Annotation of src/usr.bin/skeyinit/skeyinit.c, Revision 1.72
1.71 tb 1: /* $OpenBSD: skeyinit.c,v 1.70 2016/05/17 20:54:07 millert Exp $ */
1.1 deraadt 2:
1.28 millert 3: /* OpenBSD S/Key (skeyinit.c)
1.1 deraadt 4: *
5: * Authors:
6: * Neil M. Haller <nmh@thumper.bellcore.com>
7: * Philip R. Karn <karn@chicago.qualcomm.com>
8: * John S. Walden <jsw@thumper.bellcore.com>
9: * Scott Chasin <chasin@crimelab.com>
1.20 millert 10: * Todd C. Miller <Todd.Miller@courtesan.com>
11: *
1.28 millert 12: * S/Key initialization and seed update
1.1 deraadt 13: */
14:
1.20 millert 15: #include <sys/file.h>
1.32 millert 16: #include <sys/resource.h>
17: #include <sys/stat.h>
1.1 deraadt 18: #include <sys/time.h>
19:
1.32 millert 20: #include <ctype.h>
1.19 millert 21: #include <err.h>
1.20 millert 22: #include <errno.h>
1.19 millert 23: #include <pwd.h>
1.28 millert 24: #include <readpassphrase.h>
1.1 deraadt 25: #include <stdio.h>
26: #include <stdlib.h>
27: #include <string.h>
1.19 millert 28: #include <syslog.h>
29: #include <time.h>
1.1 deraadt 30: #include <unistd.h>
1.56 deraadt 31: #include <limits.h>
1.6 millert 32: #include <utmp.h>
1.19 millert 33:
1.4 millert 34: #include <skey.h>
1.32 millert 35: #include <bsd_auth.h>
1.1 deraadt 36:
1.4 millert 37: #ifndef SKEY_NAMELEN
1.17 millert 38: #define SKEY_NAMELEN 4
1.4 millert 39: #endif
1.1 deraadt 40:
1.36 millert 41: void usage(void);
1.44 deraadt 42: void secure_mode(int *, char *, char *, size_t, char *, size_t);
1.38 millert 43: void normal_mode(char *, int, char *, char *);
1.32 millert 44: void enable_db(int);
1.8 millert 45:
1.1 deraadt 46: int
1.36 millert 47: main(int argc, char **argv)
1.1 deraadt 48: {
1.60 tim 49: int rval, i, l, n, defaultsetup, rmkey, hexmode, enable;
1.56 deraadt 50: char hostname[HOST_NAME_MAX+1];
1.38 millert 51: char seed[SKEY_MAX_SEED_LEN + 1];
1.32 millert 52: char buf[256], key[SKEY_BINKEY_SIZE], filename[PATH_MAX], *ht;
1.72 ! tb 53: char lastc, *p, *auth_type;
1.57 deraadt 54: const char *errstr;
1.1 deraadt 55: struct skey skey;
56: struct passwd *pp;
1.62 deraadt 57:
1.60 tim 58: n = rmkey = hexmode = enable = 0;
1.32 millert 59: defaultsetup = 1;
60: ht = auth_type = NULL;
1.4 millert 61:
1.8 millert 62: for (i = 1; i < argc && argv[i][0] == '-' && strcmp(argv[i], "--");) {
63: if (argv[i][2] == '\0') {
64: /* Single character switch */
65: switch (argv[i][1]) {
1.32 millert 66: case 'a':
67: if (argv[++i] == NULL || argv[i][0] == '\0')
1.36 millert 68: usage();
1.48 otto 69: auth_type = argv[i];
1.32 millert 70: break;
1.4 millert 71: case 's':
72: defaultsetup = 0;
1.48 otto 73: if (auth_type == NULL)
74: auth_type = "skey";
1.4 millert 75: break;
76: case 'x':
