(sessid));
269 rbuf += sizeof(sessid);
270 *rbuflen += sizeof(sessid);
273 BN_bn2bin(dh->pub_key, (unsigned char *)rbuf);
277 /* buffer to be encrypted */
279 if (uam_afpserver_option(obj, UAM_OPTION_RANDNUM, (void *) randbuf,
283 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Buffer Encryption Err. -- %s",
288 memcpy(rbuf, &randbuf, sizeof(randbuf));
290 /* get the signature. it's always 16 bytes. */
292 if (uam_afpserver_option(obj, UAM_OPTION_SIGNATURE,
293 (void *) &buf, NULL) < 0) {
296 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Signature Retieval Failure -- %s",
301 memcpy(rbuf + KEYSIZE, buf, KEYSIZE);
303 memset(rbuf + KEYSIZE, 0, KEYSIZE);
306 /* encrypt using cast */
307 CAST_cbc_encrypt((unsigned char *)rbuf, (unsigned char *)rbuf, CRYPTBUFLEN, &castkey, msg2_iv,
309 *rbuflen += CRYPTBUFLEN;
312 return AFPERR_AUTHCONT;
318 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Fail - Cast Encryption -- %s",
324 /* -------------------------------- */
325 static int login(void *obj, char *username, int ulen, struct passwd **uam_pwd _U_,
326 char *ibuf, size_t ibuflen,
327 char *rbuf, size_t *rbuflen)
329 if (( dhxpwd = uam_getname(obj, username, ulen)) == NULL ) {
330 LOG(log_info, logtype_uams, "uams_dhx_pam.c: unknown username [%s]", username);
331 return AFPERR_NOTAUTH;
334 PAM_username = username;
335 LOG(log_info, logtype_uams, "dhx login: %s", username);
336 return dhx_setup(obj, ibuf, ibuflen, rbuf, rbuflen);
339 /* -------------------------------- */
340 /* dhx login: things are done in a slightly bizarre order to avoid
341 * having to clean things up if there's an error. */
342 static int pam_login(void *obj, struct passwd **uam_pwd,
343 char *ibuf, size_t ibuflen,
344 char *rbuf, size_t *rbuflen)
351 /* grab some of the options */
352 if (uam_afpserver_option(obj, UAM_OPTION_USERNAME, (void *) &username, &ulen) < 0) {
353 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: uam_afpserver_option didn't meet uam_option_username -- %s",
358 len = (unsigned char) *ibuf++;
360 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Signature Retieval Failure -- %s",
365 memcpy(username, ibuf, len );
367 username[ len ] = '\0';
369 if ((unsigned long) ibuf & 1) /* pad to even boundary */
372 return (login(obj, username, ulen, uam_pwd, ibuf, ibuflen, rbuf, rbuflen));
375 /* ----------------------------- */
376 static int pam_login_ext(void *obj, char *uname, struct passwd **uam_pwd,
377 char *ibuf, size_t ibuflen,
378 char *rbuf, size_t *rbuflen)
387 /* grab some of the options */
388 if (uam_afpserver_option(obj, UAM_OPTION_USERNAME, (void *) &username, &ulen) < 0) {
389 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: uam_afpserver_option didn't meet uam_option_username -- %s",
397 memcpy(&temp16, uname, sizeof(temp16));
400 if ( !len || len > ulen ) {
401 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Signature Retrieval Failure -- %s",
405 memcpy(username, uname +2, len );
406 username[ len ] = '\0';
408 return (login(obj, username, ulen, uam_pwd, ibuf, ibuflen, rbuf, rbuflen));
411 /* -------------------------------- */
413 static int pam_logincont(void *obj, struct passwd **uam_pwd,
414 char *ibuf, size_t ibuflen _U_,
415 char *rbuf, size_t *rbuflen)
417 const char *hostname;
418 BIGNUM *bn1, *bn2, *bn3;
424 /* check for session id */
425 memcpy(&sessid, ibuf, sizeof(sessid));
