2000-07-16 05:48:49 +00:00
|
|
|
/* $FreeBSD$ */
|
|
|
|
|
1999-08-16 11:24:29 +00:00
|
|
|
#ifdef SRA
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <arpa/telnet.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#ifdef __STDC__
|
|
|
|
#include <stdlib.h>
|
|
|
|
#endif
|
|
|
|
#ifdef NO_STRING_H
|
|
|
|
#include <strings.h>
|
|
|
|
#else
|
|
|
|
#include <string.h>
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include "auth.h"
|
|
|
|
#include "misc.h"
|
|
|
|
#include "encrypt.h"
|
|
|
|
#include "pk.h"
|
|
|
|
|
|
|
|
char pka[HEXKEYBYTES+1], ska[HEXKEYBYTES+1], pkb[HEXKEYBYTES+1];
|
|
|
|
char *user,*pass,*xuser,*xpass;
|
|
|
|
DesData ck;
|
|
|
|
IdeaData ik;
|
|
|
|
|
|
|
|
extern int auth_debug_mode;
|
|
|
|
static sra_valid = 0;
|
|
|
|
static passwd_sent = 0;
|
|
|
|
|
|
|
|
static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
|
|
|
|
AUTHTYPE_SRA, };
|
|
|
|
|
|
|
|
#define SRA_KEY 0
|
|
|
|
#define SRA_USER 1
|
|
|
|
#define SRA_CONTINUE 2
|
|
|
|
#define SRA_PASS 3
|
|
|
|
#define SRA_ACCEPT 4
|
|
|
|
#define SRA_REJECT 5
|
|
|
|
|
|
|
|
/* support routine to send out authentication message */
|
|
|
|
static int Data(ap, type, d, c)
|
|
|
|
Authenticator *ap;
|
|
|
|
int type;
|
|
|
|
void *d;
|
|
|
|
int c;
|
|
|
|
{
|
|
|
|
unsigned char *p = str_data + 4;
|
|
|
|
unsigned char *cd = (unsigned char *)d;
|
|
|
|
|
|
|
|
if (c == -1)
|
|
|
|
c = strlen((char *)cd);
|
|
|
|
|
|
|
|
if (auth_debug_mode) {
|
|
|
|
printf("%s:%d: [%d] (%d)",
|
|
|
|
str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
|
|
|
|
str_data[3],
|
|
|
|
type, c);
|
|
|
|
printd(d, c);
|
|
|
|
printf("\r\n");
|
|
|
|
}
|
|
|
|
*p++ = ap->type;
|
|
|
|
*p++ = ap->way;
|
|
|
|
*p++ = type;
|
|
|
|
while (c-- > 0) {
|
|
|
|
if ((*p++ = *cd++) == IAC)
|
|
|
|
*p++ = IAC;
|
|
|
|
}
|
|
|
|
*p++ = IAC;
|
|
|
|
*p++ = SE;
|
|
|
|
if (str_data[3] == TELQUAL_IS)
|
|
|
|
printsub('>', &str_data[2], p - (&str_data[2]));
|
|
|
|
return(net_write(str_data, p - str_data));
|
|
|
|
}
|
|
|
|
|
|
|
|
int sra_init(ap, server)
|
|
|
|
Authenticator *ap;
|
|
|
|
int server;
|
|
|
|
{
|
|
|
|
if (server)
|
|
|
|
str_data[3] = TELQUAL_REPLY;
|
|
|
|
else
|
|
|
|
str_data[3] = TELQUAL_IS;
|
|
|
|
|
|
|
|
user = (char *)malloc(256);
|
|
|
|
xuser = (char *)malloc(512);
|
|
|
|
pass = (char *)malloc(256);
|
|
|
|
xpass = (char *)malloc(512);
|
|
|
|
passwd_sent = 0;
|
|
|
|
|
|
|
|
genkeys(pka,ska);
|
|
|
|
return(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* client received a go-ahead for sra */
|
|
|
|
int sra_send(ap)
|
|
|
|
Authenticator *ap;
|
|
|
|
{
|
|
|
|
/* send PKA */
|
|
|
|
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Sent PKA to server.\r\n" );
|
|
|
|
printf("Trying SRA secure login:\r\n");
|
|
|
|
if (!Data(ap, SRA_KEY, (void *)pka, HEXKEYBYTES)) {
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Not enough room for authentication data\r\n");
|
|
|
|
return(0);
|
|
|
|
}
|
|
|
|
|
|
|
|
return(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* server received an IS -- could be SRA KEY, USER, or PASS */
|
|
|
|
void sra_is(ap, data, cnt)
|
|
|
|
Authenticator *ap;
|
|
|
|
unsigned char *data;
|
|
|
|
int cnt;
|
|
|
|
{
|
|
|
|
int valid;
|
|
|
|
Session_Key skey;
|
|
|
|
|
|
|
|
if (cnt-- < 1)
|
|
|
|
return;
|
|
|
|
switch (*data++) {
|
|
|
|
|
|
|
|
case SRA_KEY:
|
|
|
|
if (cnt < HEXKEYBYTES) {
|
|
|
|
Data(ap, SRA_REJECT, (void *)0, 0);
|
|
|
|
auth_finished(ap, AUTH_USER);
|
|
|
|
if (auth_debug_mode) {
|
|
