1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #pragma ident "%Z%%M% %I% %E% SMI"
27
28 #include "packer.h"
29
30 /*
31 * This file steers the creation of the Crack Dictionary Database.
32 * Based on a list of source dictionaries specified by the administrator,
33 * we create the Database by sorting each dictionary (in memory, one at
34 * a time), writing the sorted result to a temporary file, and merging
35 * all the temporary files into the Database.
36 *
37 * The current implementation has a number of limitations
38 * - each single source dictionary has to fit in memory
39 * - each single source dictionary has to be smaller than 2GByte
40 * - each single source dictionary can only hold up to 4GB words
41 * None of these seem real, practical, problems to me.
42 *
43 * All of this is meant to be run by one thread per host. The caller is
44 * responsible for locking things appropriately (as make_dict_database
45 * in dict.c does).
46 */
47
48 #include <stdio.h>
49 #include <stdlib.h>
50 #include <unistd.h>
51 #include <ctype.h>
52 #include <string.h>
53 #include <errno.h>
54 #include <sys/stat.h>
55 #include <fcntl.h>
56
57 /* Stuff used for sorting the dictionary */
58 static char *buf; /* used to hold the source dictionary */
59 static uint_t *offsets; /* array of word-offsets into "buf" */
60 static uint_t off_idx = 0; /* first free index in offsets array */
61 static size_t off_size = 0; /* offsets array size */
62
63 /* stuff to keep track of the temporary files */
64 #define FNAME_TEMPLATE "/var/tmp/authtok_check.XXXXXX"
65 #define MAXTMP 64
66 static FILE *tmpfp[MAXTMP]; /* FILE *'s to (unlinked) temporary files */
67 static int tmpfp_idx = 0; /* points to first free entry in tmpfp */
68
69 #define MODNAME "pam_authtok_check::packer"
70
71 /*
72 * int writeout(void)
73 *
74 * Write the sorted wordlist to disk. We create a temporary file
75 * (in /var/tmp), and immediately unlink() it. We keep an open
76 * FILE pointer to it in tmpfp[] for later use.
77 *
78 * returns 0 on success, -1 on failure (can't create file/output failure).
79 */
80 int
writeout(void)81 writeout(void)
82 {
83 int i = 0;
84 char tmpname[sizeof (FNAME_TEMPLATE)];
85 int fd;
86
87 if (tmpfp_idx == MAXTMP) {
88 syslog(LOG_ERR, MODNAME ": too many temporary "
89 "files (maximum %d exceeded)", MAXTMP);
90 return (-1);
91 }
92
93 (void) strcpy(tmpname, FNAME_TEMPLATE);
94 if ((fd = mkstemp(tmpname)) == -1) {
95 syslog(LOG_ERR, MODNAME ": mkstemp() failed: %s\n",
96 strerror(errno));
97 return (-1);
98 }
99 (void) unlink(tmpname);
100
101 if ((tmpfp[tmpfp_idx] = fdopen(fd, "w+F")) == NULL) {
102 syslog(LOG_ERR, MODNAME ": fdopen failed: %s",
103 strerror(errno));
104 (void) close(fd);
105 return (-1);
106 }
107
108 /* write words to file */
109 while (i < off_idx) {
110 if (fprintf(tmpfp[tmpfp_idx], "%s\n", &buf[offsets[i++]]) < 0) {
111 syslog(LOG_ERR, MODNAME ": write to file failed: %s",
112 strerror(errno));
113 (void) close(fd);
114 return (-1);
115 }
116 }
117
118 /* we have one extra tmpfp */
119 tmpfp_idx++;
120
121 return (0);
122 }
123
124 /*
125 * int insert_word(int off)
126 *
127 * insert an offset into the offsets-array. If the offsets-array is out of
128 * space, we allocate additional space (in CHUNKs)
129 *
130 * returns 0 on success, -1 on failure (out of memory)
131 */
132 int
insert_word(int off)133 insert_word(int off)
134 {
135 #define CHUNK 10000
136
137 if (off_idx == off_size) {
138 uint_t *tmp;
139 off_size += CHUNK;
140 tmp = realloc(offsets, sizeof (uint_t) * off_size);
141 if (tmp == NULL) {
142 syslog(LOG_ERR, MODNAME ": out of memory");
143 free(offsets);
144 off_idx = off_size = 0;
145 offsets = NULL;
146 return (-1);
147 }
148 offsets = tmp;
149 }
150
151 offsets[off_idx++] = off;
152 return (0);
153 }
154
155 /*
156 * translate(buf, size)
157 *
158 * perform "tr '[A-Z]' '[a-z]' | tr -cd '\012[a-z][0-9]'" on the
159 * words in "buf" and insert each of them into the offsets-array.
