cryb.to
/
cryb-otp
mirror of https://github.com/cryb-to/cryb-otp.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

wip

This commit is contained in:
Dag-Erling Smørgrav 2022-10-02 15:51:45 +02:00
parent 834040505c
commit 054bb5578c
10 changed files with 295 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -7,11 +7,11 @@
/config.sub
/configure
/depcomp
/test-driver
/install-sh
/libtool
/ltmain.sh
/missing
/test-driver
*~
.deps
.libs
@ -21,6 +21,7 @@
*.pc
*.o
*.trs
*.xz
Makefile
Makefile.in
test.cov

2
configure.ac
View File

@ -1,5 +1,5 @@
AC_PREREQ([2.69])
AC_INIT([cryb.otp], [0.20220916], [des@des.no], [cryb-otp], [http://cryb.to/])
AC_INIT([cryb.otp], [0.20221002], [des@des.no], [cryb-otp], [http://cryb.to/])
AC_CONFIG_SRCDIR([include/cryb/otp.h])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign no-dist-gzip dist-xz])

4
include/cryb/otp.h
View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2017 Dag-Erling Smørgrav
* Copyright (c) 2017-2022 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -34,6 +34,8 @@
#include <cryb/to.h>
#endif
#include <cryb/otp_store.h>
CRYB_BEGIN
const char *cryb_otp_version(void);

46
include/cryb/otp_constants.h Normal file
View File

@ -0,0 +1,46 @@
/*-
* Copyright (c) 2022 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef CRYB_OTP_CONSTANTS_H_INCLUDED
#define CRYB_OTP_CONSTANTS_H_INCLUDED
#ifndef CRYB_TO
#include <cryb/to.h>
#endif
CRYB_BEGIN
/*
* Maximum login length in characters, including terminating NUL.
*/
#define OTP_MAX_LOGINLEN 64
CRYB_END
#endif

59
include/cryb/otp_store.h Normal file
View File

@ -0,0 +1,59 @@
/*-
* Copyright (c) 2022 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef CRYB_OTP_STORE_H_INCLUDED
#define CRYB_OTP_STORE_H_INCLUDED
#ifndef CRYB_TO
#include <cryb/to.h>
#endif
CRYB_BEGIN
#define otp_key cryb_otp_key
#define otp_store cryb_otp_store
#define otp_store_open cryb_otp_store_open
#define otp_store_close cryb_otp_store_close
#define otp_store_has cryb_otp_store_has
#define otp_store_lock cryb_otp_store_lock
#define otp_store_release cryb_otp_store_release
#define otp_store_commit cryb_otp_store_commit
typedef struct otp_key otp_key;
typedef struct otp_store otp_store;
otp_store *otp_store_open(const char *);
otp_key *otp_store_has(otp_store *, const char *);
otp_key *otp_store_lock(otp_store *, const char *);
otp_key *otp_store_release(otp_store *, const char *);
otp_key *otp_store_commit(otp_store *, const char *);
CRYB_END
#endif

57
include/cryb/otp_types.h Normal file
View File

@ -0,0 +1,57 @@
/*-
* Copyright (c) 2022 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef CRYB_OTP_TYPES_H_INCLUDED
#define CRYB_OTP_TYPES_H_INCLUDED
#ifndef CRYB_TO
#include <cryb/to.h>
#endif
CRYB_BEGIN
#define otp_handle cryb_otp_handle
#define otp_id cryb_otp_id
/*
* OTP handle: pointer to opaque structure used by the storage backend.
*/
typedef void *otp_handle;
/*
* OTP identity
*/
typedef struct {
char login[OTP_MAX_LOGINLEN];
otp_handle handle;
} otp_id;
CRYB_END
#endif

34
lib/otp/cryb_otp_config.c Normal file
View File

@ -0,0 +1,34 @@
/*-
* Copyright (c) 2022 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "cryb/impl.h"
#include <cryb/oath.h>
#include <cryb/otp.h>

34
lib/otp/cryb_otp_configure.c Normal file
View File

@ -0,0 +1,34 @@
/*-
* Copyright (c) 2022 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "cryb/impl.h"
#include <cryb/oath.h>
#include <cryb/otp.h>

37
lib/otp/cryb_otp_store.c Normal file
View File

@ -0,0 +1,37 @@
/*-
* Copyright (c) 2022 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "cryb/impl.h"
#include <stddef.h>
#include <stdint.h>
#include <cryb/oath.h>
#include <cryb/otp.h>

28
sbin/otpradiusd/radius.c
View File

@ -1,5 +1,6 @@
/*-
* Copyright (c) 2018 The University of Oslo
* Copyright (c) 2019-2022 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -44,6 +45,8 @@
#include "otpradiusd.h"
#define DEBUG_PRINTF 1
static struct rad_msg_def {
const char *name;
} rad_msg_def[rmc_max] = {
@ -411,6 +414,16 @@ handle_access_request(rad_transaction *rx)
fprintf(stderr, "\"\n");
#endif
/*
* TODO:
*
* Create concept of keystore in libcryb-otp
* Configure / open keystore at start of otpradiusd
* On receipt of request, request key from keystore
* Verify request
* Report outcome to keystore
* Report outcome to client
*/
static int coin;
if ((coin = !coin)) {
/* accept */
@ -447,6 +460,7 @@ int
rad_handle(rad_transaction *rx)
{
rad_message *req, *rsp;
rad_msg_code rmc;
int ret;
req = &rx->request;
@ -460,18 +474,20 @@ rad_handle(rad_transaction *rx)
warnx("invalid length: %zu", rx->reqlen);
return (0);
}
warnx("request 0x%02x (%s) ident 0x%02x", req->code,
rad_msg_name(req->code), req->identifier);
rmc = req->code;
if (rmc >= rmc_max || rad_attr_def[rmc].name == NULL) {
warnx("unknown message 0x%02x", req->code);
return (-1);
}
warnx("request 0x%02x (%s) ident 0x%02x", rmc,
rad_msg_name(rmc), req->identifier);
memset(rsp, 0, sizeof *rsp);
rsp->identifier = req->identifier;
memcpy(rsp->authenticator, req->authenticator, 16);
switch ((rad_msg_code)req->code) {
switch (rmc) {
case rmc_access_request:
ret = handle_access_request(rx);
break;
default:
warnx("unsupported RADIUS code %u", req->code);
return (0);
}
if (ret > 0) {
rx->rsplen = ntohs(rsp->length);