|
|
printf("SRA user rejected for bad PKB\r\n");
|
|
|
|
}
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Sent pka\r\n");
|
|
|
|
if (!Data(ap, SRA_KEY, (void *)pka, HEXKEYBYTES)) {
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Not enough room\r\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
memcpy(pkb,data,HEXKEYBYTES);
|
|
|
|
pkb[HEXKEYBYTES] = '\0';
|
|
|
|
common_key(ska,pkb,&ik,&ck);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SRA_USER:
|
|
|
|
/* decode KAB(u) */
|
|
|
|
memcpy(xuser,data,cnt);
|
|
|
|
xuser[cnt] = '\0';
|
|
|
|
pk_decode(xuser,user,&ck);
|
|
|
|
auth_encrypt_user(user);
|
|
|
|
Data(ap, SRA_CONTINUE, (void *)0, 0);
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SRA_PASS:
|
|
|
|
/* decode KAB(P) */
|
|
|
|
memcpy(xpass,data,cnt);
|
|
|
|
xpass[cnt] = '\0';
|
|
|
|
pk_decode(xpass,pass,&ck);
|
|
|
|
|
|
|
|
/* check user's password */
|
|
|
|
valid = check_user(user,pass);
|
|
|
|
|
|
|
|
if(valid) {
|
|
|
|
Data(ap, SRA_ACCEPT, (void *)0, 0);
|
|
|
|
#ifdef DES_ENCRYPTION
|
|
|
|
skey.data = ck;
|
|
|
|
skey.type = SK_DES;
|
|
|
|
skey.length = 8;
|
|
|
|
encrypt_session_key(&skey, 1);
|
|
|
|
#endif
|
|
|
|
|
|
|
|
sra_valid = 1;
|
|
|
|
auth_finished(ap, AUTH_VALID);
|
|
|
|
if (auth_debug_mode) {
|
|
|
|
printf("SRA user accepted\r\n");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
Data(ap, SRA_CONTINUE, (void *)0, 0);
|
|
|
|
/*
|
|
|
|
Data(ap, SRA_REJECT, (void *)0, 0);
|
|
|
|
sra_valid = 0;
|
|
|
|
auth_finished(ap, AUTH_REJECT);
|
|
|
|
*/
|
|
|
|
if (auth_debug_mode) {
|
|
|
|
printf("SRA user failed\r\n");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Unknown SRA option %d\r\n", data[-1]);
|
|
|
|
Data(ap, SRA_REJECT, 0, 0);
|
|
|
|
sra_valid = 0;
|
|
|
|
auth_finished(ap, AUTH_REJECT);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
extern char *getpass();
|
|
|
|
|
|
|
|
/* client received REPLY -- could be SRA KEY, CONTINUE, ACCEPT, or REJECT */
|
|
|
|
void sra_reply(ap, data, cnt)
|
|
|
|
Authenticator *ap;
|
|
|
|
unsigned char *data;
|
|
|
|
int cnt;
|
|
|
|
{
|
|
|
|
extern char *telnet_gets();
|
|
|
|
char uprompt[256],tuser[256];
|
|
|
|
Session_Key skey;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if (cnt-- < 1)
|
|
|
|
return;
|
|
|
|
switch (*data++) {
|
|
|
|
|
|
|
|
case SRA_KEY:
|
|
|
|
/* calculate common key */
|
|
|
|
if (cnt < HEXKEYBYTES) {
|
|
|
|
if (auth_debug_mode) {
|
|
|
|
printf("SRA user rejected for bad PKB\r\n");
|
|
|
|
}
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
memcpy(pkb,data,HEXKEYBYTES);
|
|
|
|
pkb[HEXKEYBYTES] = '\0';
|
|
|
|
|
|
|
|
common_key(ska,pkb,&ik,&ck);
|
|
|
|
|
|
|
|
enc_user:
|
|
|
|
|
|
|
|
/* encode user */
|
|
|
|
memset(tuser,0,sizeof(tuser));
|
|
|
|
sprintf(uprompt,"User (%s): ",UserNameRequested);
|
|
|
|
telnet_gets(uprompt,tuser,255,1);
|
|
|
|
if (tuser[0] == '\n' || tuser[0] == '\r' )
|
|
|
|
strcpy(user,UserNameRequested);
|
|
|
|
else {
|
|
|
|
/* telnet_gets leaves the newline on */
|
|
|
|
for(i=0;i<sizeof(tuser);i++) {
|
|
|
|
if (tuser[i] == '\n') {
|
|
|
|
tuser[i] = '\0';
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
strcpy(user,tuser);
|
|
|
|
}
|
|
|
|
pk_encode(user,xuser,&ck);
|
|
|
|
|
|
|
|
/* send it off */
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Sent KAB(U)\r\n");
|
|
|
|
if (!Data(ap, SRA_USER, (void *)xuser, strlen(xuser))) {
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Not enough room\r\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SRA_CONTINUE:
