From ad8eed222b24d131ce0da40d94f20ca464b31477 Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Fri, 22 Nov 2013 09:51:37 +0100 Subject: remove files not wanted from cerberus MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mattias Andrée --- src/auth.h | 54 ---------- src/auth/crypt.c | 122 --------------------- src/auth/crypt.h | 41 ------- src/auth/pam.c | 258 -------------------------------------------- src/auth/pam.h | 56 ---------- src/cerberus.c | 317 ------------------------------------------------------- src/cerberus.h | 56 ---------- src/config.h | 54 ---------- src/login.c | 200 ----------------------------------- src/login.h | 63 ----------- src/quit.c | 53 ---------- src/quit.h | 39 ------- src/security.c | 150 -------------------------- src/security.h | 43 -------- 14 files changed, 1506 deletions(-) delete mode 100644 src/auth.h delete mode 100644 src/auth/crypt.c delete mode 100644 src/auth/crypt.h delete mode 100644 src/auth/pam.c delete mode 100644 src/auth/pam.h delete mode 100644 src/cerberus.c delete mode 100644 src/cerberus.h delete mode 100644 src/config.h delete mode 100644 src/login.c delete mode 100644 src/login.h delete mode 100644 src/quit.c delete mode 100644 src/quit.h delete mode 100644 src/security.c delete mode 100644 src/security.h diff --git a/src/auth.h b/src/auth.h deleted file mode 100644 index 3851b95..0000000 --- a/src/auth.h +++ /dev/null @@ -1,54 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef __AUTH_H__ -#define __AUTH_H__ - - - -#if AUTH == 0 - -#define close_login_session(...) /* do nothing */ -#define initialise_login(...) (void) hostname -#define authenticate_login(...) 1 -#define verify_account(...) /* do nothing */ -#define open_login_session(...) /* do nothing */ - -#elif AUTH == 1 - -#include "auth/crypt.h" -#define close_login_session(...) /* do nothing */ -#define initialise_login initialise_crypt -#define authenticate_login authenticate_crypt -#define verify_account(...) /* do nothing */ -#define open_login_session(...) /* do nothing */ - -#elif AUTH == 2 - -#include "auth/pam.h" -#define close_login_session close_session_pam -#define initialise_login initialise_pam -#define authenticate_login authenticate_pam -#define verify_account verify_account_pam -#define open_login_session open_session_pam - -#endif - - -#endif - diff --git a/src/auth/crypt.c b/src/auth/crypt.c deleted file mode 100644 index 27238e2..0000000 --- a/src/auth/crypt.c +++ /dev/null @@ -1,122 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef NO_SHADOW -# ifndef HAVE_SHADOW -# define HAVE_SHADOW -# endif -#endif - -#define _XOPEN_SOURCE -#include -#include -#include -#include -#include -#ifdef HAVE_SHADOW -#include -#endif - -#include "../config.h" - -#include "crypt.h" - - -#if !defined(__USE_SVID) && !defined(__USE_MISC) && !defined(__USE_XOPEN_EXTENDED) -#define endpwent() /* do nothing */ -#endif - - -/** - * Function that can be used to read a passphrase from the terminal - */ -static char* (*passphrase_reader)(void) = NULL; - -/** - * The username of the user to log in to - */ -static char* login_username; - - - -/** - * Initialise crypt authentication module - * - * @param remote The remote computer, {@code NULL} for local login - * @param username The username of the user to log in to - * @param reader Function that can be used to read a passphrase from the terminal - */ -void initialise_crypt(char* remote, char* username, char* (*reader)(void)) -{ - (void) remote; - - login_username = username; - passphrase_reader = reader; -} - - -/** - * Perform token authentication - * - * @return Whether the user got automatically authenticated - */ -char authenticate_crypt(void) -{ -#ifdef HAVE_SHADOW - struct spwd* shadow_entry = NULL; -#endif - struct passwd* passwd_entry = NULL; - char* crypted; - char* entered; - -#ifdef HAVE_SHADOW - shadow_entry = getspnam(login_username); - endspent(); - - if (shadow_entry) - crypted = shadow_entry->sp_pwdp; - else - { -#endif - passwd_entry = getpwnam(login_username); - if (passwd_entry) - crypted = passwd_entry->pw_passwd; - else - { - perror("getpwnam"); - endpwent(); - sleep(ERROR_SLEEP); - _exit(1); - } - endpwent(); -#ifdef HAVE_SHADOW - } -#endif - - if (!(crypted && *crypted)) /* empty means that no passphrase is required (not even Enter) */ - return 1; - - entered = crypt(passphrase_reader(), crypted /* salt argument stops parsing when encrypted begins */); - if (entered && !strcmp(entered, crypted)) - return 0; - - printf("Incorrect passphrase\n"); - sleep(FAILURE_SLEEP); - _exit(1); -} - diff --git a/src/auth/crypt.h b/src/auth/crypt.h deleted file mode 100644 index e75c5b5..0000000 --- a/src/auth/crypt.h +++ /dev/null @@ -1,41 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef __CRYPT_H__ -#define __CRYPT_H__ - - -/** - * Initialise crypt authentication module - * - * @param remote The remote computer, {@code NULL} for local login - * @param username The username of the user to log in to - * @param reader Function that can be used to read a passphrase from the terminal - */ -void initialise_crypt(char* remote, char* username, char* (*reader)(void)); - -/** - * Perform token authentication - * - * @return Whether the user got automatically authenticated - */ -char authenticate_crypt(void); - - -#endif - diff --git a/src/auth/pam.c b/src/auth/pam.c deleted file mode 100644 index e02aed1..0000000 --- a/src/auth/pam.c +++ /dev/null @@ -1,258 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#include -#include -#include -#include -#include -#include - -#include "../config.h" - -#include "pam.h" - - -#define __failed(RC) ((RC) != PAM_SUCCESS) - - -void quit_pam(int sig); - -int conv_pam(int num_msg, const struct pam_message** msg, struct pam_response** resp, void* appdata_ptr); - - -/** - * Old signal action for SIGHUP - */ -struct sigaction signal_action_hup; - -/** - * Old signal action for SIGTERM - */ -struct sigaction signal_action_term; - -/** - * The process ID of the child process, 0 if none - */ -extern pid_t child_pid; - -/** - * The PAM handle - */ -static pam_handle_t* handle = NULL; - -/** - * The PAM convention - */ -static struct pam_conv conv = { conv_pam, NULL }; - -/** - * Whether the user was auto-authenticated - */ -static char auto_authenticated = 1; - -/** - * Function that can be used to read a passphrase from the terminal - */ -static char* (*passphrase_reader)(void) = NULL; - - -/** - * Exit if a PAM instruction failed - * - * @param rc What the PAM instruction return - */ -static void do_pam(int rc) -{ - if (__failed(rc)) - { - const char* msg = pam_strerror(handle, rc); - if (msg) - fprintf(stderr, "%s\n", msg); - pam_end(handle, rc); - sleep(ERROR_SLEEP); - _exit(1); - } -} - - -/** - * Initialise PAM - * - * @param remote The remote computer, {@code NULL} for local login - * @param username The username of the user to log in to - * @param reader Function that can be used to read a passphrase from the terminal - */ -void