Annotation of embedaddon/sudo/plugins/sudoers/auth/dce.c, revision 1.1.1.2
1.1 misho 1: /*
2: * Copyright (c) 1996, 1998-2005, 2010-2011
3: * Todd C. Miller <Todd.Miller@courtesan.com>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
17: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
18: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
19: *
20: * Sponsored in part by the Defense Advanced Research Projects
21: * Agency (DARPA) and Air Force Research Laboratory, Air Force
22: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
23: */
24: /*
25: * The code below basically comes from the examples supplied on
26: * the OSF DCE 1.0.3 manpages for the sec_login routines, with
27: * enough additional polishing to make the routine work with the
28: * rest of sudo.
29: *
30: * This code is known to work on HP 700 and 800 series systems
31: * running HP-UX 9.X and 10.X, with either HP's version 1.2.1 of DCE.
32: * (aka, OSF DCE 1.0.3) or with HP's version 1.4 of DCE (aka, OSF
33: * DCE 1.1).
34: */
35:
36: #include <config.h>
37:
38: #include <sys/types.h>
39: #include <sys/param.h>
40: #include <stdio.h>
41: #ifdef STDC_HEADERS
42: # include <stdlib.h>
43: # include <stddef.h>
44: #else
45: # ifdef HAVE_STDLIB_H
46: # include <stdlib.h>
47: # endif
48: #endif /* STDC_HEADERS */
49: #ifdef HAVE_STRING_H
50: # include <string.h>
51: #endif /* HAVE_STRING_H */
52: #ifdef HAVE_STRINGS_H
53: # include <strings.h>
54: #endif /* HAVE_STRING_H */
55: #ifdef HAVE_UNISTD_H
56: # include <unistd.h>
57: #endif /* HAVE_UNISTD_H */
58: #include <pwd.h>
59:
60: #include <dce/rpc.h>
61: #include <dce/sec_login.h>
62: #include <dce/dce_error.h> /* required to call dce_error_inq_text routine */
63:
64: #include "sudoers.h"
65: #include "sudo_auth.h"
66:
67: static int check_dce_status(error_status_t, char *);
68:
69: int
1.1.1.2 ! misho 70: sudo_dce_verify(struct passwd *pw, char *plain_pw, sudo_auth *auth)
1.1 misho 71: {
72: struct passwd temp_pw;
73: sec_passwd_rec_t password_rec;
74: sec_login_handle_t login_context;
75: boolean32 reset_passwd;
76: sec_login_auth_src_t auth_src;
77: error_status_t status;
1.1.1.2 ! misho 78: debug_decl(sudo_dce_verify, SUDO_DEBUG_AUTH)
1.1 misho 79:
80: /*
81: * Create the local context of the DCE principal necessary
82: * to perform authenticated network operations. The network
83: * identity set up by this operation cannot be used until it
84: * is validated via sec_login_validate_identity().
85: */
86: if (sec_login_setup_identity((unsigned_char_p_t) pw->pw_name,
87: sec_login_no_flags, &login_context, &status)) {
88:
89: if (check_dce_status(status, "sec_login_setup_identity(1):"))
1.1.1.2 ! misho 90: debug_return_int(AUTH_FAILURE);
1.1 misho 91:
92: password_rec.key.key_type = sec_passwd_plain;
93: password_rec.key.tagged_union.plain = (idl_char *) plain_pw;
94: password_rec.pepper = NULL;
95: password_rec.version_number = sec_passwd_c_version_none;
96:
97: /* Validate the login context with the password */
98: if (sec_login_validate_identity(login_context, &password_rec,
99: &reset_passwd, &auth_src, &status)) {
100:
101: if (check_dce_status(status, "sec_login_validate_identity(1):"))
1.1.1.2 ! misho 102: debug_return_int(AUTH_FAILURE);
1.1 misho 103:
104: /*
105: * Certify that the DCE Security Server used to set
106: * up and validate a login context is legitimate. Makes
107: * sure that we didn't get spoofed by another DCE server.
