search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:heimdal A real fix for bug 6801
[heimdal.git] / appl / otp / otp.c
blobef3e4ab1554fec9ecd92ce7ae6fe321b17abdec3
1 /*
2 * Copyright (c) 1995-1997, 1999 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "otp_locl.h"
35 #include <getarg.h>
36
37 RCSID("$Id$");
38
39 static int listp;
40 static int deletep;
41 static int openp;
42 static int renewp;
43 static char* alg_string;
44 static char *user;
45 static int version_flag;
46 static int help_flag;
47
48 struct getargs args[] = {
49 { "list", 'l', arg_flag, &listp, "list OTP status" },
50 { "delete", 'd', arg_flag, &deletep, "delete OTP" },
51 { "open", 'o', arg_flag, &openp, "open a locked OTP" },
52 { "renew", 'r', arg_flag, &renewp, "securely renew OTP" },
53 { "hash", 'f', arg_string, &alg_string,
54 "hash algorithm (md4, md5, or sha)", "algorithm"},
55 { "user", 'u', arg_string, &user,
56 "user other than current user (root only)", "user" },
57 { "version", 0, arg_flag, &version_flag },
58 { "help", 'h', arg_flag, &help_flag }
59 };
60
61 int num_args = sizeof(args) / sizeof(args[0]);
62
63 static void
64 usage(int code)
65 {
66 arg_printusage(args, num_args, NULL, "[num seed]");
67 exit(code);
68 }
69
70 /*
71 * Renew the OTP for a user.
72 * The pass-phrase is not required (RFC 1938/8.0)
73 */
74
75 static int
76 renew (int argc, char **argv, OtpAlgorithm *alg, char *user)
77 {
78 OtpContext newctx, *ctx;
79 char prompt[128];
80 char pw[64];
81 void *dbm;
82 int ret;
83
84 newctx.alg = alg;
85 newctx.user = user;
86 newctx.n = atoi (argv[0]);
87 strlcpy (newctx.seed, argv[1], sizeof(newctx.seed));
88 strlwr(newctx.seed);
89 snprintf (prompt, sizeof(prompt),
90 "[ otp-%s %u %s ]",
91 newctx.alg->name,
92 newctx.n,
93 newctx.seed);
94 if (UI_UTIL_read_pw_string (pw, sizeof(pw), prompt, 0) == 0 &&
95 otp_parse (newctx.key, pw, alg) == 0) {
96 ctx = &newctx;
97 ret = 0;
98 } else
99 return 1;
100
101 dbm = otp_db_open ();
102 if (dbm == NULL) {
103 warnx ("otp_db_open failed");
104 return 1;
105 }
106 otp_put (dbm, ctx);
107 otp_db_close (dbm);
108 return ret;
109 }
110
111 /*
112 * Return 0 if the user could enter the next OTP.
113 * I would rather have returned !=0 but it's shell-like here around.
114 */
115
116 static int
117 verify_user_otp(char *username)
118 {
119 OtpContext ctx;
120 char passwd[OTP_MAX_PASSPHRASE + 1];
121 char prompt[128], ss[256];
122
123 if (otp_challenge (&ctx, username, ss, sizeof(ss)) != 0) {
124 warnx("no otp challenge found for %s", username);
125 return 1;
126 }
127
128 snprintf (prompt, sizeof(prompt), "%s's %s Password: ", username, ss);
129 if(UI_UTIL_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0))
130 return 1;
131 return otp_verify_user (&ctx, passwd);
132 }
133
134 /*
135 * Set the OTP for a user
136 */
137
138 static int
139 set (int argc, char **argv, OtpAlgorithm *alg, char *user)
140 {
141 void *db;
142 OtpContext ctx;
143 char pw[OTP_MAX_PASSPHRASE + 1];
144 int ret;
145 int i;
146
147 ctx.alg = alg;
148 ctx.user = strdup (user);
149 if (ctx.user == NULL)
150 err (1, "out of memory");
151
152 ctx.n = atoi (argv[0]);
153 strlcpy (ctx.seed, argv[1], sizeof(ctx.seed));
154 strlwr(ctx.seed);
155 do {
156 if (UI_UTIL_read_pw_string (pw, sizeof(pw), "Pass-phrase: ", 1))
157 return 1;
158 if (strlen (pw) < OTP_MIN_PASSPHRASE)
159 printf ("Too short pass-phrase. Use at least %d characters\n",
160 OTP_MIN_PASSPHRASE);
161 } while(strlen(pw) < OTP_MIN_PASSPHRASE);
162 ctx.alg->init (ctx.key, pw, ctx.seed);
163 for (i = 0; i < ctx.n; ++i)
164 ctx.alg->next (ctx.key);
165 db = otp_db_open ();
166 if(db == NULL) {
167 free (ctx.user);
168 err (1, "otp_db_open failed");
169 }
170 ret = otp_put (db, &ctx);
171 otp_db_close (db);
172 free (ctx.user);
173 return ret;
174 }
175
176 /*
177 * Delete otp of user from the database
178 */
179
180 static int
181 delete_otp (int argc, char **argv, char *user)
182 {
183 void *db;
184 OtpContext ctx;
