6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2001 The FreeRADIUS server project
21 * Copyright 2001 Kostas Kalevras <kkalev@noc.ntua.gr>
24 #include <freeradius-devel/autoconf.h>
32 #include <freeradius-devel/radiusd.h>
33 #include <freeradius-devel/modules.h>
34 #include <freeradius-devel/conffile.h>
35 #include "../../include/md5.h"
36 #include "../../include/sha1.h"
38 #define PAP_ENC_INVALID -1
39 #define PAP_ENC_CLEAR 0
40 #define PAP_ENC_CRYPT 1
42 #define PAP_ENC_SHA1 3
45 #define PAP_ENC_SMD5 6
46 #define PAP_ENC_SSHA 7
47 #define PAP_ENC_NS_MTA_MD5 8
48 #define PAP_ENC_AUTO 9
52 static const char rcsid[] = "$Id$";
55 * Define a structure for our module configuration.
57 * These variables do not need to be in a structure, but it's
58 * a lot cleaner to do so, and a pointer to the structure can
59 * be used as the instance handle.
61 typedef struct rlm_pap_t {
62 const char *name; /* CONF_SECTION->name, not strdup'd */
63 char *scheme; /* password encryption scheme */
70 * A mapping of configuration file names to internal variables.
72 * Note that the string is dynamically allocated, so it MUST
73 * be freed. When the configuration file parse re-reads the string,
74 * it free's the old one, and strdup's the new one, placing the pointer
75 * to the strdup'd string into 'config.string'. This gets around
78 static const CONF_PARSER module_config[] = {
79 { "encryption_scheme", PW_TYPE_STRING_PTR, offsetof(rlm_pap_t,scheme), NULL, "auto" },
80 { "auto_header", PW_TYPE_BOOLEAN, offsetof(rlm_pap_t,auto_header), NULL, "no" },
81 { NULL, -1, 0, NULL, NULL }
84 static const LRAD_NAME_NUMBER schemes[] = {
85 { "clear", PAP_ENC_CLEAR },
86 { "crypt", PAP_ENC_CRYPT },
87 { "md5", PAP_ENC_MD5 },
88 { "sha1", PAP_ENC_SHA1 },
91 { "smd5", PAP_ENC_SMD5 },
92 { "ssha", PAP_ENC_SSHA },
93 { "auto", PAP_ENC_AUTO },
94 { NULL, PAP_ENC_INVALID }
99 * For auto-header discovery.
101 static const LRAD_NAME_NUMBER header_names[] = {
102 { "{clear}", PW_USER_PASSWORD },
103 { "{cleartext}", PW_USER_PASSWORD },
104 { "{md5}", PW_MD5_PASSWORD },
105 { "{smd5}", PW_SMD5_PASSWORD },
106 { "{crypt}", PW_CRYPT_PASSWORD },
107 { "{sha}", PW_SHA_PASSWORD },
108 { "{ssha}", PW_SSHA_PASSWORD },
109 { "{nt}", PW_NT_PASSWORD },
110 { "{x-nthash}", PW_NT_PASSWORD },
111 { "{ns-mta-md5}", PW_NS_MTA_MD5_PASSWORD },
116 static int pap_detach(void *instance)
118 rlm_pap_t *inst = (rlm_pap_t *) instance;
120 free((char *)inst->scheme);
127 static int pap_instantiate(CONF_SECTION *conf, void **instance)
132 * Set up a storage area for instance data
134 inst = rad_malloc(sizeof(*inst));
138 memset(inst, 0, sizeof(*inst));
141 * If the configuration parameters can't be parsed, then
144 if (cf_section_parse(conf, inst, module_config) < 0) {
148 if (inst->scheme == NULL || strlen(inst->scheme) == 0){
149 radlog(L_ERR, "rlm_pap: No scheme defined");
154 inst->sch = lrad_str2int(schemes, inst->scheme, PAP_ENC_INVALID);
155 if (inst->sch == PAP_ENC_INVALID) {
