Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
security
google-authenticator-libpam
google-authenticator-libpam-1.10.obscpio
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File google-authenticator-libpam-1.10.obscpio of Package google-authenticator-libpam
07070100000000000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000002900000000google-authenticator-libpam-1.10/.github07070100000001000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000003800000000google-authenticator-libpam-1.10/.github/ISSUE_TEMPLATE07070100000002000081A40000000000000000000000016627DD81000002DF000000000000000000000000000000000000004600000000google-authenticator-libpam-1.10/.github/ISSUE_TEMPLATE/bug_report.md--- name: Bug report about: Create a report to help us improve title: '' labels: '' assignees: '' --- ### Describe the bug A clear and concise description of what the bug is. ### To Reproduce Steps to reproduce the behavior: 1. Go to '...' 2. Click on '....' 3. Scroll down to '....' 4. See error ### Expected behavior A clear and concise description of what you expected to happen. ### Config. E.g. `/etc/ssh/sshd_config` ``` Paste the config here ``` ### Logs: `/var/log/auth.log` or equivalent ``` Paste the relevant log lines here ``` ### Environment - OS: [e.g. Ubuntu] - Version [e.g. 22.04] - Do you use selinux? (check with e.g. `sestatus`): ___ ### Additional context Add any other context about the problem here. 07070100000003000081A40000000000000000000000016627DD81000002AE000000000000000000000000000000000000004E00000000google-authenticator-libpam-1.10/.github/ISSUE_TEMPLATE/configuration-help.md--- name: Configuration help about: Describe this issue template's purpose here. title: '' labels: '' assignees: '' --- ### System information Operating system (e.g. Ubuntu 22.04): ____ Do you use selinux? (check with e.g. `sestatus`): ___ ### Steps to reproduce 1. … ### What I expected would happen FILL IN ### What actually happened FILL IN ### PAM config Paste the relevant parts of your PAM config ``` paste here ``` ### If SSH: SSH config Paste the relevant parts of `/etc/ssh/sshd_config` or equivalent. ``` paste here ``` ### If not SSH: That program's config, and logs ``` paste here ``` ### Contents of `/var/log/auth.log` or equivalent ``` paste here ``` 07070100000004000081A40000000000000000000000016627DD8100000253000000000000000000000000000000000000004B00000000google-authenticator-libpam-1.10/.github/ISSUE_TEMPLATE/feature_request.md--- name: Feature request about: Suggest an idea for this project title: '' labels: '' assignees: '' --- **Is your feature request related to a problem? Please describe.** A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] **Describe the solution you'd like** A clear and concise description of what you want to happen. **Describe alternatives you've considered** A clear and concise description of any alternative solutions or features you've considered. **Additional context** Add any other context or screenshots about the feature request here. 07070100000005000081A40000000000000000000000016627DD8100000294000000000000000000000000000000000000005700000000google-authenticator-libpam-1.10/.github/ISSUE_TEMPLATE/totp-codes-are-not-accepted.md--- name: TOTP codes are not accepted about: OTP codes are configured, but don't seem to be accepted, or only sometimes accepted title: 'TOTP not accepted: ' labels: '' assignees: '' --- ## Prerequisite Read [this](https://twitter.com/thomashabets/status/1133780752582217728), have a little chuckle to yourself. After that: no seriously really do confirm it. Most of the reported issues with TOTP follow that pattern. ## PAM config E.g. `/etc/pam.d/ssh`, or `common-auth` if it uses that. ## SSH config (or equivalent if not using SSH) `/etc/ssh/sshd_config` ## Enable `debug` on the module, and paste what's logged Maybe from `/var/log/auth.log`. 07070100000006000081A40000000000000000000000016627DD8100001093000000000000000000000000000000000000002C00000000google-authenticator-libpam-1.10/.gitignore### Project specific ignores .deps .dirstamp cmake-build-debug libtool contrib/rpm.spec ### Project binaries google-authenticator examples/demo .libs ### Project tests test-suite.log tests/pam_google_authenticator_unittest tests/*.log tests/*.trs ### Autotools template # http://www.gnu.org/software/automake Makefile.in /ar-lib /mdate-sh /py-compile /test-driver /ylwrap # http://www.gnu.org/software/autoconf /autom4te.cache /autoscan.log /autoscan-*.log /aclocal.m4 /compile /config.guess /config.h.in /config.h /config.log /config.sub /config.status /configure /configure.scan /depcomp /install-sh /missing /stamp-h1 # https://www.gnu.org/software/libtool/ /ltmain.sh # http://www.gnu.org/software/texinfo /texinfo.tex ### C++ template # Prerequisites *.d # Compiled Object files *.slo *.lo *.o *.obj # Precompiled Headers *.gch *.pch # Compiled Dynamic libraries *.so *.dylib *.dll # Fortran module files *.mod *.smod # Compiled Static libraries *.lai *.la *.a *.lib # Executables *.exe *.out *.app ### JetBrains template # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 .idea/ ## File-based project format: *.iws *.iml ## Plugin-specific files: # IntelliJ /out/ # mpeltonen/sbt-idea plugin .idea_modules/ # JIRA plugin atlassian-ide-plugin.xml # Crashlytics plugin (for Android Studio and IntelliJ) com_crashlytics_export_strings.xml crashlytics.properties crashlytics-build.properties fabric.properties ### Archives template # It's better to unpack these files and commit the raw source because # git has its own built in compression methods. *.7z *.jar *.rar *.zip *.gz *.bzip *.bz2 *.xz *.lzma *.cab #packing-only formats *.iso *.tar #package management formats *.dmg *.xpi *.gem *.egg *.deb *.rpm *.msi *.msm *.msp ### Xcode template # Xcode # # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore ## Build generated build/ DerivedData/ ## Various settings *.pbxuser !default.pbxuser *.mode1v3 !default.mode1v3 *.mode2v3 !default.mode2v3 *.perspectivev3 !default.perspectivev3 xcuserdata/ ## Other *.moved-aside *.xccheckout *.xcscmblueprint ### macOS template *.DS_Store .AppleDouble .LSOverride # Icon must end with two \r Icon # Thumbnails ._* # Files that might appear in the root of a volume .DocumentRevisions-V100 .fseventsd .Spotlight-V100 .TemporaryItems .Trashes .VolumeIcon.icns .com.apple.timemachine.donotpresent # Directories potentially created on remote AFP share .AppleDB .AppleDesktop Network Trash Folder Temporary Items .apdisk ### Eclipse template .metadata bin/ tmp/ *.tmp *.bak *.swp *~.nib local.properties .settings/ .loadpath .recommenders # Eclipse Core .project # External tool builders .externalToolBuilders/ # Locally stored "Eclipse launch configurations" *.launch # PyDev specific (Python IDE for Eclipse) *.pydevproject # CDT-specific (C/C++ Development Tooling) .cproject # JDT-specific (Eclipse Java Development Tools) .classpath # Java annotation processor (APT) .factorypath # PDT-specific (PHP Development Tools) .buildpath # sbteclipse plugin .target # Tern plugin .tern-project # TeXlipse plugin .texlipse # STS (Spring Tool Suite) .springBeans # Code Recommenders .recommenders/ # Scala IDE specific (Scala & Java development for Eclipse) .cache-main .scala_dependencies .worksheet ### C template # Prerequisites # Object files *.ko *.elf # Linker output *.ilk *.map *.exp # Precompiled Headers # Libraries # Shared objects (inc. Windows DLLs) *.so.* # Executables *.i*86 *.x86_64 *.hex # Debug files *.dSYM/ *.su *.idb *.pdb # Kernel Module Compile Results *.mod* *.cmd modules.order Module.symvers Mkfile.old dkms.conf ### CMake template CMakeCache.txt CMakeFiles CMakeLists.txt CMakeScripts Testing Makefile cmake_install.cmake install_manifest.txt compile_commands.json CTestTestfile.cmake ### NetBeans template nbproject/private/ nbbuild/ dist/ nbdist/ .nb-gradle/ ### Vim template # swap [._]*.s[a-v][a-z] [._]*.sw[a-p] [._]s[a-v][a-z] [._]sw[a-p] # session Session.vim # temporary .netrwhist *~ # auto-generated tag files tags base32 07070100000007000081A40000000000000000000000016627DD81000000B7000000000000000000000000000000000000002D00000000google-authenticator-libpam-1.10/.travis.ymllanguage: c compiler: - clang - gcc script: ./bootstrap.sh && ./configure && make && make check sudo: false addons: apt: packages: - libpam0g-dev - libqrencode3 07070100000008000081A40000000000000000000000016627DD81000005AA000000000000000000000000000000000000003100000000google-authenticator-libpam-1.10/CONTRIBUTING.mdWant to contribute? Great! First, read this page (including the small print at the end). ### Before you contribute Before we can use your code, you must sign the [Google Individual Contributor License Agreement](https://cla.developers.google.com/about/google-individual) (CLA), which you can do online. The CLA is necessary mainly because you own the copyright to your changes, even after your contribution becomes part of our codebase, so we need your permission to use and distribute your code. We also need to be sure of various other things—for instance that you'll tell us if you know that your code infringes on other people's patents. You don't have to sign the CLA until after you've submitted your code for review and a member has approved it, but you must do it before we can put your code into our codebase. Before you start working on a larger contribution, you should get in touch with us first through the issue tracker with your idea so that we can help out and possibly guide you. Coordinating up front makes it much easier to avoid frustration later on. ### Code reviews All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. ### The small print Contributions made by corporations are covered by a different agreement than the one above, the [Software Grant and Corporate Contributor License Agreement](https://cla.developers.google.com/about/google-corporate). 07070100000009000081A40000000000000000000000016627DD8100000BA3000000000000000000000000000000000000002C00000000google-authenticator-libpam-1.10/FILEFORMATAll configuration data and state is kept in ~/.google_authenticator The file is all ASCII, but is kept in a very simple-to-parse and rigid file format. The file size is currently limited to 1kB. This should be generous even when using a very large list of scratch codes. The first line is the base32 encoded secret. It uses characters in the range A..Z2..7. The secret is used after first trying any one-time scratch codes. HOTP mode is used only if HOTP_COUNTER is present. TOTP mode is used only if TOTP_AUTH is present *and* HOTP_COUNTER is not present. The following lines are optional. They all start with a double quote character, followed by a space character. Followed by an option name. Option names are all upper-case and must include an underscore. This ensures that they cannot accidentally appear anywhere else in the file. Options can be followed by option-specific parameters. Currently, the following options are recognized: DISALLOW_REUSE if present, this signals that a time-based token can be used at most once. Any attempt to log in using the same token will be denied. This means that users can typically not log in faster than once every ~30 seconds. The option is followed by a space-separated list of time stamps that have previously been used for login attempts. This option has no effect when HOTP_COUNTER is present. RATE_LIMIT n m ... this optional parameter restricts the number of logins to at most "n" within each "m" second interval. Additional parameters in this line are undocumented; they are used internally to keep track of state. TOTP_AUTH the presence of this option indicates that the secret can be used to authenticate users with a time-based token. STEP_SIZE n the number of seconds in each time step during which a TOTP code is valid. The default is that a code is valid for 30 seconds. HOTP_COUNTER n the presence of this option indicates that the secret can be used to authenticate users with a counter-based token. The argument "n" represents which counter value the token will accept next. It should be initialized to 1. WINDOW_SIZE n the default window size is 3, allowing up to one extra valid token before and after the currently active one. This might be too restrictive if the client and the server experience significant time skew. You can provide a parameter to increase the login window size from 3 to "n" In counter-based mode, this option is the number of valid tokens after the currently active one. The default is almost certainly too restrictive for most users as invalid login attempts and generated-but-not-used tokens both contribute to synchronization problems. Any all-numeric sequence of eight-digit numbers are randomly generated one-time scratch code tokens. The user can enter any arbitrary one-time code to log into his account. The code will then be removed from the file. 0707010000000A000081A40000000000000000000000016627DD8100002C5E000000000000000000000000000000000000002900000000google-authenticator-libpam-1.10/LICENSE Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. 0707010000000B000081A40000000000000000000000016627DD81000009B5000000000000000000000000000000000000002D00000000google-authenticator-libpam-1.10/Makefile.amAUTOMAKE_OPTIONS = foreign subdir-objects ACLOCAL_AMFLAGS = -I build pamdir = $(libdir)/security bin_PROGRAMS = google-authenticator noinst_PROGRAMS = base32 dist_man_MANS = man/google-authenticator.1 dist_man_MANS += man/pam_google_authenticator.8 pam_LTLIBRARIES = pam_google_authenticator.la dist_doc_DATA = FILEFORMAT README.md dist_html_DATA = totp.html MODULES_LDFLAGS = -avoid-version -module -shared -export-dynamic CORE_SRC = src/util.h src/util.c CORE_SRC += src/base32.h src/base32.c CORE_SRC += src/hmac.h src/hmac.c CORE_SRC += src/sha1.h src/sha1.c base32_SOURCES=\ src/base32.c \ src/base32_prog.c google_authenticator_SOURCES = \ src/google-authenticator.c \ $(CORE_SRC) pam_google_authenticator_la_SOURCES = \ src/pam_google_authenticator.c \ $(CORE_SRC) pam_google_authenticator_la_LIBADD = -lpam pam_google_authenticator_la_CFLAGS = $(AM_CFLAGS) pam_google_authenticator_la_LDFLAGS = $(AM_LDFLAGS) $(MODULES_LDFLAGS) -export-symbols-regex "pam_sm_(setcred|open_session|authenticate)" check_PROGRAMS = examples/demo tests/pam_google_authenticator_unittest check_LTLIBRARIES = libpam_google_authenticator_testing.la TESTS = tests/pam_google_authenticator_unittest tests/base32_test.sh EXTRA_DIST = tests/base32_test.sh libpam_google_authenticator_testing_la_SOURCES = \ src/pam_google_authenticator.c \ $(CORE_SRC) libpam_google_authenticator_testing_la_CFLAGS = $(AM_CFLAGS) -DTESTING=1 libpam_google_authenticator_testing_la_LDFLAGS = $(AM_LDFLAGS) $(MODULES_LDFLAGS) -rpath $(abs_top_builddir) -lpam tests_pam_google_authenticator_unittest_SOURCES = \ tests/pam_google_authenticator_unittest.c \ $(CORE_SRC) tests_pam_google_authenticator_unittest_LDADD = -lpam tests_pam_google_authenticator_unittest_LDFLAGS = $(AM_LDFLAGS) -export-dynamic test: check examples_demo_SOURCES = \ src/pam_google_authenticator.c \ $(CORE_SRC) \ examples/demo.c examples_demo_LDADD = -lpam examples_demo_CFLAGS = $(AM_CFLAGS) -DDEMO=1 super-clean: maintainer-clean rm -fr aclocal autom4te.cache/ m4 missing libtool config.guess rm -fr config.lt config.status config.sub configure depcomp rm -fr libtool install-sh *~ Makefile aclocal.m4 config.h.in ltmain.sh rm -fr Makefile.in test-driver compile doc: (cd man && pandoc --standalone --to man google-authenticator.1.md > google-authenticator.1) (cd man && pandoc --standalone --to man pam_google_authenticator.8.md > pam_google_authenticator.8) 0707010000000C000081A40000000000000000000000016627DD81000022F7000000000000000000000000000000000000002B00000000google-authenticator-libpam-1.10/README.md# Google Authenticator PAM module Example PAM module demonstrating two-factor authentication for logging into servers via SSH, OpenVPN, etc… This project is not about logging in to Google, Facebook, or other TOTP/HOTP second factor systems, even if they recommend using the Google Authenticator apps. HMAC-Based One-time Password (HOTP) is specified in [RFC 4226](https://tools.ietf.org/html/rfc4226) and Time-based One-time Password (TOTP) is specified in [RFC 6238](https://tools.ietf.org/html/rfc6238). [](https://travis-ci.org/google/google-authenticator-libpam) ## Build & install ```shell ./bootstrap.sh ./configure make sudo make install ``` If you don't have access to "sudo", you have to manually become "root" prior to calling "make install". ## Setting up the PAM module for your system For highest security, make sure that both password and OTP are being requested even if password and/or OTP are incorrect. This means that *at least* the first of `pam_unix.so` (or whatever other module is used to verify passwords) and `pam_google_authenticator.so` should be set as `required`, not `requisite`. It probably can't hurt to have both be `required`, but it could depend on the rest of your PAM config. If you use HOTP (counter based as opposed to time based) then add the option `no_increment_hotp` to make sure the counter isn't incremented for failed attempts. Add this line to your PAM configuration file: ` auth required pam_google_authenticator.so no_increment_hotp` ## Setting up a user Run the `google-authenticator` binary to create a new secret key in your home directory. These settings will be stored in `~/.google_authenticator`. If your system supports the "libqrencode" library, you will be shown a QRCode that you can scan using the Android "Google Authenticator" application. If your system does not have this library, you can either follow the URL that `google-authenticator` outputs, or you have to manually enter the alphanumeric secret key into the Android "Google Authenticator" application. In either case, after you have added the key, click-and-hold until the context menu shows. Then check that the key's verification value matches (this feature might not be available in all builds of the Android application). Each time you log into your system, you will now be prompted for your TOTP code (time based one-time-password) or HOTP (counter-based), depending on options given to `google-authenticator`, after having entered your normal user id and your normal UNIX account password. During the initial roll-out process, you might find that not all users have created a secret key yet. If you would still like them to be able to log in, you can pass the "nullok" option on the module's command line: ` auth required pam_google_authenticator.so nullok` ## Encrypted home directories If your system encrypts home directories until after your users entered their password, you either have to re-arrange the entries in the PAM configuration file to decrypt the home directory prior to asking for the OTP code, or you have to store the secret file in a non-standard location: ` auth required pam_google_authenticator.so secret=/var/unencrypted-home/${USER}/.google_authenticator` would be a possible choice. Make sure to set appropriate permissions. You also have to tell your users to manually move their .google_authenticator file to this location. In addition to "${USER}", the `secret=` option also recognizes both "~" and `${HOME}` as short-hands for the user's home directory. When using the `secret=` option, you might want to also set the `user=` option. The latter forces the PAM module to switch to a dedicated hard-coded user id prior to doing any file operations. When using the `user=` option, you must not include "~" or "${HOME}" in the filename. The `user=` option can also be useful if you want to authenticate users who do not have traditional UNIX accounts on your system. ## Module options ### secret=/path/to/secret/file See "encrypted home directories", above. ### authtok_prompt=prompt Overrides default token prompt. If you want to include spaces in the prompt, wrap the whole argument in square brackets: ` auth required pam_google_authenticator.so [authtok_prompt=Your secret token: ]` ### user=some-user Force the PAM module to switch to a hard-coded user id prior to doing any file operations. Commonly used with `secret=`. ### no_strict_owner DANGEROUS OPTION! By default the PAM module requires that the secrets file must be owned the user logging in (or if `user=` is specified, owned by that user). This option disables that check. This option can be used to allow daemons not running as root to still handle configuration files not owned by that user, for example owned by the users themselves. ### allowed_perm=0nnn DANGEROUS OPTION! By default, the PAM module requires the secrets file to be readable only by the owner of the file (mode 0600 by default). In situations where the module is used in a non-default configuration, an administrator may need more lenient file permissions, or a specific setting for their use case. ### debug Enable more verbose log messages in syslog. ### try_first_pass / use_first_pass / forward_pass Some PAM clients cannot prompt the user for more than just the password. To work around this problem, this PAM module supports stacking. If you pass the `forward_pass` option, the `pam_google_authenticator` module queries the user for both the system password and the verification code in a single prompt. It then forwards the system password to the next PAM module, which will have to be configured with the `use_first_pass` option. In turn, `pam_google_authenticator` module also supports both the standard `use_first_pass` and `try_first_pass` options. But most users would not need to set those on the `pam_google_authenticator`. ### noskewadj If you discover that your TOTP code never works, this is most commonly the result of the clock on your server being different from the one on your Android device. The PAM module makes an attempt to compensate for time skew. You can teach it about the amount of skew that you are experiencing, by trying to log it three times in a row. Make sure you always wait 30s (but not longer), so that you get three distinct TOTP codes. Some administrators prefer that time skew isn't adjusted automatically, as doing so results in a slightly less secure system configuration. If you want to disable it, you can do so on the module command line: ` auth required pam_google_authenticator.so noskewadj` ### no_increment_hotp Don't increment the counter for failed HOTP attempts. Normally you should set this so failed password attempts by an attacker without a token don't lock out the authorized user. ### nullok Allow users to log in without OTP, if they haven't set up OTP yet. PAM requires at least one `SUCCESS` answer from a module, and `nullok` causes this module to say `IGNORE`. This means that if this option is used at least one other module must have said `SUCCESS`. One way to do this is to add `auth required pam_permit.so` to the end of the PAM config. ### echo_verification_code By default, the PAM module does not echo the verification code when it is entered by the user. In some situations, the administrator might prefer a different behavior. Pass the `echo_verification_code` option to the module in order to enable echoing. If you would like verification codes that are counter based instead of timebased, use the `google-authenticator` binary to generate a secret key in your home directory with the proper option. In this mode, clock skew is irrelevant and the window size option now applies to how many codes beyond the current one that would be accepted, to reduce synchronization problems. ### grace_period=seconds If present and non-zero, provide a grace period during which a second verification code will not be requested. Try setting seconds to 86400 to allow a full-day between requesting codes; or 3600 for an hour. This works by adding an (IP address, timestamp) pair to the security file after a successful one-time-password login; only the last ten distinct IP addresses are tracked. ### allow_readonly DANGEROUS OPTION! With this option an attacker with ability to fill up the filesystem (flood server with web requests, or if they have an account just fill the disk up) can force a situation where one-time-passwords can be reused, defeating the purpose of "one time". By default, if the `grace_period` option is defined the PAM module requires some free space to store the IP address and timestamp of the last login. It could prevent access if a server has no free space or in case of an update config file error. With the `allow_readonly` option you can ignore any errors which could occur during config file update. 