Add the DragonFly cvs id and perform general cleanups on cvs/rcs/sccs ids. Most
[dragonfly.git] / lib / libtacplus / taclib.c
CommitLineData
984263bc
MD
1/*-
2 * Copyright (c) 1998, 2001, 2002, Juniper Networks, Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $FreeBSD: src/lib/libtacplus/taclib.c,v 1.2.2.2 2002/10/09 08:50:42 pst Exp $
1de703da 27 * $DragonFly: src/lib/libtacplus/taclib.c,v 1.2 2003/06/17 04:26:51 dillon Exp $
984263bc
MD
28 */
29
30#include <sys/types.h>
31#include <sys/socket.h>
32#include <sys/time.h>
33#include <netinet/in.h>
34#include <arpa/inet.h>
35
36#include <assert.h>
37#include <errno.h>
38#include <fcntl.h>
39#include <md5.h>
40#include <netdb.h>
41#include <stdarg.h>
42#include <stddef.h>
43#include <stdio.h>
44#include <stdlib.h>
45#include <string.h>
46#include <unistd.h>
47
48#include "taclib_private.h"
49
50static int add_str_8(struct tac_handle *, u_int8_t *,
51 struct clnt_str *);
52static int add_str_16(struct tac_handle *, u_int16_t *,
53 struct clnt_str *);
54static int protocol_version(int, int, int);
55static void close_connection(struct tac_handle *);
56static int conn_server(struct tac_handle *);
57static void crypt_msg(struct tac_handle *, struct tac_msg *);
58static void *dup_str(struct tac_handle *, const struct srvr_str *,
59 size_t *);
60static int establish_connection(struct tac_handle *);
61static void free_str(struct clnt_str *);
62static void generr(struct tac_handle *, const char *, ...)
63 __printflike(2, 3);
64static void gen_session_id(struct tac_msg *);
65static int get_srvr_end(struct tac_handle *);
66static int get_srvr_str(struct tac_handle *, const char *,
67 struct srvr_str *, size_t);
68static void init_clnt_str(struct clnt_str *);
69static void init_srvr_str(struct srvr_str *);
70static int read_timed(struct tac_handle *, void *, size_t,
71 const struct timeval *);
72static int recv_msg(struct tac_handle *);
73static int save_str(struct tac_handle *, struct clnt_str *,
74 const void *, size_t);
75static int send_msg(struct tac_handle *);
76static int split(char *, char *[], int, char *, size_t);
77static void *xmalloc(struct tac_handle *, size_t);
78static char *xstrdup(struct tac_handle *, const char *);
79static void clear_srvr_avs(struct tac_handle *);
80static void create_msg(struct tac_handle *, int, int, int);
81
82/*
83 * Append some optional data to the current request, and store its
84 * length into the 8-bit field referenced by "fld". Returns 0 on
85 * success, or -1 on failure.
86 *
87 * This function also frees the "cs" string data and initializes it
88 * for the next time.
89 */
90static int
91add_str_8(struct tac_handle *h, u_int8_t *fld, struct clnt_str *cs)
92{
93 u_int16_t len;
94
95 if (add_str_16(h, &len, cs) == -1)
96 return -1;
97 len = ntohs(len);
98 if (len > 0xff) {
99 generr(h, "Field too long");
100 return -1;
101 }
102 *fld = len;
103 return 0;
104}
105
106/*
107 * Append some optional data to the current request, and store its
108 * length into the 16-bit field (network byte order) referenced by
109 * "fld". Returns 0 on success, or -1 on failure.
110 *
111 * This function also frees the "cs" string data and initializes it
112 * for the next time.
113 */
114static int
115add_str_16(struct tac_handle *h, u_int16_t *fld, struct clnt_str *cs)
116{
117 size_t len;
118
119 len = cs->len;
120 if (cs->data == NULL)
121 len = 0;
122 if (len != 0) {
123 int offset;
124
125 if (len > 0xffff) {
126 generr(h, "Field too long");
127 return -1;
128 }
129 offset = ntohl(h->request.length);
130 if (offset + len > BODYSIZE) {
131 generr(h, "Message too long");
132 return -1;
133 }
134 memcpy(h->request.u.body + offset, cs->data, len);
135 h->request.length = htonl(offset + len);
136 }
137 *fld = htons(len);
138 free_str(cs);
139 return 0;
140}
141
142static int
143protocol_version(int msg_type, int var, int type)
144{
145 int minor;
146
147 switch (msg_type) {
148 case TAC_AUTHEN:
149 /* 'var' represents the 'action' */
150 switch (var) {
151 case TAC_AUTHEN_LOGIN:
152 switch (type) {
153
154 case TAC_AUTHEN_TYPE_PAP:
155 case TAC_AUTHEN_TYPE_CHAP:
156 case TAC_AUTHEN_TYPE_MSCHAP:
157 case TAC_AUTHEN_TYPE_ARAP:
158 minor = 1;
159 break;
160
161 default:
162 minor = 0;
163 break;
164 }
165 break;
166
167 case TAC_AUTHEN_SENDAUTH:
168 minor = 1;
169 break;
170
171 default:
172 minor = 0;
173 break;
174 };
175 break;
176
177 case TAC_AUTHOR:
178 /* 'var' represents the 'method' */
179 switch (var) {
180 /*
181 * When new authentication methods are added, include 'method'
182 * in determining the value of 'minor'. At this point, all
183 * methods defined in this implementation (see "Authorization
184 * authentication methods" in taclib.h) are minor version 0
185 * Not all types, however, indicate minor version 0.