426 if (sessid != dhxhash(obj)) {
428 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM Session ID - DHXHash Mismatch -- %s",
433 ibuf += sizeof(sessid);
435 if (uam_afpserver_option(obj, UAM_OPTION_CLIENTNAME,
436 (void *) &hostname, NULL) < 0)
438 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: unable to retrieve client hostname");
442 CAST_cbc_encrypt((unsigned char *)ibuf, (unsigned char *)rbuf, CRYPT2BUFLEN, &castkey,
443 msg3_iv, CAST_DECRYPT);
444 memset(&castkey, 0, sizeof(castkey));
446 /* check to make sure that the random number is the same. we
447 * get sent back an incremented random number. */
448 if (!(bn1 = BN_bin2bn((unsigned char *)rbuf, KEYSIZE, NULL)))
451 if (!(bn2 = BN_bin2bn(randbuf, sizeof(randbuf), NULL))) {
456 /* zero out the random number */
457 memset(rbuf, 0, sizeof(randbuf));
458 memset(randbuf, 0, sizeof(randbuf));
461 if (!(bn3 = BN_new())) {
467 BN_sub(bn3, bn1, bn2);
471 /* okay. is it one more? */
472 if (!BN_is_one(bn3)) {
478 /* Set these things up for the conv function */
479 rbuf[PASSWDLEN] = '\0';
482 err = AFPERR_NOTAUTH;
483 PAM_error = pam_start("netatalk", PAM_username, &PAM_conversation,
485 if (PAM_error != PAM_SUCCESS) {
487 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: PAM_Error: %s",
488 pam_strerror(pamh,PAM_error));
493 /* solaris craps out if PAM_TTY and PAM_RHOST aren't set. */
494 pam_set_item(pamh, PAM_TTY, "afpd");
495 pam_set_item(pamh, PAM_RHOST, hostname);
496 PAM_error = pam_authenticate(pamh,0);
497 if (PAM_error != PAM_SUCCESS) {
498 if (PAM_error == PAM_MAXTRIES)
499 err = AFPERR_PWDEXPR;
501 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: PAM_Error: %s",
502 pam_strerror(pamh, PAM_error));
507 PAM_error = pam_acct_mgmt(pamh, 0);
508 if (PAM_error != PAM_SUCCESS ) {
510 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: PAM_Error: %s",
511 pam_strerror(pamh, PAM_error));
513 if (PAM_error == PAM_NEW_AUTHTOK_REQD) /* password expired */
514 err = AFPERR_PWDEXPR;
515 #ifdef PAM_AUTHTOKEN_REQD
516 else if (PAM_error == PAM_AUTHTOKEN_REQD)
517 err = AFPERR_PWDCHNG;
523 #ifndef PAM_CRED_ESTABLISH
524 #define PAM_CRED_ESTABLISH PAM_ESTABLISH_CRED
526 PAM_error = pam_setcred(pamh, PAM_CRED_ESTABLISH);
527 if (PAM_error != PAM_SUCCESS) {
529 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: PAM_Error: %s",
530 pam_strerror(pamh, PAM_error));
535 PAM_error = pam_open_session(pamh, 0);
536 if (PAM_error != PAM_SUCCESS) {
538 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: PAM_Error: %s",
539 pam_strerror(pamh, PAM_error));
544 memset(rbuf, 0, PASSWDLEN); /* zero out the password */
547 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: PAM Auth OK!");
549 if ( err == AFPERR_PWDEXPR)
554 pam_end(pamh, PAM_error);
556 memset(rbuf, 0, CRYPT2BUFLEN);
561 static void pam_logout(void) {
562 pam_close_session(pamh, 0);
568 /* change pw for dhx needs a couple passes to get everything all
569 * right. basically, it's like the login/logincont sequence */
570 static int pam_changepw(void *obj, char *username,
571 struct passwd *pwd _U_, char *ibuf, size_t ibuflen,
572 char *rbuf, size_t *rbuflen)
574 BIGNUM *bn1, *bn2, *bn3;
582 if (ibuflen < sizeof(sessid)) {
587 memcpy(&sessid, ibuf, sizeof(sessid));
588 ibuf += sizeof(sessid);
590 if (!sessid) { /* no sessid -> initialization phase */
591 PAM_username = username;