0707010000000D000081ED0000000000000000000000016627DD810000025D000000000000000000000000000000000000002E00000000google-authenticator-libpam-1.10/bootstrap.sh#!/bin/sh # Copyright 2014 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. exec autoreconf -i 0707010000000E000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000002700000000google-authenticator-libpam-1.10/build0707010000000F000081A40000000000000000000000016627DD810000000E000000000000000000000000000000000000003200000000google-authenticator-libpam-1.10/build/.gitignore* !.gitignore 07070100000010000081A40000000000000000000000016627DD8100000907000000000000000000000000000000000000002E00000000google-authenticator-libpam-1.10/configure.acAC_PREREQ(2.61) AC_INIT(google-authenticator, 1.10, habets@google.com) AC_CONFIG_SRCDIR([src/google-authenticator.c]) AC_CONFIG_AUX_DIR([build]) AC_CONFIG_MACRO_DIR([build]) # --enable-silent-rules m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])], [AC_SUBST([AM_DEFAULT_VERBOSITY], [1])]) AC_USE_SYSTEM_EXTENSIONS AM_INIT_AUTOMAKE([foreign subdir-objects]) AM_MAINTAINER_MODE([enable]) LT_INIT AC_PROG_CC AC_PROG_CC_STDC AC_CHECK_HEADERS([sys/fsuid.h]) AC_CHECK_FUNCS([ \ explicit_bzero \ setfsuid \ setfsgid \ ]) AC_CHECK_HEADERS_ONCE([security/pam_appl.h]) # On Solaris at least, <security/pam_modules.h> requires <security/pam_appl.h> # to be included first AC_CHECK_HEADER([security/pam_modules.h], [], [], \ [#ifdef HAVE_SECURITY_PAM_APPL_H # include <security/pam_appl.h> #endif ]) AC_CHECK_LIB([pam], [pam_get_user], [:]) AS_IF([test "x$ac_cv_header_security_pam_modules_h" = "xno" \ -o "x$ac_cv_lib_pam_pam_get_user" = "xno"], [ AC_MSG_ERROR([Unable to find the PAM library or the PAM header files]) ]) AC_MSG_CHECKING([whether certain PAM functions require const arguments]) AC_LANG_PUSH(C) # Force test to bail if const isn't needed AC_LANG_WERROR AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <security/pam_appl.h> #include <security/pam_modules.h> ]],[[ const void **item = 0; int dummy = 0; /* * since pam_handle_t is opaque on at least some platforms, give it * a non-NULL dummy value */ const pam_handle_t *ph = (const pam_handle_t *)&dummy; (void) pam_get_item(ph, 0, item); ]])],[AC_DEFINE([PAM_CONST], [const], \ [Define if certain PAM functions require const arguments]) AC_MSG_RESULT([yes])], [AC_DEFINE([PAM_CONST], [], \ [Prevent certain PAM functions from using const arguments]) AC_MSG_RESULT([no])]) AC_MSG_CHECKING(whether compiler understands -Wall) old_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS -Wall" AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])], AC_MSG_RESULT(yes), AC_MSG_RESULT(no) CFLAGS="$old_CFLAGS") AC_LANG_POP(C) AC_SEARCH_LIBS([dlopen], [dl]) AC_CONFIG_HEADER(config.h) AC_CONFIG_FILES([Makefile contrib/rpm.spec]) AC_OUTPUT echo " $PACKAGE_NAME version $PACKAGE_VERSION Prefix.........: $prefix Debug Build....: $debug C Compiler.....: $CC $CFLAGS $CPPFLAGS Linker.........: $LD $LDFLAGS $LIBS " 07070100000011000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000002900000000google-authenticator-libpam-1.10/contrib07070100000012000081A40000000000000000000000016627DD8100000520000000000000000000000000000000000000003700000000google-authenticator-libpam-1.10/contrib/README.rpm.md## Building a Google-Authenticator RPM Please note the RPM does not require QR-Encode as a dependency, As technically the module builds fine without it. But in all likely- hood you will need it in an actual deployment. Building a QR-Encode RPM is outside the scope of this documentation, see the in-repo documentation for instructions. https://github.com/fukuchi/libqrencode If you are using RPMs in your testing a new build number option has been added to the spec file IE: --define '_release #' to where # is a build number. This will generate a RPM in the namespace: google-authenticator-1.01-#.el6.x86_64.rpm where # is your specified build number. If no _release is set the build is defaulted to 1. Example: ``` rpmbuild -ba contrib/rpm.spec --define '_release 8' ``` This will generate an rpm of: ``` google-authenticator-1.01-8.el6.x86_64.rpm ``` ### Requirements * gcc * libtool * autoconf * automake * libpam-devel * rpm-builder * qr-encode (optional) ### Process ```shell git clone https://github.com/google/google-authenticator.git cd google-authenticator/libpam ./bootstrap.sh ./configure make dist cp google-autheticator-#.##.tar.gz ~/rpmbuild/SOURCES/ rpmbuild -ba contrib/rpm.spec ``` The script build-rpm.sh has been created to make these steps a bit easier to perform. 07070100000013000081ED0000000000000000000000016627DD8100000323000000000000000000000000000000000000003600000000google-authenticator-libpam-1.10/contrib/build-rpm.sh#!/bin/bash # # A simple script to make building an RPM of the software a lot easier # set -e if [ "$(which rpmbuild)" == "" ]; then echo "To build an rpm the tool rpmbuild needs to be installed first" exit 1 fi DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" if [[ -z $1 ]]; then echo "Usage $0 \"release\"" exit 1 fi cd "${DIR}/.." echo "Starting build" ./bootstrap.sh && \ ./configure && \ make dist && \ ( mkdir -p "${DIR}/_rpmbuild/SOURCES" cp -f google-authenticator-*.tar.gz "${DIR}/_rpmbuild/SOURCES/" rpmbuild -ba contrib/rpm.spec --define "_topdir ${DIR}/_rpmbuild" --define "_release $1" echo "==============" echo "Available RPMs" find "${DIR}/_rpmbuild/" -type f -name 'google-authenticator*.rpm' ) || (echo "Something went wrong"; exit 1) exit 0 07070100000014000081A40000000000000000000000016627DD810000061B000000000000000000000000000000000000003500000000google-authenticator-libpam-1.10/contrib/rpm.spec.inName: @PACKAGE_NAME@ Version: @VERSION@ %if %{?_release:1}0 Release: %{_release}%{?dist} %else Release: 1%{?dist} %endif Summary: One-time passcode support using open standards License: ASL 2.0 URL: https://github.com/google/google-authenticator Source0: %{name}-%{version}.tar.gz BuildRequires: gcc BuildRequires: pam-devel BuildRequires: libtool %description The Google Authenticator package contains a pluggable authentication module (PAM) which allows login using one-time passcodes conforming to the open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth). Passcode generators are available (separately) for several mobile platforms. These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. %prep %setup -q %build %configure --libdir=/%{_lib} make %{?_smp_mflags} %install rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT rm $RPM_BUILD_ROOT/%{_lib}/security/pam_google_authenticator.la %files /%{_lib}/security/pam_google_authenticator.so %{_bindir}/%{name} %{_defaultdocdir}/%{name}/README.md %{_defaultdocdir}/%{name}/totp.html %{_defaultdocdir}/%{name}/FILEFORMAT %{_mandir}/man1/* %{_mandir}/man8/* %changelog * Fri Aug 18 2017 Niels Basjes <niels@basjes.nl> - 1.04 - Added installing man pages * Wed Jan 13 2016 Dan Molik <dan@d3fy.net> - 1.01 - A new and updated build for google-authenticator 07070100000015000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000002A00000000google-authenticator-libpam-1.10/examples07070100000016000081A40000000000000000000000016627DD810000137F000000000000000000000000000000000000003100000000google-authenticator-libpam-1.10/examples/demo.c// Demo wrapper for the PAM module. This is part of the Google Authenticator // project. // // Copyright 2011 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // #include "config.h" #include <assert.h> #include <fcntl.h> #include <security/pam_appl.h> #include <security/pam_modules.h> #include <setjmp.h> #include <signal.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/resource.h> #include <sys/time.h> #include <termios.h> #include <unistd.h> #if !defined(PAM_BAD_ITEM) // FreeBSD does not know about PAM_BAD_ITEM. And PAM_SYMBOL_ERR is an "enum", // we can't test for it at compile-time. #define PAM_BAD_ITEM PAM_SYMBOL_ERR #endif static struct termios old_termios; static int jmpbuf_valid; static sigjmp_buf jmpbuf; static int conversation(int num_msg, PAM_CONST struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { if (num_msg == 1 && (msg[0]->msg_style == PAM_PROMPT_ECHO_OFF || msg[0]->msg_style == PAM_PROMPT_ECHO_ON)) { *resp = malloc(sizeof(struct pam_response)); assert(*resp); (*resp)->resp = calloc(1024, 1); struct termios termios = old_termios; if (msg[0]->msg_style == PAM_PROMPT_ECHO_OFF) { termios.c_lflag &= ~(ECHO|ECHONL); } sigsetjmp(jmpbuf, 1); jmpbuf_valid = 1; sigset_t mask; sigemptyset(&mask); sigaddset(&mask, SIGTSTP); assert(!sigprocmask(SIG_UNBLOCK, &mask, NULL)); printf("%s ", msg[0]->msg); assert(!tcsetattr(0, TCSAFLUSH, &termios)); assert(fgets((*resp)->resp, 1024, stdin)); assert(!tcsetattr(0, TCSAFLUSH, &old_termios)); puts(""); assert(!sigprocmask(SIG_BLOCK, &mask, NULL)); jmpbuf_valid = 0; char *ptr = strrchr((*resp)->resp, '\n'); if (ptr) { *ptr = '\000'; } (*resp)->resp_retcode = 0; return PAM_SUCCESS; } if (num_msg == 1 && msg[0]->msg_style == PAM_ERROR_MSG) { printf("Error message to user: %s\n", msg[0]->msg); return PAM_SUCCESS; } return PAM_CONV_ERR; } #ifdef sun #define PAM_CONST #else #define PAM_CONST const #endif int pam_get_user(pam_handle_t *pamh, PAM_CONST char **user, const char *prompt) { return pam_get_item(pamh, PAM_USER, (void *)user); } int pam_get_item(const pam_handle_t *pamh, int item_type, PAM_CONST void **item) { switch (item_type) { case PAM_SERVICE: { static const char service[] = "google_authenticator_demo"; *item = service; return PAM_SUCCESS; } case PAM_USER: { char *user = getenv("USER"); *item = user; return PAM_SUCCESS; } case PAM_CONV: { static struct pam_conv conv = { .conv = conversation }, *p_conv = &conv; *item = p_conv; return PAM_SUCCESS; } default: return PAM_BAD_ITEM; } } int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) { switch (item_type) { case PAM_AUTHTOK: return PAM_SUCCESS; default: return PAM_BAD_ITEM; } } static void print_diagnostics(int signo) { extern const char *get_error_msg(void); assert(!tcsetattr(0, TCSAFLUSH, &old_termios)); fprintf(stderr, "%s\n", get_error_msg()); _exit(1); } static void reset_console(int signo) { assert(!tcsetattr(0, TCSAFLUSH, &old_termios)); puts(""); _exit(1); } static void stop(int signo) { assert(!tcsetattr(0, TCSAFLUSH, &old_termios)); puts(""); raise(SIGSTOP); } static void cont(int signo) { if (jmpbuf_valid) { siglongjmp(jmpbuf, 0); } } int main(int argc, char *argv[]) { extern int pam_sm_authenticate(pam_handle_t *, int, int, const char **); // Try to redirect stdio to /dev/tty int fd = open("/dev/tty", O_RDWR); if (fd >= 0) { dup2(fd, 0); dup2(fd, 1); dup2(fd, 2); close(fd); } // Disable core files assert(!setrlimit(RLIMIT_CORE, (struct rlimit []){ { 0, 0 } })); // Set up error and job control handlers assert(!tcgetattr(0, &old_termios)); sigset_t mask; sigemptyset(&mask); sigaddset(&mask, SIGTSTP); assert(!sigprocmask(SIG_BLOCK, &mask, NULL)); assert(!signal(SIGABRT, print_diagnostics)); assert(!signal(SIGINT, reset_console)); assert(!signal(SIGTSTP, stop)); assert(!signal(SIGCONT, cont)); // Attempt login if (pam_sm_authenticate(NULL, 0, argc-1, (const char **)argv+1) != PAM_SUCCESS) { fprintf(stderr, "Login failed\n"); abort(); } return 0; } 07070100000017000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000002500000000google-authenticator-libpam-1.10/man07070100000018000081A40000000000000000000000016627DD8100001789000000000000000000000000000000000000003C00000000google-authenticator-libpam-1.10/man/google-authenticator.1.\" Automatically generated by Pandoc 1.16.0.2 .\" .TH "GOOGLE\-AUTHENTICATOR" "1" "" "Google two\-factor authentication user manual" "" .hy .SH NAME .PP google\-authenticator \- initialize one\-time passcodes for the current user .SH SYNOPSIS .PP google\-authenticator [\f[I]options\f[]] .PP If no option is provided on the command line, google\-authenticator(1) will ask interactively the user for the more important options. .SH DESCRIPTION .PP The google\-authenticator(1) command creates a new secret key in the current user\[aq]s home directory. By default, this secret key and all settings will be stored in \f[C]~/.google_authenticator\f[]. .PP If the system supports the \f[C]libqrencode\f[] library, a QRCode will be shown, that can be scanned using the Android Google Authenticator application. If the system does not have this library, google\-authenticator(1) outputs an URL that can be followed using a web browser. Alternatively, the alphanumeric secret key is also outputted and thus can be manually entered into the Android Google Authenticator application. .PP In either case, after the key has been added, the verification value should be checked. To do that, the user must click\-and\-hold the added entry on its Android system until the context menu shows. Then, the user checks that the displayed key\[aq]s verification value matches the one provided by google\-authenticator(1). Please note that this feature might not be available in all builds of the Android application. .PP Each time the user logs into the system, he will now be prompted for the TOTP code (time based one\-time\-password) or HOTP (counter\-based one\-time\-password), depending on options given to google\-authenticator(1), after having entered its normal user id and its normal UNIX account password. .SH OPTIONS .PP The main option consists of choosing the authentication token type: either time based or counter\-based. .TP .B \-c, \-\-counter\-based Set up counter\-based verification. .RS .RE .TP .B \-t, \-\-time\-based Set up time\-based verification. .RS .RE .PP From this choice depends the available options. .SS Counter\-based specific options .PP Those settings are only relevant for counter\-based one\-time\-password (HOTP): .TP .B \-w, \-\-window\-size=\f[I]W\f[] Set window of concurrently valid codes. .RS .PP By default, three tokens are valid at any one time. This accounts for generated\-but\-not\-used tokens and failed login attempts. In order to decrease the likelihood of synchronization problems, this window can be increased from its default size of 3. .PP The window size must be between 1 and 21. .RE .TP .B \-W, \-\-minimal\-window Disable window of concurrently valid codes. .RS .RE .SS Time\-based specific options .PP Those settings are only relevant for time\-based one\-time\-password (TOTP): .TP .B \-D, \-\-allow\-reuse, \-d, \-\-disallow\-reuse (Dis)allow multiple uses of the same authentication token. .RS .PP This restricts the user to one login about every 30 seconds, but it increases the chances to notice or even prevent man\-in\-the\-middle attacks. .RE .TP .B \-w, \-\-window\-size=\f[I]W\f[] Set window of concurrently valid codes. .RS .PP By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time\-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client. .PP For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server. .PP The window size must be between 1 and 21. .RE .TP .B \-W, \-\-minimal\-window Disable window of concurrently valid codes. .RS .RE .TP .B \-S, \-\-step\-size=\f[I]S\f[] Set interval between token refreshes to \f[I]S\f[] seconds. .RS .PP By default, time\-based tokens are generated every 30 seconds. A non\-standard value can be configured in case a different time\-step value must be used. .PP The time interval must be between 1 and 60 seconds. .RE .SS General options .TP .B \-s, \-\-secret=\f[I]FILE\f[] Specify a non\-standard file location for the secret key and settings. .RS .RE .TP .B \-f, \-\-force Write secret key and settings without first confirming with user. .RS .RE .TP .B \-l, \-\-label=\f[I]LABEL\f[] Override the default label in \f[C]otpauth://\f[] URL. .RS .RE .TP .B \-i, \-\-issuer=\f[I]ISSUER\f[] Override the default issuer in \f[C]otpauth://\f[] URL. .RS .RE .TP .B \-Q, \-\-qr\-mode=\f[I]none|ansi|utf8\f[] QRCode output mode. .RS .PP Suppress the QRCode output (\f[I]none\f[]), or output QRCode using either ANSI colors (\f[I]ansi\f[]), or Unicode block elements (\f[I]utf8\f[]). .PP Unicode block elements makes the QRCode much smaller, which is often easier to scan. Unfortunately, many terminal emulators do not display these Unicode characters properly. .RE .TP .B \-r, \-\-rate\-limit=\f[I]N\f[], \-R, \-\-rate\-time=\f[I]M\f[], \-u, \-\-no\-rate\-limit Disable rate\-limiting, or limit logins to N per every M seconds. .RS .PP If the system isn\[aq]t hardened against brute\-force login attempts, rate\-limiting can be enabled for the authentication module: no more than \f[I]N\f[] login attempts every \f[I]M\f[] seconds. .PP The rate limit must be between 1 and 10 attempts. The rate time must be between 15 and 600 seconds. .RE .TP .B \-e, \-\-emergency\-codes=\f[I]N\f[] Generate \f[I]N\f[] emergency codes. .RS .PP A maximum of 10 emergency codes can be generated. .RE .TP .B \-q, \-\-quiet Quiet mode. .RS .RE .TP .B \-h, \-\-help Print the help message. .RS .RE .SH SEE ALSO .PP The Google Authenticator source code and all documentation may be downloaded from <https://github.com/google/google-authenticator-libpam>. 07070100000019000081A40000000000000000000000016627DD81000015B3000000000000000000000000000000000000003F00000000google-authenticator-libpam-1.10/man/google-authenticator.1.md% GOOGLE-AUTHENTICATOR(1) Google two-factor authentication user manual # NAME google-authenticator - initialize one-time passcodes for the current user # SYNOPSIS google-authenticator [*options*] If no option is provided on the command line, google-authenticator(1) will ask interactively the user for the more important options. # DESCRIPTION The google-authenticator(1) command creates a new secret key in the current user's home directory. By default, this secret key and all settings will be stored in `~/.google_authenticator`. If the system supports the `libqrencode` library, a QRCode will be shown, that can be scanned using the Android Google Authenticator application. If the system does not have this library, google-authenticator(1) outputs an URL that can be followed using a web browser. Alternatively, the alphanumeric secret key is also outputted and thus can be manually entered into the Android Google Authenticator application. In either case, after the key has been added, the verification value should be checked. To do that, the user must click-and-hold the added entry on its Android system until the context menu shows. Then, the user checks that the displayed key's verification value matches the one provided by google-authenticator(1). Please note that this feature might not be available in all builds of the Android application. Each time the user logs into the system, he will now be prompted for the TOTP code (time based one-time-password) or HOTP (counter-based one-time-password), depending on options given to google-authenticator(1), after having entered its normal user id and its normal UNIX account password. # OPTIONS The main option consists of choosing the authentication token type: either time based or counter-based. -c, --counter-based : Set up counter-based verification. -t, --time-based : Set up time-based verification. From this choice depends the available options. ## Counter-based specific options Those settings are only relevant for counter-based one-time-password (HOTP): -w, --window-size=*W* : Set window of concurrently valid codes. By default, three tokens are valid at any one time. This accounts for generated-but-not-used tokens and failed login attempts. In order to decrease the likelihood of synchronization problems, this window can be increased from its default size of 3. The window size must be between 1 and 21. -W, --minimal-window : Disable window of concurrently valid codes. ## Time-based specific options Those settings are only relevant for time-based one-time-password (TOTP): -D, --allow-reuse, -d, --disallow-reuse : (Dis)allow multiple uses of the same authentication token. This restricts the user to one login about every 30 seconds, but it increases the chances to notice or even prevent man-in-the-middle attacks. -w, --window-size=*W* : Set window of concurrently valid codes. By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client. For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server. The window size must be between 1 and 21. -W, --minimal-window : Disable window of concurrently valid codes. -S, --step-size=*S* : Set interval between token refreshes to *S* seconds. By default, time-based tokens are generated every 30 seconds. A non-standard value can be configured in case a different time-step value must be used. The time interval must be between 1 and 60 seconds. ## General options -s, --secret=*FILE* : Specify a non-standard file location for the secret key and settings. -f, --force : Write secret key and settings without first confirming with user. -l, --label=*LABEL* : Override the default label in `otpauth://` URL. -i, --issuer=*ISSUER* : Override the default issuer in `otpauth://` URL. -Q, --qr-mode=*none|ansi|utf8* : QRCode output mode. Suppress the QRCode output (*none*), or output QRCode using either ANSI colors (*ansi*), or Unicode block elements (*utf8*). Unicode block elements makes the QRCode much smaller, which is often easier to scan. Unfortunately, many terminal emulators do not display these Unicode characters properly. -r, --rate-limit=*N*, -R, --rate-time=*M*, -u, --no-rate-limit : Disable rate-limiting, or limit logins to N per every M seconds. If the system isn't hardened against brute-force login attempts, rate-limiting can be enabled for the authentication module: no more than *N* login attempts every *M* seconds. The rate limit must be between 1 and 10 attempts. The rate time must be between 15 and 600 seconds. -e, --emergency-codes=*N* : Generate *N* emergency codes. A maximum of 10 emergency codes can be generated. -q, --quiet : Quiet mode. -h, --help : Print the help message. # SEE ALSO The Google Authenticator source code and all documentation may be downloaded from <https://github.com/google/google-authenticator-libpam>. 0707010000001A000081A40000000000000000000000016627DD8100001A4A000000000000000000000000000000000000004000000000google-authenticator-libpam-1.10/man/pam_google_authenticator.8.\" Automatically generated by Pandoc 1.16.0.2 .