|
|
|
|
if (passwd_sent) {
|
|
|
|
passwd_sent = 0;
|
|
|
|
printf("[ SRA login failed ]\r\n");
|
|
|
|
goto enc_user;
|
|
|
|
}
|
|
|
|
/* encode password */
|
|
|
|
memset(pass,0,sizeof(pass));
|
|
|
|
telnet_gets("Password: ",pass,255,0);
|
|
|
|
pk_encode(pass,xpass,&ck);
|
|
|
|
/* send it off */
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Sent KAB(P)\r\n");
|
|
|
|
if (!Data(ap, SRA_PASS, (void *)xpass, strlen(xpass))) {
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Not enough room\r\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
passwd_sent = 1;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SRA_REJECT:
|
|
|
|
printf("[ SRA refuses authentication ]\r\n");
|
|
|
|
printf("Trying plaintext login:\r\n");
|
|
|
|
auth_finished(0,AUTH_REJECT);
|
|
|
|
return;
|
|
|
|
|
|
|
|
case SRA_ACCEPT:
|
|
|
|
printf("[ SRA accepts you ]\r\n");
|
|
|
|
#ifdef DES_ENCRYPTION
|
|
|
|
skey.data = ck;
|
|
|
|
skey.type = SK_DES;
|
|
|
|
skey.length = 8;
|
|
|
|
encrypt_session_key(&skey, 0);
|
|
|
|
#endif
|
|
|
|
|
|
|
|
auth_finished(ap, AUTH_VALID);
|
|
|
|
return;
|
|
|
|
default:
|
|
|
|
if (auth_debug_mode)
|
|
|
|
printf("Unknown SRA option %d\r\n", data[-1]);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
int sra_status(ap, name, level)
|
|
|
|
Authenticator *ap;
|
|
|
|
char *name;
|
|
|
|
int level;
|
|
|
|
{
|
|
|
|
if (level < AUTH_USER)
|
|
|
|
return(level);
|
|
|
|
if (UserNameRequested && sra_valid) {
|
|
|
|
strcpy(name, UserNameRequested);
|
|
|
|
return(AUTH_VALID);
|
|
|
|
} else
|
|
|
|
return(AUTH_USER);
|
|
|
|
}
|
|
|
|
|
|
|
|
#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
|
|
|
|
#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
|
|
|
|
|
|
|
|
void sra_printsub(data, cnt, buf, buflen)
|
|
|
|
unsigned char *data, *buf;
|
|
|
|
int cnt, buflen;
|
|
|
|
{
|
|
|
|
char lbuf[32];
|
|
|
|
register int i;
|
|
|
|
|
|
|
|
buf[buflen-1] = '\0'; /* make sure its NULL terminated */
|
|
|
|
buflen -= 1;
|
|
|
|
|
|
|
|
switch(data[3]) {
|
|
|
|
|
|
|
|
case SRA_CONTINUE:
|
|
|
|
strncpy((char *)buf, " CONTINUE ", buflen);
|
|
|
|
goto common;
|
|
|
|
|
|
|
|
case SRA_REJECT: /* Rejected (reason might follow) */
|
|
|
|
strncpy((char *)buf, " REJECT ", buflen);
|
|
|
|
goto common;
|
|
|
|
|
|
|
|
case SRA_ACCEPT: /* Accepted (name might follow) */
|
|
|
|
strncpy((char *)buf, " ACCEPT ", buflen);
|
|
|
|
|
|
|
|
common:
|
|
|
|
BUMP(buf, buflen);
|
|
|
|
if (cnt <= 4)
|
|
|
|
break;
|
|
|
|
ADDC(buf, buflen, '"');
|
|
|
|
for (i = 4; i < cnt; i++)
|
|
|
|
ADDC(buf, buflen, data[i]);
|
|
|
|
ADDC(buf, buflen, '"');
|
|
|
|
ADDC(buf, buflen, '\0');
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SRA_KEY: /* Authentication data follows */
|
|
|
|
strncpy((char *)buf, " KEY ", buflen);
|
|
|
|
goto common2;
|
|
|
|
|
|
|
|
case SRA_USER:
|
|
|
|
strncpy((char *)buf, " USER ", buflen);
|
|
|
|
goto common2;
|
|
|
|
|
|
|
|
case SRA_PASS:
|
|
|
|
strncpy((char *)buf, " PASS ", buflen);
|
|
|
|
goto common2;
|
|
|
|
|
|
|
|
default:
|
|
|
|
sprintf(lbuf, " %d (unknown)", data[3]);
|
|
|
|
strncpy((char *)buf, lbuf, buflen);
|
|
|
|
common2:
|
|
|
|
BUMP(buf, buflen);
|
|
|
|
for (i = 4; i < cnt; i++) {
|
|
|
|
sprintf(lbuf, " %d", data[i]);
|
|
|
|
strncpy((char *)buf, lbuf, buflen);
|
|
|
|
BUMP(buf, buflen);
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
struct passwd *pw;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Helper function for sgetpwnam().