186 */
187 case TAC_AUTHEN_METH_NOT_SET:
188 case TAC_AUTHEN_METH_NONE:
189 case TAC_AUTHEN_METH_KRB5:
190 case TAC_AUTHEN_METH_LINE:
191 case TAC_AUTHEN_METH_ENABLE:
192 case TAC_AUTHEN_METH_LOCAL:
193 case TAC_AUTHEN_METH_TACACSPLUS:
194 case TAC_AUTHEN_METH_RCMD:
195 switch (type) {
196 case TAC_AUTHEN_TYPE_PAP:
197 case TAC_AUTHEN_TYPE_CHAP:
198 case TAC_AUTHEN_TYPE_MSCHAP:
199 case TAC_AUTHEN_TYPE_ARAP:
200 minor = 1;
201 break;
202
203 default:
204 minor = 0;
205 break;
206 }
207 break;
208 default:
209 minor = 0;
210 break;
211 }
212 break;
213
214 default:
215 minor = 0;
216 break;
217 }
218
219 return TAC_VER_MAJOR << 4 | minor;
220}
221
222
223static void
224close_connection(struct tac_handle *h)
225{
226 if (h->fd != -1) {
227 close(h->fd);
228 h->fd = -1;
229 }
230}
231
232static int
233conn_server(struct tac_handle *h)
234{
235 const struct tac_server *srvp = &h->servers[h->cur_server];
236 int flags;
237
238 if ((h->fd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) == -1) {
239 generr(h, "Cannot create socket: %s", strerror(errno));
240 return -1;
241 }
242 if ((flags = fcntl(h->fd, F_GETFL, 0)) == -1 ||
243 fcntl(h->fd, F_SETFL, flags | O_NONBLOCK) == -1) {
244 generr(h, "Cannot set non-blocking mode on socket: %s",
245 strerror(errno));
246 close(h->fd);
247 h->fd = -1;
248 return -1;
249 }
250 if (connect(h->fd, (struct sockaddr *)&srvp->addr,
251 sizeof srvp->addr) == 0)
252 return 0;
253
254 if (errno == EINPROGRESS) {
255 fd_set wfds;
256 struct timeval tv;
257 int nfds;
258 struct sockaddr peer;
259 int peerlen;
260 int err;
261 int errlen;
262
263 /* Wait for the connection to complete. */
264 FD_ZERO(&wfds);
265 FD_SET(h->fd, &wfds);
266 tv.tv_sec = srvp->timeout;
267 tv.tv_usec = 0;
268 nfds = select(h->fd + 1, NULL, &wfds, NULL, &tv);
269 if (nfds == -1) {
270 generr(h, "select: %s", strerror(errno));
271 close(h->fd);
272 h->fd = -1;
273 return -1;
274 }
275 if (nfds == 0) {
276 generr(h, "connect: timed out");
277 close(h->fd);
278 h->fd = -1;
279 return -1;
280 }
281
282 /* See whether we are connected now. */
283 peerlen = sizeof peer;
284 if (getpeername(h->fd, &peer, &peerlen) == 0)
285 return 0;
286
287 if (errno != ENOTCONN) {
288 generr(h, "getpeername: %s", strerror(errno));
289 close(h->fd);
290 h->fd = -1;
291 return -1;
292 }
293
294 /* Find out why the connect failed. */
295 errlen = sizeof err;
296 getsockopt(h->fd, SOL_SOCKET, SO_ERROR, &err, &errlen);
297 errno = err;
298 }
299 generr(h, "connect: %s", strerror(errno));
300 close(h->fd);
301 h->fd = -1;
302 return -1;
303}
304
305/*
306 * Encrypt or decrypt a message. The operations are symmetrical.
307 */
308static void
309crypt_msg(struct tac_handle *h, struct tac_msg *msg)
310{
311 const char *secret;
312 MD5_CTX base_ctx;
313 MD5_CTX ctx;
314 unsigned char md5[16];
315 int chunk;
316 int msg_len;
317
318 secret = h->servers[h->cur_server].secret;
319 if (secret[0] == '\0')
320 msg->flags |= TAC_UNENCRYPTED;
321 if (msg->flags & TAC_UNENCRYPTED)
322 return;
323
324 msg_len = ntohl(msg->length);
325
326 MD5Init(&base_ctx);
327 MD5Update(&base_ctx, msg->session_id, sizeof msg->session_id);
328 MD5Update(&base_ctx, secret, strlen(secret));
329 MD5Update(&base_ctx, &msg->version, sizeof msg->version);
330 MD5Update(&base_ctx, &msg->seq_no, sizeof msg->seq_no);
331
332 ctx = base_ctx;
333 for (chunk = 0; chunk < msg_len; chunk += sizeof md5) {
334 int chunk_len;
335 int i;
336
337 MD5Final(md5, &ctx);
338
339 if ((chunk_len = msg_len - chunk) > sizeof md5)
340 chunk_len = sizeof md5;
341 for (i = 0; i < chunk_len; i++)
342 msg->u.body[chunk + i] ^= md5[i];
343
344 ctx = base_ctx;
345 MD5Update(&ctx, md5, sizeof md5);
346 }
347}
348
349/*
350 * Return a dynamically allocated copy of the given server string.