\" .TH "PAM_GOOGLE_AUTHENTICATOR" "8" "" "Google Authenticator PAM module manual" "" .hy .SH NAME .PP pam_google_authenticator \- PAM module for Google two\-factor authentication .SH SYNOPSIS .PP \f[B]pam_google_authenticator.so\f[] [secret=\f[I]file\f[]] [authtok_prompt=\f[I]prompt\f[]] [user=\f[I]username\f[]] [no_strict_owner] [allowed_perm=\f[I]0nnn\f[]] [debug] [try_first_pass|use_first_pass|forward_pass] [noskewadj] [no_increment_hotp] [nullok] [echo_verification_code] .SH DESCRIPTION .PP The \f[B]pam_google_authenticator\f[] module is designed to protect user authentication with a second factor, either time\-based (TOTP) or counter\-based (HOTP). Prior logging in, the user will be asked for both its password and a one\-time code. Such one\-time codes can be generated with the Google Authenticator application, installed on the user\[aq]s Android device. To respectively generate and verify those one\-time codes, a secret key (randomly generated) must be shared between the device on which one\-time codes are generated and the system on which this PAM module is enabled. .PP Depending on its configuration (see \f[I]options\f[] section), this module requires that a secret file is manually set up for each account on the system. This secret file holds the secret key and user\-specific options (see \f[B]google\-authenticator\f[](1)). Unless the \f[B]nullok\f[] option is used, authentication tries will be rejected if such secret file doesn\[aq]t exist. Alternatively, a system administrator may create those secret files on behalf of the users and then communicates to them the secret keys. .SH OPTIONS .TP .B secret=\f[I]file\f[] Specify a non\-standard file location for the secret file. .RS .PP By default, the PAM module looks for the secret file in the \f[C]\&.google_authenticator\f[] file within the home of the user logging in. This option overrides this location. .PP The provided location may include the following short\-hands: .IP \[bu] 2 \f[B]${USER}\f[] that will be interpreted as the username. .IP \[bu] 2 \f[B]${HOME}\f[] and \f[B]~\f[] that will be interpreted as the user\[aq]s home directory. .RE .TP .B authtok_prompt=\f[I]prompt\f[] Override default token prompt. .RS .PP Note that if spaces are present in the provided prompt, the whole argument must be wrapped in square brackets. .RE .TP .B user=\f[I]username\f[] Switch to a hard\-coded user prior to doing any file operation. .RS .RE .TP .B no_strict_owner Disable the check against the secret file\[aq]s owner. .RS .PP By default, the secret file must be owned by the user logging in. This option disables this check. .RE .TP .B allowed_perm=\f[I]0nnn\f[] Override checked permissions of the secret file. .RS .PP By default, the secret file must be readable only by its owner (ie. mode \f[I]0600\f[]). This option allows a different mode to be specified for this file. .RE .TP .B debug Enable more verbose log messages in syslog. .RS .RE .TP .B try_first_pass|use_first_pass|forward_pass Stacking options for this PAM module. .RS .PP Because some PAM clients cannot prompt the user for more than just the password, the following stacking options may be used: .IP \[bu] 2 \f[B]try_first_pass\f[]: before prompting the user for the one\-time code, this module first tries the previous stacked module\[aq]s password in case that satisfies this module as well. .IP \[bu] 2 \f[B]use_first_pass\f[]: force this module to use a previous stacked modules password. With this option, this module will never prompt the user for the one\-time code. Thus, if no valid one\-time code is available, the user will be denied access. .IP \[bu] 2 \f[B]forward_pass\f[]: query the user for both the system password and the verification code in a single prompt. The system password is then forwarded to the next PAM module, which will have to be configured with either the \f[B]use_first_pass\f[] option, or the \f[B]try_first_pass\f[] option. .RE .TP .B noskewadj Don\[aq]t adjust time skew automatically. .RS .PP By default, the PAM module makes an attempt to compensate for time skew between the server and the device on which one\-time passcodes are generated. This option disable this behavior. .PP Note that this option is only relevant for time\-based (TOTP) mode. .RE .TP .B no_increment_hotp Don\[aq]t increment the counter for failed attempts. .RS .PP In some circonstance, failed passwords still get an OTP prompt. This option disables counter incrementation is such situations. .PP Note that this option is only relevant for counter\-based (HOTP) mode. .RE .TP .B nullok Allow users to log in without OTP, if they haven\[aq]t set up OTP yet. .RS .PP During the initial roll\-out process, all users may not have created a secret key yet. This option allows them to log in, even if the secret file doesn\[aq]t exist. .RE .TP .B echo_verification_code Echo the verification code when it is entered by the user. .RS .RE .SH MODULE TYPE PROVIDED .PP Only the \f[B]auth\f[] module type is provided. .SH RETURN VALUES .TP .B PAM_SUCCESS Either the provided one\-time code is correct or is a valid emergency code. .RS .RE .TP .B PAM_IGNORE This module is ignored. .RS .RE .TP .B PAM_AUTH_ERR The provided one\-time code isn\[aq]t correct and isn\[aq]t a valid emergency code, or an error was encountered. .RS .RE .SH EXAMPLES .PP The following lines may be used to enable this PAM module: .IP \[bu] 2 \f[C]auth\ required\ pam_google_authenticator.so\ no_increment_hotp\f[] # Make sure the counter (for HOTP mode) isn\[aq]t incremented for failed attempts. .IP \[bu] 2 \f[C]auth\ required\ pam_google_authenticator.so\ nullok\f[] # Allow users to log in if their secret files don\[aq]t exist .IP \[bu] 2 \f[C]auth\ required\ pam_google_authenticator.so\ secret=/var/unencrypted\-home/${USER}/.google_authenticator\f[] # Store secret files in a specific location .IP \[bu] 2 \f[C]auth\ required\ pam_google_authenticator.so\ [authtok_prompt=Your\ secret\ token:\ ]\f[] # Use a specific prompt .IP \[bu] 2 \f[C]auth\ required\ pam_google_authenticator.so\ noskewadj\f[] # Don\[aq]t compensate time skew automatically .SH SECURITY NOTES .PP For highest security, make sure that both password and one\-time code are being requested even if password and/or one\-time code are incorrect. This means that \f[I]at least\f[] the first of \f[C]pam_unix.so\f[] (or whatever other module is used to verify passwords) and \f[C]pam_google_authenticator.so\f[] should be set as \f[B]required\f[], not \f[B]requisite\f[]. .SH SEE ALSO .PP \f[B]google\-authenticator\f[](1). .PP The Google Authenticator source code and all documentation may be downloaded from <https://github.com/google/google-authenticator-libpam>. 0707010000001B000081A40000000000000000000000016627DD810000182B000000000000000000000000000000000000004300000000google-authenticator-libpam-1.10/man/pam_google_authenticator.8.md% PAM_GOOGLE_AUTHENTICATOR(8) Google Authenticator PAM module manual # NAME pam_google_authenticator - PAM module for Google two-factor authentication # SYNOPSIS **pam_google_authenticator.so** [secret=*file*] [authtok_prompt=*prompt*] [user=*username*] [no_strict_owner] [allowed_perm=*0nnn*] [debug] [try_first_pass|use_first_pass|forward_pass] [noskewadj] [no_increment_hotp] [nullok] [echo_verification_code] # DESCRIPTION The **pam_google_authenticator** module is designed to protect user authentication with a second factor, either time-based (TOTP) or counter-based (HOTP). Prior logging in, the user will be asked for both its password and a one-time code. Such one-time codes can be generated with the Google Authenticator application, installed on the user's Android device. To respectively generate and verify those one-time codes, a secret key (randomly generated) must be shared between the device on which one-time codes are generated and the system on which this PAM module is enabled. Depending on its configuration (see *options* section), this module requires that a secret file is manually set up for each account on the system. This secret file holds the secret key and user-specific options (see **google-authenticator**(1)). Unless the **nullok** option is used, authentication tries will be rejected if such secret file doesn't exist. Alternatively, a system administrator may create those secret files on behalf of the users and then communicates to them the secret keys. # OPTIONS secret=*file* : Specify a non-standard file location for the secret file. By default, the PAM module looks for the secret file in the `.google_authenticator` file within the home of the user logging in. This option overrides this location. The provided location may include the following short-hands: - **\${USER}** that will be interpreted as the username. - **\${HOME}** and **~** that will be interpreted as the user's home directory. authtok_prompt=*prompt* : Override default token prompt. Note that if spaces are present in the provided prompt, the whole argument must be wrapped in square brackets. user=*username* : Switch to a hard-coded user prior to doing any file operation. no_strict_owner : Disable the check against the secret file's owner. By default, the secret file must be owned by the user logging in. This option disables this check. allowed_perm=*0nnn* : Override checked permissions of the secret file. By default, the secret file must be readable only by its owner (ie. mode *0600*). This option allows a different mode to be specified for this file. debug : Enable more verbose log messages in syslog. try_first_pass|use_first_pass|forward_pass : Stacking options for this PAM module. Because some PAM clients cannot prompt the user for more than just the password, the following stacking options may be used: - **try_first_pass**: before prompting the user for the one-time code, this module first tries the previous stacked module's password in case that satisfies this module as well. - **use_first_pass**: force this module to use a previous stacked modules password. With this option, this module will never prompt the user for the one-time code. Thus, if no valid one-time code is available, the user will be denied access. - **forward_pass**: query the user for both the system password and the verification code in a single prompt. The system password is then forwarded to the next PAM module, which will have to be configured with either the **use_first_pass** option, or the **try_first_pass** option. noskewadj : Don't adjust time skew automatically. By default, the PAM module makes an attempt to compensate for time skew between the server and the device on which one-time passcodes are generated. This option disable this behavior. Note that this option is only relevant for time-based (TOTP) mode. no_increment_hotp : Don't increment the counter for failed attempts. In some circonstance, failed passwords still get an OTP prompt. This option disables counter incrementation is such situations. Note that this option is only relevant for counter-based (HOTP) mode. nullok : Allow users to log in without OTP, if they haven't set up OTP yet. During the initial roll-out process, all users may not have created a secret key yet. This option allows them to log in, even if the secret file doesn't exist. echo_verification_code : Echo the verification code when it is entered by the user. # MODULE TYPE PROVIDED Only the **auth** module type is provided. # RETURN VALUES PAM_SUCCESS : Either the provided one-time code is correct or is a valid emergency code. PAM_IGNORE : This module is ignored. PAM_AUTH_ERR : The provided one-time code isn't correct and isn't a valid emergency code, or an error was encountered. # EXAMPLES The following lines may be used to enable this PAM module: - `auth required pam_google_authenticator.so no_increment_hotp` # Make sure the counter (for HOTP mode) isn't incremented for failed attempts. - `auth required pam_google_authenticator.so nullok` # Allow users to log in if their secret files don't exist - `auth required pam_google_authenticator.so secret=/var/unencrypted-home/${USER}/.google_authenticator` # Store secret files in a specific location - `auth required pam_google_authenticator.so [authtok_prompt=Your secret token: ]` # Use a specific prompt - `auth required pam_google_authenticator.so noskewadj` # Don't compensate time skew automatically # SECURITY NOTES For highest security, make sure that both password and one-time code are being requested even if password and/or one-time code are incorrect. This means that *at least* the first of `pam_unix.so` (or whatever other module is used to verify passwords) and `pam_google_authenticator.so` should be set as **required**, not **requisite**. # SEE ALSO **google-authenticator**(1). The Google Authenticator source code and all documentation may be downloaded from <https://github.com/google/google-authenticator-libpam>. 0707010000001C000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000002500000000google-authenticator-libpam-1.10/src0707010000001D000081A40000000000000000000000016627DD81000009B9000000000000000000000000000000000000002E00000000google-authenticator-libpam-1.10/src/base32.c// Base32 implementation // // Copyright 2010 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include <string.h> #include "base32.h" int base32_decode(const uint8_t *encoded, uint8_t *result, int bufSize) { unsigned int buffer = 0; int bitsLeft = 0; int count = 0; for (const uint8_t *ptr = encoded; count < bufSize && *ptr; ++ptr) { uint8_t ch = *ptr; if (ch == ' ' || ch == '\t' || ch == '\r' || ch == '\n' || ch == '-') { continue; } buffer <<= 5; // Deal with commonly mistyped characters if (ch == '0') { ch = 'O'; } else if (ch == '1') { ch = 'L'; } else if (ch == '8') { ch = 'B'; } // Look up one base32 digit if ((ch >= 'A' && ch <= 'Z') || (ch >= 'a' && ch <= 'z')) { ch = (ch & 0x1F) - 1; } else if (ch >= '2' && ch <= '7') { ch -= '2' - 26; } else { return -1; } buffer |= ch; bitsLeft += 5; if (bitsLeft >= 8) { result[count++] = buffer >> (bitsLeft - 8); bitsLeft -= 8; } } if (count < bufSize) { result[count] = '\000'; } return count; } int base32_encode(const uint8_t *data, int length, uint8_t *result, int bufSize) { if (length < 0 || length > (1 << 28)) { return -1; } int count = 0; if (length > 0) { unsigned int buffer = data[0]; int next = 1; int bitsLeft = 8; while (count < bufSize && (bitsLeft > 0 || next < length)) { if (bitsLeft < 5) { if (next < length) { buffer <<= 8; buffer |= data[next++] & 0xFF; bitsLeft += 8; } else { int pad = 5 - bitsLeft; buffer <<= pad; bitsLeft += pad; } } int index = 0x1F & (buffer >> (bitsLeft - 5)); bitsLeft -= 5; result[count++] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"[index]; } } if (count < bufSize) { result[count] = '\000'; } return count; } 0707010000001E000081A40000000000000000000000016627DD810000056B000000000000000000000000000000000000002E00000000google-authenticator-libpam-1.10/src/base32.h// Base32 implementation // // Copyright 2010 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // // Encode and decode from base32 encoding using the following alphabet: // ABCDEFGHIJKLMNOPQRSTUVWXYZ234567 // This alphabet is documented in RFC 4648/3548 // // We allow white-space and hyphens, but all other characters are considered // invalid. // // All functions return the number of output bytes or -1 on error. If the // output buffer is too small, the result will silently be truncated. #ifndef _BASE32_H_ #define _BASE32_H_ #include <stdint.h> int base32_decode(const uint8_t *encoded, uint8_t *result, int bufSize) __attribute__((visibility("hidden"))); int base32_encode(const uint8_t *data, int length, uint8_t *result, int bufSize) __attribute__((visibility("hidden"))); #endif /* _BASE32_H_ */ 0707010000001F000081A40000000000000000000000016627DD81000016CC000000000000000000000000000000000000003300000000google-authenticator-libpam-1.10/src/base32_prog.c// Base32 utility program // // Copyright 2015 TWO SIGMA OPEN SOURCE, LLC // Author: Eric Haszlakiewicz // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include "config.h" #include <err.h> #include <errno.h> #include <fcntl.h> #include <getopt.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <sys/stat.h> #include "base32.h" /* * Convert arbitrary input from a file to base-32 encoded output on stdout. * Decode base-32 input from a file or from the command line to arbitrary * output on stdout. * * ~/google-authenticator/libpam/base32 e $(awk '{ print $2 }' < gauth.seed | xxd -r -p) */ enum modes { ENCODE_NONE = 0, ENCODE_FILE = 1, DECODE_FILE = 2, DECODE_STRING = 3, }; static void usage(const char *argv0, int exitval, char *errmsg) __attribute__((noreturn)); static void usage(const char *argv0, int exitval, char *errmsg) { FILE *f = stdout; if (errmsg) { fprintf(stderr, "ERROR: %s\n", errmsg); f = stderr; } fprintf(f, "Usage: %s -e [<file>]\n", argv0); fprintf(f, "Usage: %s -d [<file>]\n", argv0); fprintf(f, "Usage: %s -D <value>\n", argv0); fprintf(f, " Emits <value> encoded in/decoded from base-32 on stdout.\n"); fprintf(f, " When encoding, the file should contain raw binary data.\n"); fprintf(f, " If no filename is specified, it reads from stdin.\n"); fprintf(f, " All output is written to stdout.\n"); exit(exitval); } /* Write the full contents of buf to the given file descriptor, * even across multiple short writes. * If write() fails, exit with an error. */ static void full_write(int fd, uint8_t *buf, size_t remaining) { ssize_t offset, written; for (offset = 0; remaining != 0; remaining -= written, offset += written) { if ((written = write(fd, buf + offset, remaining)) < 0) { err(1, "Failed to write to stdout"); } } } int main(int argc, char *argv[]) { int c; int mode = ENCODE_NONE; while ((c = getopt(argc, argv, "edDh")) != -1) { switch (c) { case 'e': mode = ENCODE_FILE; break; case 'd': mode = DECODE_FILE; break; case 'D': mode = DECODE_STRING; break; case 'h': usage(argv[0], 0, NULL); break; default: usage(argv[0], 1, "Unknown command line argument"); break; } } if (mode == ENCODE_NONE) { usage(argv[0], 1, "A mode of operation must be chosen."); } int retval; if (mode == ENCODE_FILE || mode == DECODE_FILE) { if (argc - optind > 1) { usage(argv[0], 1, "Too many args"); } const char *binfile = (optind < argc) ? argv[optind] : "-"; const int d = strcmp(binfile, "-") == 0 ? STDIN_FILENO : open(binfile, O_RDONLY); if (d < 0) { err(1, "Failed to open %s: %s\n", binfile, strerror(errno)); } struct stat st; memset(&st, 0, sizeof(st)); if (fstat(d, &st) < 0 || st.st_size == 0) { st.st_size = 5 * 1024; // multiple of 5 to avoid internal padding // AND multiple of 8 to ensure we feed // valid data to base32_decode(). } const size_t bufsize = st.st_size + 1; if (bufsize < st.st_size) { err(1, "Integer overflow in input size"); } uint8_t *input = malloc(bufsize); if (!input) { err(1, "Failed to allocate memory"); } int amt_read; const int amt_to_read = st.st_size; errno = 0; while ((amt_read = read(d, input, amt_to_read)) > 0 || errno == EINTR) { if (errno == EINTR) { continue; } // Encoding: 8 bytes out for every 5 input, plus up to 6 padding, and nul // Decoding: up to 5 bytes out for every 8 input. const int result_avail = (mode == ENCODE_FILE) ? ((amt_read + 4) / 5 * 8 + 6 + 1) : ((amt_read + 7) / 8 * 5) ; uint8_t *result = malloc(result_avail); input[amt_read] = '\0'; if (mode == ENCODE_FILE) { retval = base32_encode(input, amt_read, result, result_avail); } else { retval = base32_decode(input, result, result_avail); } if (retval < 0) { fprintf(stderr, "%s failed. Input too long?\n", (mode == ENCODE_FILE) ? "base32_encode" : "base32_decode"); exit(1); } //printf("%s", result); full_write(STDOUT_FILENO, result, retval); fflush(stdout); free(result); } free(input); if (amt_read < 0) { err(1, "Failed to read from %s: %s\n", binfile, strerror(errno)); } if (mode == ENCODE_FILE) { printf("\n"); } } else { // mode == DECODE_STRING if (argc - optind < 1) { usage(argv[0], 1, "Not enough args"); } const char *base32_value = argv[2]; const int result_avail = strlen(base32_value) + 1; if (result_avail < strlen(base32_value)) { err(1, "Integer overflow in input size"); } uint8_t *result = malloc(result_avail); retval = base32_decode((uint8_t *)base32_value, result, result_avail); if (retval < 0) { fprintf(stderr, "base32_decode failed. Input too long?\n"); exit(1); } full_write(STDOUT_FILENO, result, retval); free(result); } return 0; } /* ---- Emacs Variables ---- * Local Variables: * c-basic-offset: 2 * indent-tabs-mode: nil * End: */ 07070100000020000081A40000000000000000000000016627DD810000755D000000000000000000000000000000000000003C00000000google-authenticator-libpam-1.10/src/google-authenticator.c// Helper program to generate a new secret for use in two-factor // authentication. // // Copyright 2010 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include "config.h" #include <assert.h> #include <dlfcn.h> #include <errno.h> #include <fcntl.h> #include <getopt.h> #include <pwd.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/stat.h> #include <sys/types.h> #include <time.h> #include <unistd.h> #include "base32.h" #include "hmac.h" #include "sha1.h" #define SECRET "/.google_authenticator" #define SECRET_BITS 128 // Must be divisible by eight #define VERIFICATION_CODE_MODULUS (1000*1000) // Six digits #define SCRATCHCODES 5 // Default number of initial scratchcodes #define MAX_SCRATCHCODES 10 // Max number of initial scratchcodes #define SCRATCHCODE_LENGTH 8 // Eight digits per scratchcode #define BYTES_PER_SCRATCHCODE 4 // 32bit of randomness is enough #define BITS_PER_BASE32_CHAR 5 // Base32 expands space by 8/5 static enum { QR_UNSET=0, QR_NONE, QR_ANSI, QR_UTF8 } qr_mode = QR_UNSET; static int generateCode(const char *key, unsigned long tm) { uint8_t challenge[8]; for (int i = 8; i--; tm >>= 8) { challenge[i] = tm; } // Estimated number of bytes needed to represent the decoded secret. Because // of white-space and separators, this is an upper bound of the real number, // which we later get as a return-value from base32_decode() int secretLen = (strlen(key) + 7)/8*BITS_PER_BASE32_CHAR; // Sanity check, that our secret will fixed into a reasonably-sized static // array. if (secretLen <= 0 || secretLen > 100) { return -1; } // Decode secret from Base32 to a binary representation, and check that we // have at least one byte's worth of secret data. uint8_t secret[100]; if ((secretLen = base32_decode((const uint8_t *)key, secret, secretLen))<1) { return -1; } // Compute the HMAC_SHA1 of the secret and the challenge. uint8_t hash[SHA1_DIGEST_LENGTH]; hmac_sha1(secret, secretLen, challenge, 8, hash, SHA1_DIGEST_LENGTH); // Pick the offset where to sample our hash value for the actual verification // code. const int offset = hash[SHA1_DIGEST_LENGTH - 1] & 0xF; // Compute the truncated hash in a byte-order independent loop. unsigned int truncatedHash = 0; for (int i = 0; i < 4; ++i) { truncatedHash <<= 8; truncatedHash |= hash[offset + i]; } // Truncate to a smaller number of digits. truncatedHash &= 0x7FFFFFFF; truncatedHash %= VERIFICATION_CODE_MODULUS; return truncatedHash; } // return the user name in heap-allocated buffer. // Caller frees. static const char *getUserName(uid_t uid) { struct passwd pwbuf, *pw; char *buf; #ifdef _SC_GETPW_R_SIZE_MAX int len = sysconf(_SC_GETPW_R_SIZE_MAX); if (len <= 0) { len = 4096; } #else int len = 4096; #endif buf = malloc(len); char *user; if (getpwuid_r(uid, &pwbuf, buf, len, &pw) || !pw) { user = malloc(32); snprintf(user, 32, "%d", uid); } else { user = strdup(pw->pw_name); if (!user) { perror("malloc()"); _exit(1); } } free(buf); return user; } static const char *urlEncode(const char *s) { const size_t size = 3 * strlen(s) + 1; if (size > 10000) { // Anything "too big" is too suspect to let through. fprintf(stderr, "Error: Generated URL would be unreasonably large.\n"); exit(1); } char *ret = malloc(size); char *d = ret; do { switch (*s) { case '%': case '&': case '?': case '=': encode: snprintf(d, size-(d-ret), "%%%02X", (unsigned char)*s); d += 3; break; default: if ((*s && *s <= ' ') || *s >= '\x7F') { goto encode; } *d++ = *s; break; } } while (*s++); char* newret = realloc(ret, strlen(ret) + 1); if (newret) { ret = newret; } return ret; } static const char *getURL(const char *secret, const char *label, const int use_totp, const char *issuer) { const char *encodedLabel = urlEncode(label); char *url; const char totp = use_totp ? 't' : 'h'; if (asprintf(&url, "otpauth://%cotp/%s?secret=%s", totp, encodedLabel, secret) < 0) { fprintf(stderr, "String allocation failed, probably running out of memory.\n"); _exit(1); } if (issuer != NULL && strlen(issuer) > 0) { // Append to URL &issuer=<issuer> const char *encodedIssuer = urlEncode(issuer); char *newUrl; if (asprintf(&newUrl, "%s&issuer=%s", url, encodedIssuer) < 0) { fprintf(stderr, "String allocation failed, probably running out of memory.