156 radlog(L_ERR, "rlm_pap: Unknown scheme \"%s\"", inst->scheme);
162 inst->name = cf_section_name2(conf);
164 inst->name = cf_section_name1(conf);
172 * Decode one base64 chunk
174 static int decode_it(const char *src, uint8_t *dst)
179 for(i = 0; i < 4; i++) {
180 if (src[i] >= 'A' && src[i] <= 'Z')
181 x = (x << 6) + (unsigned int)(src[i] - 'A' + 0);
182 else if (src[i] >= 'a' && src[i] <= 'z')
183 x = (x << 6) + (unsigned int)(src[i] - 'a' + 26);
184 else if(src[i] >= '0' && src[i] <= '9')
185 x = (x << 6) + (unsigned int)(src[i] - '0' + 52);
186 else if(src[i] == '+')
188 else if (src[i] == '/')
190 else if (src[i] == '=')
195 dst[2] = (unsigned char)(x & 255); x >>= 8;
196 dst[1] = (unsigned char)(x & 255); x >>= 8;
197 dst[0] = (unsigned char)(x & 255); x >>= 8;
206 static int base64_decode (const char *src, uint8_t *dst)
213 while (src[length] && src[length] != '=') length++;
215 if (src[length] != '=') return 0; /* no trailing '=' */
217 while (src[length + equals] == '=') equals++;
219 num = (length + equals) / 4;
221 for (i = 0; i < num - 1; i++) {
222 if (!decode_it(src, dst)) return 0;
227 decode_it(src, last);
228 for (i = 0; i < (3 - equals); i++) {
232 return (num * 3) - equals;
237 * Hex or base64 or bin auto-discovery.
239 static void normify(VALUE_PAIR *vp, int min_length)
244 if ((size_t) min_length >= sizeof(buffer)) return; /* paranoia */
249 if (vp->length >= (2 * min_length)) {
250 decoded = lrad_hex2bin(vp->vp_octets, buffer, vp->length >> 1);
251 if (decoded == (vp->length >> 1)) {
252 DEBUG2("rlm_pap: Normalizing %s from hex encoding", vp->name);
253 memcpy(vp->vp_octets, buffer, decoded);
254 vp->length = decoded;
260 * Base 64 encoding. It's at least 4/3 the original size,
261 * and we want to avoid division...
263 if ((vp->length * 3) >= ((min_length * 4))) {
264 decoded = base64_decode(vp->vp_octets, buffer);
265 if (decoded >= min_length) {
266 DEBUG2("rlm_pap: Normalizing %s from base64 encoding", vp->name);
267 memcpy(vp->vp_octets, buffer, decoded);
268 vp->length = decoded;
274 * Else unknown encoding, or already binary. Leave it.
280 * Authorize the user for PAP authentication.
282 * This isn't strictly necessary, but it does make the
283 * server simpler to configure.
285 static int pap_authorize(void *instance, REQUEST *request)
287 rlm_pap_t *inst = instance;
288 int auth_type = FALSE;
289 int found_pw = FALSE;
290 int fixed_auto = FALSE;
293 for (vp = request->config_items; vp != NULL; vp = vp->next) {
294 switch (vp->attribute) {
295 case PW_USER_PASSWORD:
299 * Look for '{foo}', and use them
301 if (inst->auto_header && (vp->vp_strvalue[0] == '{')) {
307 p = strchr(q + 1, '}');
310 if ((size_t) (p - q) > sizeof(buffer)) break;
312 memcpy(buffer, q, p - q + 1);
313 buffer[p - q + 1] = '\0';
315 attr = lrad_str2int(header_names, buffer, 0);
317 DEBUG2("rlm_pap: Using auto_header, and found unknown header {%s}: Not doing anything", buffer);
322 * Catch the case of cleartext.
