Hardware authentication for Linux using ordinary USB Flash Drives.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

111 lines
3.2 KiB

18 years ago
18 years ago
18 years ago
18 years ago
18 years ago
18 years ago
18 years ago
  1. /*
  2. * Copyright (c) 2003-2006 Andrea Luzzardi <scox@sig11.org>
  3. *
  4. * This file is part of the pam_usb project. pam_usb is free software;
  5. * you can redistribute it and/or modify it under the terms of the GNU General
  6. * Public License version 2, as published by the Free Software Foundation.
  7. *
  8. * pam_usb is distributed in the hope that it will be useful, but WITHOUT ANY
  9. * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  10. * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
  11. * details.
  12. *
  13. * You should have received a copy of the GNU General Public License along with
  14. * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
  15. * Place, Suite 330, Boston, MA 02111-1307 USA
  16. */
  17. #include <unistd.h>
  18. #include <string.h>
  19. #include <libhal-storage.h>
  20. #include "conf.h"
  21. #include "hal.h"
  22. #include "log.h"
  23. #include "otp.h"
  24. #include "device.h"
  25. static LibHalDrive *pusb_device_get_storage(t_pusb_options *opts, LibHalContext *ctx,
  26. const char *udi)
  27. {
  28. char *phy_udi = NULL;
  29. char *storage_udi = NULL;
  30. int maxloop = 0;
  31. LibHalDrive *drive = NULL;
  32. log_info("Probing storage device (this could take a while)...\n");
  33. while (!(phy_udi = pusb_hal_find_item(ctx,
  34. "info.parent", udi,
  35. "info.bus", "usb",
  36. NULL)))
  37. usleep(250000);
  38. maxloop = ((opts->probe_timeout * 1000000) / 250000);
  39. while (maxloop > 0 &&
  40. (!(storage_udi = pusb_hal_find_item(ctx,
  41. "storage.physical_device", phy_udi,
  42. "info.category", "storage",
  43. NULL)) || strstr(storage_udi, "temp")))
  44. {
  45. if (storage_udi)
  46. libhal_free_string(storage_udi);
  47. --maxloop;
  48. usleep(250000);
  49. }
  50. libhal_free_string(phy_udi);
  51. if (storage_udi)
  52. {
  53. drive = libhal_drive_from_udi(ctx, storage_udi);
  54. libhal_free_string(storage_udi);
  55. }
  56. return (drive);
  57. }
  58. int pusb_device_check(t_pusb_options *opts)
  59. {
  60. DBusConnection *dbus = NULL;
  61. LibHalContext *ctx = NULL;
  62. LibHalDrive *drive = NULL;
  63. char *udi = NULL;
  64. int retval = 0;
  65. log_debug("Connecting to HAL...\n");
  66. if (!(dbus = pusb_hal_dbus_connect()))
  67. return (0);
  68. if (!(ctx = pusb_hal_init(dbus)))
  69. {
  70. pusb_hal_dbus_disconnect(dbus);
  71. return (0);
  72. }
  73. log_debug("Searching for \"%s\" in the hardware database...\n",
  74. opts->device.name);
  75. udi = pusb_hal_find_item(ctx,
  76. "usb_device.serial", opts->device.serial,
  77. "usb_device.vendor", opts->device.vendor,
  78. "info.product", opts->device.model,
  79. NULL);
  80. if (!udi)
  81. {
  82. log_error("Device \"%s\" is not connected.\n",
  83. opts->device.name);
  84. pusb_hal_dbus_disconnect(dbus);
  85. libhal_ctx_free(ctx);
  86. return (0);
  87. }
  88. log_info("Device \"%s\" is connected (good).\n", opts->device.name);
  89. if (!opts->try_otp && !opts->enforce_otp)
  90. {
  91. log_debug("One time pad is disabled, no more verifications to do.\n");
  92. retval = 1;
  93. }
  94. else
  95. {
  96. log_info("Performing one time pad verification...\n");
  97. if (!(drive = pusb_device_get_storage(opts, ctx, udi)))
  98. retval = !opts->enforce_otp;
  99. else
  100. retval = pusb_otp_check(opts, ctx, drive);
  101. }
  102. libhal_free_string(udi);
  103. pusb_hal_dbus_disconnect(dbus);
  104. libhal_ctx_free(ctx);
  105. return (retval);
  106. }