\n"); _exit(1); } free((void *)encodedIssuer); free(url); url = newUrl; } free((void *)encodedLabel); return url; } #define ANSI_RESET "\x1B[0m" #define ANSI_BLACKONGREY "\x1B[30;47;27m" #define ANSI_WHITE "\x1B[27m" #define ANSI_BLACK "\x1B[7m" #define UTF8_BOTH "\xE2\x96\x88" #define UTF8_TOPHALF "\xE2\x96\x80" #define UTF8_BOTTOMHALF "\xE2\x96\x84" // Display QR code visually. If not possible, return 0. static int displayQRCode(const char* url) { void *qrencode = dlopen("libqrencode.so.2", RTLD_NOW | RTLD_LOCAL); if (!qrencode) { qrencode = dlopen("libqrencode.so.3", RTLD_NOW | RTLD_LOCAL); } if (!qrencode) { qrencode = dlopen("libqrencode.so.4", RTLD_NOW | RTLD_LOCAL); } if (!qrencode) { qrencode = dlopen("libqrencode.3.dylib", RTLD_NOW | RTLD_LOCAL); } if (!qrencode) { qrencode = dlopen("libqrencode.4.dylib", RTLD_NOW | RTLD_LOCAL); } if (!qrencode) { return 0; } typedef struct { int version; int width; unsigned char *data; } QRcode; QRcode *(*QRcode_encodeString8bit)(const char *, int, int) = (QRcode *(*)(const char *, int, int)) dlsym(qrencode, "QRcode_encodeString8bit"); void (*QRcode_free)(QRcode *qrcode) = (void (*)(QRcode *))dlsym(qrencode, "QRcode_free"); if (!QRcode_encodeString8bit || !QRcode_free) { dlclose(qrencode); return 0; } QRcode *qrcode = QRcode_encodeString8bit(url, 0, 1); const char *ptr = (char *)qrcode->data; // Output QRCode using ANSI colors. Instead of black on white, we // output black on grey, as that works independently of whether the // user runs their terminal in a black on white or white on black color // scheme. // But this requires that we print a border around the entire QR Code. // Otherwise readers won't be able to recognize it. if (qr_mode != QR_UTF8) { for (int i = 0; i < 2; ++i) { printf(ANSI_BLACKONGREY); for (int x = 0; x < qrcode->width + 4; ++x) printf(" "); puts(ANSI_RESET); } for (int y = 0; y < qrcode->width; ++y) { printf(ANSI_BLACKONGREY" "); int isBlack = 0; for (int x = 0; x < qrcode->width; ++x) { if (*ptr++ & 1) { if (!isBlack) { printf(ANSI_BLACK); } isBlack = 1; } else { if (isBlack) { printf(ANSI_WHITE); } isBlack = 0; } printf(" "); } if (isBlack) { printf(ANSI_WHITE); } puts(" "ANSI_RESET); } for (int i = 0; i < 2; ++i) { printf(ANSI_BLACKONGREY); for (int x = 0; x < qrcode->width + 4; ++x) printf(" "); puts(ANSI_RESET); } } else { // Drawing the QRCode with Unicode block elements is desirable as // it makes the code much smaller, which is often easier to scan. // Unfortunately, many terminal emulators do not display these // Unicode characters properly. printf(ANSI_BLACKONGREY); for (int i = 0; i < qrcode->width + 4; ++i) { printf(" "); } puts(ANSI_RESET); for (int y = 0; y < qrcode->width; y += 2) { printf(ANSI_BLACKONGREY" "); for (int x = 0; x < qrcode->width; ++x) { const int top = qrcode->data[y*qrcode->width + x] & 1; int bottom = 0; if (y+1 < qrcode->width) { bottom = qrcode->data[(y+1)*qrcode->width + x] & 1; } if (top) { if (bottom) { printf(UTF8_BOTH); } else { printf(UTF8_TOPHALF); } } else { if (bottom) { printf(UTF8_BOTTOMHALF); } else { printf(" "); } } } puts(" "ANSI_RESET); } printf(ANSI_BLACKONGREY); for (int i = 0; i < qrcode->width + 4; ++i) { printf(" "); } puts(ANSI_RESET); } QRcode_free(qrcode); dlclose(qrencode); return 1; } // Display to the user what they need to provision their app. static void displayEnrollInfo(const char *secret, const char *label, const int use_totp, const char *issuer) { if (qr_mode == QR_NONE) { return; } const char *url = getURL(secret, label, use_totp, issuer); // Only newer systems have support for libqrencode. So instead of requiring // it at build-time we look for it at run-time. If it cannot be found, the // user can still type the code in manually or copy the URL into // their browser. if (isatty(STDOUT_FILENO)) { if (!displayQRCode(url)) { printf( "Failed to use libqrencode to show QR code visually for scanning.\n" "Consider typing the OTP secret into your app manually.\n"); } } free((char *)url); } // ask for a code. Return code, or some garbage if no number given. That's fine // because bad data also won't match code. static int ask_code(const char* msg) { char line[128]; printf("%s ", msg); fflush(stdout); line[sizeof(line)-1] = 0; if (NULL == fgets(line, sizeof line, stdin)) { if (errno == 0) { printf("\n"); } else { perror("getline()"); } exit(1); } return strtol(line, NULL, 10); } // ask y/n, and return 0 for no, 1 for yes. static int maybe(const char *msg) { printf("\n"); for (;;) { char line[128]; printf("%s (y/n) ", msg); fflush(stdout); line[sizeof(line)-1] = 0; if (NULL == fgets(line, sizeof(line), stdin)) { if (errno == 0) { printf("\n"); } else { perror("getline()"); } exit(1); } switch (line[0]) { case 'Y': case 'y': return 1; case 'N': case 'n': return 0; } } } static char *addOption(char *buf, size_t nbuf, const char *option) { assert(strlen(buf) + strlen(option) < nbuf); char *scratchCodes = strchr(buf, '\n'); assert(scratchCodes); scratchCodes++; memmove(scratchCodes + strlen(option), scratchCodes, strlen(scratchCodes) + 1); memcpy(scratchCodes, option, strlen(option)); return buf; } static char *maybeAddOption(const char *msg, char *buf, size_t nbuf, const char *option) { if (maybe(msg)) { buf = addOption(buf, nbuf, option); } return buf; } static void print_version() { puts("google-authenticator "VERSION); } static void usage(void) { print_version(); puts( "google-authenticator [<options>]\n" " -h, --help Print this message\n" " --version Print version\n" " -c, --counter-based Set up counter-based (HOTP) verification\n" " -C, --no-confirm Don't confirm code. For non-interactive setups\n" " -t, --time-based Set up time-based (TOTP) verification\n" " -d, --disallow-reuse Disallow reuse of previously used TOTP tokens\n" " -D, --allow-reuse Allow reuse of previously used TOTP tokens\n" " -f, --force Write file without first confirming with user\n" " -l, --label=<label> Override the default label in \"otpauth://\" URL\n" " -i, --issuer=<issuer> Override the default issuer in \"otpauth://\" URL\n" " -q, --quiet Quiet mode\n" " -Q, --qr-mode={NONE,ANSI,UTF8} QRCode output mode\n" " -r, --rate-limit=N Limit logins to N per every M seconds\n" " -R, --rate-time=M Limit logins to N per every M seconds\n" " -u, --no-rate-limit Disable rate-limiting\n" " -s, --secret=<file> Specify a non-standard file location\n" " -S, --step-size=S Set interval between token refreshes\n" " -w, --window-size=W Set window of concurrently valid codes\n" " -W, --minimal-window Disable window of concurrently valid codes\n" " -e, --emergency-codes=N Number of emergency codes to generate"); } int main(int argc, char *argv[]) { uint8_t buf[SECRET_BITS/8 + MAX_SCRATCHCODES*BYTES_PER_SCRATCHCODE]; static const char hotp[] = "\" HOTP_COUNTER 1\n"; static const char totp[] = "\" TOTP_AUTH\n"; static const char disallow[] = "\" DISALLOW_REUSE\n"; static const char step[] = "\" STEP_SIZE 30\n"; static const char window[] = "\" WINDOW_SIZE 17\n"; static const char ratelimit[] = "\" RATE_LIMIT 3 30\n"; char secret[(SECRET_BITS + BITS_PER_BASE32_CHAR-1)/BITS_PER_BASE32_CHAR + 1 /* newline */ + sizeof(hotp) + // hotp and totp are mutually exclusive. sizeof(disallow) + sizeof(step) + sizeof(window) + sizeof(ratelimit) + 5 + // NN MMM (total of five digits) SCRATCHCODE_LENGTH*(MAX_SCRATCHCODES + 1 /* newline */) + 1 /* NUL termination character */]; enum { ASK_MODE, HOTP_MODE, TOTP_MODE } mode = ASK_MODE; enum { ASK_REUSE, DISALLOW_REUSE, ALLOW_REUSE } reuse = ASK_REUSE; int force = 0, quiet = 0; int r_limit = 0, r_time = 0; char *secret_fn = NULL; char *label = NULL; char *issuer = NULL; int step_size = 0; int confirm = 1; int window_size = 0; int emergency_codes = -1; int idx; for (;;) { static const char optstring[] = "+hcCtdDfl:i:qQ:r:R:us:S:w:We:"; static struct option options[] = { { "help", 0, 0, 'h' }, { "version", 0, 0, 0}, { "counter-based", 0, 0, 'c' }, { "no-confirm", 0, 0, 'C' }, { "time-based", 0, 0, 't' }, { "disallow-reuse", 0, 0, 'd' }, { "allow-reuse", 0, 0, 'D' }, { "force", 0, 0, 'f' }, { "label", 1, 0, 'l' }, { "issuer", 1, 0, 'i' }, { "quiet", 0, 0, 'q' }, { "qr-mode", 1, 0, 'Q' }, { "rate-limit", 1, 0, 'r' }, { "rate-time", 1, 0, 'R' }, { "no-rate-limit", 0, 0, 'u' }, { "secret", 1, 0, 's' }, { "step-size", 1, 0, 'S' }, { "window-size", 1, 0, 'w' }, { "minimal-window", 0, 0, 'W' }, { "emergency-codes", 1, 0, 'e' }, { 0, 0, 0, 0 } }; idx = -1; const int c = getopt_long(argc, argv, optstring, options, &idx); if (c > 0) { for (int i = 0; options[i].name; i++) { if (options[i].val == c) { idx = i; break; } } } else if (c < 0) { break; } if (idx-- <= 0) { // Help (or invalid argument) err: usage(); if (idx < -1) { fprintf(stderr, "Failed to parse command line\n"); _exit(1); } exit(0); } else if (!idx--) { // --version print_version(); exit(0); } else if (!idx--) { // counter-based, -c if (mode != ASK_MODE) { fprintf(stderr, "Duplicate -c and/or -t option detected\n"); _exit(1); } if (reuse != ASK_REUSE) { reuse_err: fprintf(stderr, "Reuse of tokens is not a meaningful parameter " "in counter-based mode\n"); _exit(1); } mode = HOTP_MODE; } else if (!idx--) { // don't confirm code provisioned, -C confirm = 0; } else if (!idx--) { // time-based if (mode != ASK_MODE) { fprintf(stderr, "Duplicate -c and/or -t option detected\n"); _exit(1); } mode = TOTP_MODE; } else if (!idx--) { // disallow-reuse if (reuse != ASK_REUSE) { fprintf(stderr, "Duplicate -d and/or -D option detected\n"); _exit(1); } if (mode == HOTP_MODE) { goto reuse_err; } reuse = DISALLOW_REUSE; } else if (!idx--) { // allow-reuse if (reuse != ASK_REUSE) { fprintf(stderr, "Duplicate -d and/or -D option detected\n"); _exit(1); } if (mode == HOTP_MODE) { goto reuse_err; } reuse = ALLOW_REUSE; } else if (!idx--) { // force if (force) { fprintf(stderr, "Duplicate -f option detected\n"); _exit(1); } force = 1; } else if (!idx--) { // label if (label) { fprintf(stderr, "Duplicate -l option detected\n"); _exit(1); } label = strdup(optarg); } else if (!idx--) { // issuer if (issuer) { fprintf(stderr, "Duplicate -i option detected\n"); _exit(1); } issuer = strdup(optarg); } else if (!idx--) { // quiet if (quiet) { fprintf(stderr, "Duplicate -q option detected\n"); _exit(1); } quiet = 1; } else if (!idx--) { // qr-mode if (qr_mode != QR_UNSET) { fprintf(stderr, "Duplicate -Q option detected\n"); _exit(1); } if (!strcasecmp(optarg, "none")) { qr_mode = QR_NONE; } else if (!strcasecmp(optarg, "ansi")) { qr_mode = QR_ANSI; } else if (!strcasecmp(optarg, "utf8")) { qr_mode = QR_UTF8; } else { fprintf(stderr, "Invalid qr-mode \"%s\"\n", optarg); _exit(1); } } else if (!idx--) { // rate-limit if (r_limit > 0) { fprintf(stderr, "Duplicate -r option detected\n"); _exit(1); } else if (r_limit < 0) { fprintf(stderr, "-u is mutually exclusive with -r\n"); _exit(1); } char *endptr; errno = 0; const long l = strtol(optarg, &endptr, 10); if (errno || endptr == optarg || *endptr || l < 1 || l > 10) { fprintf(stderr, "-r requires an argument in the range 1..10\n"); _exit(1); } r_limit = (int)l; } else if (!idx--) { // rate-time if (r_time > 0) { fprintf(stderr, "Duplicate -R option detected\n"); _exit(1); } else if (r_time < 0) { fprintf(stderr, "-u is mutually exclusive with -R\n"); _exit(1); } char *endptr; errno = 0; const long l = strtol(optarg, &endptr, 10); if (errno || endptr == optarg || *endptr || l < 15 || l > 600) { fprintf(stderr, "-R requires an argument in the range 15..600\n"); _exit(1); } r_time = (int)l; } else if (!idx--) { // no-rate-limit if (r_limit > 0 || r_time > 0) { fprintf(stderr, "-u is mutually exclusive with -r/-R\n"); _exit(1); } if (r_limit < 0) { fprintf(stderr, "Duplicate -u option detected\n"); _exit(1); } r_limit = r_time = -1; } else if (!idx--) { // secret if (secret_fn) { fprintf(stderr, "Duplicate -s option detected\n"); _exit(1); } if (!*optarg) { fprintf(stderr, "-s must be followed by a filename\n"); _exit(1); } secret_fn = strdup(optarg); if (!secret_fn) { perror("malloc()"); _exit(1); } } else if (!idx--) { // step-size if (step_size) { fprintf(stderr, "Duplicate -S option detected\n"); _exit(1); } char *endptr; errno = 0; const long l = strtol(optarg, &endptr, 10); if (errno || endptr == optarg || *endptr || l < 1 || l > 60) { fprintf(stderr, "-S requires an argument in the range 1..60\n"); _exit(1); } step_size = (int)l; } else if (!idx--) { // window-size if (window_size) { fprintf(stderr, "Duplicate -w/-W option detected\n"); _exit(1); } char *endptr; errno = 0; const long l = strtol(optarg, &endptr, 10); if (errno || endptr == optarg || *endptr || l < 1 || l > 21) { fprintf(stderr, "-w requires an argument in the range 1..21\n"); _exit(1); } window_size = (int)l; } else if (!idx--) { // minimal-window if (window_size) { fprintf(stderr, "Duplicate -w/-W option detected\n"); _exit(1); } window_size = -1; } else if (!idx--) { // emergency-codes if (emergency_codes >= 0) { fprintf(stderr, "Duplicate -e option detected\n"); _exit(1); } char *endptr; errno = 0; long l = strtol(optarg, &endptr, 10); if (errno || endptr == optarg || *endptr || l < 0 || l > MAX_SCRATCHCODES) { fprintf(stderr, "-e requires an argument in the range 0..%d\n", MAX_SCRATCHCODES); _exit(1); } emergency_codes = (int)l; } else { fprintf(stderr, "Error\n"); _exit(1); } } idx = -1; if (optind != argc) { goto err; } if (reuse != ASK_REUSE && mode != TOTP_MODE) { fprintf(stderr, "Must select time-based mode, when using -d or -D\n"); _exit(1); } if ((r_time && !r_limit) || (!r_time && r_limit)) { fprintf(stderr, "Must set -r when setting -R, and vice versa\n"); _exit(1); } if (emergency_codes < 0) { emergency_codes = SCRATCHCODES; } if (!label) { const uid_t uid = getuid(); const char *user = getUserName(uid); char hostname[128] = { 0 }; if (gethostname(hostname, sizeof(hostname)-1)) { strcpy(hostname, "unix"); } label = strcat(strcat(strcpy(malloc(strlen(user) + strlen(hostname) + 2), user), "@"), hostname); free((char *)user); } if (!issuer) { char hostname[128] = { 0 }; if (gethostname(hostname, sizeof(hostname)-1)) { strcpy(hostname, "unix"); } issuer = strdup(hostname); } // Not const because 'fd' is reused. TODO. int fd = open("/dev/urandom", O_RDONLY); if (fd < 0) { perror("Failed to open \"/dev/urandom\""); return 1; } if (read(fd, buf, sizeof(buf)) != sizeof(buf)) { urandom_failure: perror("Failed to read from \"/dev/urandom\""); return 1; } base32_encode(buf, SECRET_BITS/8, (uint8_t *)secret, sizeof(secret)); int use_totp; if (mode == ASK_MODE) { use_totp = maybe("Do you want authentication tokens to be time-based"); } else { use_totp = mode == TOTP_MODE; } if (!quiet) { displayEnrollInfo(secret, label, use_totp, issuer); printf("Your new secret key is: %s\n", secret); // Confirm code. if (confirm && use_totp) { for (;;) { const int test_code = ask_code("Enter code from app (-1 to skip):"); if (test_code < 0) { printf("Code confirmation skipped\n"); break; } const unsigned long tm = time(NULL)/(step_size ? step_size : 30); const int correct_code = generateCode(secret, tm); if (test_code == correct_code) { printf("Code confirmed\n"); break; } printf("Code incorrect (correct code %06d). Try again.\n", correct_code); } } else { const unsigned long tm = 1; printf("Your verification code for code %lu is %06d\n", tm, generateCode(secret, tm)); } printf("Your emergency scratch codes are:\n"); } free(label); free(issuer); strcat(secret, "\n"); if (use_totp) { strcat(secret, totp); } else { strcat(secret, hotp); } for (int i = 0; i < emergency_codes; ++i) { new_scratch_code:; int scratch = 0; for (int j = 0; j < BYTES_PER_SCRATCHCODE; ++j) { scratch = 256*scratch + buf[SECRET_BITS/8 + BYTES_PER_SCRATCHCODE*i + j]; } int modulus = 1; for (int j = 0; j < SCRATCHCODE_LENGTH; j++) { modulus *= 10; } scratch = (scratch & 0x7FFFFFFF) % modulus; if (scratch < modulus/10) { // Make sure that scratch codes are always exactly eight digits. If they // start with a sequence of zeros, just generate a new scratch code. if (read(fd, buf + (SECRET_BITS/8 + BYTES_PER_SCRATCHCODE*i), BYTES_PER_SCRATCHCODE) != BYTES_PER_SCRATCHCODE) { goto urandom_failure; } goto new_scratch_code; } if (!quiet) { printf(" %08d\n", scratch); } snprintf(strrchr(secret, '\000'), sizeof(secret) - strlen(secret), "%08d\n", scratch); } close(fd); if (!secret_fn) { const char *home = getenv("HOME"); if (!home || *home != '/') { fprintf(stderr, "Cannot determine home directory\n"); return 1; } secret_fn = malloc(strlen(home) + strlen(SECRET) + 1); if (!secret_fn) { perror("malloc()"); _exit(1); } strcat(strcpy(secret_fn, home), SECRET); } if (!force) { char s[1024]; snprintf(s, sizeof s, "Do you want me to update your \"%s\" file?", secret_fn); if (!maybe(s)) { exit(0); } } const int size = strlen(secret_fn) + 3; char* tmp_fn = malloc(size); if (!tmp_fn) { perror("malloc()"); _exit(1); } snprintf(tmp_fn, size, "%s~", secret_fn); // Add optional flags. if (use_totp) { if (reuse == ASK_REUSE) { maybeAddOption("Do you want to disallow multiple uses of the same " "authentication\ntoken? This restricts you to one login " "about every 30s, but it increases\nyour chances to " "notice or even prevent man-in-the-middle attacks", secret, sizeof(secret), disallow); } else if (reuse == DISALLOW_REUSE) { addOption(secret, sizeof(secret), disallow); } if (step_size) { char s[80]; snprintf(s, sizeof s, "\" STEP_SIZE %d\n", step_size); addOption(secret, sizeof(secret), s); } if (!window_size) { maybeAddOption("By default, a new token is generated every 30 seconds by" " the mobile app.\nIn order to compensate for possible" " time-skew between the client and the server,\nwe allow" " an extra token before and after the current time. This" " allows for a\ntime skew of up to 30 seconds between" " authentication server and client. If you\nexperience" " problems with poor time synchronization, you can" " increase the window\nfrom its default size of 3" " permitted codes (one previous code, the current\ncode," " the next code) to 17 permitted codes (the 8 previous" " codes, the current\ncode, and the 8 next codes)." " This will permit for a time skew of up to 4 minutes" "\nbetween client and server." "\nDo you want to do so?", secret, sizeof(secret), window); } else { char s[80]; // TODO: Should 3 really be the minimal window size for TOTP? // If so, the code should not allow -w=1 here. snprintf(s, sizeof s, "\" WINDOW_SIZE %d\n", window_size > 0 ? window_size : 3); addOption(secret, sizeof(secret), s); } } else { // Counter based. if (!window_size) { maybeAddOption("By default, three tokens are valid at any one time. " "This accounts for\ngenerated-but-not-used tokens and " "failed login attempts. In order to\ndecrease the " "likelihood of synchronization problems, this window " "can be\nincreased from its default size of 3 to 17. Do " "you want to do so?", secret, sizeof(secret), window); } else { char s[80]; snprintf(s, sizeof s, "\" WINDOW_SIZE %d\n", window_size > 0 ? window_size : 1); addOption(secret, sizeof(secret), s); } } if (!r_limit && !r_time) { maybeAddOption("If the computer that you are logging into isn't hardened " "against brute-force\nlogin attempts, you can enable " "rate-limiting for the authentication module.\nBy default, " "this limits attackers to no more than 3 login attempts " "every 30s.\nDo you want to enable rate-limiting?", secret, sizeof(secret), ratelimit); } else if (r_limit > 0 && r_time > 0) { char s[80]; snprintf(s, sizeof s, "\" RATE_LIMIT %d %d\n", r_limit, r_time); addOption(secret, sizeof(secret), s); } fd = open(tmp_fn, O_WRONLY|O_EXCL|O_CREAT|O_NOFOLLOW|O_TRUNC, 0400); if (fd < 0) { fprintf(stderr, "Failed to create \"%s\" (%s)", secret_fn, strerror(errno)); goto errout; } if (write(fd, secret, strlen(secret)) != (ssize_t)strlen(secret) || rename(tmp_fn, secret_fn)) { perror("Failed to write new secret"); unlink(secret_fn); goto errout; } free(tmp_fn); free(secret_fn); close(fd); return 0; errout: if (fd > 0) { close(fd); } free(secret_fn); free(tmp_fn); return 1; } /* ---- Emacs Variables ---- * Local Variables: * c-basic-offset: 2 * indent-tabs-mode: nil * End: */ 07070100000021000081A40000000000000000000000016627DD81000009FE000000000000000000000000000000000000002C00000000google-authenticator-libpam-1.10/src/hmac.c// HMAC_SHA1 implementation // // Copyright 2010 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include <string.h> #include "hmac.h" #include "sha1.h" #include "util.h" void hmac_sha1(const uint8_t *key, int keyLength, const uint8_t *data, int dataLength, uint8_t *result, int resultLength) { SHA1_INFO ctx; uint8_t hashed_key[SHA1_DIGEST_LENGTH]; if (keyLength > 64) { // The key can be no bigger than 64 bytes. If it is, we'll hash it down to // 20 bytes. sha1_init(&ctx); sha1_update(&ctx, key, keyLength); sha1_final(&ctx, hashed_key); key = hashed_key; keyLength = SHA1_DIGEST_LENGTH; } // The key for the inner digest is derived from our key, by padding the key // the full length of 64 bytes, and then XOR'ing each byte with 0x36. uint8_t tmp_key[64]; for (int i = 0; i < keyLength; ++i) { tmp_key[i] = key[i] ^ 0x36; } if (keyLength < 64) { memset(tmp_key + keyLength, 0x36, 64 - keyLength); } // Compute inner digest sha1_init(&ctx); sha1_update(&ctx, tmp_key, 64); sha1_update(&ctx, data, dataLength); uint8_t sha[SHA1_DIGEST_LENGTH]; sha1_final(&ctx, sha); // The key for the outer digest is derived from our key, by padding the key // the full length of 64 bytes, and then XOR'ing each byte with 0x5C. for (int i = 0; i < keyLength; ++i) { tmp_key[i] = key[i] ^ 0x5C; } memset(tmp_key + keyLength, 0x5C, 64 - keyLength); // Compute outer digest sha1_init(&ctx); sha1_update(&ctx, tmp_key, 64); sha1_update(&ctx, sha, SHA1_DIGEST_LENGTH); sha1_final(&ctx, sha); // Copy result to output buffer and truncate or pad as necessary memset(result, 0, resultLength); if (resultLength > SHA1_DIGEST_LENGTH) { resultLength = SHA1_DIGEST_LENGTH; } memcpy(result, sha, resultLength); // Zero out all internal data structures explicit_bzero(hashed_key, sizeof(hashed_key)); explicit_bzero(sha, sizeof(sha)); explicit_bzero(tmp_key, sizeof(tmp_key)); } 07070100000022000081A40000000000000000000000016627DD8100000397000000000000000000000000000000000000002C00000000google-authenticator-libpam-1.10/src/hmac.h// HMAC_SHA1 implementation // // Copyright 2010 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #ifndef _HMAC_H_ #define _HMAC_H_ #include <stdint.h> void hmac_sha1(const uint8_t *key, int keyLength, const uint8_t *data, int dataLength, uint8_t *result, int resultLength) __attribute__((visibility("hidden"))); #endif /* _HMAC_H_ */ 07070100000023000081A40000000000000000000000016627DD810001014C000000000000000000000000000000000000004000000000google-authenticator-libpam-1.10/src/pam_google_authenticator.c// PAM module for two-factor authentication. // // Copyright 2010 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include "config.h" #include <errno.h> #include <fcntl.h> #include <limits.h> #include <pwd.h> #include <stdarg.