324 if (attr == PW_USER_PASSWORD) {
325 vp->length = strlen(p + 1);
326 memmove(vp->vp_strvalue, p + 1,
330 new_vp = paircreate(attr, PW_TYPE_STRING);
331 if (!new_vp) break; /* OOM */
333 strcpy(new_vp->vp_strvalue, p + 1);/* bounds OK */
334 new_vp->length = strlen(new_vp->vp_strvalue);
335 pairadd(&request->config_items, new_vp);
341 case PW_CRYPT_PASSWORD:
342 case PW_NS_MTA_MD5_PASSWORD:
344 break; /* don't touch these */
346 case PW_MD5_PASSWORD:
347 case PW_SMD5_PASSWORD:
350 normify(vp, 16); /* ensure it's in the right format */
354 case PW_SHA_PASSWORD:
355 case PW_SSHA_PASSWORD:
356 normify(vp, 20); /* ensure it's in the right format */
361 * If it's proxied somewhere, don't complain
362 * about not having passwords or Auth-Type.
364 case PW_PROXY_TO_REALM:
366 REALM *realm = realm_find(vp->vp_strvalue, 0);
368 (realm->ipaddr.af == AF_INET) &&
369 (realm->ipaddr.ipaddr.ip4addr.s_addr != htonl(INADDR_NONE))) {
370 return RLM_MODULE_NOOP;
380 break; /* ignore it */
386 * Print helpful warnings if there was no password.
389 DEBUG("rlm_pap: WARNING! No \"known good\" password found for the user. Authentication may fail because of this.");
390 return RLM_MODULE_NOOP;
394 * Don't leave the old User-Password laying around.
396 if (fixed_auto) pairdelete(&request->config_items, PW_USER_PASSWORD);
399 * Don't touch existing Auth-Types.
402 DEBUG2("rlm_pap: Found existing Auth-Type, not changing it.");
403 return RLM_MODULE_NOOP;
407 * Can't do PAP if there's no password.
409 if (!request->password ||
410 (request->password->attribute != PW_USER_PASSWORD)) {
412 * Don't print out debugging messages if we know
415 if (request->packet->code == PW_ACCESS_CHALLENGE) {
416 return RLM_MODULE_NOOP;
419 DEBUG2("rlm_pap: No clear-text password in the request. Not performing PAP.");
420 return RLM_MODULE_NOOP;
423 vp = paircreate(PW_AUTH_TYPE, PW_TYPE_INTEGER);
424 if (!vp) return RLM_MODULE_FAIL;
425 pairparsevalue(vp, inst->name);
427 pairadd(&request->config_items, vp);
429 return RLM_MODULE_UPDATED;
434 * Authenticate the user via one of any well-known password.
436 static int pap_authenticate(void *instance, REQUEST *request)
438 rlm_pap_t *inst = instance;
440 VALUE_PAIR *module_fmsg_vp;
441 char module_fmsg[MAX_STRING_LEN];
443 SHA1_CTX sha1_context;
445 char buff[MAX_STRING_LEN];
446 char buff2[MAX_STRING_LEN + 50];
447 int scheme = PAP_ENC_INVALID;
449 if (!request->password){
450 radlog(L_AUTH, "rlm_pap: Attribute \"Password\" is required for authentication.");
451 return RLM_MODULE_INVALID;
455 * Clear-text passwords are the only ones we support.
457 if (request->password->attribute != PW_USER_PASSWORD) {
458 radlog(L_AUTH, "rlm_pap: Attribute \"User-Password\" is required for authentication. Cannot use \"%s\".", request->password->name);
459 return RLM_MODULE_INVALID;
463 * The user MUST supply a non-zero-length password.
