1 /*
2  * Copyright (c) 1999-2002 Todd C. Miller <Todd.Miller@courtesan.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  *
16  * Sponsored in part by the Defense Advanced Research Projects
17  * Agency (DARPA) and Air Force Research Laboratory, Air Force
18  * Materiel Command, USAF, under agreement number F39502-99-1-0512.
19  */
20 
21 #include "config.h"
22 
23 #include <sys/types.h>
24 #include <sys/param.h>
25 #include <stdio.h>
26 #ifdef STDC_HEADERS
27 # include <stdlib.h>
28 # include <stddef.h>
29 #else
30 # ifdef HAVE_STDLIB_H
31 #  include <stdlib.h>
32 # endif
33 #endif /* STDC_HEADERS */
34 #ifdef HAVE_STRING_H
35 # if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
36 #  include <memory.h>
37 # endif
38 # include <string.h>
39 #else
40 # ifdef HAVE_STRINGS_H
41 #  include <strings.h>
42 # endif
43 #endif /* HAVE_STRING_H */
44 #ifdef HAVE_UNISTD_H
45 # include <unistd.h>
46 #endif /* HAVE_UNISTD_H */
47 #include <pwd.h>
48 #include <time.h>
49 #include <signal.h>
50 
51 #include "sudo.h"
52 #include "sudo_auth.h"
53 #include "insults.h"
54 
55 #ifndef lint
56 static const char rcsid[] = "$Sudo: sudo_auth.c,v 1.33 2004/02/13 21:36:47 millert Exp $";
57 #endif /* lint */
58 
59 sudo_auth auth_switch[] = {
60 #ifdef AUTH_STANDALONE
61     AUTH_STANDALONE
62 #else
63 #  ifndef WITHOUT_PASSWD
64     AUTH_ENTRY(0, "passwd", passwd_init, NULL, passwd_verify, NULL)
65 #  endif
66 #  if defined(HAVE_GETPRPWNAM) && !defined(WITHOUT_PASSWD)
67     AUTH_ENTRY(0, "secureware", secureware_init, NULL, secureware_verify, NULL)
68 #  endif
69 #  ifdef HAVE_AFS
70     AUTH_ENTRY(0, "afs", NULL, NULL, afs_verify, NULL)
71 #  endif
72 #  ifdef HAVE_DCE
73     AUTH_ENTRY(0, "dce", NULL, NULL, dce_verify, NULL)
74 #  endif
75 #  ifdef HAVE_KERB4
76     AUTH_ENTRY(0, "kerb4", kerb4_init, NULL, kerb4_verify, NULL)
77 #  endif
78 #  ifdef HAVE_KERB5
79     AUTH_ENTRY(0, "kerb5", kerb5_init, NULL, kerb5_verify, kerb5_cleanup)
80 #  endif
81 #  ifdef HAVE_SKEY
82     AUTH_ENTRY(0, "S/Key", NULL, rfc1938_setup, rfc1938_verify, NULL)
83 #  endif
84 #  ifdef HAVE_OPIE
85     AUTH_ENTRY(0, "OPIE", NULL, rfc1938_setup, rfc1938_verify, NULL)
86 #  endif
87 #endif /* AUTH_STANDALONE */
88     AUTH_ENTRY(0, NULL, NULL, NULL, NULL, NULL)
89 };
90 
91 int nil_pw;		/* I hate resorting to globals like this... */
92 
93 void
verify_user(pw,prompt)94 verify_user(pw, prompt)
95     struct passwd *pw;
96     char *prompt;
97 {
98     int counter = def_passwd_tries + 1;
99     int success = AUTH_FAILURE;
100     int status;
101     int flags;
102     char *p;
103     sudo_auth *auth;
104     sigaction_t sa, osa;
105 
106     /* Enable suspend during password entry. */
107     sigemptyset(&sa.sa_mask);
108     sa.sa_flags = SA_RESTART;
109     sa.sa_handler = SIG_DFL;
110     (void) sigaction(SIGTSTP, &sa, &osa);
111 
112     /* Make sure we have at least one auth method. */
113     if (auth_switch[0].name == NULL)
114     	log_error(0, "%s  %s %s",
115 	    "There are no authentication methods compiled into sudo!",
116 	    "If you want to turn off authentication, use the",
117 	    "--disable-authentication configure option.");
118 
119     /* Set FLAG_ONEANDONLY if there is only one auth method. */
120     if (auth_switch[1].name == NULL)
121 	SET(auth_switch[0].flags, FLAG_ONEANDONLY);
122 
123     /* Initialize auth methods and unconfigure the method if necessary. */
124     for (auth = auth_switch; auth->name; auth++) {
125 	if (auth->init && IS_CONFIGURED(auth)) {