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/stat.h> #include <sys/types.h> #include <syslog.h> #include <time.h> #include <unistd.h> #ifdef HAVE_SYS_FSUID_H // We much rather prefer to use setfsuid(), but this function is unfortunately // not available on all systems. #include <sys/fsuid.h> #endif #ifndef PAM_EXTERN #define PAM_EXTERN #endif #if !defined(LOG_AUTHPRIV) && defined(LOG_AUTH) #define LOG_AUTHPRIV LOG_AUTH #endif #define PAM_SM_AUTH #include <security/pam_appl.h> #include <security/pam_modules.h> #include "base32.h" #include "hmac.h" #include "sha1.h" #include "util.h" // Module name shortened to work with rsyslog. // See https://github.com/google/google-authenticator-libpam/issues/172 #define MODULE_NAME "pam_google_auth" #define SECRET "~/.google_authenticator" #define CODE_PROMPT "Verification code: " #define PWCODE_PROMPT "Password & verification code: " typedef struct Params { const char *secret_filename_spec; const char *authtok_prompt; enum { NULLERR=0, NULLOK, SECRETNOTFOUND } nullok; int noskewadj; int echocode; int fixed_uid; int no_increment_hotp; uid_t uid; enum { PROMPT = 0, TRY_FIRST_PASS, USE_FIRST_PASS } pass_mode; int forward_pass; int debug; int no_strict_owner; int allowed_perm; time_t grace_period; int allow_readonly; } Params; static char oom; static const char* nobody = "nobody"; #if defined(DEMO) || defined(TESTING) static char* error_msg = NULL; const char *get_error_msg(void) __attribute__((visibility("default"))); const char *get_error_msg(void) { if (!error_msg) { return ""; } return error_msg; } #endif static void log_message(int priority, pam_handle_t *pamh, const char *format, ...) { char *service = NULL; if (pamh) pam_get_item(pamh, PAM_SERVICE, (void *)&service); if (!service) service = ""; char logname[80]; snprintf(logname, sizeof(logname), "%s(" MODULE_NAME ")", service); va_list args; va_start(args, format); #if !defined(DEMO) && !defined(TESTING) openlog(logname, LOG_CONS | LOG_PID, LOG_AUTHPRIV); vsyslog(priority, format, args); closelog(); #else if (!error_msg) { error_msg = strdup(""); } { char buf[1000]; vsnprintf(buf, sizeof buf, format, args); const int newlen = strlen(error_msg) + 1 + strlen(buf) + 1; char* n = malloc(newlen); if (n) { snprintf(n, newlen, "%s%s%s", error_msg, strlen(error_msg)?"\n":"",buf); free(error_msg); error_msg = n; } else { fprintf(stderr, "Failed to malloc %d bytes for log data.\n", newlen); } } #endif va_end(args); if (priority == LOG_EMERG) { // Something really bad happened. There is no way we can proceed safely. _exit(1); } } static int converse(pam_handle_t *pamh, int nargs, PAM_CONST struct pam_message **message, struct pam_response **response) { struct pam_conv *conv; int retval = pam_get_item(pamh, PAM_CONV, (void *)&conv); if (retval != PAM_SUCCESS) { return retval; } return conv->conv(nargs, message, response, conv->appdata_ptr); } static const char *get_user_name(pam_handle_t *pamh, const Params *params) { // Obtain the user's name const char *username; if (pam_get_user(pamh, &username, NULL) != PAM_SUCCESS || !username || !*username) { log_message(LOG_ERR, pamh, "pam_get_user() failed to get a user name" " when checking verification code"); return NULL; } if (params->debug) { log_message(LOG_INFO, pamh, "debug: start of google_authenticator for \"%s\"", username); } return username; } /* * Return rhost as a string. Return value must not be free()ed. * Returns NULL if PAM_RHOST is not known. */ static const char * get_rhost(pam_handle_t *pamh, const Params *params) { // Get the remote host PAM_CONST void *rhost; if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS) { log_message(LOG_ERR, pamh, "pam_get_rhost() failed to get the remote host"); return NULL; } if (params->debug) { log_message(LOG_INFO, pamh, "debug: google_authenticator for host \"%s\"", rhost); } return (const char *)rhost; } static size_t getpwnam_buf_max_size() { #ifdef _SC_GETPW_R_SIZE_MAX const ssize_t len = sysconf(_SC_GETPW_R_SIZE_MAX); if (len <= 0) { return 4096; } return len; #else return 4096; #endif } static char *get_secret_filename(pam_handle_t *pamh, const Params *params, const char *username, uid_t *uid) { if (!username) { return NULL; } // Check whether the administrator decided to override the default location // for the secret file. const char *spec = params->secret_filename_spec ? params->secret_filename_spec : SECRET; // Obtain the user's id and home directory // NOTE: These variables need to be here because of their lifetimes. struct passwd *pw = NULL; // Used struct passwd pwbuf; // Here because `pw` points into it. char *buf = NULL; // Here because `pw` members use it. char *secret_filename = NULL; // Here because goto jumps. if (!params->fixed_uid) { const int len = getpwnam_buf_max_size(); buf = malloc(len); *uid = -1; if (buf == NULL) { log_message(LOG_ERR, pamh, "Short (%d) mem allocation failed", len); goto errout; } const int rc = getpwnam_r(username, &pwbuf, buf, len, &pw); if (rc) { log_message(LOG_ERR, pamh, "getpwnam_r(\"%s\")!=0: %d", username, rc); goto errout; } if (!pw) { log_message(LOG_ERR, pamh, "user(\"%s\") not found", username); goto errout; } if (!pw->pw_dir) { log_message(LOG_ERR, pamh, "user(\"%s\") has no home dir", username); goto errout; } if (*pw->pw_dir != '/') { log_message(LOG_ERR, pamh, "User \"%s\" home dir not absolute", username); goto errout; } } // Expand filename specification to an actual filename. if ((secret_filename = strdup(spec)) == NULL) { log_message(LOG_ERR, pamh, "Short (%d) mem allocation failed", strlen(spec)); goto errout; } int allow_tilde = 1; for (int offset = 0; secret_filename[offset];) { char *cur = secret_filename + offset; char *var = NULL; size_t var_len = 0; const char *subst = NULL; if (allow_tilde && *cur == '~') { var_len = 1; if (!pw) { log_message(LOG_ERR, pamh, "Home dir in 'secret' not implemented when 'user' set"); goto errout; } subst = pw->pw_dir; var = cur; } else if (secret_filename[offset] == '$') { if (!memcmp(cur, "${HOME}", 7)) { var_len = 7; if (!pw) { log_message(LOG_ERR, pamh, "Home dir in 'secret' not implemented when 'user' set"); goto errout; } subst = pw->pw_dir; var = cur; } else if (!memcmp(cur, "${USER}", 7)) { var_len = 7; subst = username; var = cur; } } if (var) { const size_t subst_len = strlen(subst); if (subst_len > 1000000) { log_message(LOG_ERR, pamh, "Unexpectedly large path name: %d", subst_len); goto errout; } const int varidx = var - secret_filename; char *resized = realloc(secret_filename, strlen(secret_filename) + subst_len + 1); if (!resized) { log_message(LOG_ERR, pamh, "Short mem allocation failed"); goto errout; } var = resized + varidx; secret_filename = resized; memmove(var + subst_len, var + var_len, strlen(var + var_len) + 1); memmove(var, subst, subst_len); offset = var + subst_len - resized; allow_tilde = 0; } else { allow_tilde = *cur == '/'; ++offset; } } *uid = params->fixed_uid ? params->uid : pw->pw_uid; free(buf); return secret_filename; errout: free(secret_filename); free(buf); return NULL; } static int setuser(int uid) { #ifdef HAVE_SETFSUID // The semantics for setfsuid() are a little unusual. On success, the // previous user id is returned. On failure, the current user id is returned. int old_uid = setfsuid(uid); if (uid != setfsuid(uid)) { setfsuid(old_uid); return -1; } #else #ifdef linux #error "Linux should have setfsuid(). Refusing to build." #endif int old_uid = geteuid(); if (old_uid != uid && seteuid(uid)) { return -1; } #endif return old_uid; } static int setgroup(int gid) { #ifdef HAVE_SETFSGID // The semantics of setfsgid() are a little unusual. On success, the // previous group id is returned. On failure, the current groupd id is // returned. int old_gid = setfsgid(gid); if (gid != setfsgid(gid)) { setfsgid(old_gid); return -1; } #else int old_gid = getegid(); if (old_gid != gid && setegid(gid)) { return -1; } #endif return old_gid; } // Drop privileges and return 0 on success. static int drop_privileges(pam_handle_t *pamh, const char *username, int uid, int *old_uid, int *old_gid) { // Try to become the new user. This might be necessary for NFS mounted home // directories. // First, look up the user's default group #ifdef _SC_GETPW_R_SIZE_MAX int len = sysconf(_SC_GETPW_R_SIZE_MAX); if (len <= 0) { len = 4096; } #else int len = 4096; #endif char *buf = malloc(len); if (!buf) { log_message(LOG_ERR, pamh, "Out of memory"); return -1; } struct passwd pwbuf, *pw; if (getpwuid_r(uid, &pwbuf, buf, len, &pw) || !pw) { log_message(LOG_ERR, pamh, "Cannot look up user id %d", uid); free(buf); return -1; } gid_t gid = pw->pw_gid; free(buf); int gid_o = setgroup(gid); int uid_o = setuser(uid); if (uid_o < 0) { if (gid_o >= 0) { if (setgroup(gid_o) < 0 || setgroup(gid_o) != gid_o) { // Inform the caller that we were unsuccessful in resetting the group. *old_gid = gid_o; } } log_message(LOG_ERR, pamh, "Failed to change user id to \"%s\"", username); return -1; } if (gid_o < 0 && (gid_o = setgroup(gid)) < 0) { // In most typical use cases, the PAM module will end up being called // while uid=0. This allows the module to change to an arbitrary group // prior to changing the uid. But there are many ways that PAM modules // can be invoked and in some scenarios this might not work. So, we also // try changing the group _after_ changing the uid. It might just work. if (setuser(uid_o) < 0 || setuser(uid_o) != uid_o) { // Inform the caller that we were unsuccessful in resetting the uid. *old_uid = uid_o; } log_message(LOG_ERR, pamh, "Failed to change group id for user \"%s\" to %d", username, (int)gid); return -1; } *old_uid = uid_o; *old_gid = gid_o; return 0; } // open secret file, return fd on success, or <0 on error. static int open_secret_file(pam_handle_t *pamh, const char *secret_filename, struct Params *params, const char *username, int uid, struct stat *orig_stat) { // Try to open "~/.google_authenticator" const int fd = open(secret_filename, O_RDONLY); if (fd < 0 || fstat(fd, orig_stat) < 0) { if (params->nullok != NULLERR && errno == ENOENT) { // The user doesn't have a state file, but the administrator said // that this is OK. We still return an error from open_secret_file(), // but we remember that this was the result of a missing state file. params->nullok = SECRETNOTFOUND; } else { log_message(LOG_ERR, pamh, "Failed to read \"%s\" for \"%s\": %s", secret_filename, username, strerror(errno)); } error: if (fd >= 0) { close(fd); } return -1; } if (params->debug) { log_message(LOG_INFO, pamh, "debug: Secret file permissions are %04o." " Allowed permissions are %04o", orig_stat->st_mode & 03777, params->allowed_perm); } // Check permissions on "~/.google_authenticator". if (!S_ISREG(orig_stat->st_mode)) { log_message(LOG_ERR, pamh, "Secret file \"%s\" is not a regular file", secret_filename); goto error; } if (orig_stat->st_mode & 03777 & ~params->allowed_perm) { log_message(LOG_ERR, pamh, "Secret file \"%s\" permissions (%04o)" " are more permissive than %04o", secret_filename, orig_stat->st_mode & 03777, params->allowed_perm); goto error; } if (!params->no_strict_owner && (orig_stat->st_uid != (uid_t)uid)) { char buf[80]; if (params->fixed_uid) { snprintf(buf, sizeof buf, "user id %d", params->uid); username = buf; } log_message(LOG_ERR, pamh, "Secret file \"%s\" must be owned by \"%s\"", secret_filename, username); goto error; } // Sanity check for file length if (orig_stat->st_size < 1 || orig_stat->st_size > 64*1024) { log_message(LOG_ERR, pamh, "Invalid file size for \"%s\"", secret_filename); goto error; } return fd; } // Read secret file contents. // If there's an error the file is closed, NULL is returned, and errno set. static char *read_file_contents(pam_handle_t *pamh, const Params *params, const char *secret_filename, int *fd, off_t filesize) { // Arbitrary limit to prevent integer overflow. if (filesize > 1000000) { close(*fd); errno = E2BIG; return NULL; } // Read file contents char *buf = malloc(filesize + 1); if (!buf) { log_message(LOG_ERR, pamh, "Failed to malloc %d+1", filesize); goto out; } if (filesize != read(*fd, buf, filesize)) { log_message(LOG_ERR, pamh, "Could not read \"%s\"", secret_filename); goto out; } close(*fd); *fd = -1; // The rest of the code assumes that there are no NUL bytes in the file. if (memchr(buf, 0, filesize)) { log_message(LOG_ERR, pamh, "Invalid file contents in \"%s\"", secret_filename); goto out; } // Terminate the buffer with a NUL byte. buf[filesize] = '\000'; if(params->debug) { log_message(LOG_INFO, pamh, "debug: \"%s\" read", secret_filename); } return buf; out: // If we have any data, erase it. if (buf) { explicit_bzero(buf, filesize); } free(buf); if (*fd >= 0) { close(*fd); *fd = -1; } return NULL; } static int is_totp(const char *buf) { return !!strstr(buf, "\" TOTP_AUTH"); } // Wrap write() making sure that partial writes don't break everything. // Return 0 on success, errno otherwise. static int full_write(int fd, const char* buf, size_t len) { const char* p = buf; int errors = 0; for (;;) { const ssize_t left = len - (p - buf); const ssize_t rc = write(fd, p, left); if (rc == left) { return 0; } if (rc < 0) { switch (errno) { case EAGAIN: case EINTR: if (errors++ < 3) { continue; } } return errno; } p += rc; } } // Safely overwrite the old secret file. // Return 0 on success, errno otherwise. static int write_file_contents(pam_handle_t *pamh, const Params *params, const char *secret_filename, struct stat *orig_stat, const char *buf) { int err = 0; int fd = -1; const size_t fnlength = strlen(secret_filename) + 1 + 6 + 1; char *tmp_filename = malloc(fnlength); if (tmp_filename == NULL) { err = errno; goto cleanup; } if (fnlength - 1 != snprintf(tmp_filename, fnlength, "%s~XXXXXX", secret_filename)) { err = ERANGE; goto cleanup; } const mode_t old_mask = umask(077); fd = mkstemp(tmp_filename); umask(old_mask); if (fd < 0) { err = errno; log_message(LOG_ERR, pamh, "Failed to create tempfile \"%s\": %s", tmp_filename, strerror(err)); // Couldn't open file; don't try to delete it later. free(tmp_filename); tmp_filename = NULL; goto cleanup; } if (fchmod(fd, 0400)) { err = errno; goto cleanup; } // Make sure the secret file is still the same. This prevents attackers // from opening a lot of pending sessions and then reusing the same // scratch code multiple times. // // (except for the brief race condition between this stat and the // `rename` below) { struct stat sb; if (stat(secret_filename, &sb) != 0) { err = errno; log_message(LOG_ERR, pamh, "stat(): %s", strerror(err)); goto cleanup; } if (sb.st_ino != orig_stat->st_ino || sb.st_size != orig_stat->st_size || sb.st_mtime != orig_stat->st_mtime) { err = EAGAIN; log_message(LOG_ERR, pamh, "Secret file \"%s\" changed while trying to use " "scratch code\n", secret_filename); goto cleanup; } } // Write the new file contents. if ((err = full_write(fd, buf, strlen(buf)))) { log_message(LOG_ERR, pamh, "write(): %s", strerror(err)); goto cleanup; } if (fsync(fd)) { err = errno; log_message(LOG_ERR, pamh, "fsync(): %s", strerror(err)); goto cleanup; } if (close(fd)) { err = errno; log_message(LOG_ERR, pamh, "close(): %s", strerror(err)); goto cleanup; } fd = -1; // Prevent double-close. // Double-check that the file size is correct. { struct stat st; if (stat(tmp_filename, &st)) { err = errno; log_message(LOG_ERR, pamh, "stat(%s): %s", tmp_filename, strerror(err)); goto cleanup; } const off_t want = strlen(buf); if (st.st_size == 0 || (want != st.st_size)) { err = EAGAIN; log_message(LOG_ERR, pamh, "temp file size %d. Should be non-zero and %d", st.st_size, want); goto cleanup; } } if (rename(tmp_filename, secret_filename) != 0) { err = errno; log_message(LOG_ERR, pamh, "rename(): %s", strerror(err)); goto cleanup; } free(tmp_filename); tmp_filename = NULL; // Prevent unlink & double-free. if (params->debug) { log_message(LOG_INFO, pamh, "debug: \"%s\" written", secret_filename); } cleanup: if (fd >= 0) { close(fd); } if (tmp_filename) { if (unlink(tmp_filename)) { log_message(LOG_ERR, pamh, "Failed to delete tempfile \"%s\": %s", tmp_filename, strerror(errno)); } } free(tmp_filename); if (err) { log_message(LOG_ERR, pamh, "Failed to update secret file \"%s\": %s", secret_filename, strerror(err)); return err; } return 0; } // given secret file content (buf), extract the secret and base32 decode it. // // Return pointer to `malloc()`'d secret on success (caller frees), // NULL on error. Length of secret stored in *secretLen. static uint8_t *get_shared_secret(pam_handle_t *pamh, const Params *params, const char *secret_filename, const char *buf, int *secretLen) { if (!buf) { return NULL; } // Decode secret key const int base32Len = strcspn(buf, "\n"); // Arbitrary limit to prevent integer overflow. if (base32Len > 100000) { return NULL; } *secretLen = (base32Len*5 + 7)/8; uint8_t *secret = malloc(base32Len + 1); if (secret == NULL) { *secretLen = 0; return NULL; } memcpy(secret, buf, base32Len); secret[base32Len] = '\000'; if ((*secretLen = base32_decode(secret, secret, base32Len)) < 1) { log_message(LOG_ERR, pamh, "Could not find a valid BASE32 encoded secret in \"%s\"", secret_filename); explicit_bzero(secret, base32Len); free(secret); return NULL; } memset(secret + *secretLen, 0, base32Len + 1 - *secretLen); if(params->debug) { log_message(LOG_INFO, pamh, "debug: shared secret in \"%s\" processed", secret_filename); } return secret; } #ifdef TESTING static time_t current_time; void set_time(time_t t) __attribute__((visibility("default"))); void set_time(time_t t) { current_time = t; } static time_t get_time(void) { return current_time; } #else static time_t get_time(void) { return time(NULL); } #endif static int comparator(const void *a, const void *b) { return *(unsigned int *)a - *(unsigned int *)b; } static char *get_cfg_value(pam_handle_t *pamh, const char *key, const char *buf) { const size_t key_len = strlen(key); for (const char *line = buf; *line; ) { const char *ptr; if (line[0] == '"' && line[1] == ' ' && !strncmp(line+2, key, key_len) && (!*(ptr = line+2+key_len) || *ptr == ' ' || *ptr == '\t' || *ptr == '\r' || *ptr == '\n')) { ptr += strspn(ptr, " \t"); size_t val_len = strcspn(ptr, "\r\n"); char *val = malloc(val_len + 1); if (!val) { log_message(LOG_ERR, pamh, "Out of memory"); return &oom; } else { memcpy(val, ptr, val_len); val[val_len] = '\000'; return val; } } else { line += strcspn(line, "\r\n"); line += strspn(line, "\r\n"); } } return NULL; } static int set_cfg_value(pam_handle_t *pamh, const char *key, const char *val, char **buf) { const size_t key_len = strlen(key); char *start = NULL; char *stop = NULL; // Find an existing line, if any. for (char *line = *buf; *line; ) { char *ptr; if (line[0] == '"' && line[1] == ' ' && !strncmp(line+2, key, key_len) && (!*(ptr = line+2+key_len) || *ptr == ' ' || *ptr == '\t' || *ptr == '\r' || *ptr == '\n')) { start = line; stop = start + strcspn(start, "\r\n"); stop += strspn(stop, "\r\n"); break; } else { line += strcspn(line, "\r\n"); line += strspn(line, "\r\n"); } } // If no existing line, insert immediately after the first line. if (!start) { start = *buf + strcspn(*buf, "\r\n"); start += strspn(start, "\r\n"); stop = start; } // Replace [start..stop] with the new contents. const size_t val_len = strlen(val); const size_t total_len = key_len + val_len + 4; if (total_len <= stop - start) { // We are decreasing out space requirements. Shrink the buffer and pad with // NUL characters. const size_t tail_len = strlen(stop); memmove(start + total_len, stop, tail_len + 1); memset(start + total_len + tail_len, 0, stop - start - total_len + 1); } else { // Must resize existing buffer. We cannot call realloc(), as it could // leave parts of the buffer content in unused parts of the heap. const size_t buf_len = strlen(*buf); const size_t tail_len = buf_len - (stop - *buf); char *resized = malloc(buf_len - (stop - start) + total_len + 1); if (!resized) { log_message(LOG_ERR, pamh, "Out of memory"); return -1; } memcpy(resized, *buf, start - *buf); memcpy(resized + (start - *buf) + total_len, stop, tail_len + 1); memset(*buf, 0, buf_len); free(*buf); start = start - *buf + resized; *buf = resized; } // Fill in new contents. start[0] = '"'; start[1] = ' '; memcpy(start + 2, key, key_len); start[2+key_len] = ' '; memcpy(start+3+key_len, val, val_len); start[3+key_len+val_len] = '\n'; // Check if there are any other occurrences of "value". If so, delete them. for (char *line = start + 4 + key_len + val_len; *line; ) { char *ptr; if (line[0] == '"' && line[1] == ' ' && !strncmp(line+2, key, key_len) && (!*(ptr = line+2+key_len) || *ptr == ' ' || *ptr == '\t' || *ptr == '\r' || *ptr == '\n')) { start = line; stop = start + strcspn(start, "\r\n"); stop += strspn(stop, "\r\n"); size_t tail_len = strlen(stop); memmove(start, stop, tail_len + 1); memset(start + tail_len, 0, stop - start); line = start; } else { line += strcspn(line, "\r\n"); line += strspn(line, "\r\n"); } } return 0; } static int step_size(pam_handle_t *pamh, const char *secret_filename, const char *buf) { const char *value = get_cfg_value(pamh, "STEP_SIZE", buf); if (!value) { // Default step size is 30. return 30; } else if (value == &oom) { // Out of memory. This is a fatal error. return 0; } char *endptr; errno = 0; const int step = (int)strtoul(value, &endptr, 10); if (errno || !