initialise_pam(char* remote, char* username, char* (*reader)(void)) -{ - passphrase_reader = reader; - - if (pam_start(remote ? "remote" : "local", username, &conv, &handle) != PAM_SUCCESS) - { - fprintf(stderr, "Cannot initialise PAM\n"); - sleep(ERROR_SLEEP); - _exit(1); - } - - do_pam(pam_set_item(handle, PAM_RHOST, remote ?: "localhost")); - do_pam(pam_set_item(handle, PAM_TTY, ttyname(STDIN_FILENO) ?: "(none)")); -} - - -/** - * Verify that the account may be used - */ -void verify_account_pam(void) -{ - /* FIXME freezes */ - /* - int rc = pam_acct_mgmt(handle, 0); - if (rc == PAM_NEW_AUTHTOK_REQD) - rc = pam_chauthtok(handle, PAM_CHANGE_EXPIRED_AUTHTOK); - do_pam(rc); - */ -} - - -/** - * Open PAM session - */ -void open_session_pam(void) -{ - int rc; - char** env; - struct sigaction signal_action; - - do_pam(pam_setcred(handle, PAM_ESTABLISH_CRED)); - - if (__failed(rc = pam_open_session(handle, 0))) - { - pam_setcred(handle, PAM_DELETE_CRED); - do_pam(rc); - } - - if (__failed(rc = pam_setcred(handle, PAM_REINITIALIZE_CRED))) - { - pam_close_session(handle, 0); - do_pam(rc); - } - - memset(&signal_action, 0, sizeof(signal_action)); - signal_action.sa_handler = SIG_IGN; - sigaction(SIGINT, &signal_action, NULL); - sigaction(SIGHUP, &signal_action, &signal_action_hup); - signal_action.sa_handler = quit_pam; - sigaction(SIGHUP, &signal_action, NULL); - sigaction(SIGTERM, &signal_action, &signal_action_term); - - for (env = pam_getenvlist(handle); env && *env; env++) - if (putenv(*env)) - { - pam_setcred(handle, PAM_DELETE_CRED); - pam_end(handle, pam_close_session(handle, 0)); - sleep(ERROR_SLEEP); - _exit(1); - } -} - - -/** - * Close PAM session - */ -void close_session_pam(void) -{ - sigaction(SIGHUP, &signal_action_hup, NULL); - sigaction(SIGTERM, &signal_action_term, NULL); - - pam_setcred(handle, PAM_DELETE_CRED); - pam_end(handle, pam_close_session(handle, 0)); -} - - -/** - * Signal handler for cleanly exit PAM session - * - * @param sig The received signal - */ -void quit_pam(int sig) -{ - if (child_pid) - kill(-child_pid, sig); - if (sig == SIGTERM) - kill(-child_pid, SIGHUP); - - pam_setcred(handle, PAM_DELETE_CRED); - pam_end(handle, pam_close_session(handle, 0)); - - _exit(sig); -} - - -/** - * Perform token authentication - * - * @return Whether the user got automatically authenticated - */ -char authenticate_pam(void) -{ - int rc; - - if (__failed(rc = pam_authenticate(handle, 0))) - { - printf("Incorrect passphrase\n"); - pam_end(handle, rc); - sleep(FAILURE_SLEEP); - _exit(1); - } - - return auto_authenticated; -} - - -/** - * Callback function for converation between PAM this application - * - * @param num_msg Number of pointers in the array `msg` - * @param msg Message from PAM - * @param resp Pointer to responses to PAM for by index corresponding messages - * @param appdata_ptr (Not used) - * @return `PAM_SUCCESS`, `PAM_CONV_ERR` or `PAM_BUF_ERR` - */ -int conv_pam(int num_msg, const struct pam_message** msg, struct pam_response** resp, void* appdata_ptr) -{ - int i; - - (void) appdata_ptr; - - *resp = calloc(num_msg, sizeof(struct pam_response)); - - for (i = 0; i < num_msg; i++) - { - ((*resp) + i)->resp = NULL; - ((*resp) + i)->resp_retcode = 0; - - if ((**(msg + i)).msg_style == PAM_PROMPT_ECHO_OFF) - { - (*resp + i)->resp = passphrase_reader(); - auto_authenticated = 0; - } - } - - return PAM_SUCCESS; -} - diff --git a/src/auth/pam.h b/src/auth/pam.h deleted file mode 100644 index ee766df..0000000 --- a/src/auth/pam.h +++ /dev/null @@ -1,56 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef __PAM_H__ -#define __PAM_H__ - - -/** - * Initialise PAM - * - * @param remote The remote computer, {@code NULL} for local login - * @param username The username of the user to log in to - * @param reader Function that can be used to read a passphrase from the terminal - */ -void initialise_pam(char* remote, char* username, char* (*reader)(void)); - -/** - * Verify that the account may be used - */ -void verify_account_pam(void); - -/** - * Open PAM session - */ -void open_session_pam(void); - -/** - * Close PAM session - */ -void close_session_pam(void); - -/** - * Perform token authentication - * - * @return Whether the user got automatically authenticated - */ -char authenticate_pam(void); - - -#endif - diff --git a/src/cerberus.c b/src/cerberus.c deleted file mode 100644 index c555a2b..0000000 --- a/src/cerberus.c +++ /dev/null @@ -1,317 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#include "cerberus.h" - -/* TODO use log */ - - -#ifdef USE_TTY_GROUP -/** - * The group ID for the `tty` group - */ -static gid_t tty_group = 0; -#endif - -/** - * The user's entry in the password file - */ -static struct passwd* entry; - -/** - * The process ID of the child process, 0 if none - */ -pid_t child_pid = 0; - -/** - * The passphrase - */ -char* passphrase = NULL; - - -/** - * Mane method - * - * @param argc The number of command line arguments - * @param argv The command line arguments - * @return Return code - */ -int main(int argc, char** argv) -{ - char* tty_device = ttyname(STDIN_FILENO); - - do_login(argc, argv); - - /* Ignore signals */ - signal(SIGQUIT, SIG_IGN); - signal(SIGINT, SIG_IGN); - - /* Wait for the login shell and all grandchildren to exit */ - while ((wait(NULL) == -1) && (errno == EINTR)) - ; - - /* Regain access to the terminal */ - if (tty_device) - { - int fd = open(tty_device, O_RDWR | O_NONBLOCK); - if (fd) - dup2(fd, 0); - dup2(fd, 1); - dup2(fd, 2); - } - - /* Reset terminal ownership and mode */ - chown_tty(0, tty_group, 0); - - /* Close login session */ - close_login_session(); - - return 0; -} - - -/** - * Do everything before the fork and do everything the exec fork - * - * @param argc The number of command line arguments - * @param argv The command line arguments - */ -void do_login(int argc, char** argv) -{ - char* username = NULL; - char* hostname = NULL; - char preserve_env = 0; - char skip_auth = 0; - int ret; - #ifdef USE_TTY_GROUP - struct group* group; - #endif - - - /* Disable echoing */ - disable_echo(); - /* This should be done as early and quickly as possible so as little - as possible of the passphrase gets leaked to the output if the user - begins entering the passphrase directly after the username. */ - - - /* Set process group ID */ - setpgrp(); - - - /* Parse command line arguments */ - { - char double_dashed = 0; - char hostname_on_next = 0; - int i; - for (i = 1; i < argc; i++) - { - char *arg = *(argv + i); - char c; - - if (*arg == 0) - ; - else if ((*arg == '-') && (double_dashed == 0)) - while ((c = *(++arg))) - if ((c == 'V') || (c == 'H')) - ; - else if (c == 'p') - preserve_env = 1; - else if (c == 'h') - { - if (*(arg + 1)) - hostname = arg + 1; - else - hostname_on_next = 1; - break; - } - else if (c == 'f') - { - if (*(arg + 1)) - username = arg + 1; - skip_auth = 1; - break; - } - else if (c == '-') - { - double_dashed = 1; - break; - } - else - printf("%s: unrecognised options: -%c\n", *argv, c); - else if (hostname_on_next) - { - hostname = arg; - hostname_on_next = 0; - } - else - username = arg; - } - } - - - /* Change that a username has been specified */ - if (username == NULL) - { - printf("%s: no username specified\n", *argv); - sleep(ERROR_SLEEP); - _exit(2); - } - - - /* Only root may bypass authentication */ - if (skip_auth && getuid()) - { - printf("%s: only root by use the -f option\n", *argv); - sleep(ERROR_SLEEP); - _exit(2); - } - - - /* Print ant we want a passphrase, if -f has not been used */ - if (skip_auth == 0) - { - printf("Passphrase: "); - fflush(stdout); - } - /* Done early to make to program look like it is even faster than it is */ - - - /* Make sure nopony is spying */ - #ifdef USE_TTY_GROUP - if ((group = getgrnam(TTY_GROUP))) - tty_group = group->gr_gid; - endgrent(); - #endif - secure_tty(tty_group); - - /* Redisable echoing */ - disable_echo(); - - - /* Set up clean quiting and time out */ - signal(SIGALRM, timeout_quit); - signal(SIGQUIT, user_quit); - signal(SIGINT, user_quit); - siginterrupt(SIGALRM, 1); - siginterrupt(SIGQUIT, 1); - siginterrupt(SIGINT, 1); - alarm(TIMEOUT_SECONDS); - - - /* Get user information */ - if ((entry = getpwnam(username)) == NULL) - { - if (errno) - perror("getpwnam"); - else - printf("User does not exist\n"); - sleep(ERROR_SLEEP); - _exit(1); - } - endpwent(); - username = entry->pw_name; - - - /* Verify passphrase or other token, if -f has not been used */ - initialise_login(hostname, username, read_passphrase); - if ((skip_auth == 0) && authenticate_login()) - printf("(auto-authenticated)\n"); - - /* Passphrase entered, turn off timeout */ - alarm(0); - - /* Wipe and free the passphrase from the memory */ - if (passphrase) - { - long i; - for (i = 0; *(passphrase + i); i++) - *(passphrase + i) = 0; - free(passphrase); - } - - /* Reset terminal settings */ - reenable_echo(); - - - /* Verify account, such as that it is enabled */ - verify_account(); - - - /* Partial login */ - chown_tty(entry->pw_uid, tty_group, 0); - chdir_home(entry); - ensure_shell(entry); - set_environ(entry, preserve_env); - open_login_session(); - - - /* Stop signal handling */ - signal(SIGALRM, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - signal(SIGTSTP, SIG_IGN); - - - child_pid = fork(); - /* vfork cannot be used as the child changes the user, - the parent would not be able to chown the TTY */ - - if (child_pid == -1) - { - perror("fork"); - close_login_session(); - sleep(ERROR_SLEEP); - _exit(1); - } - else if (child_pid) - return; /* Do not go beyond this in the parent */ - - /* In case the shell does not do this */ - setsid(); - - /* Set controlling terminal */ - if (ioctl(STDIN_FILENO, TIOCSCTTY, 1)) - perror("TIOCSCTTY"); - signal(SIGINT, SIG_DFL); - - /* Partial login */ - ret = entry->pw_uid - ? initgroups(username, entry->pw_gid) /* supplemental groups for user, can require network */ - : setgroups(0, NULL); /* supplemental groups for root, does not require netork */ - if (ret == -1) - { - perror(entry->pw_uid ? "initgroups" : "setgroups"); - sleep(ERROR_SLEEP); - _exit(1); - } - set_user(entry); - exec_shell(entry); -} - - -/** - * Read passphrase from the terminal - * - * @return The entered passphrase - */ -char* read_passphrase(void) -{ - passphrase = get_passphrase(); - return passphrase; -} - diff --git a/src/cerberus.h b/src/cerberus.h deleted file mode 100644 index 69df492..0000000 --- a/src/cerberus.h +++ /dev/null @@ -1,56 