auth-skey.c

   1 #include "includes.h"
   2 #ifdef SKEY
   3 RCSID("$Id$");
   4
   5 #include "ssh.h"
   6 #include "packet.h"
   7 #include <sha1.h>
   8
   9 /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
  10
  11 /*
  12  * try skey authentication,
  13  * return 1 on success, 0 on failure, -1 if skey is not available
  14  */
  15
  16 int
  17 auth_skey_password(struct passwd * pw, const char *password)
  18 {
  19         if (strncasecmp(password, "s/key", 5) == 0) {
  20                 char *skeyinfo = skey_keyinfo(pw->pw_name);
  21                 if (skeyinfo == NULL) {
  22                         debug("generating fake skeyinfo for %.100s.",
  23                             pw->pw_name);
  24                         skeyinfo = skey_fake_keyinfo(pw->pw_name);
  25                 }
  26                 if (skeyinfo != NULL)
  27                         packet_send_debug(skeyinfo);
  28                 /* Try again. */
  29                 return 0;
  30         } else if (skey_haskey(pw->pw_name) == 0 &&
  31                    skey_passcheck(pw->pw_name, (char *) password) != -1) {
  32                 /* Authentication succeeded. */
  33                 return 1;
  34         }
  35         /* Fall back to ordinary passwd authentication. */
  36         return -1;
  37 }
  38
  39 /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
  40
  41 #define ROUND(x)   (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \
  42                     ((x)[3]))
  43
  44 /*
  45  * hash_collapse()
  46  */
  47 static u_int32_t
  48 hash_collapse(s)
  49         u_char *s;
  50 {
  51         int len, target;
  52         u_int32_t i;
  53
  54         if ((strlen(s) % sizeof(u_int32_t)) == 0)
  55                 target = strlen(s);    /* Multiple of 4 */
  56         else
  57                 target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
  58
  59         for (i = 0, len = 0; len < target; len += 4)
  60                 i ^= ROUND(s + len);
  61
  62         return i;
  63 }
  64
  65 char *
  66 skey_fake_keyinfo(char *username)
  67 {
  68         int i;
  69         u_int ptr;
  70         u_char hseed[SKEY_MAX_SEED_LEN], flg = 1, *up;
  71         char pbuf[SKEY_MAX_PW_LEN+1];
  72         static char skeyprompt[SKEY_MAX_CHALLENGE+1];
  73         char *secret = NULL;
  74         size_t secretlen = 0;
  75         SHA_CTX ctx;
  76         char *p, *u;
  77         char md[SHA_DIGEST_LENGTH];
  78
  79         /*
  80          * Base first 4 chars of seed on hostname.
  81          * Add some filler for short hostnames if necessary.
  82          */
  83         if (gethostname(pbuf, sizeof(pbuf)) == -1)
  84                 *(p = pbuf) = '.';
  85         else
  86                 for (p = pbuf; *p && isalnum(*p); p++)
  87                         if (isalpha(*p) && isupper(*p))
  88                                 *p = tolower(*p);
  89         if (*p && pbuf - p < 4)
  90                 (void)strncpy(p, "asjd", 4 - (pbuf - p));
  91         pbuf[4] = '\0';
  92
  93         /* Hash the username if possible */
  94         up = malloc(SHA_DIGEST_LENGTH);
  95         if (up != NULL) {
  96                 struct stat sb;
  97                 time_t t;
  98                 int fd;
  99
 100                 SHA1_Init(&ctx);
 101                 SHA1_Update(&ctx, username, strlen(username));
 102                 SHA1_End(&ctx, up);
 103
 104                 /* Collapse the hash */
 105                 ptr = hash_collapse(up);
 106                 memset(up, 0, strlen(up));
 107
 108                 /* See if the random file's there, else use ctime */
 109                 if ((fd = open(_SKEY_RAND_FILE_PATH_, O_RDONLY)) != -1
 110                     && fstat(fd, &sb) == 0 &&
 111                     sb.st_size > (off_t)SKEY_MAX_SEED_LEN &&
 112                     lseek(fd, ptr % (sb.st_size - SKEY_MAX_SEED_LEN),
 113                     SEEK_SET) != -1 && read(fd, hseed,
 114                     SKEY_MAX_SEED_LEN) == SKEY_MAX_SEED_LEN) {
 115                         close(fd);
 116                         fd = -1;
 117                         secret = hseed;
 118                         secretlen = SKEY_MAX_SEED_LEN;
 119                         flg = 0;
 120                 } else if (!stat(_PATH_MEM, &sb) || !stat("/", &sb)) {
 121                         t = sb.st_ctime;
 122                         secret = ctime(&t);
 123                         secretlen = strlen(secret);
 124                         flg = 0;
 125                 }
 126                 if (fd != -1)
 127                         close(fd);
 128         }
 129
 130         /* Put that in your pipe and smoke it */
 131         if (flg == 0) {
 132                 /* Hash secret value with username */
 133                 SHA1_Init(&ctx);
 134                 SHA1_Update(&ctx, secret, secretlen);
 135                 SHA1_Update(&ctx, username, strlen(username));
 136                 SHA1_End(&ctx, up);
 137
 138                 /* Zero out */
 139                 memset(secret, 0, secretlen);
 140
 141                 /* Now hash the hash */
 142                 SHA1_Init(&ctx);
 143                 SHA1_Update(&ctx, up, strlen(up));
 144                 SHA1_End(&ctx, up);
 145
 146                 ptr = hash_collapse(up + 4);
 147
 148                 for (i = 4; i < 9; i++) {
 149                         pbuf[i] = (ptr % 10) + '0';
 150                         ptr /= 10;
 151                 }
 152                 pbuf[i] = '\0';
 153
 154                 /* Sequence number */
 155                 ptr = ((up[2] + up[3]) % 99) + 1;
 156
 157                 memset(up, 0, SHA_DIGEST_LENGTH); /* SHA1 specific */
 158                 free(up);
 159
 160                 (void)snprintf(skeyprompt, sizeof skeyprompt,
 161                               "otp-%.*s %d %.*s",
 162                               SKEY_MAX_HASHNAME_LEN,
 163                               skey_get_algorithm(),
 164                               ptr, SKEY_MAX_SEED_LEN,
 165                               pbuf);
 166         } else {
 167                 /* Base last 8 chars of seed on username */
 168                 u = username;
 169                 i = 8;
 170                 p = &pbuf[4];
 171                 do {
 172                         if (*u == 0) {
 173                                 /* Pad remainder with zeros */
 174                                 while (--i >= 0)
 175                                         *p++ = '0';
 176                                 break;
 177                         }
 178
 179                         *p++ = (*u++ % 10) + '0';
 180                 } while (--i != 0);
 181                 pbuf[12] = '\0';
 182
 183                 (void)snprintf(skeyprompt, sizeof skeyprompt,
 184                               "otp-%.*s %d %.*s",
 185                               SKEY_MAX_HASHNAME_LEN,
 186                               skey_get_algorithm(),
 187                               99, SKEY_MAX_SEED_LEN, pbuf);
 188         }
 189         return skeyprompt;
 190 }
 191
 192 #endif /* SKEY */