351 * The copy is null-terminated. If "len" is non-NULL, the length of
352 * the string (excluding the terminating null byte) is stored via it.
353 * Returns NULL on failure. Empty strings are still allocated even
354 * though they have no content.
355 */
356static void *
357dup_str(struct tac_handle *h, const struct srvr_str *ss, size_t *len)
358{
359 unsigned char *p;
360
361 if ((p = (unsigned char *)xmalloc(h, ss->len + 1)) == NULL)
362 return NULL;
363 if (ss->data != NULL && ss->len != 0)
364 memcpy(p, ss->data, ss->len);
365 p[ss->len] = '\0';
366 if (len != NULL)
367 *len = ss->len;
368 return p;
369}
370
371static int
372establish_connection(struct tac_handle *h)
373{
374 int i;
375
376 if (h->fd >= 0) /* Already connected. */
377 return 0;
378 if (h->num_servers == 0) {
379 generr(h, "No TACACS+ servers specified");
380 return -1;
381 }
382 /*
383 * Try the servers round-robin. We begin with the one that
384 * worked for us the last time. That way, once we find a good
385 * server, we won't waste any more time trying the bad ones.
386 */
387 for (i = 0; i < h->num_servers; i++) {
388 if (conn_server(h) == 0) {
389 h->single_connect = (h->servers[h->cur_server].flags &
390 TAC_SRVR_SINGLE_CONNECT) != 0;
391 return 0;
392 }
393 if (++h->cur_server >= h->num_servers) /* Wrap around */
394 h->cur_server = 0;
395 }
396 /* Just return whatever error was last reported by conn_server(). */
397 return -1;
398}
399
400/*
401 * Free a client string, obliterating its contents first for security.
402 */
403static void
404free_str(struct clnt_str *cs)
405{
406 if (cs->data != NULL) {
407 memset(cs->data, 0, cs->len);
408 free(cs->data);
409 cs->data = NULL;
410 cs->len = 0;
411 }
412}
413
414static void
415generr(struct tac_handle *h, const char *format, ...)
416{
417 va_list ap;
418
419 va_start(ap, format);
420 vsnprintf(h->errmsg, ERRSIZE, format, ap);
421 va_end(ap);
422}
423
424static void
425gen_session_id(struct tac_msg *msg)
426{
427 int r;
428
429 r = random();
430 msg->session_id[0] = r >> 8;
431 msg->session_id[1] = r;
432 r = random();
433 msg->session_id[2] = r >> 8;
434 msg->session_id[3] = r;
435}
436
437/*
438 * Verify that we are exactly at the end of the response message.
439 * Returns 0 on success, -1 on failure.
440 */
441static int
442get_srvr_end(struct tac_handle *h)
443{
444 int len;
445
446 len = ntohl(h->response.length);
447
448 if (h->srvr_pos != len) {
449 generr(h, "Invalid length field in response "
450 "from server: end expected at %u, response length %u",
451 h->srvr_pos, len);
452 return -1;
453 }
454 return 0;
455}
456
457static int
458get_srvr_str(struct tac_handle *h, const char *field,
459 struct srvr_str *ss, size_t len)
460{
461 if (h->srvr_pos + len > ntohl(h->response.length)) {
462 generr(h, "Invalid length field in %s response from server "
463 "(%lu > %lu)", field, (u_long)(h->srvr_pos + len),
464 (u_long)ntohl(h->response.length));
465 return -1;
466 }
467 ss->data = len != 0 ? h->response.u.body + h->srvr_pos : NULL;
468 ss->len = len;
469 h->srvr_pos += len;
470 return 0;
471}
472
473static void
474init_clnt_str(struct clnt_str *cs)
475{
476 cs->data = NULL;
477 cs->len = 0;
478}
479
480static void
481init_srvr_str(struct srvr_str *ss)
482{
483 ss->data = NULL;
484 ss->len = 0;
485}
486
487static int
488read_timed(struct tac_handle *h, void *buf, size_t len,
489 const struct timeval *deadline)
490{
491 char *ptr;
492
493 ptr = (char *)buf;
494 while (len > 0) {
495 int n;
496
497 n = read(h->fd, ptr, len);
498 if (n == -1) {
499 struct timeval tv;
500 int nfds;
501
502 if (errno != EAGAIN) {
503 generr(h, "Network read error: %s",
504 strerror(errno));
505 return -1;
506 }
507
508 /* Wait until we can read more data. */
509 gettimeofday(&tv, NULL);
510 timersub(deadline, &tv, &tv);
511 if (tv.tv_sec >= 0) {
512 fd_set rfds;
513
514 FD_ZERO(&rfds);
515 FD_SET(h->fd, &rfds);
516 nfds =
517 select(h->fd + 1, &rfds, NULL, NULL, &tv);
518 if (nfds == -1) {
519 generr(h, "select: %s",
520 strerror(errno));
521 return -1;
522 }
523 } else
524 nfds = 0;
525 if (nfds == 0) {
526 generr(h, "Network read timed out");
527 return -1;
528 }
529 } else if (n == 0) {
530 generr(h, "unexpected EOF from server");
531 return -1;
532 } else {
533 ptr += n;
534 len -= n;
535 }
536 }
537 return 0;
538}
539
540/*
541 * Receive a response from the server and decrypt it. Returns 0 on
542 * success, or -1 on failure.
