/* * 4th Edition p9any/p9sk1 authentication based on auth9p1.c * Nigel Roles (nigel@9fs.org) 2003 */ #include <plan9.h> #include <fcall.h> #include <u9fs.h> #include <stdlib.h> /* for random stuff */ typedef struct Ticket Ticket; typedef struct Ticketreq Ticketreq; typedef struct Authenticator Authenticator; enum { DOMLEN= 48, /* length of an authentication domain name */ CHALLEN= 8 /* length of a challenge */ }; enum { HaveProtos, NeedProto, NeedChal, HaveTreq, NeedTicket, HaveAuth, Established, }; /* encryption numberings (anti-replay) */ enum { AuthTreq=1, /* ticket request */ AuthChal=2, /* challenge box request */ AuthPass=3, /* change password */ AuthOK=4, /* fixed length reply follows */ AuthErr=5, /* error follows */ AuthMod=6, /* modify user */ AuthApop=7, /* apop authentication for pop3 */ AuthOKvar=9, /* variable length reply follows */ AuthChap=10, /* chap authentication for ppp */ AuthMSchap=11, /* MS chap authentication for ppp */ AuthCram=12, /* CRAM verification for IMAP (RFC2195 & rfc2104) */ AuthHttp=13, /* http domain login */ AuthVNC=14, /* http domain login */ AuthTs=64, /* ticket encrypted with server's key */ AuthTc, /* ticket encrypted with client's key */ AuthAs, /* server generated authenticator */ AuthAc, /* client generated authenticator */ AuthTp, /* ticket encrypted with client's key for password change */ AuthHr /* http reply */ }; struct Ticketreq { char type; char authid[NAMELEN]; /* server's encryption id */ char authdom[DOMLEN]; /* server's authentication domain */ char chal[CHALLEN]; /* challenge from server */ char hostid[NAMELEN]; /* host's encryption id */ char uid[NAMELEN]; /* uid of requesting user on host */ }; #define TICKREQLEN (3*NAMELEN+CHALLEN+DOMLEN+1) struct Ticket { char num; /* replay protection */ char chal[CHALLEN]; /* server challenge */ char cuid[NAMELEN]; /* uid on client */ char suid[NAMELEN]; /* uid on server */ char key[DESKEYLEN]; /* nonce DES key */ }; #define TICKETLEN (CHALLEN+2*NAMELEN+DESKEYLEN+1) struct Authenticator { char num; /* replay protection */ char chal[CHALLEN]; ulong id; /* authenticator id, ++'d with each auth */ }; #define AUTHENTLEN (CHALLEN+4+1) extern int chatty9p; static int convT2M(Ticket*, char*, char*); static void convM2T(char*, Ticket*, char*); static void convM2Tnoenc(char*, Ticket*); static int convA2M(Authenticator*, char*, char*); static void convM2A(char*, Authenticator*, char*); static int convTR2M(Ticketreq*, char*); static void convM2TR(char*, Ticketreq*); static int passtokey(char*, char*); /* * destructively encrypt the buffer, which * must be at least 8 characters long. */ static int encrypt9p(void *key, void *vbuf, int n) { char ekey[128], *buf; int i, r; if(n < 8) return 0; key_setup(key, ekey); buf = vbuf; n--; r = n % 7; n /= 7; for(i = 0; i < n; i++){ block_cipher(ekey, buf, 0); buf += 7; } if(r) block_cipher(ekey, buf - 7 + r, 0); return 1; } /* * destructively decrypt the buffer, which * must be at least 8 characters long. */ static int decrypt9p(void *key, void *vbuf, int n) { char ekey[128], *buf; int i, r; if(n < 8) return 0; key_setup(key, ekey); buf = vbuf; n--; r = n % 7; n /= 7; buf += n * 7; if(r) block_cipher(ekey, buf - 7 + r, 1); for(i = 0; i < n; i++){ buf -= 7; block_cipher(ekey, buf, 1); } return 1; } #define CHAR(x) *p++ = f->x #define SHORT(x) p[0] = f->x; p[1] = f->x>>8; p += 2 #define VLONG(q) p[0] = (q); p[1] = (q)>>8; p[2] = (q)>>16; p[3] = (q)>>24; p += 4 #define LONG(x) VLONG(f->x) #define