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef __CERBERUS_H__ -#define __CERBERUS_H__ - - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "config.h" - -#include "passphrase.h" -#include "quit.h" -#include "login.h" -#include "security.h" -#include "auth.h" - - -#ifndef USE_TTY_GROUP -#define tty_group 0 -#endif - - -void do_login(int argc, char** argv); -char* read_passphrase(void); - - -#endif - diff --git a/src/config.h b/src/config.h deleted file mode 100644 index acf596c..0000000 --- a/src/config.h +++ /dev/null @@ -1,54 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef __CONFIG_H__ -#define __CONFIG_H__ - - -/** - * Mode for TTY devices - */ -#ifndef TTY_PERM -#define TTY_PERM 0600 -#endif - -/** - * Number of seconds to sleep on login failure - */ -#ifndef FAILURE_SLEEP -#define FAILURE_SLEEP 5 -#endif - -/** - * Number of seconds to sleep on error, - * so the user has time to read the error message - */ -#ifndef ERROR_SLEEP -#define ERROR_SLEEP 2 -#endif - -/** - * Number of seconds before timeout when waiting for a passphrase - */ -#ifndef TIMEOUT_SECONDS -#define TIMEOUT_SECONDS 60 -#endif - - -#endif - diff --git a/src/login.c b/src/login.c deleted file mode 100644 index 32f118f..0000000 --- a/src/login.c +++ /dev/null @@ -1,200 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#include -#include -#include -#include -#include - -#include "config.h" - -#include "login.h" - - -/** - * The environment variables - */ -extern char** environ; - - -/** - * Set the user gid and uid - * - * @param entry The user entry in the password file - */ -void set_user(struct passwd* entry) -{ - if (setgid(entry->pw_gid) && entry->pw_gid) - { - perror("setgid"); - _exit(1); - } - - if (setuid(entry->pw_uid) && entry->pw_uid) - { - perror("setuid"); - _exit(1); - } -} - - -/** - * Change directory to the user's home directory - * - * @param entry The user entry in the password file - */ -void chdir_home(struct passwd* entry) -{ - if (chdir(entry->pw_dir)) - { - perror("chdir"); - if (chdir(DEFAULT_HOME)) - { - perror("chdir"); - sleep(ERROR_SLEEP); - _exit(1); - } - entry->pw_dir = DEFAULT_HOME; - } -} - - -/** - * Make sure the shell to use is definied - * - * @param entry The user entry in the password file - */ -void ensure_shell(struct passwd* entry) -{ - if ((entry->pw_shell && *(entry->pw_shell)) == 0) - entry->pw_shell = DEFAULT_SHELL; -} - - -/** - * Set environment variables - * - * @param entry The user entry in the password file - * @param preserve_env Whether to preserve the environment - */ -void set_environ(struct passwd* entry, char preserve_env) -{ - char* _term = getenv("TERM"); - char* term = NULL; - if (_term) - { - int n = 0, i; - while (*(_term + n++)) - ; - term = malloc(n * sizeof(char)); - if (term == NULL) - { - perror("malloc"); - sleep(ERROR_SLEEP); - _exit(1); - } - for (i = 0; i < n; i++) - *(term + i) = *(_term + i); - } - - if (preserve_env == 0) - { - environ = malloc(sizeof(char*)); - if (environ == NULL) - { - perror("malloc"); - sleep(ERROR_SLEEP); - _exit(1); - } - *environ = NULL; - } - - setenv("HOME", entry->pw_dir, 1); - setenv("USER", entry->pw_name, 1); - setenv("LOGUSER", entry->pw_name, 1); - setenv("SHELL", entry->pw_shell, 1); - setenv("TERM", term ?: DEFAULT_TERM, 1); - setenv("PATH", entry->pw_uid ? PATH : PATH_ROOT, 1); - - if (term) - free(term); -} - - -/** - * Replace the current image with the user's login shell - * - * @param entry The user entry in the password file - */ -void exec_shell(struct passwd* entry) -{ - int child_argc = 0; - char** child_argv = malloc(5 * sizeof(char*)); - long n = 0; - char* sh = entry->pw_shell; - char* login_sh; - - while (*(sh + n++)) - ; - - login_sh = malloc((n + (strchr(sh, ' ') ? 