543 */
544static int
545recv_msg(struct tac_handle *h)
546{
547 struct timeval deadline;
548 struct tac_msg *msg;
549 u_int32_t len;
550
551 msg = &h->response;
552 gettimeofday(&deadline, NULL);
553 deadline.tv_sec += h->servers[h->cur_server].timeout;
554
555 /* Read the message header and make sure it is reasonable. */
556 if (read_timed(h, msg, HDRSIZE, &deadline) == -1)
557 return -1;
558 if (memcmp(msg->session_id, h->request.session_id,
559 sizeof msg->session_id) != 0) {
560 generr(h, "Invalid session ID in received message");
561 return -1;
562 }
563 if (msg->type != h->request.type) {
564 generr(h, "Invalid type in received message"
565 " (got %u, expected %u)",
566 msg->type, h->request.type);
567 return -1;
568 }
569 len = ntohl(msg->length);
570 if (len > BODYSIZE) {
571 generr(h, "Received message too large (%u > %u)",
572 len, BODYSIZE);
573 return -1;
574 }
575 if (msg->seq_no != ++h->last_seq_no) {
576 generr(h, "Invalid sequence number in received message"
577 " (got %u, expected %u)",
578 msg->seq_no, h->last_seq_no);
579 return -1;
580 }
581
582 /* Read the message body. */
583 if (read_timed(h, msg->u.body, len, &deadline) == -1)
584 return -1;
585
586 /* Decrypt it. */
587 crypt_msg(h, msg);
588
589 /*
590 * Turn off single-connection mode if the server isn't amenable
591 * to it.
592 */
593 if (!(msg->flags & TAC_SINGLE_CONNECT))
594 h->single_connect = 0;
595 return 0;
596}
597
598static int
599save_str(struct tac_handle *h, struct clnt_str *cs, const void *data,
600 size_t len)
601{
602 free_str(cs);
603 if (data != NULL && len != 0) {
604 if ((cs->data = xmalloc(h, len)) == NULL)
605 return -1;
606 cs->len = len;
607 memcpy(cs->data, data, len);
608 }
609 return 0;
610}
611
612/*
613 * Send the current request, after encrypting it. Returns 0 on success,
614 * or -1 on failure.
615 */
616static int
617send_msg(struct tac_handle *h)
618{
619 struct timeval deadline;
620 struct tac_msg *msg;
621 char *ptr;
622 int len;
623
624 if (h->last_seq_no & 1) {
625 generr(h, "Attempt to send message out of sequence");
626 return -1;
627 }
628
629 if (establish_connection(h) == -1)
630 return -1;
631
632 msg = &h->request;
633 msg->seq_no = ++h->last_seq_no;
634 if (msg->seq_no == 1)
635 gen_session_id(msg);
636 crypt_msg(h, msg);
637
638 if (h->single_connect)
639 msg->flags |= TAC_SINGLE_CONNECT;
640 else
641 msg->flags &= ~TAC_SINGLE_CONNECT;
642 gettimeofday(&deadline, NULL);
643 deadline.tv_sec += h->servers[h->cur_server].timeout;
644 len = HDRSIZE + ntohl(msg->length);
645 ptr = (char *)msg;
646 while (len > 0) {
647 int n;
648
649 n = write(h->fd, ptr, len);
650 if (n == -1) {
651 struct timeval tv;
652 int nfds;
653
654 if (errno != EAGAIN) {
655 generr(h, "Network write error: %s",
656 strerror(errno));
657 return -1;
658 }
659
660 /* Wait until we can write more data. */
661 gettimeofday(&tv, NULL);
662 timersub(&deadline, &tv, &tv);
663 if (tv.tv_sec >= 0) {
664 fd_set wfds;
665
666 FD_ZERO(&wfds);
667 FD_SET(h->fd, &wfds);
668 nfds =
669 select(h->fd + 1, NULL, &wfds, NULL, &tv);
670 if (nfds == -1) {
671 generr(h, "select: %s",
672 strerror(errno));
673 return -1;
674 }
675 } else
676 nfds = 0;
677 if (nfds == 0) {
678 generr(h, "Network write timed out");
679 return -1;
680 }
681 } else {
682 ptr += n;
683 len -= n;
684 }
685 }
686 return 0;
687}
688
689/*
690 * Destructively split a string into fields separated by white space.
691 * `#' at the beginning of a field begins a comment that extends to the
692 * end of the string. Fields may be quoted with `"'. Inside quoted
693 * strings, the backslash escapes `\"' and `\\' are honored.