185 int ret;
186
187 db = otp_db_open ();
188 if(db == NULL)
189 errx (1, "otp_db_open failed");
190
191 ctx.user = user;
192 ret = otp_delete(db, &ctx);
193 otp_db_close (db);
194 return ret;
195 }
196
197 /*
198 * Tell whether the user has an otp
199 */
200
201 static int
202 has_an_otp(char *user)
203 {
204 void *db;
205 OtpContext ctx;
206 int ret;
207
208 db = otp_db_open ();
209 if(db == NULL) {
210 warnx ("otp_db_open failed");
211 return 0; /* if no db no otp! */
212 }
213
214 ctx.user = user;
215 ret = otp_simple_get(db, &ctx);
216
217 otp_db_close (db);
218 return !ret;
219 }
220
221 /*
222 * Get and print out the otp entry for some user
223 */
224
225 static void
226 print_otp_entry_for_name (void *db, char *user)
227 {
228 OtpContext ctx;
229
230 ctx.user = user;
231 if (!otp_simple_get(db, &ctx)) {
232 fprintf(stdout,
233 "%s\totp-%s %d %s",
234 ctx.user, ctx.alg->name, ctx.n, ctx.seed);
235 if (ctx.lock_time)
236 fprintf(stdout,
237 "\tlocked since %s",
238 ctime(&ctx.lock_time));
239 else
240 fprintf(stdout, "\n");
241 }
242 }
243
244 static int
245 open_otp (int argc, char **argv, char *user)
246 {
247 void *db;
248 OtpContext ctx;
249 int ret;
250
251 db = otp_db_open ();
252 if (db == NULL)
253 errx (1, "otp_db_open failed");
254
255 ctx.user = user;
256 ret = otp_simple_get (db, &ctx);
257 if (ret == 0)
258 ret = otp_put (db, &ctx);
259 otp_db_close (db);
260 return ret;
261 }
262
263 /*
264 * Print otp entries for one or all users
265 */
266
267 static int
268 list_otps (int argc, char **argv, char *user)
269 {
270 void *db;
271 struct passwd *pw;
272
273 db = otp_db_open ();
274 if(db == NULL)
275 errx (1, "otp_db_open failed");
276
277 if (user)
278 print_otp_entry_for_name(db, user);
279 else
280 /* scans all users... so as to get a deterministic order */
281 while ((pw = getpwent()))
282 print_otp_entry_for_name(db, pw->pw_name);
283
284 otp_db_close (db);
285 return 0;
286 }
287
288 int
289 main (int argc, char **argv)
290 {
291 int defaultp = 0;
292 int uid = getuid();
293 OtpAlgorithm *alg = otp_find_alg (OTP_ALG_DEFAULT);
294 int optind = 0;
295
296 setprogname (argv[0]);
297 if(getarg(args, num_args, argc, argv, &optind))
298 usage(1);
299 if(help_flag)
300 usage(0);
301 if(version_flag) {
302 print_version(NULL);
303 exit(0);
304 }
305
306 if(deletep && uid != 0)
307 errx (1, "Only root can delete OTPs");
308 if(alg_string) {
309 alg = otp_find_alg (alg_string);
310 if (alg == NULL)
311 errx (1, "Unknown algorithm: %s", alg_string);
312 }
313 if (user && uid != 0)
314 errx (1, "Only root can use `-u'");
315 argc -= optind;
316 argv += optind;
317
318 if (!(listp || deletep || renewp || openp))
319 defaultp = 1;
320
321 if ( listp + deletep + renewp + defaultp + openp != 1)
322 usage(1); /* one of -d or -l or -r or none */
323
324 if(deletep || openp || listp) {
325 if(argc != 0)
326 errx(1, "delete, open, and list requires no arguments");
327 } else {
328 if(argc != 2)
329 errx(1, "setup, and renew requires `num', and `seed'");
330 }
331 if (listp)
332 return list_otps (argc, argv, user);
333
334 if (user == NULL) {
335 struct passwd *pwd;
336
337 pwd = k_getpwuid(uid);
338 if (pwd == NULL)
339 err (1, "You don't exist");
340 user = pwd->pw_name;
341 }
342
343 /*
344 * users other that root must provide the next OTP to update the sequence.
345 * it avoids someone to use a pending session to change an OTP sequence.
346 * see RFC 1938/8.0.
347 */
348 if (uid != 0 && (defaultp || renewp)) {
349 if (!has_an_otp(user)) {
350 errx (1, "Only root can set an initial OTP");
351 } else { /* Check the next OTP (RFC 1938/8.0: SHOULD) */
352 if (verify_user_otp(user) != 0) {
353 errx (1, "User authentification failed");
354 }
355 }
356 }
357
358 if (deletep)
359 return delete_otp (argc, argv, user);
360 else if (renewp)
361 return renew (argc, argv, alg, user);
362 else if (openp)
363 return open_otp (argc, argv, user);
364 else
365 return set (argc, argv, alg, user);
366 }
Heimdal