108: */
109: if (!sec_login_certify_identity(login_context, &status)) {
110: (void) fprintf(stderr, "Whoa! Bogus authentication server!\n");
111: (void) check_dce_status(status,"sec_login_certify_identity(1):");
1.1.1.2 ! misho 112: debug_return_int(AUTH_FAILURE);
1.1 misho 113: }
114: if (check_dce_status(status, "sec_login_certify_identity(2):"))
1.1.1.2 ! misho 115: debug_return_int(AUTH_FAILURE);
1.1 misho 116:
117: /*
118: * Sets the network credentials to those specified
119: * by the now validated login context.
120: */
121: sec_login_set_context(login_context, &status);
122: if (check_dce_status(status, "sec_login_set_context:"))
1.1.1.2 ! misho 123: debug_return_int(AUTH_FAILURE);
1.1 misho 124:
125: /*
126: * Oops, your credentials were no good. Possibly
127: * caused by clock times out of adjustment between
128: * DCE client and DCE security server...
129: */
130: if (auth_src != sec_login_auth_src_network) {
131: (void) fprintf(stderr,
132: "You have no network credentials.\n");
1.1.1.2 ! misho 133: debug_return_int(AUTH_FAILURE);
1.1 misho 134: }
135: /* Check if the password has aged and is thus no good */
136: if (reset_passwd) {
137: (void) fprintf(stderr,
138: "Your DCE password needs resetting.\n");
1.1.1.2 ! misho 139: debug_return_int(AUTH_FAILURE);
1.1 misho 140: }
141:
142: /*
143: * We should be a valid user by this point. Pull the
144: * user's password structure from the DCE security
145: * server just to make sure. If we get it with no
146: * problems, then we really are legitimate...
147: */
148: sec_login_get_pwent(login_context, (sec_login_passwd_t) &temp_pw,
149: &status);
150: if (check_dce_status(status, "sec_login_get_pwent:"))
1.1.1.2 ! misho 151: debug_return_int(AUTH_FAILURE);
1.1 misho 152:
153: /*
154: * If we get to here, then the pwent above properly fetched
155: * the password structure from the DCE registry, so the user
156: * must be valid. We don't really care what the user's
157: * registry password is, just that the user could be
158: * validated. In fact, if we tried to compare the local
159: * password to the DCE entry at this point, the operation
160: * would fail if the hidden password feature is turned on,
161: * because the password field would contain an asterisk.
162: * Also go ahead and destroy the user's DCE login context
163: * before we leave here (and don't bother checking the
164: * status), in order to clean up credentials files in
165: * /opt/dcelocal/var/security/creds. By doing this, we are
166: * assuming that the user will not need DCE authentication
167: * later in the program, only local authentication. If this
168: * is not true, then the login_context will have to be
169: * returned to the calling program, and the context purged
170: * somewhere later in the program.
171: */
172: sec_login_purge_context(&login_context, &status);
1.1.1.2 ! misho 173: debug_return_int(AUTH_SUCCESS);
1.1 misho 174: } else {
175: if(check_dce_status(status, "sec_login_validate_identity(2):"))
1.1.1.2 ! misho 176: debug_return_int(AUTH_FAILURE);
1.1 misho 177: sec_login_purge_context(&login_context, &status);
178: if(check_dce_status(status, "sec_login_purge_context:"))
1.1.1.2 ! misho 179: debug_return_int(AUTH_FAILURE);
1.1 misho 180: }
181: }
182: (void) check_dce_status(status, "sec_login_setup_identity(2):");
1.1.1.2 ! misho 183: debug_return_int(AUTH_FAILURE);
1.1 misho 184: }
185:
186: /* Returns 0 for DCE "ok" status, 1 otherwise */
187: static int
188: check_dce_status(error_status_t input_status, char *comment)
189: {
190: int error_stat;
191: unsigned char error_string[dce_c_error_string_len];
1.1.1.2 ! misho 192: debug_decl(check_dce_status, SUDO_DEBUG_AUTH)
1.1 misho 193:
194: if (input_status == rpc_s_ok)
1.1.1.2 ! misho 195: debug_return_bool(0);
1.1 misho 196: dce_error_inq_text(input_status, error_string, &error_stat);
197: (void) fprintf(stderr, "%s %s\n", comment, error_string);
1.1.1.2 ! misho 198: debug_return_bool(1);
1.1 misho 199: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>