*value || value == endptr || (*endptr && *endptr != ' ' && *endptr != '\t' && *endptr != '\n' && *endptr != '\r') || step < 1 || step > 60) { free((void *)value); log_message(LOG_ERR, pamh, "Invalid STEP_SIZE option in \"%s\"", secret_filename); return 0; } free((void *)value); return step; } static int get_timestamp(pam_handle_t *pamh, const char *secret_filename, const char **buf) { const int step = step_size(pamh, secret_filename, *buf); if (!step) { return 0; } return get_time()/step; } static long get_hotp_counter(pam_handle_t *pamh, const char *buf) { if (!buf) { return -1; } const char *counter_str = get_cfg_value(pamh, "HOTP_COUNTER", buf); if (counter_str == &oom) { // Out of memory. This is a fatal error return -1; } long counter = 0; if (counter_str) { counter = strtol(counter_str, NULL, 10); } free((void *)counter_str); return counter; } static int rate_limit(pam_handle_t *pamh, const char *secret_filename, int *updated, char **buf) { const char *value = get_cfg_value(pamh, "RATE_LIMIT", *buf); if (!value) { // Rate limiting is not enabled for this account return 0; } else if (value == &oom) { // Out of memory. This is a fatal error. return -1; } // Parse both the maximum number of login attempts and the time interval // that we are looking at. const char *endptr = value, *ptr; int attempts, interval; errno = 0; if (((attempts = (int)strtoul(ptr = endptr, (char **)&endptr, 10)) < 1) || ptr == endptr || attempts > 100 || errno || (*endptr != ' ' && *endptr != '\t') || ((interval = (int)strtoul(ptr = endptr, (char **)&endptr, 10)) < 1) || ptr == endptr || interval > 3600 || errno) { free((void *)value); log_message(LOG_ERR, pamh, "Invalid RATE_LIMIT option. Check \"%s\".", secret_filename); return -1; } // Parse the time stamps of all previous login attempts. const unsigned int now = get_time(); unsigned int *timestamps = malloc(sizeof(int)); if (!timestamps) { oom: free((void *)value); log_message(LOG_ERR, pamh, "Out of memory"); return -1; } timestamps[0] = now; int num_timestamps = 1; while (*endptr && *endptr != '\r' && *endptr != '\n') { unsigned int timestamp; errno = 0; if ((*endptr != ' ' && *endptr != '\t') || ((timestamp = (int)strtoul(ptr = endptr, (char **)&endptr, 10)), errno) || ptr == endptr) { free((void *)value); free(timestamps); log_message(LOG_ERR, pamh, "Invalid list of timestamps in RATE_LIMIT. " "Check \"%s\".", secret_filename); return -1; } num_timestamps++; unsigned int *tmp = (unsigned int *)realloc(timestamps, sizeof(int) * num_timestamps); if (!tmp) { free(timestamps); goto oom; } timestamps = tmp; timestamps[num_timestamps-1] = timestamp; } free((void *)value); value = NULL; // Sort time stamps, then prune all entries outside of the current time // interval. qsort(timestamps, num_timestamps, sizeof(int), comparator); int start = 0, stop = -1; for (int i = 0; i < num_timestamps; ++i) { if (timestamps[i] < now - interval) { start = i+1; } else if (timestamps[i] > now) { break; } stop = i; } // Error out, if there are too many login attempts. int exceeded = 0; if (stop - start + 1 > attempts) { exceeded = 1; start = stop - attempts + 1; } // Construct new list of timestamps within the current time interval. char* list; { const size_t list_size = 25 * (2 + (stop - start + 1)) + 4; list = malloc(list_size); if (!list) { free(timestamps); goto oom; } snprintf(list, list_size, "%d %d", attempts, interval); char *prnt = strchr(list, '\000'); for (int i = start; i <= stop; ++i) { prnt += snprintf(prnt, list_size-(prnt-list), " %u", timestamps[i]); } free(timestamps); } // Try to update RATE_LIMIT line. if (set_cfg_value(pamh, "RATE_LIMIT", list, buf) < 0) { free(list); return -1; } free(list); // Mark the state file as changed. *updated = 1; // If necessary, notify the user of the rate limiting that is in effect. if (exceeded) { log_message(LOG_ERR, pamh, "Too many concurrent login attempts (\"%s\"). Please try again.", secret_filename); return -1; } return 0; } static char *get_first_pass(pam_handle_t *pamh) { PAM_CONST void *password = NULL; if (pam_get_item(pamh, PAM_AUTHTOK, &password) == PAM_SUCCESS && password) { return strdup((const char *)password); } return NULL; } // Show error message to the user. static void conv_error(pam_handle_t *pamh, const char* text) { PAM_CONST struct pam_message msg = { .msg_style = PAM_ERROR_MSG, .msg = text, }; PAM_CONST struct pam_message *msgs = &msg; struct pam_response *resp = NULL; const int retval = converse(pamh, 1, &msgs, &resp); if (retval != PAM_SUCCESS) { log_message(LOG_ERR, pamh, "Failed to inform user of error"); } free(resp); } static char *request_pass(pam_handle_t *pamh, int echocode, PAM_CONST char *prompt) { // Query user for verification code PAM_CONST struct pam_message msg = { .msg_style = echocode, .msg = prompt }; PAM_CONST struct pam_message *msgs = &msg; struct pam_response *resp = NULL; int retval = converse(pamh, 1, &msgs, &resp); char *ret = NULL; if (retval != PAM_SUCCESS || resp == NULL || resp->resp == NULL || *resp->resp == '\000') { log_message(LOG_ERR, pamh, "Did not receive verification code from user"); if (retval == PAM_SUCCESS && resp && resp->resp) { ret = resp->resp; } } else { ret = resp->resp; } // Deallocate temporary storage if (resp) { if (!ret) { free(resp->resp); } free(resp); } return ret; } /* Checks for possible use of scratch codes. Returns -1 on error, 0 on success, * and 1, if no scratch code had been entered, and subsequent tests should be * applied. */ static int check_scratch_codes(pam_handle_t *pamh, const Params *params, const char *secret_filename, int *updated, char *buf, int code) { // Skip the first line. It contains the shared secret. char *ptr = buf + strcspn(buf, "\n"); // Check if this is one of the scratch codes char *endptr = NULL; for (;;) { // Skip newlines and blank lines while (*ptr == '\r' || *ptr == '\n') { ptr++; } // Skip any lines starting with double-quotes. They contain option fields if (*ptr == '"') { ptr += strcspn(ptr, "\n"); continue; } // Try to interpret the line as a scratch code errno = 0; const int scratchcode = (int)strtoul(ptr, &endptr, 10); // Sanity check that we read a valid scratch code. Scratchcodes are all // numeric eight-digit codes. There must not be any other information on // that line. if (errno || ptr == endptr || (*endptr != '\r' && *endptr != '\n' && *endptr) || scratchcode < 10*1000*1000 || scratchcode >= 100*1000*1000) { break; } // Check if the code matches if (scratchcode == code) { // Remove scratch code after using it while (*endptr == '\n' || *endptr == '\r') { ++endptr; } memmove(ptr, endptr, strlen(endptr) + 1); memset(strrchr(ptr, '\000'), 0, endptr - ptr + 1); // Mark the state file as changed *updated = 1; // Successfully removed scratch code. Allow user to log in. if(params->debug) { log_message(LOG_INFO, pamh, "debug: scratch code %d used and removed from \"%s\"", code, secret_filename); } return 0; } ptr = endptr; } // No scratch code has been used. Continue checking other types of codes. if(params->debug) { log_message(LOG_INFO, pamh, "debug: no scratch code used from \"%s\"", secret_filename); } return 1; } static int window_size(pam_handle_t *pamh, const char *secret_filename, const char *buf) { const char *value = get_cfg_value(pamh, "WINDOW_SIZE", buf); if (!value) { // Default window size is 3. This gives us one STEP_SIZE second // window before and after the current one. return 3; } else if (value == &oom) { // Out of memory. This is a fatal error. return 0; } char *endptr; errno = 0; const int window = (int)strtoul(value, &endptr, 10); if (errno || !*value || value == endptr || (*endptr && *endptr != ' ' && *endptr != '\t' && *endptr != '\n' && *endptr != '\r') || window < 1 || window > 100) { free((void *)value); log_message(LOG_ERR, pamh, "Invalid WINDOW_SIZE option in \"%s\"", secret_filename); return 0; } free((void *)value); return window; } /* If the DISALLOW_REUSE option has been set, record timestamps have been * used to log in successfully and disallow their reuse. * * Returns -1 on error, and 0 on success. */ static int invalidate_timebased_code(int tm, pam_handle_t *pamh, const char *secret_filename, int *updated, char **buf) { char *disallow = get_cfg_value(pamh, "DISALLOW_REUSE", *buf); if (!disallow) { // Reuse of tokens is not explicitly disallowed. Allow the login request // to proceed. return 0; } else if (disallow == &oom) { // Out of memory. This is a fatal error. return -1; } // Allow the user to customize the window size parameter. const int window = window_size(pamh, secret_filename, *buf); if (!window) { // The user configured a non-standard window size, but there was some // error with the value of this parameter. free((void *)disallow); return -1; } // The DISALLOW_REUSE option is followed by all known timestamps that are // currently unavailable for login. for (char *ptr = disallow; *ptr;) { // Skip white-space, if any ptr += strspn(ptr, " \t\r\n"); if (!*ptr) { break; } // Parse timestamp value. char *endptr; errno = 0; const int blocked = (int)strtoul(ptr, &endptr, 10); // Treat syntactically invalid options as an error if (errno || ptr == endptr || (*endptr != ' ' && *endptr != '\t' && *endptr != '\r' && *endptr != '\n' && *endptr)) { free((void *)disallow); return -1; } if (tm == blocked) { // The code is currently blocked from use. Disallow login. free((void *)disallow); const int step = step_size(pamh, secret_filename, *buf); if (!step) { return -1; } log_message(LOG_ERR, pamh, "Trying to reuse a previously used time-based code (\"%s\")." " Retry again in %d seconds. " "Warning! This might mean, you are currently subject to a " "man-in-the-middle attack.", secret_filename, step); return -1; } // If the blocked code is outside of the possible window of timestamps, // remove it from the file. if (blocked - tm >= window || tm - blocked >= window) { endptr += strspn(endptr, " \t"); memmove(ptr, endptr, strlen(endptr) + 1); } else { ptr = endptr; } } // Add the current timestamp to the list of disallowed timestamps. { const size_t resized_size = strlen(disallow) + 40; char *resized = realloc(disallow, resized_size); if (!resized) { free((void *)disallow); log_message(LOG_ERR, pamh, "Failed to allocate memory when updating \"%s\"", secret_filename); return -1; } disallow = resized; char* pos = strrchr(disallow, '\000'); snprintf(pos, resized_size-(pos-disallow), " %d" + !*disallow, tm); if (set_cfg_value(pamh, "DISALLOW_REUSE", disallow, buf) < 0) { free((void *)disallow); return -1; } free((void *)disallow); } // Mark the state file as changed *updated = 1; // Allow access. return 0; } /* Given an input value, this function computes the hash code that forms the * expected authentication token. */ #ifdef TESTING int compute_code(const uint8_t *secret, int secretLen, unsigned long value) __attribute__((visibility("default"))); #else static #endif int compute_code(const uint8_t *secret, int secretLen, unsigned long value) { uint8_t val[8]; for (int i = 8; i--; value >>= 8) { val[i] = value; } uint8_t hash[SHA1_DIGEST_LENGTH]; hmac_sha1(secret, secretLen, val, 8, hash, SHA1_DIGEST_LENGTH); explicit_bzero(val, sizeof(val)); const int offset = hash[SHA1_DIGEST_LENGTH - 1] & 0xF; unsigned int truncatedHash = 0; for (int i = 0; i < 4; ++i) { truncatedHash <<= 8; truncatedHash |= hash[offset + i]; } explicit_bzero(hash, sizeof(hash)); truncatedHash &= 0x7FFFFFFF; truncatedHash %= 1000000; return truncatedHash; } /* If a user repeated attempts to log in with the same time skew, remember * this skew factor for future login attempts. */ static int check_time_skew(pam_handle_t *pamh, int *updated, char **buf, int skew, int tm) { int rc = -1; // Parse current RESETTING_TIME_SKEW line, if any. char *resetting = get_cfg_value(pamh, "RESETTING_TIME_SKEW", *buf); if (resetting == &oom) { // Out of memory. This is a fatal error. return -1; } // If the user can produce a sequence of three consecutive codes that fall // within a day of the current time. And if he can enter these codes in // quick succession, then we allow the time skew to be reset. // N.B. the number "3" was picked so that it would not trigger the rate // limiting limit if set up with default parameters. unsigned int tms[3]; int skews[sizeof(tms)/sizeof(int)]; int num_entries = 0; if (resetting) { char *ptr = resetting; // Read the three most recent pairs of time stamps and skew values into // our arrays. while (*ptr && *ptr != '\r' && *ptr != '\n') { char *endptr; errno = 0; const unsigned int i = (int)strtoul(ptr, &endptr, 10); if (errno || ptr == endptr || (*endptr != '+' && *endptr != '-')) { break; } ptr = endptr; int j = (int)strtoul(ptr + 1, &endptr, 10); if (errno || ptr == endptr || (*endptr != ' ' && *endptr != '\t' && *endptr != '\r' && *endptr != '\n' && *endptr)) { break; } if (*ptr == '-') { j = -j; } if (num_entries == sizeof(tms)/sizeof(int)) { memmove(tms, tms+1, sizeof(tms)-sizeof(int)); memmove(skews, skews+1, sizeof(skews)-sizeof(int)); } else { ++num_entries; } tms[num_entries-1] = i; skews[num_entries-1] = j; ptr = endptr; } // If the user entered an identical code, assume they are just getting // desperate. This doesn't actually provide us with any useful data, // though. Don't change any state and hope the user keeps trying a few // more times. if (num_entries && tm + skew == tms[num_entries-1] + skews[num_entries-1]) { free((void *)resetting); return -1; } } free((void *)resetting); // Append new timestamp entry if (num_entries == sizeof(tms)/sizeof(int)) { memmove(tms, tms+1, sizeof(tms)-sizeof(int)); memmove(skews, skews+1, sizeof(skews)-sizeof(int)); } else { ++num_entries; } tms[num_entries-1] = tm; skews[num_entries-1] = skew; // Check if we have the required amount of valid entries. if (num_entries == sizeof(tms)/sizeof(int)) { unsigned int last_tm = tms[0]; int last_skew = skews[0]; int avg_skew = last_skew; for (int i = 1; i < sizeof(tms)/sizeof(int); ++i) { // Check that we have a consecutive sequence of timestamps with no big // gaps in between. Also check that the time skew stays constant. Allow // a minor amount of fuzziness on all parameters. if (tms[i] <= last_tm || tms[i] > last_tm+2 || last_skew - skew < -1 || last_skew - skew > 1) { goto keep_trying; } last_tm = tms[i]; last_skew = skews[i]; avg_skew += last_skew; } avg_skew /= (int)(sizeof(tms)/sizeof(int)); // The user entered the required number of valid codes in quick // succession. Establish a new valid time skew for all future login // attempts. char time_skew[40]; snprintf(time_skew, sizeof time_skew, "%d", avg_skew); if (set_cfg_value(pamh, "TIME_SKEW", time_skew, buf) < 0) { return -1; } rc = 0; keep_trying:; } // Set the new RESETTING_TIME_SKEW line, while the user is still trying // to reset the time skew. { const size_t reset_size = 80 * (sizeof(tms)/sizeof(int)); char reset[reset_size]; *reset = '\000'; if (rc) { for (int i = 0; i < num_entries; ++i) { char* pos = strrchr(reset, '\000'); snprintf(pos, reset_size-(pos-reset), " %d%+d" + !*reset, tms[i], skews[i]); } } if (set_cfg_value(pamh, "RESETTING_TIME_SKEW", reset, buf) < 0) { return -1; } } // Mark the state file as changed *updated = 1; return rc; } /* Checks for time based verification code. Returns -1 on error, 0 on success, * and 1, if no time based code had been entered, and subsequent tests should * be applied. */ static int check_timebased_code(pam_handle_t *pamh, const char*secret_filename, int *updated, char **buf, const uint8_t*secret, int secretLen, int code, Params *params) { if (!is_totp(*buf)) { // The secret file does not actually contain information for a time-based // code. Return to caller and see if any other authentication methods // apply. return 1; } if (code < 0 || code >= 1000000) { // All time based verification codes are no longer than six digits. return 1; } // Compute verification codes and compare them with user input const int tm = get_timestamp(pamh, secret_filename, (const char **)buf); if (!tm) { return -1; } const char *skew_str = get_cfg_value(pamh, "TIME_SKEW", *buf); if (skew_str == &oom) { // Out of memory. This is a fatal error return -1; } int skew = 0; if (skew_str) { skew = (int)strtol(skew_str, NULL, 10); } free((void *)skew_str); const int window = window_size(pamh, secret_filename, *buf); if (!window) { return -1; } for (int i = -((window-1)/2); i <= window/2; ++i) { const unsigned int hash = compute_code(secret, secretLen, tm + skew + i); if (hash == (unsigned int)code) { return invalidate_timebased_code(tm + skew + i, pamh, secret_filename, updated, buf); } } if (!params->noskewadj) { // The most common failure mode is for the clocks to be insufficiently // synchronized. We can detect this and store a skew value for future // use. skew = 1000000; for (int i = 0; i < 25*60; ++i) { unsigned int hash = compute_code(secret, secretLen, tm - i); if (hash == (unsigned int)code && skew == 1000000) { // Don't short-circuit out of the loop as the obvious difference in // computation time could be a signal that is valuable to an attacker. skew = -i; } hash = compute_code(secret, secretLen, tm + i); if (hash == (unsigned int)code && skew == 1000000) { skew = i; } } if (skew != 1000000) { if(params->debug) { log_message(LOG_INFO, pamh, "debug: time skew adjusted"); } return check_time_skew(pamh, updated, buf, skew, tm); } } return 1; } /* * Add a 'config' variable that says we logged in from a particular place * at a particular time. Only remembers the last 10 logins, which * are replaced in LRU order. * * Returns 0 on success. */ int update_logindetails(pam_handle_t *pamh, const Params *params, char **buf) { const char *rhost = get_rhost(pamh, params); const time_t now = get_time(); time_t oldest = now; // Oldest entry seen so far. int oldest_index = -1; // Index of oldest entry, due for replacement. int found = 0; // Entry for this rhost found. char name[] = "LAST "; // Config name template. if (rhost == NULL) { return -1; } for (int i = 0; i < 10; i++) { // // Get LAST<n> cfg value. // name[4] = i + '0'; char *line = get_cfg_value(pamh, name, *buf); if (line == &oom) { /* Fatal! */ return -1; } if (!line) { /* Make first empty line the oldest */ if (oldest) { oldest_index = i; oldest = 0; } continue; } // // Parse value. // // Max len of ipv6 address is 8*4 digits plus 7 colons. // Plus trailing NUL is 40. // But RHOST can be FQDN, and by RFC1035 that's 255 characters as max. char host[256]; unsigned long when = 0; // Timestamp of current entry. const int scanf_rc = sscanf(line, " %255[0-9a-zA-Z:.-] %lu ", host, &when); free(line); if (scanf_rc != 2) { log_message(LOG_ERR, pamh, "Malformed LAST%d line", i); continue; } if (!strcmp(host, rhost)) { found = 1; break; } if (when < oldest) { oldest_index = i; oldest = when; } } if (!found) { /* Loop completed all ten iterations */ name[4] = oldest_index + '0'; } /* * Max length in decimal digits of a 64 bit number is (64 log 2) + 1 * Plus space and NUL termination, is 23. * Max len of hostname is 255. */ char value[255+23+1]; memset(value, 0, sizeof value); snprintf(value, sizeof value, "%s %lu", rhost, (unsigned long)now); if (set_cfg_value(pamh, name, value, buf) < 0) { log_message(LOG_WARNING, pamh, "Failed to set cfg value for login host"); } return 0; } /* * Return non-zero if the last login from the same host as this one was * successfully authenticated within the grace period. */ int within_grace_period(pam_handle_t *pamh, const Params *params, const char *buf) { const char *rhost = get_rhost(pamh, params); const time_t now = get_time(); const time_t grace = params->grace_period; unsigned long when = 0; char match[128]; if (rhost == NULL) { return 0; } snprintf(match, sizeof match, " %s %%lu ", rhost); for (int i = 0; i < 10; i++) { static char name[] = "LAST0"; name[4] = i + '0'; char* line = get_cfg_value(pamh, name, buf); if (line == &oom) { /* Fatal! */ return 0; } if (!line) { continue; } if (sscanf(line, match, &when) == 1) { free(line); break; } free(line); } if (when == 0) { /* No match */ return 0; } return (when + grace > now); } /* Checks for counter based verification code. Returns -1 on error, 0 on * success, and 1, if no counter based code had been entered, and subsequent * tests should be applied. */ static int check_counterbased_code(pam_handle_t *pamh, const char*secret_filename, int *updated, char **buf, const uint8_t*secret, int secretLen, int code, long hotp_counter, int *must_advance_counter) { if (hotp_counter < 1) { // The secret file did not actually contain information for a counter-based // code. Return to caller and see if any other authentication methods // apply. return 1; } if (code < 0 || code >= 1000000) { // All counter based verification codes are no longer than six digits. return 1; } // Compute [window_size] verification codes and compare them with user input. // Future codes are allowed in case the user computed but did not use a code. const int window = window_size(pamh, secret_filename, *buf); if (!window) { return -1; } for (int i = 0; i < window; ++i) { const unsigned int hash = compute_code(secret, secretLen, hotp_counter + i); if (hash == (unsigned int)code) { char counter_str[40]; snprintf(counter_str, sizeof counter_str, "%ld", hotp_counter + i + 1); if (set_cfg_value(pamh, "HOTP_COUNTER", counter_str, buf) < 0) { return -1; } *updated = 1; *must_advance_counter = 0; return 0; } } *must_advance_counter = 1; return 1; } // parse a user name. // input: user name // output: uid // return: 0 on success. static int parse_user(pam_handle_t *pamh, const char *name, uid_t *uid) { char *endptr; errno = 0; const long l = strtol(name, &endptr, 10); if (!errno && endptr != name && l >= 0 && l <= INT_MAX) { *uid = (uid_t)l; return 0; } const size_t len = getpwnam_buf_max_size(); char *buf = malloc(len); if (!buf) { log_message(LOG_ERR, pamh, "Out of memory"); return -1; } struct passwd pwbuf, *pw; if (getpwnam_r(name, &pwbuf, buf, len, &pw) || !pw) { free(buf); log_message(LOG_ERR, pamh, "Failed to look up user \"%s\"", name); return -1; } *uid = pw->pw_uid; free(buf); return 0; } static int parse_args(pam_handle_t *pamh, int argc, const char **argv, Params *params) { params->debug = 0; params->echocode = PAM_PROMPT_ECHO_OFF; for (int i = 0; i < argc; ++i) { if (!strncmp(argv[i], "secret=", 7)) { params->secret_filename_spec = argv[i] + 7; } else if (!strncmp(argv[i], "authtok_prompt=", 15)) { params->authtok_prompt = argv[i] + 15; } else if (!strncmp(argv[i], "user=", 5)) { uid_t uid; if (parse_user(pamh, argv[i] + 5, &uid) < 0) { return -1; } params->fixed_uid = 1; params->uid = uid; } else if (!strncmp(argv[i], "allowed_perm=", 13)) { char *remainder = NULL; const int perm = (int)strtol(argv[i] + 13, &remainder, 8); if (perm == 0 || strlen(remainder) != 0) { log_message(LOG_ERR, pamh, "Invalid permissions in setting \"%s\"." " allowed_perm setting must be a positive octal integer.", argv[i]); return -1; } params->allowed_perm = perm; } else if (!strcmp(argv[i], "no_strict_owner")) { params->no_strict_owner = 1; } else if (!strcmp(argv[i], "debug")) { params->debug = 1; } else if (!strcmp(argv[i], "try_first_pass")) { params->pass_mode = TRY_FIRST_PASS; } else if (!strcmp(argv[i], "use_first_pass")) { params->pass_mode = USE_FIRST_PASS; } else if (!strcmp(argv[i], "forward_pass")) { params->forward_pass = 1; } else if (!strcmp(argv[i], "noskewadj")) { params->noskewadj = 1; } else if (!strcmp(argv[i], "no_increment_hotp")) { params->no_increment_hotp = 1; } else if (!strcmp(argv[i], "nullok")) { params->nullok = NULLOK; } else if (!strcmp(argv[i], "allow_readonly")) { params->allow_readonly = 1; } else if (!strcmp(argv[i], "echo-verification-code") || !strcmp(argv[i], "echo_verification_code")) { params->echocode = PAM_PROMPT_ECHO_ON; } else if (!strncmp(argv[i], "grace_period=", 13)) { char *remainder = NULL; const time_t grace = (time_t)strtol(argv[i] + 13, &remainder, 10); if (grace < 0 || *remainder) { log_message(LOG_ERR, pamh, "Invalid value in setting \"%s\"." "grace_period must be a positive number of seconds.", argv[i]); return -1; } params->grace_period = grace; } else { log_message(LOG_ERR, pamh, "Unrecognized option \"%s\"", argv[i]); return -1; } } return 0; } static int google_authenticator(pam_handle_t *pamh, int argc, const char **argv) { int rc = PAM_AUTH_ERR; uid_t uid = -1; int old_uid = -1, old_gid = -1, fd = -1; char *buf = NULL; struct stat orig_stat = { 0 }; uint8_t *secret = NULL; int secretLen = 0; // Handle optional arguments that configure our PAM module Params params = { 0 }; params.allowed_perm = 0600; if (parse_args(pamh, argc, argv, ¶ms) < 0) { return rc; } const char *prompt = params.authtok_prompt ? params.authtok_prompt : (params.forward_pass ? PWCODE_PROMPT : CODE_PROMPT); // Read and process status file, then ask the user for the verification code. int early_updated = 0, updated = 0; const char* const username = get_user_name(pamh, ¶ms); char* const secret_filename = get_secret_filename(pamh, ¶ms, username, &uid); int stopped_by_rate_limit = 0; // Drop privileges. { const char* drop_username = username; // If user doesn't exist, use 'nobody'. if (uid == -1) { drop_username = nobody; if (parse_user(pamh, drop_username, &uid)) { // If 'nobody' doesn't exist, bail. We need to drop privs to *someone*. goto out; } } if (drop_privileges(pamh, drop_username, uid, &old_uid, &old_gid)) { // Don't allow to continue without dropping privs. goto out; } } if (secret_filename) { fd = open_secret_file(pamh, secret_filename, ¶ms, username, uid, &orig_stat); if (fd >= 0) { buf = read_file_contents(pamh, ¶ms, secret_filename, &fd, orig_stat.st_size); } if (buf) { if (rate_limit(pamh, secret_filename, &early_updated, &buf) >= 0) { secret = get_shared_secret(pamh, ¶ms, secret_filename, buf, &secretLen); } else { stopped_by_rate_limit=1; } } } const long hotp_counter = get_hotp_counter(pamh, buf); /* * Check to see if a successful login from the same host happened * within the grace period. If it did, then allow login without * an additional code. */ if (buf && within_grace_period(pamh, ¶ms, buf)) { rc = PAM_SUCCESS; log_message(LOG_INFO, pamh, "within grace period: \"%s\"", username); goto out; } // Only if nullok and we do not have a code will we NOT ask for a code. // In all other cases (i.e "have code" and "no nullok and no code") we DO ask for a code. if (!stopped_by_rate_limit && ( secret || params.nullok != SECRETNOTFOUND ) ) { if (!secret) { log_message(LOG_WARNING , pamh, "No secret configured for user %s, asking for code anyway.", username); } int must_advance_counter = 0; char *pw = NULL, *saved_pw = NULL; for (int mode = 0; mode < 4; ++mode) { // In the case of TRY_FIRST_PASS, we don't actually know whether we // get the verification code from the system password or from prompting // the user. We need to attempt both. // This only works correctly, if all failed attempts leave the global // state unchanged. if (updated || pw) { // Oops. There is something wrong with the internal logic of our // code. This error should never trigger. The unittest checks for // this. if (pw) { explicit_bzero(pw, strlen(pw)); free(pw); pw = NULL; } rc = PAM_AUTH_ERR; break; } switch (mode) { case 0: // Extract possible verification code case 1: // Extract possible scratch code if (params.pass_mode == USE_FIRST_PASS || params.pass_mode == TRY_FIRST_PASS) { pw = get_first_pass(pamh); } break; default: if (mode != 2 && // Prompt for pw and possible verification code mode != 3) { // Prompt for pw and possible scratch code rc = PAM_AUTH_ERR; continue; } if (params.pass_mode == PROMPT || params.pass_mode == TRY_FIRST_PASS) { if (!saved_pw) { // If forwarding the password to the next stacked PAM module, // we cannot tell the difference between an eight digit scratch // code or a two digit password immediately followed by a six // digit verification code. We have to loop and try both // options. saved_pw = request_pass(pamh, params.echocode, prompt); } if (saved_pw) { pw = strdup(saved_pw); } } break; } if (!pw) { continue; } // We are often dealing with a combined password and verification // code. Separate them now. const int pw_len = strlen(pw); const int expected_len = mode & 1 ? 