77: hexmode = 1;
78: break;
1.35 millert 79: case 'r':
80: rmkey = 1;
1.4 millert 81: break;
1.17 millert 82: case 'n':
1.23 deraadt 83: if (argv[++i] == NULL || argv[i][0] == '\0')
1.36 millert 84: usage();
1.57 deraadt 85: n = strtonum(argv[i], 1, SKEY_MAX_SEQ - 1, &errstr);
86: if (errstr)
1.17 millert 87: errx(1, "count must be > 0 and < %d",
88: SKEY_MAX_SEQ);
89: break;
1.32 millert 90: case 'D':
91: enable = -1;
92: break;
93: case 'E':
94: enable = 1;
95: break;
1.8 millert 96: default:
1.36 millert 97: usage();
1.8 millert 98: }
99: } else {
100: /* Multi character switches are hash types */
101: if ((ht = skey_set_algorithm(&argv[i][1])) == NULL) {
102: warnx("Unknown hash algorithm %s", &argv[i][1]);
1.36 millert 103: usage();
1.8 millert 104: }
1.7 millert 105: }
1.8 millert 106: i++;
1.7 millert 107: }
1.32 millert 108: argv += i;
109: argc -= i;
1.7 millert 110:
1.60 tim 111: if (argc > 1 || (enable && argc))
1.36 millert 112: usage();
1.32 millert 113:
1.60 tim 114: /* Handle -D and -E */
115: if (enable) {
116: enable_db(enable);
1.34 millert 117: exit(0);
118: }
1.69 tb 119:
1.70 millert 120: if (getuid() != 0) {
121: if (pledge("stdio rpath wpath cpath fattr flock tty proc exec "
122: "getpw", NULL) == -1)
123: err(1, "pledge");
1.72 ! tb 124:
! 125: if ((pp = getpwuid(getuid())) == NULL)
! 126: err(1, "no user with uid %u", getuid());
! 127:
! 128: if (argc == 1) {
! 129: char me[UT_NAMESIZE + 1];
! 130:
! 131: (void)strlcpy(me, pp->pw_name, sizeof me);
! 132: if ((pp = getpwnam(argv[0])) == NULL)
! 133: errx(1, "User unknown: %s", argv[0]);
! 134: if (strcmp(pp->pw_name, me) != 0)
! 135: errx(1, "Permission denied.");
! 136: }
! 137: } else {
1.70 millert 138: if (pledge("stdio rpath wpath cpath fattr flock tty getpw id",
139: NULL) == -1)
140: err(1, "pledge");
1.69 tb 141:
1.72 ! tb 142: if (argc == 1) {
! 143: if ((pp = getpwnam(argv[0])) == NULL) {
1.16 millert 144: static struct passwd _pp;
145:
1.36 millert 146: _pp.pw_name = argv[0];
1.16 millert 147: pp = &_pp;
1.36 millert 148: warnx("Warning, user unknown: %s", argv[0]);
1.16 millert 149: } else {
1.72 ! tb 150: /* So the file ends up owned by the proper ID */
! 151: if (setresuid(-1, pp->pw_uid, -1) != 0)
! 152: errx(1, "unable to change uid to %u",
! 153: pp->pw_uid);
1.16 millert 154: }
1.72 ! tb 155: } else if ((pp = getpwuid(0)) == NULL)
! 156: err(1, "no user with uid 0");
! 157:
! 158: if (pledge("stdio rpath wpath cpath fattr flock tty", NULL)
! 159: == -1)
! 160: err(1, "pledge");
1.1 deraadt 161: }
162:
1.41 millert 163: switch (skey_haskey(pp->pw_name)) {
164: case -1:
165: if (errno == ENOENT || errno == EPERM)
166: errx(1, "S/Key disabled");
167: else
