auth-skey.c

   1 #include "includes.h"
   2
   3 #ifdef SKEY
   4 RCSID("$Id$");
   5
   6 #include "ssh.h"
   7 #include "packet.h"
   8
   9 #ifdef HAVE_OPENSSL
  10 #include <openssl/sha1.h>
  11 #endif
  12 #ifdef HAVE_SSL
  13 #include <ssl/sha1.h>
  14 #endif
  15
  16 /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
  17
  18 /*
  19  * try skey authentication,
  20  * return 1 on success, 0 on failure, -1 if skey is not available
  21  */
  22
  23 int
  24 auth_skey_password(struct passwd * pw, const char *password)
  25 {
  26         if (strncasecmp(password, "s/key", 5) == 0) {
  27                 char *skeyinfo = skey_keyinfo(pw->pw_name);
  28                 if (skeyinfo == NULL) {
  29                         debug("generating fake skeyinfo for %.100s.",
  30                             pw->pw_name);
  31                         skeyinfo = skey_fake_keyinfo(pw->pw_name);
  32                 }
  33                 if (skeyinfo != NULL)
  34                         packet_send_debug(skeyinfo);
  35                 /* Try again. */
  36                 return 0;
  37         } else if (skey_haskey(pw->pw_name) == 0 &&
  38                    skey_passcheck(pw->pw_name, (char *) password) != -1) {
  39                 /* Authentication succeeded. */
  40                 return 1;
  41         }
  42         /* Fall back to ordinary passwd authentication. */
  43         return -1;
  44 }
  45
  46 + /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
  47
  48 #define ROUND(x)   (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \
  49                     ((x)[3]))
  50
  51 /*
  52  * hash_collapse()
  53  */
  54 static u_int32_t
  55 hash_collapse(s)
  56         u_char *s;
  57 {
  58         int len, target;
  59         u_int32_t i;
  60
  61         if ((strlen(s) % sizeof(u_int32_t)) == 0)
  62                 target = strlen(s);    /* Multiple of 4 */
  63         else
  64                 target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
  65
  66         for (i = 0, len = 0; len < target; len += 4)
  67                 i ^= ROUND(s + len);
  68
  69         return i;
  70 }
  71
  72 char *
  73 skey_fake_keyinfo(char *username)
  74 {
  75         int i;
  76         u_int ptr;
  77         u_char hseed[SKEY_MAX_SEED_LEN], flg = 1, *up;
  78         char pbuf[SKEY_MAX_PW_LEN+1];
  79         static char skeyprompt[SKEY_MAX_CHALLENGE+1];
  80         char *secret = NULL;
  81         size_t secretlen = 0;
  82         SHA1_CTX ctx;
  83         char *p, *u;
  84
  85         /*
  86          * Base first 4 chars of seed on hostname.
  87          * Add some filler for short hostnames if necessary.
  88          */
  89         if (gethostname(pbuf, sizeof(pbuf)) == -1)
  90                 *(p = pbuf) = '.';
  91         else
  92                 for (p = pbuf; *p && isalnum(*p); p++)
  93                         if (isalpha(*p) && isupper(*p))
  94                                 *p = tolower(*p);
  95         if (*p && pbuf - p < 4)
  96                 (void)strncpy(p, "asjd", 4 - (pbuf - p));
  97         pbuf[4] = '\0';
  98
  99         /* Hash the username if possible */
 100         if ((up = SHA1Data(username, strlen(username), NULL)) != NULL) {
 101                 struct stat sb;
 102                 time_t t;
 103                 int fd;
 104
 105                 /* Collapse the hash */
 106                 ptr = hash_collapse(up);
 107                 memset(up, 0, strlen(up));
 108
 109                 /* See if the random file's there, else use ctime */
 110                 if ((fd = open(_SKEY_RAND_FILE_PATH_, O_RDONLY)) != -1
 111                     && fstat(fd, &sb) == 0 &&
 112                     sb.st_size > (off_t)SKEY_MAX_SEED_LEN &&
 113                     lseek(fd, ptr % (sb.st_size - SKEY_MAX_SEED_LEN),
 114                     SEEK_SET) != -1 && read(fd, hseed,
 115                     SKEY_MAX_SEED_LEN) == SKEY_MAX_SEED_LEN) {
 116                         close(fd);
 117                         secret = hseed;
 118                         secretlen = SKEY_MAX_SEED_LEN;
 119                         flg = 0;
 120                 } else if (!stat(_PATH_MEM, &sb) || !stat("/", &sb)) {
 121                         t = sb.st_ctime;
 122                         secret = ctime(&t);
 123                         secretlen = strlen(secret);
 124                         flg = 0;
 125                 }
 126         }
 127
 128         /* Put that in your pipe and smoke it */
 129         if (flg == 0) {
 130                 /* Hash secret value with username */
 131                 SHA1Init(&ctx);
 132                 SHA1Update(&ctx, secret, secretlen);
 133                 SHA1Update(&ctx, username, strlen(username));
 134                 SHA1End(&ctx, up);
 135
 136                 /* Zero out */
 137                 memset(secret, 0, secretlen);
 138
 139                 /* Now hash the hash */
 140                 SHA1Init(&ctx);
 141                 SHA1Update(&ctx, up, strlen(up));
 142                 SHA1End(&ctx, up);
 143
 144                 ptr = hash_collapse(up + 4);
 145
 146                 for (i = 4; i < 9; i++) {
 147                         pbuf[i] = (ptr % 10) + '0';
 148                         ptr /= 10;
 149                 }
 150                 pbuf[i] = '\0';
 151
 152                 /* Sequence number */
 153                 ptr = ((up[2] + up[3]) % 99) + 1;
 154
 155                 memset(up, 0, 20); /* SHA1 specific */
 156                 free(up);
 157
 158                 (void)snprintf(skeyprompt, sizeof skeyprompt,
 159                               "otp-%.*s %d %.*s",
 160                               SKEY_MAX_HASHNAME_LEN,
 161                               skey_get_algorithm(),
 162                               ptr, SKEY_MAX_SEED_LEN,
 163                               pbuf);
 164         } else {
 165                 /* Base last 8 chars of seed on username */
 166                 u = username;
 167                 i = 8;
 168                 p = &pbuf[4];
 169                 do {
 170                         if (*u == 0) {
 171                                 /* Pad remainder with zeros */
 172                                 while (--i >= 0)
 173                                         *p++ = '0';
 174                                 break;
 175                         }
 176
 177                         *p++ = (*u++ % 10) + '0';
 178                 } while (--i != 0);
 179                 pbuf[12] = '\0';
 180
 181                 (void)snprintf(skeyprompt, sizeof skeyprompt,
 182                               "otp-%.*s %d %.*s",
 183                               SKEY_MAX_HASHNAME_LEN,
 184                               skey_get_algorithm(),
 185                               99, SKEY_MAX_SEED_LEN, pbuf);
 186         }
 187         return skeyprompt;
 188 }
 189
 190 #endif /* SKEY */