8 : 6; char ch; // Full OpenSSH "bad password" is "\b\n\r\177INCORRECT", capped // to original password length. if (pw_len > 0 && pw[0] == '\b') { log_message(LOG_INFO, pamh, "Dummy password supplied by PAM." " Did OpenSSH 'PermitRootLogin <anything but yes>' or some" " other config block this login?"); } if (pw_len < expected_len || // Verification are six digits starting with '0'..'9', // scratch codes are eight digits starting with '1'..'9' (ch = pw[pw_len - expected_len]) > '9' || ch < (expected_len == 8 ? '1' : '0')) { invalid: explicit_bzero(pw, pw_len); free(pw); pw = NULL; continue; } char *endptr; errno = 0; const long l = strtol(pw + pw_len - expected_len, &endptr, 10); if (errno || l < 0 || *endptr) { goto invalid; } const int code = (int)l; memset(pw + pw_len - expected_len, 0, expected_len); if ((mode == 2 || mode == 3) && !params.forward_pass) { // We are explicitly configured so that we don't try to share // the password with any other stacked PAM module. We must // therefore verify that the user entered just the verification // code, but no password. if (*pw) { goto invalid; } } // Only if we actually have a secret will we try to verify the code // In all other cases will we just remain at PAM_AUTH_ERR if (secret) { // Check all possible types of verification codes. switch (check_scratch_codes(pamh, ¶ms, secret_filename, &updated, buf, code)) { case 1: if (hotp_counter > 0) { switch (check_counterbased_code(pamh, secret_filename, &updated, &buf, secret, secretLen, code, hotp_counter, &must_advance_counter)) { case 0: rc = PAM_SUCCESS; break; case 1: goto invalid; default: break; } } else { switch (check_timebased_code(pamh, secret_filename, &updated, &buf, secret, secretLen, code, ¶ms)) { case 0: rc = PAM_SUCCESS; break; case 1: goto invalid; default: break; } } break; case 0: rc = PAM_SUCCESS; break; default: break; } break; } } // Update the system password, if we were asked to forward // the system password. We already removed the verification // code from the end of the password. if (rc == PAM_SUCCESS && params.forward_pass) { if (!pw || pam_set_item(pamh, PAM_AUTHTOK, pw) != PAM_SUCCESS) { rc = PAM_AUTH_ERR; } } // Clear out password and deallocate memory if (pw) { explicit_bzero(pw,strlen(pw)); free(pw); } if (saved_pw) { explicit_bzero(saved_pw, strlen(saved_pw)); free(saved_pw); } // If an hotp login attempt has been made, the counter must always be // advanced by at least one, unless this has been disabled. if (!params.no_increment_hotp && must_advance_counter) { char counter_str[40]; snprintf(counter_str, sizeof counter_str, "%ld", hotp_counter + 1); if (set_cfg_value(pamh, "HOTP_COUNTER", counter_str, &buf) < 0) { rc = PAM_AUTH_ERR; } updated = 1; } // Display a success or error message if (rc == PAM_SUCCESS) { log_message(LOG_INFO , pamh, "Accepted google_authenticator for %s", username); if (params.grace_period != 0) { updated = 1; if (update_logindetails(pamh, ¶ms, &buf)) { log_message(LOG_ERR, pamh, "Failed to store grace_period timestamp in config"); } } } else { log_message(LOG_ERR, pamh, "Invalid verification code for %s", username); } } // If the user has not created a state file with a shared secret, and if // the administrator set the "nullok" option, this PAM module completes // without saying success or failure, without ever prompting the user. // It's not a failure since "nullok" was specified, and it's not a success // because it must be distinguishable from "good credentials given" in // case the PAM config considers this module "sufficient". // (or more complex equivalents) if (params.nullok == SECRETNOTFOUND) { rc = PAM_IGNORE; } // Persist the new state. if (early_updated || updated) { int err; if ((err = write_file_contents(pamh, ¶ms, secret_filename, &orig_stat, buf))) { // Inform user of error if the error is clearly a system error // and not an auth error. char s[1024]; switch (err) { case EPERM: case ENOSPC: case EROFS: case EIO: case EDQUOT: snprintf(s, sizeof(s), "Error \"%s\" while writing config", strerror(err)); conv_error(pamh, s); } // If allow_readonly parameter is defined than ignore write errors and // allow user to login. if (!params.allow_readonly) { // Could not persist new state. Deny access. rc = PAM_AUTH_ERR; } } } out: if (params.debug) { log_message(LOG_INFO, pamh, "debug: end of google_authenticator for \"%s\". Result: %s", username, pam_strerror(pamh, rc)); } if (fd >= 0) { close(fd); } if (old_gid >= 0) { if (setgroup(old_gid) >= 0 && setgroup(old_gid) == old_gid) { old_gid = -1; } } if (old_uid >= 0) { if (setuser(old_uid) < 0 || setuser(old_uid) != old_uid) { log_message(LOG_EMERG, pamh, "We switched users from %d to %d, " "but can't switch back", old_uid, uid); } } free(secret_filename); // Clean up if (buf) { explicit_bzero(buf, strlen(buf)); free(buf); } if (secret) { explicit_bzero(secret, secretLen); free(secret); } return rc; } #ifndef UNUSED_ATTR # if __GNUC__ >= 3 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7) # define UNUSED_ATTR __attribute__((__unused__)) # else # define UNUSED_ATTR # endif #endif PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED_ATTR, int argc, const char **argv) { return google_authenticator(pamh, argc, argv); } PAM_EXTERN int pam_sm_setcred (pam_handle_t *pamh UNUSED_ATTR, int flags UNUSED_ATTR, int argc UNUSED_ATTR, const char **argv UNUSED_ATTR) { return PAM_SUCCESS; } #ifdef PAM_STATIC struct pam_module _pam_listfile_modstruct = { MODULE_NAME, pam_sm_authenticate, pam_sm_setcred, NULL, NULL, NULL, NULL }; #endif /* ---- Emacs Variables ---- * Local Variables: * c-basic-offset: 2 * indent-tabs-mode: nil * End: */ 07070100000024000081A40000000000000000000000016627DD8100002C2A000000000000000000000000000000000000002C00000000google-authenticator-libpam-1.10/src/sha1.c/* * Copyright 2010 Google Inc. * Author: Markus Gutschke * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * * An earlier version of this file was originally released into the public * domain by its authors. It has been modified to make the code compile and * link as part of the Google Authenticator project. These changes are * copyrighted by Google Inc. and released under the Apache License, * Version 2.0. * * The previous authors' terms are included below: */ /***************************************************************************** * * File: sha1.c * * Purpose: Implementation of the SHA1 message-digest algorithm. * * NIST Secure Hash Algorithm * Heavily modified by Uwe Hollerbach <uh@alumni.caltech edu> * from Peter C. Gutmann's implementation as found in * Applied Cryptography by Bruce Schneier * Further modifications to include the "UNRAVEL" stuff, below * * This code is in the public domain * ***************************************************************************** */ #define _BSD_SOURCE #define _DEFAULT_SOURCE #include <sys/types.h> // Defines BYTE_ORDER, iff _BSD_SOURCE is defined #include <string.h> #include "sha1.h" #if !defined(BYTE_ORDER) #if defined(_BIG_ENDIAN) #define BYTE_ORDER 4321 #elif defined(_LITTLE_ENDIAN) #define BYTE_ORDER 1234 #else #error Need to define BYTE_ORDER #endif #endif #ifndef TRUNC32 #define TRUNC32(x) ((x) & 0xffffffffL) #endif /* SHA f()-functions */ #define f1(x,y,z) ((x & y) | (~x & z)) #define f2(x,y,z) (x ^ y ^ z) #define f3(x,y,z) ((x & y) | (x & z) | (y & z)) #define f4(x,y,z) (x ^ y ^ z) /* SHA constants */ #define CONST1 0x5a827999L #define CONST2 0x6ed9eba1L #define CONST3 0x8f1bbcdcL #define CONST4 0xca62c1d6L /* truncate to 32 bits -- should be a null op on 32-bit machines */ #define T32(x) ((x) & 0xffffffffL) /* 32-bit rotate */ #define R32(x,n) T32(((x << n) | (x >> (32 - n)))) /* the generic case, for when the overall rotation is not unraveled */ #define FG(n) \ T = T32(R32(A,5) + f##n(B,C,D) + E + *WP++ + CONST##n); \ E = D; D = C; C = R32(B,30); B = A; A = T /* specific cases, for when the overall rotation is unraveled */ #define FA(n) \ T = T32(R32(A,5) + f##n(B,C,D) + E + *WP++ + CONST##n); B = R32(B,30) #define FB(n) \ E = T32(R32(T,5) + f##n(A,B,C) + D + *WP++ + CONST##n); A = R32(A,30) #define FC(n) \ D = T32(R32(E,5) + f##n(T,A,B) + C + *WP++ + CONST##n); T = R32(T,30) #define FD(n) \ C = T32(R32(D,5) + f##n(E,T,A) + B + *WP++ + CONST##n); E = R32(E,30) #define FE(n) \ B = T32(R32(C,5) + f##n(D,E,T) + A + *WP++ + CONST##n); D = R32(D,30) #define FT(n) \ A = T32(R32(B,5) + f##n(C,D,E) + T + *WP++ + CONST##n); C = R32(C,30) static void sha1_transform(SHA1_INFO *sha1_info) { int i; uint8_t *dp; uint32_t T, A, B, C, D, E, W[80], *WP; dp = sha1_info->data; #undef SWAP_DONE #if BYTE_ORDER == 1234 #define SWAP_DONE for (i = 0; i < 16; ++i) { T = *((uint32_t *) dp); dp += 4; W[i] = ((T << 24) & 0xff000000) | ((T << 8) & 0x00ff0000) | ((T >> 8) & 0x0000ff00) | ((T >> 24) & 0x000000ff); } #endif #if BYTE_ORDER == 4321 #define SWAP_DONE for (i = 0; i < 16; ++i) { T = *((uint32_t *) dp); dp += 4; W[i] = TRUNC32(T); } #endif #if BYTE_ORDER == 12345678 #define SWAP_DONE for (i = 0; i < 16; i += 2) { T = *((uint32_t *) dp); dp += 8; W[i] = ((T << 24) & 0xff000000) | ((T << 8) & 0x00ff0000) | ((T >> 8) & 0x0000ff00) | ((T >> 24) & 0x000000ff); T >>= 32; W[i+1] = ((T << 24) & 0xff000000) | ((T << 8) & 0x00ff0000) | ((T >> 8) & 0x0000ff00) | ((T >> 24) & 0x000000ff); } #endif #if BYTE_ORDER == 87654321 #define SWAP_DONE for (i = 0; i < 16; i += 2) { T = *((uint32_t *) dp); dp += 8; W[i] = TRUNC32(T >> 32); W[i+1] = TRUNC32(T); } #endif #ifndef SWAP_DONE #define SWAP_DONE for (i = 0; i < 16; ++i) { T = *((uint32_t *) dp); dp += 4; W[i] = TRUNC32(T); } #endif /* SWAP_DONE */ for (i = 16; i < 80; ++i) { W[i] = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16]; W[i] = R32(W[i], 1); } A = sha1_info->digest[0]; B = sha1_info->digest[1]; C = sha1_info->digest[2]; D = sha1_info->digest[3]; E = sha1_info->digest[4]; WP = W; #ifdef UNRAVEL FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1); FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2); FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3); FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4); sha1_info->digest[0] = T32(sha1_info->digest[0] + E); sha1_info->digest[1] = T32(sha1_info->digest[1] + T); sha1_info->digest[2] = T32(sha1_info->digest[2] + A); sha1_info->digest[3] = T32(sha1_info->digest[3] + B); sha1_info->digest[4] = T32(sha1_info->digest[4] + C); #else /* !UNRAVEL */ #ifdef UNROLL_LOOPS FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); #else /* !UNROLL_LOOPS */ for (i = 0; i < 20; ++i) { FG(1); } for (i = 20; i < 40; ++i) { FG(2); } for (i = 40; i < 60; ++i) { FG(3); } for (i = 60; i < 80; ++i) { FG(4); } #endif /* !UNROLL_LOOPS */ sha1_info->digest[0] = T32(sha1_info->digest[0] + A); sha1_info->digest[1] = T32(sha1_info->digest[1] + B); sha1_info->digest[2] = T32(sha1_info->digest[2] + C); sha1_info->digest[3] = T32(sha1_info->digest[3] + D); sha1_info->digest[4] = T32(sha1_info->digest[4] + E); #endif /* !UNRAVEL */ } /* initialize the SHA digest */ void sha1_init(SHA1_INFO *sha1_info) { sha1_info->digest[0] = 0x67452301L; sha1_info->digest[1] = 0xefcdab89L; sha1_info->digest[2] = 0x98badcfeL; sha1_info->digest[3] = 0x10325476L; sha1_info->digest[4] = 0xc3d2e1f0L; sha1_info->count_lo = 0L; sha1_info->count_hi = 0L; sha1_info->local = 0; } /* update the SHA digest */ void sha1_update(SHA1_INFO *sha1_info, const uint8_t *buffer, int count) { uint32_t clo; clo = T32(sha1_info->count_lo + ((uint32_t) count << 3)); if (clo < sha1_info->count_lo) { ++sha1_info->count_hi; } sha1_info->count_lo = clo; sha1_info->count_hi += (uint32_t) count >> 29; if (sha1_info->local) { int i = SHA1_BLOCKSIZE - sha1_info->local; if (i > count) { i = count; } memcpy(((uint8_t *) sha1_info->data) + sha1_info->local, buffer, i); count -= i; buffer += i; sha1_info->local += i; if (sha1_info->local == SHA1_BLOCKSIZE) { sha1_transform(sha1_info); } else { return; } } while (count >= SHA1_BLOCKSIZE) { memcpy(sha1_info->data, buffer, SHA1_BLOCKSIZE); buffer += SHA1_BLOCKSIZE; count -= SHA1_BLOCKSIZE; sha1_transform(sha1_info); } memcpy(sha1_info->data, buffer, count); sha1_info->local = count; } static void sha1_transform_and_copy(unsigned char digest[20], SHA1_INFO *sha1_info) { sha1_transform(sha1_info); digest[ 0] = (unsigned char) ((sha1_info->digest[0] >> 24) & 0xff); digest[ 1] = (unsigned char) ((sha1_info->digest[0] >> 16) & 0xff); digest[ 2] = (unsigned char) ((sha1_info->digest[0] >> 8) & 0xff); digest[ 3] = (unsigned char) ((sha1_info->digest[0] ) & 0xff); digest[ 4] = (unsigned char) ((sha1_info->digest[1] >> 24) & 0xff); digest[ 5] = (unsigned char) ((sha1_info->digest[1] >> 16) & 0xff); digest[ 6] = (unsigned char) ((sha1_info->digest[1] >> 8) & 0xff); digest[ 7] = (unsigned char) ((sha1_info->digest[1] ) & 0xff); digest[ 8] = (unsigned char) ((sha1_info->digest[2] >> 24) & 0xff); digest[ 9] = (unsigned char) ((sha1_info->digest[2] >> 16) & 0xff); digest[10] = (unsigned char) ((sha1_info->digest[2] >> 8) & 0xff); digest[11] = (unsigned char) ((sha1_info->digest[2] ) & 0xff); digest[12] = (unsigned char) ((sha1_info->digest[3] >> 24) & 0xff); digest[13] = (unsigned char) ((sha1_info->digest[3] >> 16) & 0xff); digest[14] = (unsigned char) ((sha1_info->digest[3] >> 8) & 0xff); digest[15] = (unsigned char) ((sha1_info->digest[3] ) & 0xff); digest[16] = (unsigned char) ((sha1_info->digest[4] >> 24) & 0xff); digest[17] = (unsigned char) ((sha1_info->digest[4] >> 16) & 0xff); digest[18] = (unsigned char) ((sha1_info->digest[4] >> 8) & 0xff); digest[19] = (unsigned char) ((sha1_info->digest[4] ) & 0xff); } /* finish computing the SHA digest */ void sha1_final(SHA1_INFO *sha1_info, uint8_t digest[20]) { int count; uint32_t lo_bit_count, hi_bit_count; lo_bit_count = sha1_info->count_lo; hi_bit_count = sha1_info->count_hi; count = (int) ((lo_bit_count >> 3) & 0x3f); ((uint8_t *) sha1_info->data)[count++] = 0x80; if (count > SHA1_BLOCKSIZE - 8) { memset(((uint8_t *) sha1_info->data) + count, 0, SHA1_BLOCKSIZE - count); sha1_transform(sha1_info); memset((uint8_t *) sha1_info->data, 0, SHA1_BLOCKSIZE - 8); } else { memset(((uint8_t *) sha1_info->data) + count, 0, SHA1_BLOCKSIZE - 8 - count); } sha1_info->data[56] = (uint8_t)((hi_bit_count >> 24) & 0xff); sha1_info->data[57] = (uint8_t)((hi_bit_count >> 16) & 0xff); sha1_info->data[58] = (uint8_t)((hi_bit_count >> 8) & 0xff); sha1_info->data[59] = (uint8_t)((hi_bit_count >> 0) & 0xff); sha1_info->data[60] = (uint8_t)((lo_bit_count >> 24) & 0xff); sha1_info->data[61] = (uint8_t)((lo_bit_count >> 16) & 0xff); sha1_info->data[62] = (uint8_t)((lo_bit_count >> 8) & 0xff); sha1_info->data[63] = (uint8_t)((lo_bit_count >> 0) & 0xff); sha1_transform_and_copy(digest, sha1_info); } /***EOF***/ 07070100000025000081A40000000000000000000000016627DD81000004A5000000000000000000000000000000000000002C00000000google-authenticator-libpam-1.10/src/sha1.h// SHA1 header file // // Copyright 2010 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #ifndef SHA1_H__ #define SHA1_H__ #include <stdint.h> #define SHA1_BLOCKSIZE 64 #define SHA1_DIGEST_LENGTH 20 typedef struct { uint32_t digest[8]; uint32_t count_lo, count_hi; uint8_t data[SHA1_BLOCKSIZE]; int local; } SHA1_INFO; void sha1_init(SHA1_INFO *sha1_info) __attribute__((visibility("hidden"))); void sha1_update(SHA1_INFO *sha1_info, const uint8_t *buffer, int count) __attribute__((visibility("hidden"))); void sha1_final(SHA1_INFO *sha1_info, uint8_t digest[20]) __attribute__((visibility("hidden"))); #endif 07070100000026000081A40000000000000000000000016627DD8100000594000000000000000000000000000000000000002C00000000google-authenticator-libpam-1.10/src/util.c/* * Copyright 2017 Google Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * * An earlier version of this file was originally released into the public * domain by its authors. It has been modified to make the code compile and * link as part of the Google Authenticator project. These changes are * copyrighted by Google Inc. and released under the Apache License, * Version 2.0. * * The previous authors' terms are included below: */ /***************************************************************************** * * File: util.c * * Purpose: Collection of cross file utility functions. * * This code is in the public domain * ***************************************************************************** */ #include "config.h" #include <string.h> #ifndef HAVE_EXPLICIT_BZERO void explicit_bzero(void *s, size_t len) { memset(s, '\0', len); asm volatile ("":::"memory"); } #endif 07070100000027000081A40000000000000000000000016627DD81000002C7000000000000000000000000000000000000002C00000000google-authenticator-libpam-1.10/src/util.h// util header file // // Copyright 2017 Google Inc. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include "config.h" #ifndef HAVE_EXPLICIT_BZERO void explicit_bzero(void *s, size_t len); #endif 07070100000028000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000002700000000google-authenticator-libpam-1.10/tests07070100000029000081ED0000000000000000000000016627DD8100000119000000000000000000000000000000000000003600000000google-authenticator-libpam-1.10/tests/base32_test.sh#!/bin/bash a=0 while [ $a -lt 150 ] ;do dd if=/dev/urandom bs=$RANDOM count=1 of=testfile > /dev/null 2>&1 cat testfile | ./base32 -e | ./base32 -d > testfile.out if ! cmp -s testfile testfile.out ; then echo FAILED exit 1 fi a=$((a + 1)) done rm testfile testfile.out 0707010000002A000081A40000000000000000000000016627DD8100005C94000000000000000000000000000000000000004B00000000google-authenticator-libpam-1.10/tests/pam_google_authenticator_unittest.c// Unittest for the PAM module. This is part of the Google Authenticator // project. // // Copyright 2010 Google Inc. // Author: Markus Gutschke // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include "config.h" #include <assert.h> #include <dlfcn.h> #include <fcntl.h> #include <security/pam_appl.h> #include <security/pam_modules.h> #include <signal.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/stat.h> #include <sys/types.h> #include <unistd.h> #include "../src/base32.h" #include "../src/hmac.h" #if !defined(PAM_BAD_ITEM) // FreeBSD does not know about PAM_BAD_ITEM. And PAM_SYMBOL_ERR is an "enum", // we can't test for it at compile-time. #define PAM_BAD_ITEM PAM_SYMBOL_ERR #endif static PAM_CONST char pw[] = "0123456789"; static char *response = ""; static void *pam_module; static enum { TWO_PROMPTS, COMBINED_PASSWORD, COMBINED_PROMPT } conv_mode; static int num_prompts_shown = 0; static int conversation(int num_msg, PAM_CONST struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { // Keep track of how often the conversation callback is executed. ++num_prompts_shown; if (conv_mode == COMBINED_PASSWORD) { return PAM_CONV_ERR; } if (num_msg == 1 && msg[0]->msg_style == PAM_PROMPT_ECHO_OFF) { *resp = malloc(sizeof(struct pam_response)); assert(*resp); (*resp)->resp = conv_mode == TWO_PROMPTS ? strdup(response) : strcat(strcpy(malloc(sizeof(pw) + strlen(response)), pw), response); (*resp)->resp_retcode = 0; return PAM_SUCCESS; } return PAM_CONV_ERR; } int pam_get_user(pam_handle_t *pamh, PAM_CONST char **user, PAM_CONST char *prompt) __attribute__((visibility("default"))); int pam_get_user(pam_handle_t *pamh, PAM_CONST char **user, PAM_CONST char *prompt) { return pam_get_item(pamh, PAM_USER, (void *)user); } int pam_get_item(const pam_handle_t *pamh, int item_type, PAM_CONST void **item) __attribute__((visibility("default"))); int pam_get_item(const pam_handle_t *pamh, int item_type, PAM_CONST void **item) { switch (item_type) { case PAM_SERVICE: { static const char *service = "google_authenticator_unittest"; *item = service; return PAM_SUCCESS; } case PAM_USER: { char *user = getenv("USER"); *item = user; return PAM_SUCCESS; } case PAM_CONV: { static struct pam_conv conv = { .conv = conversation }, *p_conv = &conv; *item = p_conv; return PAM_SUCCESS; } case PAM_RHOST: { static const char *rhost = "::1"; *item = rhost; return PAM_SUCCESS; } case PAM_AUTHTOK: { static char *authtok = NULL; if (conv_mode == COMBINED_PASSWORD) { authtok = realloc(authtok, sizeof(pw) + strlen(response)); *item = strcat(strcpy(authtok, pw), response); } else { *item = pw; } return PAM_SUCCESS; } default: return PAM_BAD_ITEM; } } int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) __attribute__((visibility("default"))); int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) { switch (item_type) { case PAM_AUTHTOK: if (strcmp((char *)item, pw)) { return PAM_BAD_ITEM; } return PAM_SUCCESS; default: return PAM_BAD_ITEM; } } // Return the last line of the error message. static const char *get_error_msg(void) { const char *(*get_error_msg)(void) = (const char *(*)(void))dlsym(pam_module, "get_error_msg"); const char* msg = get_error_msg ? get_error_msg() : ""; const char* p = strrchr(msg, '\n'); if (p) { msg = p+1; } return msg; } static void print_diagnostics(int signo) { if (*get_error_msg()) { fprintf(stderr, "%s\n", get_error_msg()); } _exit(1); } #define verify_prompts_shown(expected_prompts_shown) do { \ assert(num_prompts_shown == (expected_prompts_shown)); \ num_prompts_shown = 0; /* Reset for the next count. */ \ } while(0) int main(int argc, char *argv[]) { // Testing Base32 encoding puts("Testing base32 encoding"); static const uint8_t dat[] = "Hello world..."; uint8_t enc[((sizeof(dat) + 4)/5)*8 + 1]; assert(base32_encode(dat, sizeof(dat), enc, sizeof(enc)) == sizeof(enc)-1); assert(!strcmp((char *)enc, "JBSWY3DPEB3W64TMMQXC4LQA")); puts("Testing base32 decoding"); uint8_t dec[sizeof(dat)]; assert(base32_decode(enc, dec, sizeof(dec)) == sizeof(dec)); assert(!memcmp(dat, dec, sizeof(dat))); // Testing HMAC_SHA1 puts("Testing HMAC_SHA1"); uint8_t hmac[20]; hmac_sha1((uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C" "\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19" "\x1A\x1B\x1C\x1D\x1E\x1F !\"#$%&'()*+,-./0123456789:" ";<=>?", 64, (uint8_t *)"Sample #1", 9, hmac, sizeof(hmac)); assert(!memcmp(hmac, (uint8_t []) { 0x4F, 0x4C, 0xA3, 0xD5, 0xD6, 0x8B, 0xA7, 0xCC, 0x0A, 0x12, 0x08, 0xC9, 0xC6, 0x1E, 0x9C, 0x5D, 0xA0, 0x40, 0x3C, 0x0A }, sizeof(hmac))); hmac_sha1((uint8_t *)"0123456789:;<=>?