source: openpam/trunk/modules/pam_oath/pam_oath.c @ 697

/*-
 * Copyright (c) 2012-2013 Universitetet i Oslo
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote
 *    products derived from this software without specific prior written
 *    permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * $Id: pam_oath.c 697 2013-08-15 16:24:28Z des $
 */

#ifdef HAVE_CONFIG_H
# include "config.h"
#endif

#include <limits.h>
#include <pwd.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT

#include <security/pam_modules.h>
#include <security/pam_appl.h>
#include <security/oath.h>

#define PAM_OATH_PROMPT "Verification code: "

enum pam_oath_nokey { nokey_error = -1, nokey_fail, nokey_fake, nokey_ignore };

static enum pam_oath_nokey
get_nokey_option(pam_handle_t *pamh, const char *option)
{
        const char *value;

        if ((value = openpam_get_option(pamh, option)) == NULL)
                return (nokey_fail);
        else if (strcmp(value, "fail") == 0)
                return (nokey_fail);
        else if (strcmp(value, "fake") == 0)
                return (nokey_fake);
        else if (strcmp(value, "ignore") == 0)
                return (nokey_ignore);
        openpam_log(PAM_LOG_ERROR, "the value of the %s option "
            "must be either 'fail', 'fake' or 'ignore'", option);
        return (nokey_error);
}

PAM_EXTERN int
pam_sm_authenticate(pam_handle_t *pamh, int flags,
        int argc, const char *argv[])
{
        enum pam_oath_nokey nokey, badkey;
        struct passwd *pwd;
        const char *user;
        char *keyfile;
        struct oath_key *key;
        unsigned long response;
        char *password, *end;
        int pam_err, ret;

        /* unused */
        (void)flags;
        (void)argc;
        (void)argv;

        /* check how to behave if the user does not have a valid key */
        if ((nokey = get_nokey_option(pamh, "nokey")) == nokey_error ||
            (badkey = get_nokey_option(pamh, "badkey")) == nokey_error)
                return (PAM_SERVICE_ERR);

        /* identify user */
        if ((pam_err = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS)
                return (pam_err);
        if ((pwd = getpwnam(user)) == NULL)
                return (PAM_USER_UNKNOWN);

        /* load key */
        /* XXX implement additional schemes */
        keyfile = calloc(1, strlen(pwd->pw_dir) + sizeof "/.otpauth");
        if (keyfile == NULL)
                return (PAM_SYSTEM_ERR);
        sprintf(keyfile, "%s/.otpauth", pwd->pw_dir);
        key = oath_key_from_file(keyfile);
        free(keyfile);

        /*
         * The user doesn't have a key, should we fake it?
         *
         * XXX implement badkey - currently, oath_key_from_file() doesn't
         * provide enough information for us to tell the difference
         * between a bad key and no key at all.
         */
        if (key == NULL) {
                switch (nokey) {
                case nokey_fail:
                        return (PAM_AUTHINFO_UNAVAIL);
                case nokey_fake:
                        key = oath_key_dummy(om_hotp, oh_sha1, 6);
                        break;
                case nokey_ignore:
                        return (PAM_IGNORE);
                default:
                        /* can't happen */
                        return (PAM_SERVICE_ERR);
                }
        }

        /* get user's response */
        pam_err = pam_get_authtok(pamh, PAM_AUTHTOK,
            (const char **)&password, PAM_OATH_PROMPT);
        if (pam_err != PAM_SUCCESS) {
                oath_key_free(key);
                return (pam_err);
        }

        /* convert to number */
        response = strtoul(password, &end, 10);
        if (end == password || *end != '\0')
                response = ULONG_MAX;

        /* verify response */
        if (key->mode == om_hotp)
                ret = oath_hotp_match(key, response, 1);
        else
                ret = oath_totp_match(key, response, 1);
        oath_key_free(key);
        if (ret != 1)
                return (PAM_AUTH_ERR);

        /* XXX write back */
        return (PAM_SUCCESS);
}

PAM_EXTERN int
pam_sm_setcred(pam_handle_t *pamh, int flags,
        int argc, const char *argv[])
{

        /* unused */
        (void)pamh;
        (void)flags;
        (void)argc;
        (void)argv;
        return (PAM_SUCCESS);
}

PAM_EXTERN int
pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
        int argc, const char *argv[])
{

        /* unused */
        (void)pamh;
        (void)flags;
        (void)argc;
        (void)argv;
        return (PAM_SUCCESS);
}

PAM_MODULE_ENTRY("pam_unix");