694 *
695 * Pointers to up to the first maxfields fields are stored in the fields
696 * array. Missing fields get NULL pointers.
697 *
698 * The return value is the actual number of fields parsed, and is always
699 * <= maxfields.
700 *
701 * On a syntax error, places a message in the msg string, and returns -1.
702 */
703static int
704split(char *str, char *fields[], int maxfields, char *msg, size_t msglen)
705{
706 char *p;
707 int i;
708 static const char ws[] = " \t";
709
710 for (i = 0; i < maxfields; i++)
711 fields[i] = NULL;
712 p = str;
713 i = 0;
714 while (*p != '\0') {
715 p += strspn(p, ws);
716 if (*p == '#' || *p == '\0')
717 break;
718 if (i >= maxfields) {
719 snprintf(msg, msglen, "line has too many fields");
720 return -1;
721 }
722 if (*p == '"') {
723 char *dst;
724
725 dst = ++p;
726 fields[i] = dst;
727 while (*p != '"') {
728 if (*p == '\\') {
729 p++;
730 if (*p != '"' && *p != '\\' &&
731 *p != '\0') {
732 snprintf(msg, msglen,
733 "invalid `\\' escape");
734 return -1;
735 }
736 }
737 if (*p == '\0') {
738 snprintf(msg, msglen,
739 "unterminated quoted string");
740 return -1;
741 }
742 *dst++ = *p++;
743 }
744 *dst = '\0';
745 p++;
746 if (*p != '\0' && strspn(p, ws) == 0) {
747 snprintf(msg, msglen, "quoted string not"
748 " followed by white space");
749 return -1;
750 }
751 } else {
752 fields[i] = p;
753 p += strcspn(p, ws);
754 if (*p != '\0')
755 *p++ = '\0';
756 }
757 i++;
758 }
759 return i;
760}
761
762int
763tac_add_server(struct tac_handle *h, const char *host, int port,
764 const char *secret, int timeout, int flags)
765{
766 struct tac_server *srvp;
767
768 if (h->num_servers >= MAXSERVERS) {
769 generr(h, "Too many TACACS+ servers specified");
770 return -1;
771 }
772 srvp = &h->servers[h->num_servers];
773
774 memset(&srvp->addr, 0, sizeof srvp->addr);
775 srvp->addr.sin_len = sizeof srvp->addr;
776 srvp->addr.sin_family = AF_INET;
777 if (!inet_aton(host, &srvp->addr.sin_addr)) {
778 struct hostent *hent;
779
780 if ((hent = gethostbyname(host)) == NULL) {
781 generr(h, "%s: host not found", host);
782 return -1;
783 }
784 memcpy(&srvp->addr.sin_addr, hent->h_addr,
785 sizeof srvp->addr.sin_addr);
786 }
787 srvp->addr.sin_port = htons(port != 0 ? port : TACPLUS_PORT);
788 if ((srvp->secret = xstrdup(h, secret)) == NULL)
789 return -1;
790 srvp->timeout = timeout;
791 srvp->flags = flags;
792 h->num_servers++;
793 return 0;
794}
795
796void
797tac_close(struct tac_handle *h)
798{
799 int i, srv;
800
801 if (h->fd != -1)
802 close(h->fd);
803 for (srv = 0; srv < h->num_servers; srv++) {
804 memset(h->servers[srv].secret, 0,
805 strlen(h->servers[srv].secret));
806 free(h->servers[srv].secret);
807 }
808 free_str(&h->user);
809 free_str(&h->port);
810 free_str(&h->rem_addr);
811 free_str(&h->data);
812 free_str(&h->user_msg);
813 for (i=0; i<MAXAVPAIRS; i++)
814 free_str(&(h->avs[i]));
815
816 /* Clear everything else before freeing memory */
817 memset(h, 0, sizeof(struct tac_handle));
818 free(h);
819}
820
821int
822tac_config(struct tac_handle *h, const char *path)
823{
824 FILE *fp;
825 char buf[MAXCONFLINE];
826 int linenum;
827 int retval;
828
829 if (path == NULL)
830 path = PATH_TACPLUS_CONF;
831 if ((fp = fopen(path, "r")) == NULL) {
832 generr(h, "Cannot open \"%s\": %s", path, strerror(errno));
833 return -1;
834 }
835 retval = 0;
836 linenum = 0;
837 while (fgets(buf, sizeof buf, fp) != NULL) {
838 int len;
839 char *fields[4];
840 int nfields;
841 char msg[ERRSIZE];
842 char *host, *res;
843 char *port_str;
844 char *secret;
845 char *timeout_str;
846 char *options_str;
847 char *end;
848 unsigned long timeout;
849 int port;
850 int options;
851
852 linenum++;
853 len = strlen(buf);