592 ibuflen -= sizeof(sessid);
593 return dhx_setup(obj, ibuf, ibuflen, rbuf, rbuflen);
597 /* otherwise, it's like logincont but different. */
599 /* check out the session id */
600 if (sessid != dhxhash(obj)) {
602 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Session ID not Equal to DHX Hash -- %s",
608 /* we need this for pam */
609 if (uam_afpserver_option(obj, UAM_OPTION_HOSTNAME,
610 (void *) &hostname, NULL) < 0) {
612 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Hostname Null?? -- %s",
618 /* grab the client's nonce, old password, and new password. */
619 CAST_cbc_encrypt((unsigned char *)ibuf, (unsigned char *)ibuf, CHANGEPWBUFLEN, &castkey,
620 msg3_iv, CAST_DECRYPT);
621 memset(&castkey, 0, sizeof(castkey));
623 /* check to make sure that the random number is the same. we
624 * get sent back an incremented random number. */
625 if (!(bn1 = BN_bin2bn((unsigned char *)ibuf, KEYSIZE, NULL))) {
627 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Random Number Not the same or not incremented-- %s",
633 if (!(bn2 = BN_bin2bn(randbuf, sizeof(randbuf), NULL))) {
636 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Random Number Not the same or not incremented -- %s",
642 /* zero out the random number */
643 memset(rbuf, 0, sizeof(randbuf));
644 memset(randbuf, 0, sizeof(randbuf));
646 if (!(bn3 = BN_new())) {
650 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Random Number did not Zero -- %s",
656 BN_sub(bn3, bn1, bn2);
660 /* okay. is it one more? */
662 if (!BN_is_one(bn3)) {
665 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: After Random Number not Zero, is it one more? -- %s",
673 /* Set these things up for the conv function. the old password
676 ibuf[PASSWDLEN + PASSWDLEN] = '\0';
677 PAM_password = ibuf + PASSWDLEN;
679 PAM_error = pam_start("netatalk", username, &PAM_conversation,
681 if (PAM_error != PAM_SUCCESS) {
683 LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Needless to say, PAM_error is != to PAM_SUCCESS -- %s",
688 pam_set_item(lpamh, PAM_TTY, "afpd");
689 pam_set_item(lpamh, PAM_RHOST, hostname);
691 /* we might need to do this as root */
694 PAM_error = pam_authenticate(lpamh, 0);
695 if (PAM_error != PAM_SUCCESS) {
697 pam_end(lpamh, PAM_error);
698 return AFPERR_NOTAUTH;
701 /* clear out old passwd */
702 memset(ibuf + PASSWDLEN, 0, PASSWDLEN);
706 ibuf[PASSWDLEN] = '\0';
708 /* this really does need to be done as root */
709 PAM_error = pam_chauthtok(lpamh, 0);
710 seteuid(uid); /* un-root ourselves. */
711 memset(ibuf, 0, PASSWDLEN);
712 if (PAM_error != PAM_SUCCESS) {
713 pam_end(lpamh, PAM_error);
714 return AFPERR_ACCESS;
722 static int uam_setup(void *obj, const char *path)
724 if (uam_register(UAM_SERVER_LOGIN_EXT, path, "DHCAST128", pam_login,
725 pam_logincont, pam_logout, pam_login_ext) < 0)
728 if (uam_register(UAM_SERVER_CHANGEPW, path, "DHCAST128",
730 uam_unregister(UAM_SERVER_LOGIN, "DHCAST128");
734 /*uam_register(UAM_SERVER_PRINTAUTH, path, "DHCAST128",
740 static void uam_cleanup(void)
742 uam_unregister(UAM_SERVER_LOGIN, "DHCAST128");
743 uam_unregister(UAM_SERVER_CHANGEPW, "DHCAST128");
744 /*uam_unregister(UAM_SERVER_PRINTAUTH, "DHCAST128"); */
747 UAM_MODULE_EXPORT struct uam_export uams_dhx = {
750 uam_setup, uam_cleanup
753 UAM_MODULE_EXPORT struct uam_export uams_dhx_pam = {
756 uam_setup, uam_cleanup
759 #endif /* USE_PAM && UAM_DHX */