@ABC", 20, (uint8_t *)"Sample #2", 9, hmac, sizeof(hmac)); assert(!memcmp(hmac, (uint8_t []) { 0x09, 0x22, 0xD3, 0x40, 0x5F, 0xAA, 0x3D, 0x19, 0x4F, 0x82, 0xA4, 0x58, 0x30, 0x73, 0x7D, 0x5C, 0xC6, 0xC7, 0x5D, 0x24 }, sizeof(hmac))); hmac_sha1((uint8_t *)"PQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~" "\x7F\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8A" "\x8B\x8C\x8D\x8E\x8F\x90\x91\x92\x93\x94\x95\x96" "\x97\x98\x99\x9A\x9B\x9C\x9D\x9E\x9F\xA0\xA1\xA2" "\xA3\xA4\xA5\xA6\xA7\xA8\xA9\xAA\xAB\xAC\xAD\xAE" "\xAF\xB0\xB1\xB2\xB3", 100, (uint8_t *)"Sample #3", 9, hmac, sizeof(hmac)); assert(!memcmp(hmac, (uint8_t []) { 0xBC, 0xF4, 0x1E, 0xAB, 0x8B, 0xB2, 0xD8, 0x02, 0xF3, 0xD0, 0x5C, 0xAF, 0x7C, 0xB0, 0x92, 0xEC, 0xF8, 0xD1, 0xA3, 0xAA }, sizeof(hmac))); hmac_sha1((uint8_t *)"pqrstuvwxyz{|}~\x7F\x80\x81\x82\x83\x84\x85\x86\x87" "\x88\x89\x8A\x8B\x8C\x8D\x8E\x8F\x90\x91\x92\x93\x94" "\x95\x96\x97\x98\x99\x9A\x9B\x9C\x9D\x9E\x9F\xA0", 49, (uint8_t *)"Sample #4", 9, hmac, sizeof(hmac)); assert(!memcmp(hmac, (uint8_t []) { 0x9E, 0xA8, 0x86, 0xEF, 0xE2, 0x68, 0xDB, 0xEC, 0xCE, 0x42, 0x0C, 0x75, 0x24, 0xDF, 0x32, 0xE0, 0x75, 0x1A, 0x2A, 0x26 }, sizeof(hmac))); // Load the PAM module puts("Loading PAM module"); pam_module = dlopen("./.libs/libpam_google_authenticator_testing.so", RTLD_NOW | RTLD_GLOBAL); if (pam_module == NULL) { fprintf(stderr, "dlopen(): %s\n", dlerror()); exit(1); } signal(SIGABRT, print_diagnostics); // Look up public symbols int (*pam_sm_authenticate)(pam_handle_t *, int, int, const char **) = (int (*)(pam_handle_t *, int, int, const char **)) dlsym(pam_module, "pam_sm_authenticate"); assert(pam_sm_authenticate != NULL); // Look up private test-only API void (*set_time)(time_t t) = (void (*)(time_t))dlsym(pam_module, "set_time"); assert(set_time); int (*compute_code)(uint8_t *, int, unsigned long) = (int (*)(uint8_t*, int, unsigned long))dlsym(pam_module, "compute_code"); assert(compute_code); for (int otp_mode = 0; otp_mode < 8; ++otp_mode) { // Create a secret file with a well-known test vector char fn[] = "/tmp/.google_authenticator_XXXXXX"; mode_t orig_umask = umask(S_IRWXG|S_IRWXO); // Only for the current user. int fd = mkstemp(fn); (void)umask(orig_umask); assert(fd >= 0); static const uint8_t secret[] = "2SH3V3GDW7ZNMGYE"; assert(write(fd, secret, sizeof(secret)-1) == sizeof(secret)-1); assert(write(fd, "\n\" TOTP_AUTH", 12) == 12); close(fd); uint8_t binary_secret[sizeof(secret)]; size_t binary_secret_len = base32_decode(secret, binary_secret, sizeof(binary_secret)); // Set up test argc/argv parameters to let the PAM module know where to // find our secret file const char *targv[] = { malloc(strlen(fn) + 8), NULL, NULL, NULL, NULL }; strcat(strcpy((char *)targv[0], "secret="), fn); int targc; int expected_good_prompts_shown; int expected_bad_prompts_shown; int password_is_provided_from_external; switch (otp_mode) { case 0: puts("\nRunning tests, querying for verification code"); conv_mode = TWO_PROMPTS; targc = 1; expected_good_prompts_shown = expected_bad_prompts_shown = 1; password_is_provided_from_external = 0; break; case 1: puts("\nRunning tests, querying for verification code, " "forwarding system pass"); conv_mode = COMBINED_PROMPT; targv[1] = strdup("forward_pass"); targc = 2; expected_good_prompts_shown = expected_bad_prompts_shown = 1; password_is_provided_from_external = 0; break; case 2: puts("\nRunning tests with use_first_pass"); conv_mode = COMBINED_PASSWORD; targv[1] = strdup("use_first_pass"); targc = 2; expected_good_prompts_shown = expected_bad_prompts_shown = 0; password_is_provided_from_external = 1; break; case 3: puts("\nRunning tests with use_first_pass, forwarding system pass"); conv_mode = COMBINED_PASSWORD; targv[1] = strdup("use_first_pass"); targv[2] = strdup("forward_pass"); targc = 3; expected_good_prompts_shown = expected_bad_prompts_shown = 0; password_is_provided_from_external = 1; break; case 4: puts("\nRunning tests with try_first_pass, combining codes"); conv_mode = COMBINED_PASSWORD; targv[1] = strdup("try_first_pass"); targc = 2; expected_good_prompts_shown = 0; expected_bad_prompts_shown = 2; password_is_provided_from_external = 1; break; case 5: puts("\nRunning tests with try_first_pass, combining codes, " "forwarding system pass"); conv_mode = COMBINED_PASSWORD; targv[1] = strdup("try_first_pass"); targv[2] = strdup("forward_pass"); targc = 3; expected_good_prompts_shown = 0; expected_bad_prompts_shown = 2; password_is_provided_from_external = 1; break; case 6: puts("\nRunning tests with try_first_pass, querying for codes"); conv_mode = TWO_PROMPTS; targv[1] = strdup("try_first_pass"); targc = 2; expected_good_prompts_shown = expected_bad_prompts_shown = 1; password_is_provided_from_external = 1; break; default: assert(otp_mode == 7); puts("\nRunning tests with try_first_pass, querying for codes, " "forwarding system pass"); conv_mode = COMBINED_PROMPT; targv[1] = strdup("try_first_pass"); targv[2] = strdup("forward_pass"); targc = 3; expected_good_prompts_shown = expected_bad_prompts_shown = 1; password_is_provided_from_external = 1; break; } // Make sure num_prompts_shown is still 0. verify_prompts_shown(0); // Set the timestamp that this test vector needs set_time(10000*30); response = "123456"; // Check if we can log in when using an invalid verification code puts("Testing failed login attempt"); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_bad_prompts_shown); // Check required number of digits if (conv_mode == TWO_PROMPTS) { puts("Testing required number of digits"); response = "50548"; assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_bad_prompts_shown); response = "0050548"; assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_bad_prompts_shown); response = "00050548"; assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_bad_prompts_shown); } // Test a blank response puts("Testing a blank response"); response = ""; assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_bad_prompts_shown); // Set the response that we should send back to the authentication module response = "050548"; // Test handling of missing state files puts("Test handling of missing state files"); const char *old_secret = targv[0]; targv[0] = "secret=/NOSUCHFILE"; assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(password_is_provided_from_external ? 0 : expected_bad_prompts_shown); targv[targc++] = "nullok"; targv[targc] = NULL; assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_IGNORE); verify_prompts_shown(0); targv[--targc] = NULL; targv[0] = old_secret; // Check if we can log in when using a valid verification code puts("Testing successful login"); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_SUCCESS); verify_prompts_shown(expected_good_prompts_shown); // Test the STEP_SIZE option puts("Testing STEP_SIZE option"); assert(!chmod(fn, 0600)); assert((fd = open(fn, O_APPEND | O_WRONLY)) >= 0); assert(write(fd, "\n\" STEP_SIZE 60\n", 16) == 16); close(fd); for (int *tm = (int []){ 9998, 9999, 10001, 10002, 10000, -1 }, *res = (int []){ PAM_AUTH_ERR, PAM_SUCCESS, PAM_SUCCESS, PAM_AUTH_ERR, PAM_SUCCESS }; *tm >= 0;) { set_time(*tm++ * 60); assert(pam_sm_authenticate(NULL, 0, targc, targv) == *res++); verify_prompts_shown(expected_good_prompts_shown); } // Reset secret file after step size testing. assert(!chmod(fn, 0600)); assert((fd = open(fn, O_TRUNC | O_WRONLY)) >= 0); assert(write(fd, secret, sizeof(secret)-1) == sizeof(secret)-1); assert(write(fd, "\n\" TOTP_AUTH", 12) == 12); close(fd); // Test the WINDOW_SIZE option puts("Testing WINDOW_SIZE option"); for (int *tm = (int []){ 9998, 9999, 10001, 10002, 10000, -1 }, *res = (int []){ PAM_AUTH_ERR, PAM_SUCCESS, PAM_SUCCESS, PAM_AUTH_ERR, PAM_SUCCESS }; *tm >= 0;) { set_time(*tm++ * 30); assert(pam_sm_authenticate(NULL, 0, targc, targv) == *res++); verify_prompts_shown(expected_good_prompts_shown); } assert(!chmod(fn, 0600)); assert((fd = open(fn, O_APPEND | O_WRONLY)) >= 0); assert(write(fd, "\n\" WINDOW_SIZE 6\n", 17) == 17); close(fd); for (int *tm = (int []){ 9996, 9997, 10002, 10003, 10000, -1 }, *res = (int []){ PAM_AUTH_ERR, PAM_SUCCESS, PAM_SUCCESS, PAM_AUTH_ERR, PAM_SUCCESS }; *tm >= 0;) { set_time(*tm++ * 30); assert(pam_sm_authenticate(NULL, 0, targc, targv) == *res++); verify_prompts_shown(expected_good_prompts_shown); } // Test the DISALLOW_REUSE option puts("Testing DISALLOW_REUSE option"); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_SUCCESS); verify_prompts_shown(expected_good_prompts_shown); assert(!chmod(fn, 0600)); assert((fd = open(fn, O_APPEND | O_WRONLY)) >= 0); assert(write(fd, "\" DISALLOW_REUSE\n", 17) == 17); close(fd); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_SUCCESS); verify_prompts_shown(expected_good_prompts_shown); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_good_prompts_shown); // Test that DISALLOW_REUSE expires old entries from the re-use list char *old_response = response; for (int i = 10001; i < 10008; ++i) { set_time(i * 30); char buf[7]; response = buf; sprintf(response, "%06d", compute_code(binary_secret, binary_secret_len, i)); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_SUCCESS); verify_prompts_shown(expected_good_prompts_shown); } set_time(10000 * 30); response = old_response; assert((fd = open(fn, O_RDONLY)) >= 0); char state_file_buf[4096] = { 0 }; assert(read(fd, state_file_buf, sizeof(state_file_buf)-1) > 0); close(fd); const char *disallow = strstr(state_file_buf, "\" DISALLOW_REUSE "); assert(disallow); assert(!memcmp(disallow + 17, "10002 10003 10004 10005 10006 10007\n", 36)); // Test the RATE_LIMIT option puts("Testing RATE_LIMIT option"); assert(!chmod(fn, 0600)); assert((fd = open(fn, O_APPEND | O_WRONLY)) >= 0); assert(write(fd, "\" RATE_LIMIT 4 120\n", 19) == 19); close(fd); for (int *tm = (int []){ 20000, 20001, 20002, 20003, 20004, 20006, -1 }, *res = (int []){ PAM_SUCCESS, PAM_SUCCESS, PAM_SUCCESS, PAM_SUCCESS, PAM_AUTH_ERR, PAM_SUCCESS, -1 }; *tm >= 0;) { set_time(*tm * 30); char buf[7]; response = buf; sprintf(response, "%06d", compute_code(binary_secret, binary_secret_len, *tm++)); assert(pam_sm_authenticate(NULL, 0, targc, targv) == *res); verify_prompts_shown( *res != PAM_SUCCESS ? 0 : expected_good_prompts_shown); ++res; } set_time(10000 * 30); response = old_response; assert(!chmod(fn, 0600)); assert((fd = open(fn, O_RDWR)) >= 0); memset(state_file_buf, 0, sizeof(state_file_buf)); assert(read(fd, state_file_buf, sizeof(state_file_buf)-1) > 0); const char *rate_limit = strstr(state_file_buf, "\" RATE_LIMIT "); assert(rate_limit); assert(!memcmp(rate_limit + 13, "4 120 600060 600090 600120 600180\n", 35)); // Test trailing space in RATE_LIMIT. This is considered a file format // error. char *eol = strchr(rate_limit, '\n'); *eol = ' '; assert(!lseek(fd, 0, SEEK_SET)); assert(write(fd, state_file_buf, strlen(state_file_buf)) == strlen(state_file_buf)); close(fd); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(0); assert(!strncmp(get_error_msg(), "Invalid list of timestamps in RATE_LIMIT", 40)); *eol = '\n'; assert(!chmod(fn, 0600)); assert((fd = open(fn, O_WRONLY)) >= 0); assert(write(fd, state_file_buf, strlen(state_file_buf)) == strlen(state_file_buf)); close(fd); // Test TIME_SKEW option puts("Testing TIME_SKEW"); for (int i = 0; i < 4; ++i) { set_time((12000 + i)*30); char buf[7]; response = buf; sprintf(response, "%06d", compute_code(binary_secret, binary_secret_len, 11000 + i)); assert(pam_sm_authenticate(NULL, 0, targc, targv) == (i >= 2 ? PAM_SUCCESS : PAM_AUTH_ERR)); verify_prompts_shown(expected_good_prompts_shown); } puts("Testing TIME_SKEW - noskewadj"); set_time(12020 * 30); char buf[7]; response = buf; sprintf(response, "%06d", compute_code(binary_secret, binary_secret_len, 11010)); targv[targc] = "noskewadj"; assert(pam_sm_authenticate(NULL, 0, targc+1, targv) == PAM_AUTH_ERR); targv[targc] = NULL; verify_prompts_shown(expected_bad_prompts_shown); set_time(10000*30); // Test scratch codes puts("Testing scratch codes"); response = "12345678"; assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_bad_prompts_shown); assert(!chmod(fn, 0600)); assert((fd = open(fn, O_APPEND | O_WRONLY)) >= 0); assert(write(fd, "12345678\n", 9) == 9); close(fd); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_SUCCESS); verify_prompts_shown(expected_good_prompts_shown); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_bad_prompts_shown); // Set up secret file for counter-based codes. assert(!chmod(fn, 0600)); assert((fd = open(fn, O_TRUNC | O_WRONLY)) >= 0); assert(write(fd, secret, sizeof(secret)-1) == sizeof(secret)-1); assert(write(fd, "\n\" HOTP_COUNTER 1\n", 18) == 18); close(fd); response = "293240"; // Check if we can log in when using a valid verification code puts("Testing successful counter-based login"); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_SUCCESS); verify_prompts_shown(expected_good_prompts_shown); // Verify that the hotp counter incremented assert((fd = open(fn, O_RDONLY)) >= 0); memset(state_file_buf, 0, sizeof(state_file_buf)); assert(read(fd, state_file_buf, sizeof(state_file_buf)-1) > 0); close(fd); const char *hotp_counter = strstr(state_file_buf, "\" HOTP_COUNTER "); assert(hotp_counter); assert(!memcmp(hotp_counter + 15, "2\n", 2)); // Check if we can log in when using an invalid verification code // (including the same code a second time) puts("Testing failed counter-based login attempt"); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_AUTH_ERR); verify_prompts_shown(expected_bad_prompts_shown); // Verify that the hotp counter incremented assert((fd = open(fn, O_RDONLY)) >= 0); memset(state_file_buf, 0, sizeof(state_file_buf)); assert(read(fd, state_file_buf, sizeof(state_file_buf)-1) > 0); close(fd); hotp_counter = strstr(state_file_buf, "\" HOTP_COUNTER "); assert(hotp_counter); assert(!memcmp(hotp_counter + 15, "3\n", 2)); response = "932068"; // Check if we can log in using a future valid verification code (using // default window_size of 3) puts("Testing successful future counter-based login"); assert(pam_sm_authenticate(NULL, 0, targc, targv) == PAM_SUCCESS); verify_prompts_shown(expected_good_prompts_shown); // Verify that the hotp counter incremented assert((fd = open(fn, O_RDONLY)) >= 0); memset(state_file_buf, 0, sizeof(state_file_buf)); assert(read(fd, state_file_buf, sizeof(state_file_buf)-1) > 0); close(fd); hotp_counter = strstr(state_file_buf, "\" HOTP_COUNTER "); assert(hotp_counter); assert(!memcmp(hotp_counter + 15, "6\n", 2)); // Remove the temporarily created secret file unlink(fn); // Release memory for the test arguments for (int i = 0; i < targc; ++i) { free((void *)targv[i]); } } // Unload the PAM module dlclose(pam_module); puts("DONE"); return 0; } 0707010000002B000081A40000000000000000000000016627DD81000024CF000000000000000000000000000000000000002B00000000google-authenticator-libpam-1.10/totp.html<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <!-- TOTP Debugger -- -- Copyright 2011 Google Inc. -- Author: Markus Gutschke -- -- Licensed under the Apache License, Version 2.0 (the "License"); -- you may not use this file except in compliance with the License. -- You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 -- -- Unless required by applicable law or agreed to in writing, software -- distributed under the License is distributed on an "AS IS" BASIS, -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -- See the License for the specific language governing permissions and -- limitations under the License. --> <head> <link rel="shortcut icon" href="http://code.google.com/p/google-authenticator/logo" type="image/png"> <title>TOTP Debugger</title> <script src="https://utc-time.appspot.com"></script> <!-- Returns a line of the form: -- var timeskew = new Date().getTime() - XXX.XX; --> <script> <!-- // Given a secret key "K" and a timestamp "t" (in 30s units since the // beginning of the epoch), return a TOTP code. function totp(K,t) { function sha1(C){ function L(x,b){return x<<b|x>>>32-b;} var l=C.length,D=C.concat([1<<31]),V=0x67452301,W=0x88888888, Y=271733878,X=Y^W,Z=0xC3D2E1F0;W^=V; do D.push(0);while(D.length+1&15);D.push(32*l); while (D.length){ var E=D.splice(0,16),a=V,b=W,c=X,d=Y,e=Z,f,k,i=12; function I(x){var t=L(a,5)+f+e+k+E[x];e=d;d=c;c=L(b,30);b=a;a=t;} for(;++i<77;)E.push(L(E[i]^E[i-5]^E[i-11]^E[i-13],1)); k=0x5A827999;for(i=0;i<20;I(i++))f=b&c|~b&d; k=0x6ED9EBA1;for(;i<40;I(i++))f=b^c^d; k=0x8F1BBCDC;for(;i<60;I(i++))f=b&c|b&d|c&d; k=0xCA62C1D6;for(;i<80;I(i++))f=b^c^d; V+=a;W+=b;X+=c;Y+=d;Z+=e;} return[V,W,X,Y,Z]; } var k=[],l=[],i=0,j=0,c=0; for (;i<K.length;){ c=c*32+'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'. indexOf(K.charAt(i++).toUpperCase()); if((j+=5)>31)k.push(Math.floor(c/(1<<(j-=32)))),c&=31;} j&&k.push(c<<(32-j)); for(i=0;i<16;++i)l.push(0x6A6A6A6A^(k[i]=k[i]^0x5C5C5C5C)); var s=sha1(k.concat(sha1(l.concat([0,t])))),o=s[4]&0xF; return ((s[o>>2]<<8*(o&3)|(o&3?s[(o>>2)+1]>>>8*(4-o&3):0))&-1>>>1)%1000000; } // Periodically check whether we need to update the UI. It would be a little // more efficient to only call this function as a direct result of // significant state changes. But polling is cheap, and keeps the code a // little easier. var lastsecret,lastlabel,lastepochseconds,lastoverrideepoch; var lasttimestamp,lastoverride,lastsearch; function refresh() { // Compute current TOTP code var k=document.getElementById('secret').value. replace(/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ234567]/gi, ''); var d=document.getElementById('overrideepoch').value.replace(/[^0-9]/g, ''); if (d) e=parseInt(d); else e=Math.floor(new Date().getTime()/1000); var t=Math.floor(e/30); var s=document.getElementById('override').value.replace(/[^0-9]/g, ''); if (s) { t=parseInt(s); e=30*t; } var label=escape(document.getElementById('label').value); var search=document.getElementById('search').value; // If TOTP code has changed (either because of user edits, or // because of elapsed time), update the user interface. if (k != lastsecret || label != lastlabel || e != lastepochseconds || d != lastoverrideepoch || t != lasttimestamp || s != lastoverride || search != lastsearch) { if (d != lastoverrideepoch) { document.getElementById('override').value = ''; s = ''; } else if (s != lastoverride) { document.getElementById('overrideepoch').value = ''; d = ''; } lastsecret=k; lastlabel=label; lastepochseconds=e; lastoverrideepoch=d; lasttimestamp=t; lastoverride=s; lastsearch=search; var code=totp(k,t); // Compute the OTPAuth URL and the associated QR code var h='https://www.google.com/chart?chs=200x200&chld=M|0&'+ 'cht=qr&chl=otpauth://totp/'+encodeURI(label)+'%3Fsecret%3D'+k; var a=document.getElementById('authurl') a.innerHTML='otpauth://totp/'+label+'?secret='+k; a.href=h; document.getElementById('aqr').href=h; var q=document.getElementById('qr'); q.src=h; q.alt=label+' '+k; q.title=label+' '+k; // Show the current time in seconds and in 30s increments since midnight // Jan 1st, 1970. Optionally, let the user override this timestamp. document.getElementById('epoch').innerHTML=e; document.getElementById('ts').innerHTML=t; // Show the current TOTP code. document.getElementById('totp').innerHTML=code; // If the user manually entered a TOTP code, try to find a matching code // within a 25h window. var result=''; if (search && !!(search=parseInt(search))) { for (var i=0; i < 25*120; ++i) { if (search == totp(k, t+(i&1?-Math.floor(i/2):Math.floor(i/2)))) { if (i<2) { result=' '; break; } if (i >= 120) { result=result + Math.floor(i/120) + 'h '; i%=120; } if (i >= 4) { result=result + Math.floor(i/4) + 'min '; i%=4; } if (i&2) { result=result + '30s '; } if (i&1) { result='Code was valid ' + result + 'ago'; } else { result='Code will be valid in ' + result; } break; } } if (!result) { result='No such code within a ±12h window'; } } document.getElementById('searchresult').innerHTML=result + ' '; // If possible, compare the current time as reported by Javascript // to "official" time as reported by AppEngine. If there is any significant // difference, show a warning message. We always expect at least a minor // time skew due to round trip delays, which we are not bothering to // compensate for. if (typeof timeskew != undefined) { var ts=document.getElementById('timeskew'); if (Math.abs(timeskew) < 2000) { ts.style.color=''; ts.innerHTML="Your computer's time is set correctly. TOTP codes " + "will be computed accurately."; } else if (Math.abs(timeskew) < 30000) { ts.style.color=''; ts.innerHTML="Your computer's time is off by " + (Math.round(Math.abs(timeskew)/1000)) + " seconds. This is within " + "acceptable tolerances. Computed TOTP codes might be different " + "from the ones in the mobile application, but they will be " + "accepted by the server."; } else { ts.style.color='#dd0000'; ts.innerHTML="<b>Your computer's time is off by " + (Math.round(Math.abs(timeskew)/1000)) + " seconds. Computed TOTP " + "codes are probably incorrect.</b>"; } } } } --></script> </head> <body style="font-family: sans-serif" onload="setInterval(refresh, 100)"> <h1>TOTP Debugger</h1> <table> <tr><td colspan="7"><a style="text-decoration: none; color: black" id="authurl"></a></td></tr> <tr><td colspan="3">Enter secret key in BASE32: </td> <td><input type="text" id="secret" /></td> <td> </td> <td rowspan="8"><a style="text-decoration: none" id="aqr"> <img id="qr" border="0"></a></td><td width="100%"> </td></tr> <tr><td colspan="3">Account label: </td> <td><input type="text" id="label" /></td></tr> <tr><td>Interval: </td><td align="right">30s</td><td> </td></tr> <tr><td>Time: </td><td align="right"> <span id="epoch"></span></td><td> </td><td> <input type="text" id="overrideepoch" /></td></tr> <tr><td>Timestamp: </td><td align="right"><span id="ts"></span></td> <td> </td><td><input type="text" id="override" /></td></tr> <tr><td>TOTP: </td><td align="right"><span id="totp"></span></td> <td> </td><td><input type="text" id="search" /></td></tr> <tr><td colspan="4" id="searchresult"></td></tr> </table> <br /> <div id="timeskew" style="width: 80%"></div> <br /> <br /> <div style="width: 80%; color: #dd0000; font-size: small"> <p><b>WARNING!</b> This website is a development and debugging tool only. Do <b>not</b> use it to generate security tokens for logging into your account. You should never store, process or otherwise access the secret key on the same machine that you use for accessing your account. Doing so completely defeats the security of two-step verification.</p> <p>Instead, use one of the mobile phone clients made available by the <a href="https://github.com/google/google-authenticator">Google Authenticator</a> project. Or follow the <a href="http://www.google.com/support/accounts/bin/static.py?hl=en&page=guide.cs&guide=1056283&topic=1056285">instructions</a> provided by Google.</p> <p>If you ever entered your real secret key into this website, please immediately <a href="https://www.google.com/accounts/SmsAuthConfig">reset your secret key</a>.</p> </div> </body> </html> 0707010000002C000041ED0000000000000000000000026627DD8100000000000000000000000000000000000000000000002A00000000google-authenticator-libpam-1.10/utc-time0707010000002D000081A40000000000000000000000016627DD8100000050000000000000000000000000000000000000003300000000google-authenticator-libpam-1.10/utc-time/app.yamlruntime: python312 handlers: - url: /.* script: utc-time.py secure: always 0707010000002E000081A40000000000000000000000016627DD81000004A4000000000000000000000000000000000000003200000000google-authenticator-libpam-1.10/utc-time/main.py#!/usr/bin/env python # Copyright 2011 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # gcloud app deploy --project utc-time2 import time from flask import Flask, make_response, request app = Flask(__name__) @app.route('/') def root(): t = time.time() u = time.gmtime(t) s = time.strftime('%a, %e %b %Y %T GMT', u) resp = make_response('var timeskew = new Date().getTime() - ' + str(t*1000) + ';') resp.headers['Content-Type'] = 'text/javascript' resp.headers['Cache-Control'] = 'no-cache' resp.headers['Date'] = s resp.headers['Expires'] = s return resp if __name__ == "__main__": app.run(host="127.0.0.1", port=8080, debug=True) 0707010000002F000081A40000000000000000000000016627DD810000000D000000000000000000000000000000000000003B00000000google-authenticator-libpam-1.10/utc-time/requirements.txtFlask==3.0.0 07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000B00000000TRAILER!!!463 blocks
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
