Commands for manipulating the token database (ActivCard, CRYPTOCard, or SNK-004)

from BSDi.  Will be enabled when BSD authentication is turned on (login_token).

3 files changed, 552 insertions, 0 deletions

diff --git a/usr.sbin/tokenadm/Makefile b/usr.sbin/tokenadm/Makefile
new file mode 100644
index 00000000000..013e3d0ecd3
--- /dev/null
+++ b/usr.sbin/tokenadm/Makefile
@@ -0,0 +1,27 @@
+#	$OpenBSD: Makefile,v 1.1 2000/12/20 02:08:08 millert Exp $
+
+PROG=	tokenadm
+SRCS=	tokenadm.c init.c tokendb.c
+MAN=	tokenadm.8
+LDADD+=	-ldes
+DPADD=	${LIBDES}
+
+CFLAGS+=-I${.CURDIR}/../../libexec/login_token
+.PATH:	${.CURDIR}/../../libexec/login_token
+
+TOKENS=	activ crypto snk
+
+MLINKS=	tokenadm.8 activadm.8
+MLINKS+=tokenadm.8 cryptoadm.8
+MLINKS+=tokenadm.8 snkadm.8
+
+BINMODE=500
+
+afterinstall:
+	for i in ${TOKENS} ; do \
+	    cd ${DESTDIR}/${BINDIR} && \
+	    rm -f $${i}adm && \
+	    ln ${PROG} $${i}adm ; \
+	done
+
+.include <bsd.prog.mk>
diff --git a/usr.sbin/tokenadm/tokenadm.8 b/usr.sbin/tokenadm/tokenadm.8
new file mode 100644
index 00000000000..7bfd36fcb73
--- /dev/null
+++ b/usr.sbin/tokenadm/tokenadm.8
@@ -0,0 +1,123 @@
+.\" $OpenBSD: tokenadm.8,v 1.1 2000/12/20 02:08:08 millert Exp $
+.\"
+.\" Copyright (c) 1996 Berkeley Software Design, Inc. All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\"	This product includes software developed by Berkeley Software Design,
+.\"	Inc.
+.\" 4. The name of Berkeley Software Design, Inc.  may not be used to endorse
+.\"    or promote products derived from this software without specific prior
+.\"    written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"	BSDI $From: tokenadm.8,v 1.3 1996/09/06 00:44:07 prb Exp $
+.\"
+.Dd August 23, 1996
+.Dt TOKENADM 8
+.Os
+.Sh NAME
+.Nm activadm , cryptoadm , snkadm
+.Nd manage the ActivCard, CRYPTOCard and SNK-004 token databases
+.Sh SYNOPSIS
+.Nm tokenadm
+.Op Fl 1BDERT
+.Op Fl d
+.Op Fl e
+.Op Fl m Ar [-]mode
+.Op Fl r
+.Op Ar user Op ...
+.Sh DESCRIPTION
+The
+.Nm tokenadm
+utility is display and edit user entries in the various token databases.
+It may also be invoked as one the following:
+.Nm activadm , cryptoadm ,
+or
+.Nm snkadm .
+The flags available are:
+.Bl -tag -width indent
+.It Fl 1
+Display users, one per line.
+.It Fl B
+Display users with no banner.
+.It Fl D
+Display disabled users.
+.It Fl E
+Display enabled users.
+.It Fl R
+Display users in reverse order.
+.It Fl T
+Display users in terse format (only the user names).
+Unless
+.Fl 1
+is also specified, four users will be displayed per line.
+.It Fl d
+Disable users without removing them from the database.
+This prevents the users from authenticating, but does not loose their
+shared secret.
+The
+.Fl m
+flag may also be used with the
+.Fl d
+flag.
+.It Fl e
+Enable users.
+This should be used to re-enable users who were disabled by the
+.Fl m
+flag may also be used with the
+.Fl e
+flag
+option.