|
|
|
|
*/
|
|
|
|
char *
|
|
|
|
sgetsave(s)
|
|
|
|
char *s;
|
|
|
|
{
|
|
|
|
char *new = malloc((unsigned) strlen(s) + 1);
|
|
|
|
|
|
|
|
if (new == NULL) {
|
|
|
|
return(NULL);
|
|
|
|
}
|
|
|
|
(void) strcpy(new, s);
|
|
|
|
return (new);
|
|
|
|
}
|
|
|
|
|
|
|
|
#include <pwd.h>
|
|
|
|
#include <syslog.h>
|
|
|
|
#ifdef USE_SHADOW
|
|
|
|
#include <shadow.h>
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
|
struct passwd *
|
|
|
|
sgetpwnam(name)
|
|
|
|
char *name;
|
|
|
|
{
|
|
|
|
static struct passwd save;
|
|
|
|
register struct passwd *p;
|
|
|
|
char *sgetsave();
|
|
|
|
|
|
|
|
if ((p = getpwnam(name)) == NULL)
|
|
|
|
return (p);
|
|
|
|
if (save.pw_name) {
|
|
|
|
free(save.pw_name);
|
|
|
|
free(save.pw_passwd);
|
|
|
|
free(save.pw_gecos);
|
|
|
|
free(save.pw_dir);
|
|
|
|
free(save.pw_shell);
|
|
|
|
}
|
|
|
|
save = *p;
|
|
|
|
save.pw_name = sgetsave(p->pw_name);
|
|
|
|
save.pw_passwd = sgetsave(p->pw_passwd);
|
|
|
|
save.pw_gecos = sgetsave(p->pw_gecos);
|
|
|
|
save.pw_dir = sgetsave(p->pw_dir);
|
|
|
|
save.pw_shell = sgetsave(p->pw_shell);
|
|
|
|
#if 0
|
|
|
|
syslog(LOG_WARNING,"%s\n",save.pw_name);
|
|
|
|
syslog(LOG_WARNING,"%s\n",save.pw_passwd);
|
|
|
|
syslog(LOG_WARNING,"%s\n",save.pw_gecos);
|
|
|
|
syslog(LOG_WARNING,"%s\n",save.pw_dir);
|
|
|
|
#endif
|
|
|
|
#ifdef USE_SHADOW
|
|
|
|
{
|
|
|
|
struct spwd *sp;
|
|
|
|
sp = getspnam(name);
|
|
|
|
free(save.pw_passwd);
|
|
|
|
save.pw_passwd = sgetsave(sp->sp_pwdp);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
return (&save);
|
|
|
|
}
|
|
|
|
|
|
|
|
char *crypt();
|
|
|
|
|
|
|
|
int check_user(name, pass)
|
|
|
|
char *name;
|
|
|
|
char *pass;
|
|
|
|
{
|
|
|
|
register char *cp;
|
|
|
|
char *xpasswd, *salt;
|
|
|
|
|
|
|
|
if (pw = sgetpwnam(name)) {
|
|
|
|
if (pw->pw_shell == NULL) {
|
|
|
|
pw = (struct passwd *) NULL;
|
|
|
|
return(0);
|
|
|
|
}
|
|
|
|
|
|
|
|
salt = pw->pw_passwd;
|
|
|
|
xpasswd = crypt(pass, salt);
|
|
|
|
/* The strcmp does not catch null passwords! */
|
|
|
|
if (pw == NULL || *pw->pw_passwd == '\0' ||
|
|
|
|
strcmp(xpasswd, pw->pw_passwd)) {
|
|
|
|
pw = (struct passwd *) NULL;
|
|
|
|
return(0);
|
|
|
|
}
|
|
|
|
return(1);
|
|
|
|
}
|
|
|
|
return(0);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|