summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/mad-server.conf1
-rw-r--r--src/madc.cpp11
-rw-r--r--src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp76
-rw-r--r--src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.h90
-rw-r--r--src/modules/AuthBackendChallengeResponse/CMakeLists.txt8
-rw-r--r--src/modules/AuthBackendChallengeResponse/Module.cpp30
-rw-r--r--src/modules/AuthBackendChallengeResponse/Module.h52
-rw-r--r--src/modules/AuthBackendPassword/AuthBackendPassword.cpp4
-rw-r--r--src/modules/CMakeLists.txt1
9 files changed, 270 insertions, 3 deletions
diff --git a/src/mad-server.conf b/src/mad-server.conf
index ff8249c..1ea3f70 100644
--- a/src/mad-server.conf
+++ b/src/mad-server.conf
@@ -1,5 +1,6 @@
LoadModule "FileLogger"
+LoadModule "AuthBackendChallengeResponse"
LoadModule "AuthBackendPassword"
LoadModule "AuthProviderFile"
diff --git a/src/madc.cpp b/src/madc.cpp
index 5f6039d..0f4639d 100644
--- a/src/madc.cpp
+++ b/src/madc.cpp
@@ -31,6 +31,7 @@
#include "Client/CommandParser.h"
#include "Client/InformationManager.h"
#include "Client/PasswordReader.h"
+#include "Client/Authenticators/ChallengeResponseAuthenticator.h"
#include "Client/Authenticators/PasswordAuthenticator.h"
#include <iostream>
@@ -80,7 +81,15 @@ int main(int argc, char *argv[]) {
std::getline(std::cin, username);
password = Client::PasswordReader::readPassword("Password: ");
- Client::Authenticators::PasswordAuthenticator::authenticate(&application, connection, username, password);
+ try {
+ Client::Authenticators::ChallengeResponseAuthenticator::authenticate(&application, connection, username, password);
+ }
+ catch(Core::Exception e) {
+ if(e.getErrorCode() != Core::Exception::NOT_AVAILABLE)
+ throw e;
+
+ Client::Authenticators::PasswordAuthenticator::authenticate(&application, connection, username, password);
+ }
}
std::cerr << "Login successful." << std::endl << std::endl;
diff --git a/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp b/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp
new file mode 100644
index 0000000..39f2672
--- /dev/null
+++ b/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp
@@ -0,0 +1,76 @@
+/*
+ * AuthBackendChallengeResponse.cpp
+ *
+ * Copyright (C) 2009 Matthias Schiffer <matthias@gamezock.de>
+ *
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "AuthBackendChallengeResponse.h"
+
+#include <Common/Hash.h>
+
+namespace Mad {
+namespace Modules {
+namespace AuthBackendChallengeResponse {
+
+const std::string AuthBackendChallengeResponse::methodName = "Challenge-Response";
+
+AuthBackendChallengeResponse::AuthContextChallengeResponse::AuthContextChallengeResponse(AuthBackendChallengeResponse *backend) : authenticated(false) {
+ challenge.reserve(20);
+
+ for(int i = 0; i < 20; ++i)
+ challenge.push_back(backend->randomGenerator());
+}
+
+boost::shared_ptr<Common::AuthContext> AuthBackendChallengeResponse::authenticate(boost::shared_ptr<Common::AuthProvider> provider, const std::string &subMethod,
+ const std::string &user, const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t> &response,
+ boost::shared_ptr<Common::AuthContext> context) throw(Core::Exception) {
+ if(context && dynamic_cast<AuthContextChallengeResponse*>(context.get()) == 0)
+ throw(Core::Exception(Core::Exception::INVALID_INPUT));
+
+ std::vector<std::string> allowedMethods = getSubMethods(provider);
+ if(std::find(allowedMethods.begin(), allowedMethods.end(), subMethod) == allowedMethods.end())
+ throw(Core::Exception(Core::Exception::INVALID_INPUT));
+
+ if(!context) {
+ boost::shared_ptr<AuthContextChallengeResponse> contextCR(new AuthContextChallengeResponse(this));
+ context = contextCR;
+