126 	    if (NEEDS_USER(auth))
127 		set_perms(PERM_USER);
128 
129 	    status = (auth->init)(pw, &prompt, auth);
130 	    if (status == AUTH_FAILURE)
131 		CLR(auth->flags, FLAG_CONFIGURED);
132 	    else if (status == AUTH_FATAL)	/* XXX log */
133 		exit(1);		/* assume error msg already printed */
134 
135 	    if (NEEDS_USER(auth))
136 		set_perms(PERM_ROOT);
137 	}
138     }
139 
140     while (--counter) {
141 	/* Do any per-method setup and unconfigure the method if needed */
142 	for (auth = auth_switch; auth->name; auth++) {
143 	    if (auth->setup && IS_CONFIGURED(auth)) {
144 		if (NEEDS_USER(auth))
145 		    set_perms(PERM_USER);
146 
147 		status = (auth->setup)(pw, &prompt, auth);
148 		if (status == AUTH_FAILURE)
149 		    CLR(auth->flags, FLAG_CONFIGURED);
150 		else if (status == AUTH_FATAL)	/* XXX log */
151 		    exit(1);		/* assume error msg already printed */
152 
153 		if (NEEDS_USER(auth))
154 		    set_perms(PERM_ROOT);
155 	    }
156 	}
157 
158 	/* Get the password unless the auth function will do it for us */
159 	nil_pw = 0;
160 #ifdef AUTH_STANDALONE
161 	p = prompt;
162 #else
163 	p = (char *) tgetpass(prompt, def_passwd_timeout * 60,
164 	    tgetpass_flags);
165 	if (!p || *p == '\0')
166 	    nil_pw = 1;
167 #endif /* AUTH_STANDALONE */
168 
169 	/* Call authentication functions. */
170 	for (auth = auth_switch; p && auth->name; auth++) {
171 	    if (!IS_CONFIGURED(auth))
172 		continue;
173 
174 	    if (NEEDS_USER(auth))
175 		set_perms(PERM_USER);
176 
177 	    success = auth->status = (auth->verify)(pw, (char *)p, auth);
178 
179 	    if (NEEDS_USER(auth))
180 		set_perms(PERM_ROOT);
181 
182 	    if (auth->status != AUTH_FAILURE)
183 		goto cleanup;
184 	}
185 #ifndef AUTH_STANDALONE
186 	if (p)
187 	    zero_bytes(p, strlen(p));
188 #endif
189 
190 	/* Exit loop on nil password, but give it a chance to match first. */
191 	if (nil_pw) {
192 	    if (counter == def_passwd_tries)
193 		exit(1);
194 	    else
195 		break;
196 	}
197 
198 	pass_warn(stderr);
199     }
200 
201 cleanup:
202     /* Call cleanup routines. */
203     for (auth = auth_switch; auth->name; auth++) {
204 	if (auth->cleanup && IS_CONFIGURED(auth)) {
205 	    if (NEEDS_USER(auth))
206 		set_perms(PERM_USER);
207 
208 	    status = (auth->cleanup)(pw, auth);
209 	    if (status == AUTH_FATAL)	/* XXX log */
210 		exit(1);		/* assume error msg already printed */
211 
212 	    if (NEEDS_USER(auth))
213 		set_perms(PERM_ROOT);
214 	}
215     }
216 
217     switch (success) {
218 	case AUTH_SUCCESS:
219 	    (void) sigaction(SIGTSTP, &osa, NULL);
220 	    return;
221 	case AUTH_FAILURE:
222 	    if (def_mail_badpass || def_mail_always)
223 		flags = 0;
224 	    else
225 		flags = NO_MAIL;
226 	    log_error(flags, "%d incorrect password attempt%s",
227 		def_passwd_tries - counter,
228 		(def_passwd_tries - counter == 1) ? "" : "s");
229 	case AUTH_FATAL:
230 	    exit(1);
231     }
232     /* NOTREACHED */
233 }
234 
235 void
pass_warn(fp)236 pass_warn(fp)
237     FILE *fp;
238 {
239 
240 #ifdef INSULT
241     if (def_insults)
242 	(void) fprintf(fp, "%s\n", INSULT);
243     else
244 #endif
245 	(void) fprintf(fp, "%s\n", def_badpass_message);
246 }
247 
248 void
dump_auth_methods()249 dump_auth_methods()
250 {
251     sudo_auth *auth;
252 
253     (void) fputs("Authentication methods:", stdout);
254     for (auth = auth_switch; auth->name; auth++)
255         (void) printf(" '%s'", auth->name);
256     (void) putchar('\n');
257 }
258