src/server/daemon/keyfile_auth.h@8f2a834d1d68 (annotated)
src/server/daemon/keyfile_auth.h
Fri, 24 Feb 2017 11:17:53 +0100
- author
- Olaf Wintermann <olaf.wintermann@gmail.com>
- date
- Fri, 24 Feb 2017 11:17:53 +0100
- changeset 174
- 8f2a834d1d68
- parent 92
- 382bff43c6eb
- child 255
- b5d15a4a19f5
- permissions
- -rw-r--r--
adds sha2 support for keyfile auth
|
62
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
1 | /* |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
3 | * |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
4 | * Copyright 2013 Olaf Wintermann. All rights reserved. |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
5 | * |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
6 | * Redistribution and use in source and binary forms, with or without |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
7 | * modification, are permitted provided that the following conditions are met: |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
8 | * |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
9 | * 1. Redistributions of source code must retain the above copyright |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
10 | * notice, this list of conditions and the following disclaimer. |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
11 | * |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
12 | * 2. Redistributions in binary form must reproduce the above copyright |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
13 | * notice, this list of conditions and the following disclaimer in the |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
14 | * documentation and/or other materials provided with the distribution. |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
15 | * |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
26 | * POSSIBILITY OF SUCH DAMAGE. |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
27 | */ |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
28 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
29 | #ifndef KEYFILE_AUTH_H |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
30 | #define KEYFILE_AUTH_H |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
31 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
32 | #include "../public/auth.h" |
|
92
382bff43c6eb
fixed some includes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
91
diff
changeset
|
33 | |
|
382bff43c6eb
fixed some includes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
91
diff
changeset
|
34 | #include <ucx/map.h> |
| 91 | 35 | #include <inttypes.h> |
|
62
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
36 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
37 | #ifdef __cplusplus |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
38 | extern "C" { |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
39 | #endif |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
40 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
41 | typedef struct keyfile Keyfile; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
42 | typedef struct keyfile_user KeyfileUser; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
43 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
44 | enum KeyfileHashType { |
|
174
8f2a834d1d68
adds sha2 support for keyfile auth
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
92
diff
changeset
|
45 | KEYFILE_SSHA = 0, |
|
8f2a834d1d68
adds sha2 support for keyfile auth
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
92
diff
changeset
|
46 | KEYFILE_SSHA256, |
|
8f2a834d1d68
adds sha2 support for keyfile auth
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
92
diff
changeset
|
47 | KEYFILE_SSHA512 |
|
62
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
48 | }; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
49 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
50 | struct keyfile { |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
51 | AuthDB authdb; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
52 | UcxMap *users; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
53 | uint32_t ref; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
54 | }; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
55 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
56 | struct keyfile_user { |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
57 | User user; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
58 | sstr_t *groups; |
|
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
62
diff
changeset
|
59 | size_t numgroups; |
|
62
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
60 | enum KeyfileHashType hash_type; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
61 | char *hash; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
62 | size_t hashlen; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
63 | }; |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
64 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
65 | Keyfile* keyfile_new(); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
66 | void keyfile_ref(Keyfile *keyfile); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
67 | void keyfile_unref(Keyfile *keyfile); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
68 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
69 | void keyfile_add_user( |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
70 | Keyfile *keyfile, |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
71 | sstr_t user, |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
72 | enum KeyfileHashType hash_type, |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
73 | sstr_t hash, |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
74 | sstr_t *groups, |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
75 | size_t ngroups); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
76 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
77 | User* keyfile_get_user(AuthDB *db, char *user); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
78 | int keyfile_user_verify_password(User *user, char *password); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
79 | int keyfile_user_check_group(User *user, char *group); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
80 | void keyfile_user_free(User *user); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
81 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
82 | // SSHA password compare |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
83 | int ssha_verify(KeyfileUser *user, char *password); |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
84 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
85 | #ifdef __cplusplus |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
86 | } |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
87 | #endif |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
88 | |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
89 | #endif /* KEYFILE_AUTH_H */ |
|
c47e081b6c0f
added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
90 |