+.It Fl m
+Add
+[or remove]
+the specified mode of authentication for the user.  Modes available are
+decimal (dec), hexadecimal (hex) and phonebook (phone) and reduced-input (rim).
+Not all modes are available for all types of cards.
+The
+.Fl m
+flag may be used alone or in conjunction with either the
+.Fl de
+flags.
+When ever reduced-input mode is set the reduced-input state is reset.
+This should be done if a paper copy of challenge/responses had been
+produced and then misplaced.
+.It Fl r
+Remove users from the database.
+.El
+.sp
+Use of any of the
+.Fl 1BDERT
+flags precludes the use of any of the
+.Fl demr
+flags.
+The
+.Fl demr
+flags all require at least one
+.Ar user
+argument.
+.Sh SEE ALSO
+.Xr x99token 1 ,
+.Xr login.conf 5 ,
+.Xr login_token 8 ,
+.Xr tokeninit 8 ,
diff --git a/usr.sbin/tokenadm/tokenadm.c b/usr.sbin/tokenadm/tokenadm.c
new file mode 100644
index 00000000000..383b7b4c2bb
--- /dev/null
+++ b/usr.sbin/tokenadm/tokenadm.c
@@ -0,0 +1,402 @@
+/*	$OpenBSD: tokenadm.c,v 1.1 2000/12/20 02:08:09 millert Exp $	*/
+
+/*-
+ * Copyright (c) 1995 Migration Associates Corp. All Rights Reserved
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by Berkeley Software Design,
+ *      Inc.
+ * 4. The name of Berkeley Software Design, Inc.  may not be used to endorse
+ *    or promote products derived from this software without specific prior
+ *    written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *	BSDI $From: tokenadm.c,v 1.2 1996/10/17 00:54:28 prb Exp $
+ */
+
+#include <sys/param.h>
+#include <sys/resource.h>
+#include <sys/time.h>
+
+#include <err.h>
+#include <errno.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+
+#include "token.h"
+#include "tokendb.h"
+
+
+typedef enum { LIST, ENABLE, DISABLE, REMOVE, MODECH } what_t;
+typedef enum {
+	NOBANNER = 0x01,
+	TERSE = 0x02,
+	ENONLY = 0x04,
+	DISONLY = 0x08,
+	ONECOL = 0x10,
+	REVERSE = 0x20,
+	} how_t;
+
+static	int	force_unlock(char *);
+static	int	process_record(char *, unsigned, unsigned);
+static	int	process_modes(char *, unsigned, unsigned);
+static  void	print_record(TOKENDB_Rec *, how_t);
+
+extern	int
+main(int argc, char **argv)
+{
+	int c, errors;
+	u_int emode, dmode, pmode;
+	struct rlimit cds;
+	what_t what;
+	how_t how;
+	TOKENDB_Rec tokenrec;
+
+	what = LIST;
+	emode = dmode = 0;
+	pmode = 0;
+	errors = 0;
+	how = 0;
+
+	(void)signal(SIGQUIT, SIG_IGN);
+	(void)signal(SIGINT, SIG_IGN);
+	(void)setpriority(PRIO_PROCESS, 0, 0);
+
+	openlog(NULL, LOG_ODELAY, LOG_AUTH);
+
+	if (token_init(argv[0]) < 0) {
+		syslog(LOG_ERR, "unknown token type");
+		errx(1, "unknown token type");
+	}
+
+	/*
+	 * Make sure we never dump core as we might have a
+	 * valid user shared-secret in memory.