5 : 1)) * sizeof(char)); - if (login_sh == NULL) - { - perror("malloc"); - sleep(ERROR_SLEEP); - _exit(1); - } - - if (strchr(sh, ' ')) - { - login_sh += 5; - strcpy(login_sh, "exec "); - *(login_sh + n) = 0; - - *(child_argv + child_argc++) = DEFAULT_SHELL; - *(child_argv + child_argc++) = "-" DEFAULT_SH; - *(child_argv + child_argc++) = "-c"; - *(child_argv + child_argc++) = login_sh - 5; - } - else - { - int i; - for (i = n - 1; i >= 0; i--) - if (*(sh + i) == '/') - { - i++; - break; - } - - login_sh = malloc((n + 1) * sizeof(char)); - *login_sh++ = '-'; - strcpy(login_sh, sh + i); - *(login_sh + n) = 0; - - *(child_argv + child_argc++) = sh; - *(child_argv + child_argc++) = login_sh - 1; - } - - *(child_argv + child_argc) = NULL; - execvp(*child_argv, child_argv + 1); - perror("execvp"); - sleep(ERROR_SLEEP); - _exit(1); -} - diff --git a/src/login.h b/src/login.h deleted file mode 100644 index e335e7c..0000000 --- a/src/login.h +++ /dev/null @@ -1,63 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef __LOGIN_H__ -#define __LOGIN_H__ - -#include - - -/** - * Set the user gid and uid - * - * @param entry The user entry in the password file - */ -void set_user(struct passwd* entry); - -/** - * Change directory to the user's home directory - * - * @param entry The user entry in the password file - */ -void chdir_home(struct passwd* entry); - -/** - * Make sure the shell to use is definied - * - * @param entry The user entry in the password file - */ -void ensure_shell(struct passwd* entry); - -/** - * Set environment variables - * - * @param entry The user entry in the password file - * @param preserve_env Whether to preserve the environment - */ -void set_environ(struct passwd* entry, char preserve_env); - -/** - * Replace the current image with the user's login shell - * - * @param entry The user entry in the password file - */ -void exec_shell(struct passwd* entry); - - -#endif - diff --git a/src/quit.c b/src/quit.c deleted file mode 100644 index f609197..0000000 --- a/src/quit.c +++ /dev/null @@ -1,53 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#include -#include - -#include "config.h" -#include "passphrase.h" -#include "quit.h" - - -/** - * Quit function for timeout - * - * @param signal The signal the program received - */ -void timeout_quit(int signal) -{ - (void) signal; - printf("\nTimed out.\n"); - reenable_echo(); - _exit(10); -} - - -/** - * Quit function for user aborts - * - * @param signal The signal the program received - */ -void user_quit(int signal) -{ - (void) signal; - printf("\n"); - reenable_echo(); - _exit(130); -} - diff --git a/src/quit.h b/src/quit.h deleted file mode 100644 index d42c524..0000000 --- a/src/quit.h +++ /dev/null @@ -1,39 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef __QUIT_H__ -#define __QUIT_H__ - - -/** - * Quit function for timeout - * - * @param signal The signal the program received - */ -void timeout_quit(int signal); - -/** - * Quit function for user aborts - * - * @param signal The signal the program received - */ -void user_quit(int signal); - - -#endif - diff --git a/src/security.c b/src/security.c deleted file mode 100644 index eb4bd3c..0000000 --- a/src/security.c +++ /dev/null @@ -1,150 