160 * We refrain from using 'isupper' and 'islower' to keep this strictly
161 * ASCII-only, as is the original Cracklib code.
162 *
163 * returns 0 on success, -1 on failure (failure of insert_word)
164 */
165 int
translate(char * buf,size_t size)166 translate(char *buf, size_t size)
167 {
168 char *p, *q, *e;
169 char c;
170 int wordstart;
171
172 e = &buf[size];
173
174 wordstart = 0;
175 for (p = buf, q = buf; q < e; q++) {
176 c = *q;
177 if (c >= 'A' && c <= 'Z') {
178 *(p++) = tolower(c);
179 } else if (c == '\n') {
180 *(p++) = '\0';
181 /*
182 * make sure we only insert words consisting of
183 * MAXWORDLEN-1 bytes or less
184 */
185 if (p-&buf[wordstart] > MAXWORDLEN)
186 buf[wordstart+MAXWORDLEN-1] = '\0';
187 if (insert_word(wordstart) != 0)
188 return (-1);
189 wordstart = p-buf;
190 } else if ((c >= 'a' && c <= 'z') || (c >= '0' && c <= '9')) {
191 *(p++) = c;
192 }
193 }
194 return (0);
195 }
196
197 /*
198 * int compare(a, b)
199 *
200 * helper-routine used for quicksort. we compate two words in the
201 * buffer, one start starts at index "a", and the other one that starts
202 * at index "b"
203 */
204 int
compare(const void * a,const void * b)205 compare(const void *a, const void *b)
206 {
207 int idx_a = *(uint_t *)a, idx_b = *(uint_t *)b;
208
209 return (strcmp(&buf[idx_a], &buf[idx_b]));
210 }
211
212 /*
213 *
214 * int sort_file(fname)
215 *
216 * We sort the file in memory: we read the dictionary file, translate all
217 * newlines to '\0's, all uppercase ASCII characters to lowercase characters
218 * and removing all characters but '[a-z][0-9]'.
219 * We maintain an array of offsets into the buffer where each word starts
220 * and sort this array using qsort().
221 *
222 * This implements the original cracklib code that did an execl of
223 * sh -c "/usr/bin/cat <list of files> |
224 * /usr/bin/tr '[A-Z]' '[a-z]' | /usr/bin/tr -cd '\012[a-z][0-9]' |
225 * sort -o tmfpfile
226 *
227 * returns 0 on success, -1 on failure.
228 */
229 int
sort_file(char * fname)230 sort_file(char *fname)
231 {
232 int fd;
233 struct stat statbuf;
234 ssize_t n;
235 int ret = -1;
236
237 if ((fd = open(fname, O_RDONLY)) == -1) {
238 syslog(LOG_ERR, MODNAME ": failed to open %s: %s",
239 fname, strerror(errno));
240 return (-1);
241 }
242
243 if (fstat(fd, &statbuf) == -1) {
244 syslog(LOG_ERR, MODNAME ": fstat() failed (%s)",
245 strerror(errno));
246 (void) close(fd);
247 return (-1);
248 }
249 if ((buf = malloc(statbuf.st_size + 1)) == NULL) {
250 syslog(LOG_ERR, MODNAME ": out of memory");
251 goto error;
252 }
253
254 n = read(fd, buf, statbuf.st_size);
255
256 if (n == -1) {
257 if (errno == EINVAL)
258 syslog(LOG_ERR, MODNAME ": %s is too big. "
259 "Split the file into smaller files.", fname);
260 else
261 syslog(LOG_ERR, MODNAME ": read failed: %s",
262 strerror(errno));
263 goto error;
264 }
265
266 if (translate(buf, n) == 0) {
267 qsort((void *)offsets, off_idx, sizeof (int), compare);
268
269 if (writeout() == 0)
270 ret = 0;
271 }
272
273 error:
274 (void) close(fd);
275
276 if (buf != NULL)
277 free(buf);
278 if (offsets != NULL)
279 free(offsets);
280 offsets = NULL;
281 off_size = 0;
282 off_idx = 0;
283 return (ret);
284 }
285
286 /*
287 * We merge the temporary files created by previous calls to sort_file()
288 * and insert the thus sorted words into the cracklib database
289 *
290 * returns 0 on success, -1 on failure.