465 if (request->password->length == 0) {
466 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: empty password supplied");
467 module_fmsg_vp = pairmake("Module-Failure-Message", module_fmsg, T_OP_EQ);
468 pairadd(&request->packet->vps, module_fmsg_vp);
469 return RLM_MODULE_INVALID;
472 DEBUG("rlm_pap: login attempt with password %s",
473 request->password->vp_strvalue);
476 * First, auto-detect passwords, by attribute in the
479 if (inst->sch == PAP_ENC_AUTO) {
480 for (vp = request->config_items; vp != NULL; vp = vp->next) {
481 switch (vp->attribute) {
482 case PW_USER_PASSWORD:
485 case PW_CRYPT_PASSWORD:
488 case PW_MD5_PASSWORD:
491 case PW_SHA_PASSWORD:
500 case PW_SMD5_PASSWORD:
503 case PW_SSHA_PASSWORD:
506 case PW_NS_MTA_MD5_PASSWORD:
510 break; /* ignore it */
516 DEBUG("rlm_pap: No password configured for the user. Cannot do authentication");
517 return RLM_MODULE_FAIL;
522 if (inst->sch == PAP_ENC_CRYPT) {
523 vp = pairfind(request->config_items, PW_CRYPT_PASSWORD);
527 * Old-style: all passwords are in User-Password.
530 vp = pairfind(request->config_items, PW_USER_PASSWORD);
536 * Now that we've decided what to do, go do it.
541 DEBUG("rlm_pap: Using clear text password.");
542 if (strcmp((char *) vp->vp_strvalue,
543 (char *) request->password->vp_strvalue) != 0){
544 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: CLEAR TEXT password check failed");
548 DEBUG("rlm_pap: User authenticated succesfully");
549 return RLM_MODULE_OK;
554 DEBUG("rlm_pap: Using CRYPT encryption.");
555 if (lrad_crypt_check((char *) request->password->vp_strvalue,
556 (char *) vp->vp_strvalue) != 0) {
557 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: CRYPT password check failed");
563 case PW_MD5_PASSWORD:
565 DEBUG("rlm_pap: Using MD5 encryption.");
568 if (vp->length != 16) {
569 DEBUG("rlm_pap: Configured MD5 password has incorrect length");
570 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured MD5 password has incorrect length");
574 MD5Init(&md5_context);
575 MD5Update(&md5_context, request->password->vp_strvalue,
576 request->password->length);
577 MD5Final(digest, &md5_context);
578 if (memcmp(digest, vp->vp_octets, vp->length) != 0) {
579 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: MD5 password check failed");
585 case PW_SMD5_PASSWORD:
587 DEBUG("rlm_pap: Using SMD5 encryption.");
590 if (vp->length <= 16) {
591 DEBUG("rlm_pap: Configured SMD5 password has incorrect length");
592 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured SMD5 password has incorrect length");
596 MD5Init(&md5_context);
597 MD5Update(&md5_context, request->password->vp_strvalue,
598 request->password->length);
599 MD5Update(&md5_context, &vp->vp_octets[16], vp->length - 16);
600 MD5Final(digest, &md5_context);
603 * Compare only the MD5 hash results, not the salt.
605 if (memcmp(digest, vp->vp_octets, 16) != 0) {
606 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SMD5 password check failed");
612 case PW_SHA_PASSWORD:
614 DEBUG("rlm_pap: Using SHA1 encryption.");
617 if (vp->length != 20) {
618 DEBUG("rlm_pap: Configured SHA1 password has incorrect length");
619 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured SHA1 password has incorrect length");
623 SHA1Init(&sha1_context);
624 SHA1Update(&sha1_context, request->password->vp_strvalue,
625 request->password->length);
626 SHA1Final(digest,&sha1_context);
627 if (memcmp(digest, vp->vp_octets, vp->length) != 0) {
628 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SHA1 password check failed");
634 case PW_SSHA_PASSWORD:
636 DEBUG("rlm_pap: Using SSHA encryption.");
639 if (vp->length <= 20) {
640 DEBUG("rlm_pap: Configured SSHA password has incorrect length");
641 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured SHA password has incorrect length");
646 SHA1Init(&sha1_context);
647 SHA1Update(&sha1_context, request->password->vp_strvalue,
648 request->password->length);