854 /* We know len > 0, else fgets would have returned NULL. */
855 if (buf[len - 1] != '\n') {
856 if (len >= sizeof buf - 1)
857 generr(h, "%s:%d: line too long", path,
858 linenum);
859 else
860 generr(h, "%s:%d: missing newline", path,
861 linenum);
862 retval = -1;
863 break;
864 }
865 buf[len - 1] = '\0';
866
867 /* Extract the fields from the line. */
868 nfields = split(buf, fields, 4, msg, sizeof msg);
869 if (nfields == -1) {
870 generr(h, "%s:%d: %s", path, linenum, msg);
871 retval = -1;
872 break;
873 }
874 if (nfields == 0)
875 continue;
876 if (nfields < 2) {
877 generr(h, "%s:%d: missing shared secret", path,
878 linenum);
879 retval = -1;
880 break;
881 }
882 host = fields[0];
883 secret = fields[1];
884 timeout_str = fields[2];
885 options_str = fields[3];
886
887 /* Parse and validate the fields. */
888 res = host;
889 host = strsep(&res, ":");
890 port_str = strsep(&res, ":");
891 if (port_str != NULL) {
892 port = strtoul(port_str, &end, 10);
893 if (port_str[0] == '\0' || *end != '\0') {
894 generr(h, "%s:%d: invalid port", path,
895 linenum);
896 retval = -1;
897 break;
898 }
899 } else
900 port = 0;
901 if (timeout_str != NULL) {
902 timeout = strtoul(timeout_str, &end, 10);
903 if (timeout_str[0] == '\0' || *end != '\0') {
904 generr(h, "%s:%d: invalid timeout", path,
905 linenum);
906 retval = -1;
907 break;
908 }
909 } else
910 timeout = TIMEOUT;
911 options = 0;
912 if (options_str != NULL) {
913 if (strcmp(options_str, "single-connection") == 0)
914 options |= TAC_SRVR_SINGLE_CONNECT;
915 else {
916 generr(h, "%s:%d: invalid option \"%s\"",
917 path, linenum, options_str);
918 retval = -1;
919 break;
920 }
921 };
922
923 if (tac_add_server(h, host, port, secret, timeout,
924 options) == -1) {
925 char msg[ERRSIZE];
926
927 strcpy(msg, h->errmsg);
928 generr(h, "%s:%d: %s", path, linenum, msg);
929 retval = -1;
930 break;
931 }
932 }
933 /* Clear out the buffer to wipe a possible copy of a shared secret */
934 memset(buf, 0, sizeof buf);
935 fclose(fp);
936 return retval;
937}
938
939int
940tac_create_authen(struct tac_handle *h, int action, int type, int service)
941{
942 struct tac_authen_start *as;
943
944 create_msg(h, TAC_AUTHEN, action, type);
945
946 as = &h->request.u.authen_start;
947 as->action = action;
948 as->priv_lvl = TAC_PRIV_LVL_USER;
949 as->authen_type = type;
950 as->service = service;
951
952 return 0;
953}
954
955int
956tac_create_author(struct tac_handle *h, int method, int type, int service)
957{
958 struct tac_author_request *areq;
959
960 create_msg(h, TAC_AUTHOR, method, type);
961
962 areq = &h->request.u.author_request;
963 areq->authen_meth = method;
964 areq->priv_lvl = TAC_PRIV_LVL_USER;
965 areq->authen_type = type;
966 areq->service = service;
967
968 return 0;
969}
970
971static void
972create_msg(struct tac_handle *h, int msg_type, int var, int type)
973{
974 struct tac_msg *msg;
975 int i;
976
977 h->last_seq_no = 0;
978
979 msg = &h->request;
980 msg->type = msg_type;
981 msg->version = protocol_version(msg_type, var, type);
982 msg->flags = 0; /* encrypted packet body */
983
984 free_str(&h->user);
985 free_str(&h->port);
986 free_str(&h->rem_addr);
987 free_str(&h->data);
988 free_str(&h->user_msg);
989
990 for (i=0; i<MAXAVPAIRS; i++)
991 free_str(&(h->avs[i]));
992}
993
994void *
995tac_get_data(struct tac_handle *h, size_t *len)
996{
997 return dup_str(h, &h->srvr_data, len);
998}
999
1000char *
1001tac_get_msg(struct tac_handle *h)
1002{
1003 return dup_str(h, &h->srvr_msg, NULL);
1004}
1005
1006/*
1007 * Create and initialize a tac_handle structure, and return it to the
1008 * caller. Can fail only if the necessary memory cannot be allocated.
1009 * In that case, it returns NULL.