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#include -#include -#include -#include -#include -#include -#include -#if defined(OWN_VCSA) || defined(OWN_VCS) -#include -#include -#endif - -#include "config.h" - -#include "security.h" - - -static inline void fail(char* str) -{ - perror(str); - sleep(FAILURE_SLEEP); - _exit(1); -} - - -/** - * Secure the TTY from spying - * - * @param group The group, -1 for unchanged - */ -void secure_tty(gid_t group) -{ - struct termios tty; - struct termios saved_tty; - char* tty_device; - int fd, i; - - /* Set ownership of this TTY to root:root */ - chown_tty(0, group, 1); - - /* Get TTY name for last part of this functions */ - tty_device = ttyname(STDIN_FILENO); - - /* Kill other processes on this TTY */ - tcgetattr(STDIN_FILENO, &tty); - saved_tty = tty; - tty.c_cflag &= ~HUPCL; - tcsetattr(0, TCSANOW, &tty); - close(STDIN_FILENO); - close(STDOUT_FILENO); - close(STDERR_FILENO); - signal(SIGHUP, SIG_IGN); - vhangup(); - signal(SIGHUP, SIG_DFL); - - /* Restore terminal and TTY modes */ - fd = open(tty_device, O_RDWR | O_NONBLOCK); - if (fd == -1) - fail("open"); - fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) & ~O_NONBLOCK); - for (i = 0; i < fd; i++) - close(i); - for (i = 0; i < 3; i++) - if (i != fd) - dup2(fd, i); - if (fd > 2) - close(fd); - tcgetattr(STDIN_FILENO, &saved_tty); -} - - -/** - * Set ownership and mode of the TTY - * - * @param owner The owner, -1 for unchanged - * @param group The group, -1 for unchanged - * @param with_fail Abort on failure - */ -void chown_tty(uid_t owner, gid_t group, char with_fail) -{ - #if defined(OWN_VCSA) || defined(OWN_VCS) - struct vt_stat vtstat; - #endif - - /* Set ownership of this TTY */ - if (fchown(STDIN_FILENO, owner, group) && with_fail) - fail("fchown"); - - /* Restrict others from using this TTY */ - if (fchmod(STDIN_FILENO, TTY_PERM) && with_fail) - fail("fchmod"); - - /* Also do the above for /dev/vcs[a][0-9]+ */ - #if defined(OWN_VCSA) || defined(OWN_VCS) - if (ioctl(STDIN_FILENO, VT_GETSTATE, &vtstat) == 0) - { - int n = vtstat.v_active; - char _vcs[VCS_LEN + 6]; - char _vcsa[VCSA_LEN + 6]; - - char* vcs = _vcs; - char* vcsa = _vcsa; - vcs += VCS_LEN + 6; - vcsa += VCSA_LEN + 6; - - if (n) - { - *--vcs = *--vcsa = 0; - while (n) - { - *--vcs = *--vcsa = (n % 10) + '0'; - n /= 10; - } - - vcs -= VCS_LEN; - vcsa -= VCSA_LEN; - strncpy(vcs, VCS, VCS_LEN); - strncpy(vcsa, VCSA, VCSA_LEN); - - #ifdef OWN_VCS - if (chown(vcs, owner, group) && with_fail) fail("chown"); - if (chmod(vcs, TTY_PERM) && with_fail) fail("chmod"); - #endif - #ifdef OWN_VCSA - if (chown(vcsa, owner, group) && with_fail) fail("chown"); - if (chmod(vcsa, TTY_PERM) && with_fail) fail("chmod"); - #endif - } - } - #endif -} - diff --git a/src/security.h b/src/security.h deleted file mode 100644 index 3a218d9..0000000 --- a/src/security.h +++ /dev/null @@ -1,43 +0,0 @@ -/** - * cerberus – Minimal login program - * - * Copyright © 2013 Mattias Andrée (maandree@member.fsf.org) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef __SECURITY_H__ -#define __SECURITY_H__ - -#include - - -/** - * Secure the TTY from spying - * - * @param group The group, -1 for unchanged - */ -void secure_tty(gid_t group); - -/** - * Set ownership and mode of the TTY - * - * @param owner The owner, -1 for unchanged - * @param group The group, -1 for unchanged - * @param with_fail Abort on failure - */ -void chown_tty(uid_t owner, gid_t group, char with_fail); - - -#endif - -- cgit v1.2.3-70-g09d2