Annotation of src/usr.bin/ssh/auth-skey.c, Revision 1.4
1.1 markus 1: #include "includes.h"
1.4 ! markus 2: RCSID("$Id: auth-skey.c,v 1.3 1999/11/23 22:25:52 markus Exp $");
1.1 markus 3:
4: #include "ssh.h"
1.4 ! markus 5: #include "packet.h"
1.1 markus 6: #include <sha1.h>
7:
1.4 ! markus 8: /*
! 9: * try skey authentication,
! 10: * return 1 on success, 0 on failure, -1 if skey is not available
! 11: */
! 12:
! 13: int
! 14: auth_skey_password(struct passwd * pw, const char *password)
! 15: {
! 16: if (strncasecmp(password, "s/key", 5) == 0) {
! 17: char *skeyinfo = skey_keyinfo(pw->pw_name);
! 18: if (skeyinfo == NULL) {
! 19: debug("generating fake skeyinfo for %.100s.",
! 20: pw->pw_name);
! 21: skeyinfo = skey_fake_keyinfo(pw->pw_name);
! 22: }
! 23: if (skeyinfo != NULL)
! 24: packet_send_debug(skeyinfo);
! 25: /* Try again. */
! 26: return 0;
! 27: } else if (skey_haskey(pw->pw_name) == 0 &&
! 28: skey_passcheck(pw->pw_name, (char *) password) != -1) {
! 29: /* Authentication succeeded. */
! 30: return 1;
! 31: }
! 32: /* Fall back to ordinary passwd authentication. */
! 33: return -1;
! 34: }
! 35:
1.1 markus 36: /* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
37:
38: #define ROUND(x) (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \
39: ((x)[3]))
40:
41: /*
42: * hash_collapse()
43: */
44: static u_int32_t
45: hash_collapse(s)
46: u_char *s;
47: {
48: int len, target;
49: u_int32_t i;
50:
51: if ((strlen(s) % sizeof(u_int32_t)) == 0)
52: target = strlen(s); /* Multiple of 4 */
53: else
54: target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
55:
56: for (i = 0, len = 0; len < target; len += 4)
57: i ^= ROUND(s + len);
58:
59: return i;
60: }
1.3 markus 61:
1.1 markus 62: char *
63: skey_fake_keyinfo(char *username)
64: {
65: int i;
66: u_int ptr;
67: u_char hseed[SKEY_MAX_SEED_LEN], flg = 1, *up;
68: char pbuf[SKEY_MAX_PW_LEN+1];
69: static char skeyprompt[SKEY_MAX_CHALLENGE+1];
70: char *secret = NULL;
71: size_t secretlen = 0;
72: SHA1_CTX ctx;
73: char *p, *u;
74:
75: /*
76: * Base first 4 chars of seed on hostname.
77: * Add some filler for short hostnames if necessary.
78: */
79: if (gethostname(pbuf, sizeof(pbuf)) == -1)
80: *(p = pbuf) = '.';
81: else
82: for (p = pbuf; *p && isalnum(*p); p++)
83: if (isalpha(*p) && isupper(*p))
84: *p = tolower(*p);
85: if (*p && pbuf - p < 4)
86: (void)strncpy(p, "asjd", 4 - (pbuf - p));
87: pbuf[4] = '\0';
88:
89: /* Hash the username if possible */
90: if ((up = SHA1Data(username, strlen(username), NULL)) != NULL) {
91: struct stat sb;
92: time_t t;
93: int fd;
94:
95: /* Collapse the hash */
96: ptr = hash_collapse(up);
97: memset(up, 0, strlen(up));
98:
99: /* See if the random file's there, else use ctime */
100: if ((fd = open(_SKEY_RAND_FILE_PATH_, O_RDONLY)) != -1
101: && fstat(fd, &sb) == 0 &&
102: sb.st_size > (off_t)SKEY_MAX_SEED_LEN &&
103: lseek(fd, ptr % (sb.st_size - SKEY_MAX_SEED_LEN),
104: SEEK_SET) != -1 && read(fd, hseed,
105: SKEY_MAX_SEED_LEN) == SKEY_MAX_SEED_LEN) {
106: close(fd);
107: secret = hseed;
108: secretlen = SKEY_MAX_SEED_LEN;
109: flg = 0;
110: } else if (!stat(_PATH_MEM, &sb) || !stat("/", &sb)) {
111: t = sb.st_ctime;
112: secret = ctime(&t);
113: secretlen = strlen(secret);
114: flg = 0;
115: }
116: }
117:
118: /* Put that in your pipe and smoke it */
119: if (flg == 0) {
120: /* Hash secret value with username */
121: SHA1Init(&ctx);
122: SHA1Update(&ctx, secret, secretlen);
123: SHA1Update(&ctx, username, strlen(username));
124: SHA1End(&ctx, up);
125:
126: /* Zero out */
127: memset(secret, 0, secretlen);
128:
129: /* Now hash the hash */
130: SHA1Init(&ctx);
131: SHA1Update(&ctx, up, strlen(up));
132: SHA1End(&ctx, up);
133:
134: ptr = hash_collapse(up + 4);
135:
136: for (i = 4; i < 9; i++) {
137: pbuf[i] = (ptr % 10) + '0';
138: ptr /= 10;
139: }
140: pbuf[i] = '\0';
141:
142: /* Sequence number */
143: ptr = ((up[2] + up[3]) % 99) + 1;
144:
145: memset(up, 0, 20); /* SHA1 specific */
146: free(up);
147:
1.2 deraadt 148: (void)snprintf(skeyprompt, sizeof skeyprompt,
1.1 markus 149: "otp-%.*s %d %.*s",
150: SKEY_MAX_HASHNAME_LEN,
151: skey_get_algorithm(),
152: ptr, SKEY_MAX_SEED_LEN,
153: pbuf);
154: } else {
155: /* Base last 8 chars of seed on username */
156: u = username;
157: i = 8;
158: p = &pbuf[4];
159: do {
160: if (*u == 0) {
161: /* Pad remainder with zeros */
162: while (--i >= 0)
163: *p++ = '0';
164: break;
165: }
166:
167: *p++ = (*u++ % 10) + '0';
168: } while (--i != 0);
169: pbuf[12] = '\0';
170:
1.2 deraadt 171: (void)snprintf(skeyprompt, sizeof skeyprompt,
172: "otp-%.*s %d %.*s",
1.1 markus 173: SKEY_MAX_HASHNAME_LEN,
174: skey_get_algorithm(),
175: 99, SKEY_MAX_SEED_LEN, pbuf);
176: }
177: return skeyprompt;
178: }