+	 */
+
+	cds.rlim_cur = 0;
+	cds.rlim_max = 0;
+	if (setrlimit(RLIMIT_CORE, &cds) < 0)
+		syslog(LOG_ERR, "couldn't set core dump size to 0: %m");
+
+    	while ((c = getopt(argc, argv, "BDERT1bdem:ru")) != EOF)
+		switch (c) {
+		case 'B':
+			if (what != LIST)
+				goto usage;
+			how |= NOBANNER;
+			break;
+		case 'T':
+			if (what != LIST)
+				goto usage;
+			how |= TERSE;
+			break;
+		case '1':
+			if (what != LIST)
+				goto usage;
+			how |= ONECOL;
+			break;
+		case 'D':
+			if (what != LIST)
+				goto usage;
+			how |= DISONLY;
+			break;
+		case 'E':
+			if (what != LIST)
+				goto usage;
+			how |= ENONLY;
+			break;
+		case 'R':
+			if (what != LIST)
+				goto usage;
+			how |= REVERSE;
+			break;
+		case 'd':
+			if (what != LIST || how)
+				goto usage;
+			what = DISABLE;
+			break;
+		case 'e':
+			if (what != LIST || how)
+				goto usage;
+			what = ENABLE;
+			break;
+		case 'r':
+			if (what != LIST || emode || dmode || how)
+				goto usage;
+			what = REMOVE;
+			break;
+		case 'm':
+			if (what == REMOVE || how)
+				goto usage;
+			if (*optarg == '-') {
+				if ((c = token_mode(optarg+1)) == NULL)
+					errx(1, "%s: unknown mode", optarg+1);
+				dmode |= c;
+			} else {
+				if ((c = token_mode(optarg)) == NULL)
+					errx(1, "%s: unknown mode", optarg);
+				emode |= c;
+			}
+			break;
+		default:
+			goto usage;
+		}
+
+	if (what == LIST && (dmode || emode))
+		what = MODECH;
+
+	if (what == LIST) {
+		if ((how & (ENONLY|DISONLY)) == 0)
+			how |= ENONLY|DISONLY;
+		if (!(how & NOBANNER)) {
+			if ((how & (TERSE|ONECOL)) == (TERSE|ONECOL)) {
+				printf("User\n");
+				printf("----------------\n");
+			} else if (how & (TERSE)) {
+				printf("User             ");
+				printf("User             ");
+				printf("User             ");
+				printf("User\n");
+				printf("---------------- ");
+				printf("---------------- ");
+				printf("---------------- ");
+				printf("----------------\n");
+			} else {
+				printf("User             Status   Modes\n");
+				printf("---------------- -------- -----\n");
+			}
+		}
+
+		if (optind >= argc) {
+			if (tokendb_firstrec(how & REVERSE, &tokenrec))
+				exit(0);
+			do
+				print_record(&tokenrec, how);
+			while (tokendb_nextrec(how & REVERSE, &tokenrec) == 0);
+			print_record(NULL, how);
+			exit(0);
+		}
+	}
+
+	if (optind >= argc) {
+usage:
+		fprintf(stderr,
+		    "Usage: %sadm [-BDERT1 | -d | -e | -r] [-m mode] user [...]\n",
+			tt->name);
+		exit(1);
+	}
+		
+
+	argv += optind - 1;
+	while (*++argv)
+		switch(what) {
+		case LIST:
+			if (tokendb_getrec(*argv, &tokenrec)) {
+				printf("%s: no such user\n", *argv);
+				break;
+			}
+			print_record(&tokenrec, how);
+			break;
+		case REMOVE:
+			if (tokendb_delrec(*argv)) {
+				warnx("%s: could not remove", *argv);
+				errors++;
+			}
+			break;
+		case DISABLE:
+			if (process_record(*argv, ~TOKEN_ENABLED, 0)) {
+				warnx("%s: could not disable", *argv);
+				++errors;
+			}
+			if (emode || dmode)
+				goto modech;
+			break;
+		case ENABLE:
+			if (process_record(*argv, ~TOKEN_ENABLED, 0)) {
