[gssapi-openssh.git] / openssh / gss-genr.c

/*
 * Copyright (c) 2001,2002 Simon Wilkinson. All rights reserved. *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "includes.h"

#ifdef GSSAPI

#include "ssh.h"
#include "ssh2.h"
#include "xmalloc.h"
#include "buffer.h"
#include "bufaux.h"
#include "packet.h"
#include "compat.h"
#include <openssl/evp.h>
#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "compat.h"
#include "monitor_wrap.h"
#include "canohost.h"

#include <netdb.h>

#include "ssh-gss.h"

/* Assorted globals for tracking the clients identity once they've
 * authenticated */
 
gss_buffer_desc gssapi_client_name = {0,NULL}; /* Name of our client */
gss_cred_id_t   gssapi_client_creds = GSS_C_NO_CREDENTIAL; /* Their credentials */
enum ssh_gss_id gssapi_client_type = GSS_LAST_ENTRY;

unsigned char ssh1_key_digest[16]; /* used for ssh1 gssapi */

/* The mechanism name used in the list below is defined in the internet
 * draft as the Base 64 encoding of the MD5 hash of the ASN.1 DER encoding 
 * of the underlying GSSAPI mechanism's OID.
 *
 * Also from the draft, before considering adding SPNEGO, bear in mind that
 * "mechanisms ... MUST NOT use SPNEGO as the underlying GSSAPI mechanism"
 */

/* These must be in the same order as ssh_gss_id, in ssh-gss.h */

ssh_gssapi_mech supported_mechs[]= {
#ifdef KRB5
 /* Official OID - 1.2.850.113554.1.2.2 */
 {"Se3H81ismmOC3OE+FwYCiQ==","Kerberos",
 	{9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"}},
#endif
#ifdef GSI
 /* gssapi_ssleay 1.3.6.1.4.1.3536.1.1 */
 {"N3+k7/4wGxHyuP8Yxi4RhA==",
  "GSI",
  {9, "\x2B\x06\x01\x04\x01\x9B\x50\x01\x01"}
 },
#endif /* GSI */
 {NULL,NULL,{0,0}}
};

char gssprefix[]=KEX_GSS_SHA1;

/* Return a list of the gss-group1-sha1-x mechanisms supported by this
 * program.
 *
 * We only support the mechanisms that we've indicated in the list above,
 * but we check that they're supported by the GSSAPI mechanism on the 
 * machine. We also check, before including them in the list, that
 * we have the necesary information in order to carry out the key exchange
 * (that is, that the user has credentials, the server's creds are accessible,
 * etc)
 *
 * The way that this is done is fairly nasty, as we do a lot of work that
 * is then thrown away. This should possibly be implemented with a cache
 * that stores the results (in an expanded Gssctxt structure), which are
 * then used by the first calls if that key exchange mechanism is chosen.
 */
 
char * 
ssh_gssapi_mechanisms(char *host) {
	gss_OID_set 	supported;
	OM_uint32	maj_status, min_status;
	Buffer		buf;
	int 		i = 0;
	int		present;
	int		mech_count=0;
	char *		mechs;
	Gssctxt *	ctx = NULL;	

	if (datafellows & SSH_OLD_GSSAPI) return NULL;
	
	gss_indicate_mechs(&min_status, &supported);
	
	buffer_init(&buf);	

	do {
		if ((maj_status=gss_test_oid_set_member(&min_status,
						   	&supported_mechs[i].oid,
						   	supported,
						   	&present))) {
			present=0;
		}
		if (present) {
		    	if (!GSS_ERROR(ssh_gssapi_client_ctx(&ctx,
					               &supported_mechs[i].oid,
		    	 		               host))) {
				/* Append gss_group1_sha1_x to our list */
				if (++mech_count > 1) {
				    buffer_append(&buf, ",", 1);
				}
				buffer_append(&buf, gssprefix,
					      strlen(gssprefix));
		        	buffer_append(&buf, 
		        		      supported_mechs[i].enc_name,
	        	      		      strlen(supported_mechs[i].enc_name));
				debug("GSSAPI mechanism %s (%s%s) supported",
				      supported_mechs[i].name, gssprefix,
				      supported_mechs[i].enc_name);
			} else {
			    debug("no credentials for GSSAPI mechanism %s",
				  supported_mechs[i].name);
			}
 		} else {
		    debug("GSSAPI mechanism %s not supported",
			  supported_mechs[i].name);
		}
	} while (supported_mechs[++i].name != NULL);
	