1010 */
1011struct tac_handle *
1012tac_open(void)
1013{
1014 int i;
1015 struct tac_handle *h;
1016
1017 h = (struct tac_handle *)malloc(sizeof(struct tac_handle));
1018 if (h != NULL) {
1019 h->fd = -1;
1020 h->num_servers = 0;
1021 h->cur_server = 0;
1022 h->errmsg[0] = '\0';
1023 init_clnt_str(&h->user);
1024 init_clnt_str(&h->port);
1025 init_clnt_str(&h->rem_addr);
1026 init_clnt_str(&h->data);
1027 init_clnt_str(&h->user_msg);
1028 for (i=0; i<MAXAVPAIRS; i++) {
1029 init_clnt_str(&(h->avs[i]));
1030 init_srvr_str(&(h->srvr_avs[i]));
1031 }
1032 init_srvr_str(&h->srvr_msg);
1033 init_srvr_str(&h->srvr_data);
1034 srandomdev();
1035 }
1036 return h;
1037}
1038
1039int
1040tac_send_authen(struct tac_handle *h)
1041{
1042 struct tac_authen_reply *ar;
1043
1044 if (h->num_servers == 0)
1045 return -1;
1046
1047 if (h->last_seq_no == 0) { /* Authentication START packet */
1048 struct tac_authen_start *as;
1049
1050 as = &h->request.u.authen_start;
1051 h->request.length =
1052 htonl(offsetof(struct tac_authen_start, rest[0]));
1053 if (add_str_8(h, &as->user_len, &h->user) == -1 ||
1054 add_str_8(h, &as->port_len, &h->port) == -1 ||
1055 add_str_8(h, &as->rem_addr_len, &h->rem_addr) == -1 ||
1056 add_str_8(h, &as->data_len, &h->data) == -1)
1057 return -1;
1058 } else { /* Authentication CONTINUE packet */
1059 struct tac_authen_cont *ac;
1060
1061 ac = &h->request.u.authen_cont;
1062 ac->flags = 0;
1063 h->request.length =
1064 htonl(offsetof(struct tac_authen_cont, rest[0]));
1065 if (add_str_16(h, &ac->user_msg_len, &h->user_msg) == -1 ||
1066 add_str_16(h, &ac->data_len, &h->data) == -1)
1067 return -1;
1068 }
1069
1070 /* Send the message and retrieve the reply. */
1071 if (send_msg(h) == -1 || recv_msg(h) == -1)
1072 return -1;
1073
1074 /* Scan the optional fields in the reply. */
1075 ar = &h->response.u.authen_reply;
1076 h->srvr_pos = offsetof(struct tac_authen_reply, rest[0]);
1077 if (get_srvr_str(h, "msg", &h->srvr_msg, ntohs(ar->msg_len)) == -1 ||
1078 get_srvr_str(h, "data", &h->srvr_data, ntohs(ar->data_len)) == -1 ||
1079 get_srvr_end(h) == -1)
1080 return -1;
1081
1082 if (!h->single_connect &&
1083 ar->status != TAC_AUTHEN_STATUS_GETDATA &&
1084 ar->status != TAC_AUTHEN_STATUS_GETUSER &&
1085 ar->status != TAC_AUTHEN_STATUS_GETPASS)
1086 close_connection(h);
1087
1088 return ar->flags << 8 | ar->status;
1089}
1090
1091int
1092tac_send_author(struct tac_handle *h)
1093{
1094 int i, current;
1095 char dbgstr[64];
1096 struct tac_author_request *areq = &h->request.u.author_request;
1097 struct tac_author_response *ares = &h->response.u.author_response;
1098
1099 h->request.length =
1100 htonl(offsetof(struct tac_author_request, rest[0]));
1101
1102 /* Count each specified AV pair */
1103 for (areq->av_cnt=0, i=0; i<MAXAVPAIRS; i++)
1104 if (h->avs[i].len && h->avs[i].data)
1105 areq->av_cnt++;
1106
1107 /*
1108 * Each AV size is a byte starting right after 'av_cnt'. Update the
1109 * offset to include these AV sizes.
1110 */
1111 h->request.length = ntohl(htonl(h->request.length) + areq->av_cnt);
1112
1113 /* Now add the string arguments from 'h' */
1114 if (add_str_8(h, &areq->user_len, &h->user) == -1 ||
1115 add_str_8(h, &areq->port_len, &h->port) == -1 ||
1116 add_str_8(h, &areq->rem_addr_len, &h->rem_addr) == -1)
1117 return -1;
1118
1119 /* Add each AV pair, the size of each placed in areq->rest[current] */
1120 for (current=0, i=0; i<MAXAVPAIRS; i++) {
1121 if (h->avs[i].len && h->avs[i].data) {
1122 if (add_str_8(h, &areq->rest[current++],
1123 &(h->avs[i])) == -1)
1124 return -1;
1125 }
1126 }
1127
1128 /* Send the message and retrieve the reply. */
1129 if (send_msg(h) == -1 || recv_msg(h) == -1)
1130 return -1;
1131
1132 /* Update the offset in the response packet based on av pairs count */
1133 h->srvr_pos = offsetof(struct tac_author_response, rest[0]) +
1134 ares->av_cnt;
1135
1136 /* Scan the optional fields in the response. */
1137 if (get_srvr_str(h, "msg", &h->srvr_msg, ntohs(ares->msg_len)) == -1 ||
1138 get_srvr_str(h, "data", &h->srvr_data, ntohs(ares->data_len)) ==-1)
1139 return -1;
1140
1141 /* Get each AV pair (just setting pointers, not malloc'ing) */
1142 clear_srvr_avs(h);