168: err(1, "cannot open database");
169: break;
170: case 0:
171: /* existing user */
172: break;
173: case 1:
1.48 otto 174: if (!defaultsetup && strcmp(auth_type, "skey") == 0) {
1.41 millert 175: fprintf(stderr,
1.45 espie 176: "You must authenticate yourself before using S/Key for the first time. In\n"
177: "secure mode this is normally done via an existing S/Key key. However, since\n"
178: "you do not have an entry in the S/Key database you will have to specify an\n"
179: "alternate authentication type via the `-a' flag, e.g.\n"
1.54 ajacouto 180: " \"skeyinit -s -a passwd\"\n\n"
1.45 espie 181: "Note that entering a plaintext password over a non-secure link defeats the\n"
182: "purpose of using S/Key in the fist place.\n");
1.41 millert 183: exit(1);
184: }
185: break;
186: }
1.28 millert 187:
1.1 deraadt 188: if (getuid() != 0) {
1.32 millert 189: if ((pp = pw_dup(pp)) == NULL)
190: err(1, NULL);
191: if (!auth_userokay(pp->pw_name, auth_type, NULL, NULL))
192: errx(1, "Password incorrect");
1.10 millert 193: }
1.67 millert 194:
195: if (pledge("stdio rpath wpath cpath fattr flock tty", NULL) == -1)
196: err(1, "pledge");
1.71 tb 197:
198: /* Build up a default seed based on the hostname and some randomness */
199: if (gethostname(hostname, sizeof(hostname)) < 0)
200: err(1, "gethostname");
201: for (i = 0, p = seed; hostname[i] && i < SKEY_NAMELEN; i++) {
202: if (isalnum((unsigned char)hostname[i]))
203: *p++ = tolower((unsigned char)hostname[i]);
204: }
205: for (i = 0; i < 5; i++)
206: *p++ = arc4random_uniform(10) + '0';
207: *p = '\0';
1.1 deraadt 208:
1.28 millert 209: /*
210: * Lookup and lock the record we are about to modify.
211: * If this is a new entry this will prevent other users
212: * from appending new entries (and clobbering ours).
213: */
1.1 deraadt 214: rval = skeylookup(&skey, pp->pw_name);
215: switch (rval) {
1.4 millert 216: case -1:
1.41 millert 217: err(1, "cannot open database");
1.21 millert 218: break;
1.4 millert 219: case 0:
1.35 millert 220: /* remove user if asked to do so */
221: if (rmkey) {
222: if (snprintf(filename, sizeof(filename),
223: "%s/%s", _PATH_SKEYDIR, pp->pw_name)
1.55 guenther 224: >= sizeof(filename))
225: errc(1, ENAMETOOLONG,
226: "Cannot remove S/Key entry");
1.35 millert 227: if (unlink(filename) != 0)
228: err(1, "Cannot remove S/Key entry");
229: printf("S/Key entry for %s removed.\n",
230: pp->pw_name);
231: exit(0);
232: }
1.4 millert 233:
1.28 millert 234: (void)printf("[Updating %s with %s]\n", pp->pw_name,
235: ht ? ht : skey_get_algorithm());
236: (void)printf("Old seed: [%s] %s\n",
237: skey_get_algorithm(), skey.seed);
1.4 millert 238:
239: /*
1.25 millert 240: * Sanity check old seed.