STRING(x,n) memmove(p, f->x, n); p += n static int convTR2M(Ticketreq *f, char *ap) { int n; uchar *p; p = (uchar*)ap; CHAR(type); STRING(authid, NAMELEN); STRING(authdom, DOMLEN); STRING(chal, CHALLEN); STRING(hostid, NAMELEN); STRING(uid, NAMELEN); n = p - (uchar*)ap; return n; } static int convT2M(Ticket *f, char *ap, char *key) { int n; uchar *p; p = (uchar*)ap; CHAR(num); STRING(chal, CHALLEN); STRING(cuid, NAMELEN); STRING(suid, NAMELEN); STRING(key, DESKEYLEN); n = p - (uchar*)ap; if(key) encrypt9p(key, ap, n); return n; } int convA2M(Authenticator *f, char *ap, char *key) { int n; uchar *p; p = (uchar*)ap; CHAR(num); STRING(chal, CHALLEN); LONG(id); n = p - (uchar*)ap; if(key) encrypt9p(key, ap, n); return n; } #undef CHAR #undef SHORT #undef VLONG #undef LONG #undef STRING #define CHAR(x) f->x = *p++ #define SHORT(x) f->x = (p[0] | (p[1]<<8)); p += 2 #define VLONG(q) q = (p[0] | (p[1]<<8) | (p[2]<<16) | (p[3]<<24)); p += 4 #define LONG(x) VLONG(f->x) #define STRING(x,n) memmove(f->x, p, n); p += n void convM2A(char *ap, Authenticator *f, char *key) { uchar *p; if(key) decrypt9p(key, ap, AUTHENTLEN); p = (uchar*)ap; CHAR(num); STRING(chal, CHALLEN); LONG(id); USED(p); } void convM2T(char *ap, Ticket *f, char *key) { uchar *p; if(key) decrypt9p(key, ap, TICKETLEN); p = (uchar*)ap; CHAR(num); STRING(chal, CHALLEN); STRING(cuid, NAMELEN); f->cuid[NAMELEN-1] = 0; STRING(suid, NAMELEN); f->suid[NAMELEN-1] = 0; STRING(key, DESKEYLEN); USED(p); } #undef CHAR #undef SHORT #undef LONG #undef VLONG #undef STRING static int passtokey(char *key, char *p) { uchar buf[NAMELEN], *t; int i, n; n = strlen(p); if(n >= NAMELEN) n = NAMELEN-1; memset(buf, ' ', 8); t = buf; strncpy((char*)t, p, n); t[n] = 0; memset(key, 0, DESKEYLEN); for(;;){ for(i = 0; i < DESKEYLEN; i++) key[i] = (t[i] >> i) + (t[i+1] << (8 - (i+1))); if(n <= 8) return 1; n -= 8; t += 8; if(n < 8){ t -= 8 - n; n = 8; } encrypt9p(key, t, 8); } return 1; /* not reached */ } static char authkey[DESKEYLEN]; static char *authid; static char *authdom; static char *haveprotosmsg; static char *needprotomsg; static void p9anyinit(void) { int n, fd; char abuf[200]; char *af, *f[4]; af = autharg; if(af == nil) af = "/etc/u9fs.key"; if((fd = open(af, OREAD)) < 0) sysfatal("can't open key file '%s'", af); if((n = readn(fd, abuf, sizeof(abuf)-1)) < 0) sysfatal("can't read key file '%s'", af); if (n > 0 && abuf[n - 1] == '\n') n--; abuf[n] = '\0'; if(getfields(abuf, f, nelem(f), 0, "\n") != 3) sysfatal("key file '%s' not exactly 3 lines", af); passtokey(authkey, f[0]); authid = strdup(f[1]); authdom = strdup(f[2]); haveprotosmsg = malloc(strlen("p9sk1") + 1 + strlen(authdom) + 1); sprint(haveprotosmsg, "p9sk1@%s", authdom); needprotomsg = malloc(strlen("p9sk1") + 1 + strlen(authdom) + 1); sprint(needprotomsg, "p9sk1 %s", authdom); } typedef struct AuthSession { int state; char *uname; char *aname; char cchal[CHALLEN]; Ticketreq tr; Ticket t; } AuthSession; static char* p9anyauth(Fcall *rx, Fcall *tx) { AuthSession *sp; Fid *f; char *ep; sp = malloc(sizeof(AuthSession)); f = newauthfid(rx->afid, sp, &ep); if (f == nil) { free(sp); return ep; } if (chatty9p) fprint(2, "p9anyauth: afid %d\n", rx->afid); sp->state = HaveProtos; sp->uname = strdup(rx->uname); sp->aname = strdup(rx->aname); tx->aqid.type = QTAUTH; tx->aqid.path = 1; tx->aqid.vers = 0; return nil; } static char * p9anyattach(Fcall *rx, Fcall *tx) { AuthSession *sp; Fid *f; char *ep; f = oldauthfid(rx->afid, (void **)&sp, &ep); if (f == nil) return ep; if (chatty9p) fprint(2, "p9anyattach: afid %d state %d\n", rx->afid, sp->state); if (sp->state == Established && strcmp(rx->uname, sp->uname) == 0 && strcmp(rx->aname, sp->aname) == 0) return nil; return "authentication failed"; } static int readstr(Fcall *rx, Fcall *tx, char *s, int len) { if (rx->offset >= len) return 0; tx->count = len - rx->offset; if (tx->count > rx->count) tx->count = rx->count; memcpy(tx->data, s + rx->offset, tx->count); return tx->count; } static char * p9anyread(Fcall *rx, Fcall *tx) { AuthSession *sp; char *ep; Fid *f; f = oldauthfid(rx->afid, (void **)&sp, &ep); if (f == nil) return ep; if (chatty9p) fprint(2, "p9anyread: afid %d state %d\n", rx->fid, sp->state); switch (sp->state) { case HaveProtos: readstr(rx, tx, haveprotosmsg, strlen(haveprotosmsg) + 1); if (rx->offset + tx->count == strlen(haveprotosmsg) + 1) sp->state = NeedProto; return nil; case HaveTreq: if (rx->count != TICKREQLEN) goto botch; convTR2M(&sp->tr, tx->data); tx->count = TICKREQLEN; sp->state = NeedTicket; return nil; case HaveAuth: { Authenticator a; if (rx->count != AUTHENTLEN) goto botch; a.num = AuthAs; memmove(a.chal, sp->cchal, CHALLEN); a.id = 0; convA2M(&a, (char*)tx->data, sp->t.key); memset(sp->t.key, 0, sizeof(sp->t.key)); tx->count = rx->count; sp->state = Established; return nil; } default: botch: return "protocol botch"; } } static char * p9anywrite(Fcall *rx, Fcall *tx) { AuthSession *sp; char *ep; Fid *f; f = oldauthfid(rx->afid, (void **)&sp, &ep); if (f == nil) return ep; if (chatty9p) fprint(2, "p9anywrite: afid %d state %d\n", rx->fid, sp->state); switch (sp->state) { case NeedProto: if (rx->count != strlen(needprotomsg) + 1) return "protocol response wrong length"; if (memcmp(rx->data, needprotomsg, rx->count) != 0) return "unacceptable protocol"; sp->state = NeedChal; tx->count = rx->count; return nil; case NeedChal: if (rx->count != CHALLEN) goto botch; memmove(sp->cchal, rx->data, CHALLEN); sp->tr.type = AuthTreq; safecpy(sp->tr.authid, authid, sizeof(sp->tr.authid)); safecpy(sp->tr.authdom, authdom, sizeof(sp->tr.authdom)); randombytes((uchar *)sp->tr.chal, CHALLEN); safecpy(sp->tr.hostid, "", sizeof(sp->tr.hostid)); safecpy(sp->tr.uid, "", sizeof(sp->tr.uid)); tx->count = rx->count; sp->state = HaveTreq; return nil; case NeedTicket: { Authenticator a; if (rx->count != TICKETLEN + AUTHENTLEN) { fprint(2, "bad length in attach"); goto botch; } convM2T((char*)rx->data, &sp->t, authkey); if (sp->t.num != AuthTs) { fprint(2, "bad AuthTs in attach\n"); goto botch; } if (memcmp(sp->t.chal, sp->tr.chal, CHALLEN) != 0) { fprint(2, "bad challenge in attach\n"); goto botch; } convM2A((char*)rx->data + TICKETLEN, &a, sp->t.key); if (a.num != AuthAc) { fprint(2, "bad AuthAs in attach\n"); goto botch; } if(memcmp(a.chal, sp->tr.chal, CHALLEN) != 0) { fprint(2, "bad challenge in attach 2\n"); goto botch; } sp->state = HaveAuth; tx->count = rx->count; return nil; } default: botch: return "protocol botch"; } } static void safefree(char *p) { if (p) { memset(p, 0, strlen(p)); free(p); } } static char * p9anyclunk(Fcall *rx, Fcall *tx) { Fid *f; AuthSession *sp; char *ep; f = oldauthfid(rx->afid, (void **)&sp, &ep); if (f == nil) return ep; if (chatty9p) fprint(2, "p9anyclunk: afid %d\n", rx->fid); safefree(sp->uname); safefree(sp->aname); memset(sp, 0, sizeof(sp)); free(sp); return nil; } Auth authp9any = { "p9any", p9anyauth, p9anyattach, p9anyinit, p9anyread, p9anywrite, p9anyclunk, };