+				warnx("%s: could not enable", *argv);
+				++errors;
+			}
+			if (emode || dmode)
+				goto modech;
+			break;
+		modech:
+		case MODECH:
+			if (process_modes(*argv, ~dmode, emode)) {
+				warnx("%s: could not change modes", *argv);
+				++errors;
+			}
+			break;
+		}
+
+	if (what == LIST)
+		print_record(NULL, how);
+
+	exit(errors);
+}
+
+/*
+ * Process a user record
+ */
+
+static	int
+process_record(char *username, unsigned and_mask, unsigned or_mask)
+{
+	int	count = 0;
+	TOKENDB_Rec tokenrec;
+
+retry:
+	switch (tokendb_lockrec(username, &tokenrec, TOKEN_LOCKED)) {
+	case 0:
+		tokenrec.flags &= and_mask;
+		tokenrec.flags |= or_mask;
+		tokenrec.flags &= ~TOKEN_LOCKED;
+		if (!tokendb_putrec(username, &tokenrec))
+			return (0);
+		else
+			return (-1);
+	case 1:
+		sleep(1);
+		if (count++ < 60)
+			goto retry;
+		if (force_unlock(username))
+			return (1);
+		goto retry;
+
+	case ENOENT:
+		warnx("%s: nonexistent user", username);
+		return (1);
+	default:
+		return (-1);
+	}
+}
+
+static	int
+process_modes(char *username, unsigned and_mask, unsigned or_mask)
+{
+	int	count = 0;
+	TOKENDB_Rec tokenrec;
+
+retry:
+	switch (tokendb_lockrec(username, &tokenrec, TOKEN_LOCKED)) {
+	case 0:
+		tokenrec.mode &= and_mask;
+		tokenrec.mode |= or_mask;
+		/*
+		 * When ever we set up for rim mode (even if we are
+		 * already set up for it) reset the rim key
+		 */
+		if (or_mask & TOKEN_RIM)
+			memset(tokenrec.rim, 0, sizeof(tokenrec.rim));
+		tokenrec.flags &= ~TOKEN_LOCKED;
+		if (!tokendb_putrec(username, &tokenrec))
+			return (0);
+		else
+			return (-1);
+	case 1:
+		sleep(1);
+		if (count++ < 60)
+			goto retry;
+		if (force_unlock(username))
+			return (1);
+		goto retry;
+
+	case ENOENT:
+		warnx("%s: nonexistent user", username);
+		return (1);
+	default:
+		return (-1);
+	}
+}
+
+/*
+ * Force remove a user record-level lock.  
+ */
+
+static	int
+force_unlock(char *username)
+{
+	TOKENDB_Rec tokenrec;
+
+	if (tokendb_getrec(username, &tokenrec))
+		return (-1);
+
+	tokenrec.flags &= ~TOKEN_LOCKED;
+	tokenrec.flags &= ~TOKEN_LOGIN;
+
+	if (tokendb_putrec(username, &tokenrec))
+		return (1);
+
+	return (0);
+}
+
+/*
+ * Print a database record according to user a specified format
+ */
+
+static	void
+print_record(TOKENDB_Rec *rec, how_t how)
+{
+	static int count = 0;
+	int i;
+
+	if (rec == NULL) {
+		if ((count & 3) && (how & (TERSE|ONECOL)) == TERSE)
+			printf("\n");
+		return;
+	}
+
+	if (rec->flags & TOKEN_ENABLED) {
+		if ((how & ENONLY) == 0)
+			return;
+	} else {
+		if ((how & DISONLY) == 0)
+			return;
+	}
+
+	switch (how & (TERSE|ONECOL)) {
+	case 0:
+	case ONECOL:
+		printf("%-16s %-8s", rec->uname,
+		  rec->flags & TOKEN_ENABLED ? "enabled" : "disabled");
+
+		for (i = 1; i; i <<= 1)
+			if (rec->mode & i)
+				printf(" %s", token_getmode(i));
+		printf("\n");
+		break;
+	case TERSE:
+		if ((count & 3) == 3)
+			printf("%s\n", rec->uname);
+		else
+			printf("%-16s ", rec->uname);
+		break;
+	case TERSE|ONECOL:
+		printf("%s\n", rec->uname);
+		break;
+	}
+	++count;
+}