241: */
242: l = strlen(skey.seed);
243: for (p = skey.seed; *p; p++) {
1.52 deraadt 244: if (isalpha((unsigned char)*p)) {
245: if (isupper((unsigned char)*p))
246: *p = tolower((unsigned char)*p);
247: } else if (!isdigit((unsigned char)*p)) {
1.25 millert 248: memmove(p, p + 1, l - (p - skey.seed));
249: l--;
250: }
251: }
252:
1.28 millert 253: /* If the seed ends in 0-8 just add one. */
1.4 millert 254: if (l > 0) {
255: lastc = skey.seed[l - 1];
1.52 deraadt 256: if (isdigit((unsigned char)lastc) &&
257: lastc != '9') {
1.43 deraadt 258: (void)strlcpy(seed, skey.seed,
259: sizeof seed);
1.38 millert 260: seed[l - 1] = lastc + 1;
1.4 millert 261: }
1.52 deraadt 262: if (isdigit((unsigned char)lastc) &&
263: lastc == '9' && l < 16) {
1.43 deraadt 264: (void)strlcpy(seed, skey.seed,
265: sizeof seed);
1.38 millert 266: seed[l - 1] = '0';
267: seed[l] = '0';
268: seed[l + 1] = '\0';
1.4 millert 269: }
1.1 deraadt 270: }
1.4 millert 271: break;
272: case 1:
1.35 millert 273: if (rmkey)
274: errx(1, "You have no entry to remove.");
1.28 millert 275: (void)printf("[Adding %s with %s]\n", pp->pw_name,
276: ht ? ht : skey_get_algorithm());
1.32 millert 277: if (snprintf(filename, sizeof(filename), "%s/%s",
1.55 guenther 278: _PATH_SKEYDIR, pp->pw_name) >= sizeof(filename))
279: errc(1, ENAMETOOLONG,
280: "Cannot create S/Key entry");
1.36 millert 281: if ((l = open(filename,
282: O_RDWR | O_NONBLOCK | O_CREAT | O_TRUNC |O_NOFOLLOW,
1.32 millert 283: S_IRUSR | S_IWUSR)) == -1 ||
284: flock(l, LOCK_EX) != 0 ||
285: (skey.keyfile = fdopen(l, "r+")) == NULL)
286: err(1, "Cannot create S/Key entry");
1.4 millert 287: break;
1.1 deraadt 288: }
1.32 millert 289: if (fchown(fileno(skey.keyfile), pp->pw_uid, -1) != 0 ||
290: fchmod(fileno(skey.keyfile), S_IRUSR | S_IWUSR) != 0)
291: err(1, "can't set owner/mode for %s", pp->pw_name);
1.64 millert 292: if (defaultsetup && n == 0)
1.47 otto 293: n = 100;
1.1 deraadt 294:
1.8 millert 295: /* Set hash type if asked to */
1.28 millert 296: if (ht && strcmp(ht, skey_get_algorithm()) != 0)
297: skey_set_algorithm(ht);
298:
299: alarm(180);
300: if (!defaultsetup)
1.44 deraadt 301: secure_mode(&n, key, seed, sizeof seed, buf, sizeof(buf));
1.28 millert 302: else
1.38 millert 303: normal_mode(pp->pw_name, n, key, seed);
1.28 millert 304: alarm(0);
1.4 millert 305:
1.32 millert 306: /* XXX - why use malloc here? */
1.58 deraadt 307: if ((skey.val = malloc(16 + 1)) == NULL)
1.28 millert 308: err(1, "Can't allocate memory");
309: btoa8(skey.val, key);
1.1 deraadt 310:
1.32 millert 311: (void)fseek(skey.keyfile, 0L, SEEK_SET);
312: (void)fprintf(skey.keyfile, "%s\n%s\n%04d\n%s\n%s\n",
313: pp->pw_name, skey_get_algorithm(), n, seed, skey.val);
1.28 millert 314: (void)fclose(skey.keyfile);
1.4 millert 315:
1.28 millert 316: (void)printf("\nID %s skey is otp-%s %d %s\n", pp->pw_name,
1.38 millert 317: skey_get_algorithm(), n, seed);
1.28 millert 318: (void)printf("Next login password: %s\n\n",
319: hexmode ? put8(buf, key) : btoe(buf, key));