649 SHA1Update(&sha1_context, &vp->vp_octets[20], vp->length - 20);
650 SHA1Final(digest,&sha1_context);
651 if (memcmp(digest, vp->vp_octets, 20) != 0) {
652 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SSHA password check failed");
660 DEBUG("rlm_pap: Using NT encryption.");
663 if (vp->length != 16) {
664 DEBUG("rlm_pap: Configured NT-Password has incorrect length");
665 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured NT-Password has incorrect length");
669 sprintf(buff2,"%%{mschap:NT-Hash %s}",
670 request->password->vp_strvalue);
671 if (!radius_xlat(digest,sizeof(digest),buff2,request,NULL)){
672 DEBUG("rlm_pap: mschap xlat failed");
673 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: mschap xlat failed");
676 if ((lrad_hex2bin(digest, digest, 16) != vp->length) ||
677 (memcmp(digest, vp->vp_octets, vp->length) != 0)) {
678 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: NT password check failed");
686 DEBUG("rlm_pap: Using LM encryption.");
689 if (vp->length != 16) {
690 DEBUG("rlm_pap: Configured LM-Password has incorrect length");
691 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured LM-Password has incorrect length");
694 sprintf(buff2,"%%{mschap:LM-Hash %s}",
695 request->password->vp_strvalue);
696 if (!radius_xlat(digest,sizeof(digest),buff2,request,NULL)){
697 DEBUG("rlm_pap: mschap xlat failed");
698 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: mschap xlat failed");
701 if ((lrad_hex2bin(digest, digest, 16) != vp->length) ||
702 (memcmp(digest, vp->vp_octets, vp->length) != 0)) {
703 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: LM password check failed");
705 DEBUG("rlm_pap: Passwords don't match");
706 module_fmsg_vp = pairmake("Module-Failure-Message",
707 module_fmsg, T_OP_EQ);
708 pairadd(&request->packet->vps, module_fmsg_vp);
709 return RLM_MODULE_REJECT;
714 case PAP_ENC_NS_MTA_MD5:
716 DEBUG("rlm_pap: Using NT-MTA-MD5 password");
718 if (vp->length != 64) {
719 DEBUG("rlm_pap: Configured NS-MTA-MD5-Password has incorrect length");
720 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured NS-MTA-MD5-Password has incorrect length");
725 * Sanity check the value of NS-MTA-MD5-Password
727 if (lrad_hex2bin(vp->vp_octets, buff, 32) != 16) {
728 DEBUG("rlm_pap: Configured NS-MTA-MD5-Password has invalid value");
729 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: Configured NS-MTA-MD5-Password has invalid value");
734 * Ensure we don't have buffer overflows.
736 * This really: sizeof(buff) - 2 - 2*32 - strlen(passwd)
738 if (strlen(request->password->vp_strvalue) >= (sizeof(buff2) - 2 - 2 * 32)) {
739 DEBUG("rlm_pap: Configured password is too long");
740 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: password is too long");
745 * Set up the algorithm.
750 memcpy(p, &vp->vp_octets[32], 32);
753 strcpy(p, request->password->vp_strvalue);
756 memcpy(p, &vp->vp_octets[32], 32);
759 MD5Init(&md5_context);
760 MD5Update(&md5_context, buff2, p - buff2);
761 MD5Final(digest, &md5_context);
763 if (memcmp(digest, buff, 16) != 0) {
764 snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: NS-MTA-MD5 password check failed");
773 DEBUG("rlm_pap: No password configured for the user. Cannot do authentication");
774 return RLM_MODULE_FAIL;
779 * The module name should be the only globally exported symbol.
780 * That is, everything else should be 'static'.
782 * If the module needs to temporarily modify it's instantiation
783 * data, the type should be changed to RLM_TYPE_THREAD_UNSAFE.
784 * The server will then take care of ensuring that the module
785 * is single-threaded.
791 pap_instantiate, /* instantiation */
792 pap_detach, /* detach */
794 pap_authenticate, /* authentication */
795 pap_authorize, /* authorization */
796 NULL, /* preaccounting */
797 NULL, /* accounting */
798 NULL, /* checksimul */
799 NULL, /* pre-proxy */
800 NULL, /* post-proxy */