291 */
292 int
merge_files(PWDICT * pwp)293 merge_files(PWDICT *pwp)
294 {
295 int ti;
296 char *words[MAXTMP];
297 char lastword[MAXWORDLEN];
298 int choice;
299
300 lastword[0] = '\0';
301
302 for (ti = 0; ti < tmpfp_idx; ti++)
303 if ((words[ti] = malloc(MAXWORDLEN)) == NULL) {
304 while (--ti >= 0)
305 free(words[ti]);
306 return (-1);
307 }
308
309 /*
310 * we read the first word of each of the temp-files into words[].
311 */
312 for (ti = 0; ti < tmpfp_idx; ti++) {
313 (void) fseek(tmpfp[ti], 0, SEEK_SET);
314 (void) fgets(words[ti], MAXWORDLEN, tmpfp[ti]);
315 words[ti][MAXWORDLEN-1] = '\0';
316 }
317
318 /*
319 * next, we emit the word that comes first (lexicographically),
320 * and replace that word with a new word from the file it
321 * came from. If the file is exhausted, we close the fp and
322 * swap the fp with the last fp in tmpfp[].
323 * we then decrease tmpfp_idx and continue with what's left until
324 * we run out of open FILE pointers.
325 */
326 while (tmpfp_idx != 0) {
327 choice = 0;
328
329 for (ti = 1; ti < tmpfp_idx; ti++)
330 if (strcmp(words[choice], words[ti]) > 0)
331 choice = ti;
332 /* Insert word in Cracklib database */
333 (void) Chomp(words[choice]);
334 if (words[choice][0] != '\0' &&
335 strcmp(lastword, words[choice]) != 0) {
336 (void) PutPW(pwp, words[choice]);
337 (void) strncpy(lastword, words[choice], MAXWORDLEN);
338 }
339
340 if (fgets(words[choice], MAXWORDLEN, tmpfp[choice]) == NULL) {
341 (void) fclose(tmpfp[choice]);
342 tmpfp[choice] = tmpfp[tmpfp_idx - 1];
343 tmpfp_idx--;
344 } else
345 words[choice][MAXWORDLEN-1] = '\0';
346 }
347 return (0);
348 }
349
350 /*
351 * int packer(list)
352 *
353 * sort all dictionaries in "list", and feed the words into the Crack
354 * Password Database.
355 *
356 * returns 0 on sucess, -1 on failure.
357 */
358 int
packer(char * list,char * path)359 packer(char *list, char *path)
360 {
361 PWDICT *pwp;
362 char *listcopy, *fname;
363 int ret = 0;
364
365 if ((listcopy = strdup(list)) == NULL) {
366 syslog(LOG_ERR, MODNAME ": out of memory");
367 return (-1);
368 }
369
370 if (!(pwp = PWOpen(path, "wF")))
371 return (-1);
372
373 fname = strtok(listcopy, " \t,");
374 while (ret == 0 && fname != NULL) {
375 if ((ret = sort_file(fname)) == 0)
376 fname = strtok(NULL, " \t,");
377 }
378 free(listcopy);
379
380 if (ret == 0)
381 ret = merge_files(pwp);
382
383 (void) PWClose(pwp);
384
385 return (ret);
386 }
387