1143 for (i=0; i<ares->av_cnt; i++) {
1144 snprintf(dbgstr, sizeof dbgstr, "av-pair-%d", i);
1145 if (get_srvr_str(h, dbgstr, &(h->srvr_avs[i]),
1146 ares->rest[i]) == -1)
1147 return -1;
1148 }
1149
1150 /* Should have ended up at the end */
1151 if (get_srvr_end(h) == -1)
1152 return -1;
1153
1154 /* Sanity checks */
1155 if (!h->single_connect)
1156 close_connection(h);
1157
1158 return ares->av_cnt << 8 | ares->status;
1159}
1160
1161int
1162tac_set_rem_addr(struct tac_handle *h, const char *addr)
1163{
1164 return save_str(h, &h->rem_addr, addr, addr != NULL ? strlen(addr) : 0);
1165}
1166
1167int
1168tac_set_data(struct tac_handle *h, const void *data, size_t data_len)
1169{
1170 return save_str(h, &h->data, data, data_len);
1171}
1172
1173int
1174tac_set_msg(struct tac_handle *h, const char *msg)
1175{
1176 return save_str(h, &h->user_msg, msg, msg != NULL ? strlen(msg) : 0);
1177}
1178
1179int
1180tac_set_port(struct tac_handle *h, const char *port)
1181{
1182 return save_str(h, &h->port, port, port != NULL ? strlen(port) : 0);
1183}
1184
1185int
1186tac_set_priv(struct tac_handle *h, int priv)
1187{
1188 if (!(TAC_PRIV_LVL_MIN <= priv && priv <= TAC_PRIV_LVL_MAX)) {
1189 generr(h, "Attempt to set invalid privilege level");
1190 return -1;
1191 }
1192 h->request.u.authen_start.priv_lvl = priv;
1193 return 0;
1194}
1195
1196int
1197tac_set_user(struct tac_handle *h, const char *user)
1198{
1199 return save_str(h, &h->user, user, user != NULL ? strlen(user) : 0);
1200}
1201
1202int
1203tac_set_av(struct tac_handle *h, u_int index, const char *av)
1204{
1205 if (index >= MAXAVPAIRS)
1206 return -1;
1207 return save_str(h, &(h->avs[index]), av, av != NULL ? strlen(av) : 0);
1208}
1209
1210char *
1211tac_get_av(struct tac_handle *h, u_int index)
1212{
1213 if (index >= MAXAVPAIRS)
1214 return NULL;
1215 return dup_str(h, &(h->srvr_avs[index]), NULL);
1216}
1217
1218char *
1219tac_get_av_value(struct tac_handle *h, const char *attribute)
1220{
1221 int i, len;
1222 const char *ch, *end;
1223 const char *candidate;
1224 int candidate_len;
1225 int found_seperator;
1226 struct srvr_str srvr;
1227
1228 if (attribute == NULL || ((len = strlen(attribute)) == 0))
1229 return NULL;
1230
1231 for (i=0; i<MAXAVPAIRS; i++) {
1232 candidate = h->srvr_avs[i].data;
1233 candidate_len = h->srvr_avs[i].len;
1234
1235 /*
1236 * Valid 'srvr_avs' guaranteed to be contiguous starting at
1237 * index 0 (not necessarily the case with 'avs'). Break out
1238 * when the "end" of the list has been reached.
1239 */
1240 if (!candidate)
1241 break;
1242
1243 if (len < candidate_len &&
1244 !strncmp(candidate, attribute, len)) {
1245
1246 ch = candidate + len;
1247 end = candidate + candidate_len;
1248
1249 /*
1250 * Sift out the white space between A and V (should not
1251 * be any, but don't trust implementation of server...)
1252 */
1253 found_seperator = 0;
1254 while ((*ch == '=' || *ch == '*' || *ch == ' ' ||
1255 *ch == '\t') && ch != end) {
1256 if (*ch == '=' || *ch == '*')
1257 found_seperator++;
1258 ch++;
1259 }
1260
1261 /*
1262 * Note:
1263 * The case of 'attribute' == "foo" and
1264 * h->srvr_avs[0] = "foobie=var1"
1265 * h->srvr_avs[1] = "foo=var2"
1266 * is handled.
1267 */
1268 if (found_seperator == 1 && ch != end) {
1269 srvr.len = end - ch;
1270 srvr.data = ch;
1271 return dup_str(h, &srvr, NULL);
1272 }
1273 }
1274 }
1275 return NULL;
1276}
1277
1278void
1279tac_clear_avs(struct tac_handle *h)
1280{
1281 int i;
1282 for (i=0; i<MAXAVPAIRS; i++)
1283 save_str(h, &(h->avs[i]), NULL, 0);
1284}
1285
1286static void
1287clear_srvr_avs(struct tac_handle *h)
1288{
1289 int i;
1290 for (i=0; i<MAXAVPAIRS; i++)
1291 init_srvr_str(&(h->srvr_avs[i]));
1292}
1293
1294
1295const char *
1296tac_strerror(struct tac_handle *h)
1297{
1298 return h->errmsg;
1299}
1300
1301static void *
1302xmalloc(struct tac_handle *h, size_t size)
1303{
1304 void *r;
1305
1306 if ((r = malloc(size)) == NULL)
1307 generr(h, "Out of memory");
1308 return r;
1309}
1310
1311static char *
1312xstrdup(struct tac_handle *h, const char *s)
1313{
1314 char *r;
1315
1316 if ((r = strdup(s)) == NULL)
1317 generr(h, "Out of memory");
1318 return r;
1319}