320: exit(0);
321: }
1.1 deraadt 322:
1.28 millert 323: void
1.44 deraadt 324: secure_mode(int *count, char *key, char *seed, size_t seedlen,
325: char *buf, size_t bufsiz)
1.28 millert 326: {
1.38 millert 327: char *p, newseed[SKEY_MAX_SEED_LEN + 2];
1.57 deraadt 328: const char *errstr;
1.64 millert 329: int i, n = *count;
1.4 millert 330:
1.28 millert 331: (void)puts("You need the 6 words generated from the \"skey\" command.");
1.64 millert 332: if (n == 0) {
333: for (i = 0; ; i++) {
334: if (i >= 2)
335: exit(1);
336:
337: (void)printf("Enter sequence count from 1 to %d: ",
338: SKEY_MAX_SEQ);
339: (void)fgets(buf, bufsiz, stdin);
340: clearerr(stdin);
341: rip(buf);
342: n = strtonum(buf, 1, SKEY_MAX_SEQ-1, &errstr);
343: if (!errstr)
344: break; /* Valid range */
345: fprintf(stderr,
346: "ERROR: Count must be between 1 and %d\n",
347: SKEY_MAX_SEQ - 1);
348: }
349: *count= n;
1.28 millert 350: }
1.1 deraadt 351:
1.28 millert 352: for (i = 0; ; i++) {
353: if (i >= 2)
354: exit(1);
355:
1.38 millert 356: (void)printf("Enter new seed [default %s]: ", seed);
357: (void)fgets(newseed, sizeof(newseed), stdin); /* XXX */
1.28 millert 358: clearerr(stdin);
1.38 millert 359: rip(newseed);
360: if (strlen(newseed) > SKEY_MAX_SEED_LEN) {
1.28 millert 361: (void)fprintf(stderr, "ERROR: Seed must be between 1 "
362: "and %d characters in length\n", SKEY_MAX_SEED_LEN);
363: continue;
364: }
1.38 millert 365: for (p = newseed; *p; p++) {
1.52 deraadt 366: if (isspace((unsigned char)*p)) {
1.28 millert 367: (void)fputs("ERROR: Seed must not contain "
368: "any spaces\n", stderr);
1.1 deraadt 369: break;
1.52 deraadt 370: } else if (isalpha((unsigned char)*p)) {
371: if (isupper((unsigned char)*p))
372: *p = tolower((unsigned char)*p);
373: } else if (!isdigit((unsigned char)*p)) {
1.28 millert 374: (void)fputs("ERROR: Seed must be purely "
375: "alphanumeric\n", stderr);
376: break;
377: }
1.1 deraadt 378: }
1.28 millert 379: if (*p == '\0')
380: break; /* Valid seed */
381: }
1.38 millert 382: if (newseed[0] != '\0')
1.44 deraadt 383: (void)strlcpy(seed, newseed, seedlen);
1.1 deraadt 384:
1.28 millert 385: for (i = 0; ; i++) {
386: if (i >= 2)
387: exit(1);
388:
389: (void)printf("otp-%s %d %s\nS/Key access password: ",
390: skey_get_algorithm(), n, seed);
391: (void)fgets(buf, bufsiz, stdin);
392: clearerr(stdin);
393: rip(buf);
394: backspace(buf);
395:
396: if (buf[0] == '?') {
397: (void)puts("Enter 6 words from secure S/Key calculation.");
398: continue;
399: } else if (buf[0] == '\0')
400: exit(1);
401:
402: if (etob(key, buf) == 1 || atob8(key, buf) == 0)
403: break; /* Valid format */
404: (void)fputs("ERROR: Invalid format - try again with the 6 words.\n",
405: stderr);
1.1 deraadt 406: }
1.28 millert 407: }
1.1 deraadt 408:
1.28 millert 409: void
1.38 millert 410: normal_mode(char *username, int n, char *key, char *seed)
1.28 millert 411: {
412: int i, nn;
1.38 millert 413: char passwd[SKEY_MAX_PW_LEN+2], key2[SKEY_BINKEY_SIZE];
1.1 deraadt 414:
1.28 millert 415: /* Get user's secret passphrase */
416: for (i = 0; ; i++) {
417: if (i > 2)
1.38 millert 418: errx(1, "S/Key entry not updated");
1.28 millert 419:
1.46 otto 420: if (readpassphrase("Enter new secret passphrase: ", passwd,
1.28 millert 421: sizeof(passwd), 0) == NULL || passwd[0] == '\0')
422: exit(1);
423:
424: if (strlen(passwd) < SKEY_MIN_PW_LEN) {
425: (void)fprintf(stderr,
426: "ERROR: Your passphrase must be at least %d "
427: "characters long.\n", SKEY_MIN_PW_LEN);
428: continue;
429: } else if (strcmp(passwd, username) == 0) {
430: (void)fputs("ERROR: Your passphrase may not be the "
431: "same as your user name.\n", stderr);
432: continue;
1.50 deraadt 433: } else if (strspn(passwd, "abcdefghijklmnopqrstuvwxyz") ==
1.28 millert 434: strlen(passwd)) {
435: (void)fputs("ERROR: Your passphrase must contain more "
436: "than just lower case letters.\nWhitespace, "
1.37 aaron 437: "numbers, and punctuation are suggested.\n",
438: stderr);
1.28 millert 439: continue;
440: } else if (strlen(passwd) > 63) {
441: (void)fprintf(stderr, "WARNING: Your passphrase is "
442: "longer than the recommended maximum length of 63\n");
443: }
444: /* XXX - should check for passphrase that is really too long */
1.13 millert 445:
1.38 millert 446: /* Crunch seed and passphrase into starting key */
447: nn = keycrunch(key, seed, passwd);
1.59 tim 448: explicit_bzero(passwd, sizeof(passwd));
1.38 millert 449: if (nn != 0)
450: err(2, "key crunch failed");
451:
452: if (readpassphrase("Again secret passphrase: ", passwd,
453: sizeof(passwd), 0) == NULL || passwd[0] == '\0')
454: exit(1);
455:
456: /* Crunch seed and passphrase into starting key */
457: nn = keycrunch(key2, seed, passwd);
1.59 tim 458: explicit_bzero(passwd, sizeof(passwd));
1.38 millert 459: if (nn != 0)
460: err(2, "key crunch failed");
461:
462: if (memcmp(key, key2, sizeof(key2)) == 0)
1.28 millert 463: break;
1.1 deraadt 464:
1.28 millert 465: (void)fputs("Passphrases do not match.\n", stderr);
1.20 millert 466: }
1.28 millert 467:
468: nn = n;
469: while (nn-- != 0)
470: f(key);
471: }
472:
1.32 millert 473: void
1.36 millert 474: enable_db(int op)
1.32 millert 475: {
476: if (op == 1) {
477: /* enable */
478: if (mkdir(_PATH_SKEYDIR, 01730) != 0 && errno != EEXIST)
479: err(1, "can't mkdir %s", _PATH_SKEYDIR);
1.33 millert 480: if (chown(_PATH_SKEYDIR, geteuid(), getegid()) != 0)
481: err(1, "can't chown %s", _PATH_SKEYDIR);
1.32 millert 482: if (chmod(_PATH_SKEYDIR, 01730) != 0)
483: err(1, "can't chmod %s", _PATH_SKEYDIR);
484: } else {
485: /* disable */
486: if (chmod(_PATH_SKEYDIR, 0) != 0 && errno != ENOENT)
487: err(1, "can't chmod %s", _PATH_SKEYDIR);
488: }
489: }
490:
1.8 millert 491: void
1.36 millert 492: usage(void)
1.8 millert 493: {
1.36 millert 494: extern char *__progname;
495:
1.60 tim 496: (void)fprintf(stderr, "usage: %s [-DErsx] [-a auth-type] [-n count]"
1.53 naddy 497: "\n\t[-md5 | -rmd160 | -sha1] [user]\n", __progname);
1.8 millert 498: exit(1);
1.1 deraadt 499: }