auth.c

/*
 * uhttpd - Tiny single-threaded httpd
 *
 *   Copyright (C) 2010-2013 Jo-Philipp Wich <xm@subsignal.org>
 *   Copyright (C) 2013 Felix Fietkau <nbd@openwrt.org>
 *
 * Permission to use, copy, modify, and/or distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#define _GNU_SOURCE
#define _XOPEN_SOURCE	700
#include <strings.h>
#ifdef HAVE_SHADOW
#include <shadow.h>
#endif
#include "uhttpd.h"

/*
 * Constant-time string comparison to prevent timing-based password oracle.
 * Returns true only if both strings are equal in length and content.
 */
static bool uh_pass_compare(const char *a, const char *b)
{
	unsigned int diff = 0;
	size_t la, lb, i, maxlen;

	if (!a || !b)
		return false;

	la = strlen(a);
	lb = strlen(b);
	maxlen = la > lb ? la : lb;

	for (i = 0; i < maxlen; i++)
		diff |= (unsigned char)(i < la ? a[i] : 0) ^
		        (unsigned char)(i < lb ? b[i] : 0);

	diff |= (unsigned int)(la ^ lb);
	return diff == 0;
}

static LIST_HEAD(auth_realms);

void uh_auth_add(const char *path, const char *user, const char *pass)
{
	struct auth_realm *new = NULL;
	struct passwd *pwd;
	const char *new_pass = NULL;
	char *dest_path, *dest_user, *dest_pass;

#ifdef HAVE_SHADOW
	struct spwd *spwd;
#endif

	/* given password refers to a passwd entry */
	if ((strlen(pass) > 3) && !strncmp(pass, "$p$", 3)) {
#ifdef HAVE_SHADOW
		/* try to resolve shadow entry */
		spwd = getspnam(&pass[3]);
		if (spwd)
			new_pass = spwd->sp_pwdp;
#endif
		if (!new_pass) {
			pwd = getpwnam(&pass[3]);
			if (pwd && pwd->pw_passwd && pwd->pw_passwd[0])
				new_pass = pwd->pw_passwd;
		}

		/* Only honour a real crypt(3) hash. Anything else from shadow
		 * splits into two cases that mirror login(1) semantics:
		 *
		 *  - Empty password field ("root:::..."): the system account
		 *    permits passwordless login, so leave new_pass empty and
		 *    let the realm be dropped at the next check, which leaves
		 *    the protected path unauthenticated.
		 *
		 *  - Any other non-'$' value ("*", "x", "!", "!!", "*LK*",
		 *    "*NP*", "!hash" lock prefix, ...): the account is locked
		 *    or its credential is a placeholder. Without this guard
		 *    uh_auth_check's plaintext compare branch would fire (it
		 *    runs whenever realm->pass does not start with '$') and a
		 *    client could authenticate by sending the placeholder
		 *    verbatim as the password. Bind the realm to a sentinel
		 *    that starts with '$' (skipping the plaintext branch) and
		 *    that crypt(3) cannot produce (failing the hash branch),
		 *    so every request gets 401 instead of silent public
		 *    access. */
		if (!new_pass) {
			fprintf(stderr, "uhttpd: account '%s' does not "
				"exist; denying all access to %s\n",
				&pass[3], path);
			new_pass = "$";
		} else if (new_pass[0] && new_pass[0] != '$') {
			fprintf(stderr, "uhttpd: account '%s' is locked "
				"or has a non-crypt password; denying all "
				"access to %s\n", &pass[3], path);
			new_pass = "$";
		} else if (!new_pass[0]) {
			fprintf(stderr, "uhttpd: account '%s' has no "
				"password set; leaving %s unauthenticated\n",
				&pass[3], path);
		}
	} else {
		new_pass = pass;
	}

	if (!new_pass || !new_pass[0])
		return;

	new = calloc_a(sizeof(*new),
		&dest_path, strlen(path) + 1,
		&dest_user, strlen(user) + 1,
		&dest_pass, strlen(new_pass) + 1);

	if (!new)
		return;

	new->path = strcpy(dest_path, path);
	new->user = strcpy(dest_user, user);
	new->pass = strcpy(dest_pass, new_pass);
	list_add(&new->list, &auth_realms);
}

bool uh_auth_check(struct client *cl, const char *path, const char *auth,
                   char **uptr, char **pptr)
{
	struct http_request *req = &cl->request;
	struct auth_realm *realm;
	bool user_match = false;
	char *user = NULL;
	char *pass = NULL;
	int plen;

	if (uptr)
		*uptr = NULL;

	if (pptr)
		*pptr = NULL;

	if (auth && !strncasecmp(auth, "Basic ", 6)) {
		auth += 6;

		uh_b64decode(uh_buf, sizeof(uh_buf), auth, strlen(auth));
		pass = strchr(uh_buf, ':');
		if (pass) {
			user = uh_buf;
			*pass++ = 0;
		}
	}

	req->realm = NULL;
	plen = strlen(path);
	list_for_each_entry(realm, &auth_realms, list) {
		int rlen = strlen(realm->path);

		if (plen < rlen)
			continue;

		if (strncasecmp(path, realm->path, rlen) != 0)
			continue;

		req->realm = realm;
		if (!user)
			break;

		if (strcmp(user, realm->user) != 0)
			continue;

		user_match = true;
		break;
	}

	if (!req->realm)
		return true;

	/* The leading '$' check distinguishes a stored plaintext password from a
	 * modern crypt(3) hash ($id$salt$...). It blocks the case where a client
	 * sends the stored hash itself as the password and matches via strcmp. */
	if (user_match &&
	    ((realm->pass[0] != '$' && uh_pass_compare(pass, realm->pass)) ||
	     uh_pass_compare(crypt(pass, realm->pass), realm->pass))) {
		if (uptr)
			*uptr = user;

		if (pptr)
			*pptr = pass;

		return true;
	}

	uh_http_header(cl, 401, "Authorization Required");
	ustream_printf(cl->us,
				  "WWW-Authenticate: Basic realm=\"%s\"\r\n"
				  "Content-Type: text/plain\r\n\r\n",
				  conf.realm);
	uh_chunk_printf(cl, "Authorization Required\n");
	uh_request_done(cl);

	return false;
}