+ response.insert(response.end(), contextCR->challenge.begin(), contextCR->challenge.end());
+ }
+ else {
+ boost::shared_ptr<AuthContextChallengeResponse> contextCR = boost::dynamic_pointer_cast<AuthContextChallengeResponse>(context);
+
+ std::vector<boost::uint8_t> password = provider->getPassword(user, subMethod);
+ if(password.empty())
+ throw Core::Exception(Core::Exception::AUTHENTICATION);
+
+ password.insert(password.end(), contextCR->challenge.begin(), contextCR->challenge.end());
+
+ password = Common::Hash::hash(password, subMethod);
+
+ if(password.size() != data.size() || !std::equal(password.begin(), password.end(), data.begin()))
+ throw Core::Exception(Core::Exception::AUTHENTICATION);
+
+ contextCR->authenticated = true;
+ }
+
+
+ return context;
+}
+
+}
+}
+}
diff --git a/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.h b/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.h
new file mode 100644
index 0000000..782f441
--- /dev/null
+++ b/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.h
@@ -0,0 +1,90 @@
+/*
+ * AuthBackendChallengeResponse.h
+ *
+ * Copyright (C) 2008 Matthias Schiffer <matthias@gamezock.de>
+ *
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef MAD_MODULES_AUTHBACKENDCHALLENGERESPONSE_AUTHBACKENDCHALLENGERESPONSE_H_
+#define MAD_MODULES_AUTHBACKENDCHALLENGERESPONSE_AUTHBACKENDCHALLENGERESPONSE_H_
+
+#include "../export.h"
+
+#include <Common/AuthBackend.h>
+#include <Common/AuthContext.h>
+#include <Common/AuthProvider.h>
+#include <Common/Application.h>
+
+#include <boost/random/mersenne_twister.hpp>
+#include <boost/random/uniform_int.hpp>
+#include <boost/random/variate_generator.hpp>
+
+
+namespace Mad {
+namespace Modules {
+namespace AuthBackendChallengeResponse {
+
+class MAD_MODULE_EXPORT AuthBackendChallengeResponse : public Common::AuthBackend, private boost::noncopyable {
+ private:
+ class AuthContextChallengeResponse : public Common::AuthContext {
+ private:
+ friend class AuthBackendChallengeResponse;
+
+ bool authenticated;
+ std::vector<boost::uint8_t> challenge;
+
+ AuthContextChallengeResponse(AuthBackendChallengeResponse *backend);
+
+ protected:
+ virtual bool isAuthenticated() const {
+ return authenticated;
+ }
+ };
+
+ static const std::string methodName;
+
+ Common::Application *application;
+
+ boost::mt19937 rng;
+ boost::uniform_int<boost::uint8_t> byteDistribution;
+ boost::variate_generator<boost::mt19937&, boost::uniform_int<boost::uint8_t> > randomGenerator;
+
+
+ protected:
+ virtual const std::string& getMethodName() const {
+ return methodName;
+ }
+
+ virtual std::vector<std::string> getSubMethods(boost::shared_ptr<Common::AuthProvider> provider) const {
+ std::vector<std::string> ret;
+ ret.push_back(provider->getHashes().front());
+
+ return ret;
+ }
+
+ virtual boost::shared_ptr<Common::AuthContext> authenticate(boost::shared_ptr<Common::AuthProvider> provider, const std::string &subMethod,
+ const std::string &user, const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t> &response,
+ boost::shared_ptr<Common::AuthContext> context) throw(Core::Exception);
+
+ public:
+ AuthBackendChallengeResponse(Common::Application *application0)
+ : application(application0), byteDistribution(0, 255), randomGenerator(rng, byteDistribution) {}
+};
+
+}
+}
+}
+
+#endif /* MAD_MODULES_AUTHBACKENDCHALLENGERESPONSE_AUTHBACKENDCHALLENGERESPONSE_H_ */
diff --git a/src/modules/AuthBackendChallengeResponse/CMakeLists.txt b/src/modules/AuthBackendChallengeResponse/CMakeLists.txt
new file mode 100644
index 0000000..9dfd7ba
--- /dev/null
+++ b/src/modules/AuthBackendChallengeResponse/CMakeLists.txt
@@ -0,0 +1,8 @@
+include_directories(${INCLUDES})
+
+mad_module(AuthBackendChallengeResponse
+ Module.cpp Module.h
+ AuthBackendChallengeResponse.cpp AuthBackendChallengeResponse.h
+)
+
+mad_module_libraries(AuthBackendChallengeResponse)
diff --git a/src/modules/AuthBackendChallengeResponse/Module.cpp b/src/modules/AuthBackendChallengeResponse/Module.cpp
new file mode 100644
index 0000000..f2fa0c2
--- /dev/null
+++ b/src/modules/AuthBackendChallengeResponse/Module.cpp
@@ -0,0 +1,30 @@
+/*
+ * Module.cpp
+ *
+ * Copyright (C) 2009 Matthias Schiffer <matthias@gamezock.de>
+ *
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "../export.h"
+
+#include "Module.h"
+
+extern "C" {
+
+MAD_MODULE_EXPORT Mad::Common::Module* AuthBackendChallengeResponse_create(Mad::Common::Application *application) {
+ return new Mad::Modules::AuthBackendChallengeResponse::Module(application);
+}
+
+}
diff --git a/src/modules/AuthBackendChallengeResponse/Module.h b/src/modules/AuthBackendChallengeResponse/Module.h
new file mode 100644
index 0000000..7a5891b
--- /dev/null
+++ b/src/modules/AuthBackendChallengeResponse/Module.h
@@ -0,0 +1,52 @@
+/*
+ * Module.h
+ *
+ * Copyright (C) 2009 Matthias Schiffer <matthias@gamezock.de>
+ *
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef MAD_MODULES_AUTHBACKENDCHALLENGERESPONSE_MODULE_H_
+#define MAD_MODULES_AUTHBACKENDCHALLENGERESPONSE_MODULE_H_
+
+#include "AuthBackendChallengeResponse.h"
+
+#include <Common/Module.h>
+#include <Common/AuthManager.h>
+
+namespace Mad {
+namespace Modules {
+namespace AuthBackendChallengeResponse {
+
+class Module : public Common::Module {
+ private:
+ Common::Application *application;
+
+ boost::shared_ptr<AuthBackendChallengeResponse> backend;
+
+ public:
+ Module(Common::Application *application0) : application(application0), backend(new AuthBackendChallengeResponse(application)) {
+ application->getAuthManager()->registerBackend(backend);
+ }
+
+ virtual ~Module() {
+ application->getAuthManager()->unregisterBackend(backend);
+ }
+};
+
+}
+}
+}
+
+#endif /* MAD_MODULES_AUTHBACKENDCHALLENGERESPONSE_MODULE_H_ */
diff --git a/src/modules/AuthBackendPassword/AuthBackendPassword.cpp b/src/modules/AuthBackendPassword/AuthBackendPassword.cpp
index 7e5aca9..1b38002 100644
--- a/src/modules/AuthBackendPassword/AuthBackendPassword.cpp
+++ b/src/modules/AuthBackendPassword/AuthBackendPassword.cpp
@@ -28,14 +28,14 @@ const std::string AuthBackendPassword::methodName = "Password";
boost::shared_ptr<Common::AuthContext> AuthBackendPassword::authenticate(boost::shared_ptr<Common::AuthProvider> provider, const std::string &subMethod,
const std::string &user, const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t>& /*response*/,
boost::shared_ptr<Common::AuthContext> context) throw(Core::Exception) {
- if(context.get() != 0 && dynamic_cast<AuthContextPassword*>(context.get()) == 0)
+ if(context && dynamic_cast<AuthContextPassword*>(context.get()) == 0)
throw(Core::Exception(Core::Exception::INVALID_INPUT));
std::vector<std::string> allowedMethods = getSubMethods(provider);
if(std::find(allowedMethods.begin(), allowedMethods.end(), subMethod) == allowedMethods.end())
throw(Core::Exception(Core::Exception::INVALID_INPUT));
- if(context.get() == 0)
+ if(!context)
context.reset(new AuthContextPassword);
if(!provider->checkPassword(user, data, subMethod))
diff --git a/src/modules/CMakeLists.txt b/src/modules/CMakeLists.txt
index 0e198f8..e87d6af 100644
--- a/src/modules/CMakeLists.txt
+++ b/src/modules/CMakeLists.txt
@@ -33,6 +33,7 @@ macro(mad_module_libraries name)
endif(WITH_${upper_name})
endmacro(mad_module_libraries)
+add_subdirectory(AuthBackendChallengeResponse)
add_subdirectory(AuthBackendPassword)
add_subdirectory(AuthProviderFile)
add_subdirectory(FileLogger)