	buffer_put_char(&buf,'\0');
	
	mechs=xmalloc(buffer_len(&buf));
	buffer_get(&buf,mechs,buffer_len(&buf));
	buffer_free(&buf);
	if (strlen(mechs)==0)
	   return(NULL);
	else
	   return(mechs);
}

/* Set the contexts OID from a data stream */
void ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len) { 
  if (ctx->oid != GSS_C_NO_OID) {
	xfree(ctx->oid->elements);
   	xfree(ctx->oid);
  }
  ctx->oid=xmalloc(sizeof(gss_OID_desc));
  ctx->oid->length=len;
  ctx->oid->elements=xmalloc(len);
  memcpy(ctx->oid->elements,data,len);
}

/* Set the contexts OID */
void ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid) {  
  ssh_gssapi_set_oid_data(ctx,oid->elements,oid->length);
}

/* Find out which GSS type (out of the list we define in ssh-gss.h) a
 * particular connection is using 
 */
enum ssh_gss_id ssh_gssapi_get_ctype(Gssctxt *ctxt) {
	enum ssh_gss_id i=0;
	
	while(supported_mechs[i].name!=NULL) {
	   if (supported_mechs[i].oid.length == ctxt->oid->length &&
	       (memcmp(supported_mechs[i].oid.elements,
		       ctxt->oid->elements,ctxt->oid->length) == 0))
	       return i;
	   i++;
	}
	return(GSS_LAST_ENTRY);
}

/* Set the GSS context's OID to the oid indicated by the given key exchange
 * name. */
gss_OID ssh_gssapi_id_kex(Gssctxt *ctx, char *name) {
  enum ssh_gss_id i=0;
  
  if (strncmp(name, gssprefix, strlen(gssprefix)-1) !=0) {
     return(NULL);
  }
  
  name+=strlen(gssprefix); /* Move to the start of the MIME string */
  
  while (supported_mechs[i].name!=NULL &&
  	 strcmp(name,supported_mechs[i].enc_name)!=0) {
  	i++;
  }

  if (supported_mechs[i].name==NULL)
     return (NULL);

  if (ctx) ssh_gssapi_set_oid(ctx,&supported_mechs[i].oid);

  debug("using GSSAPI mechanism %s (%s%s)", supported_mechs[i].name,
	gssprefix, supported_mechs[i].enc_name);

  return &supported_mechs[i].oid;
}


/* All this effort to report an error ... */
void
ssh_gssapi_error(gss_OID mech, OM_uint32 major_status,
		 OM_uint32 minor_status) {
	OM_uint32 lmaj, lmin;
        gss_buffer_desc msg = {0,NULL};
        OM_uint32 ctx;
        
        ctx = 0;
	/* The GSSAPI error */
        do {
        	lmaj = gss_display_status(&lmin, major_status,
					  GSS_C_GSS_CODE,
					  mech, &ctx, &msg);
        	if (lmaj == GSS_S_COMPLETE) {
        	    	debug((char *)msg.value);
        	    	(void) gss_release_buffer(&lmin, &msg);
        	}
        } while (ctx!=0);	   

        /* The mechanism specific error */
        do {
        	lmaj = gss_display_status(&lmin, minor_status,
					  GSS_C_MECH_CODE,
					  mech, &ctx, &msg);
        	if (lmaj == GSS_S_COMPLETE) {
        	    	debug((char *)msg.value);
        	    	(void) gss_release_buffer(&lmin, &msg);
        	}
        } while (ctx!=0);
}

/* Initialise our GSSAPI context. We use this opaque structure to contain all
 * of the data which both the client and server need to persist across
 * {accept,init}_sec_context calls, so that when we do it from the userauth
 * stuff life is a little easier
 */
void
ssh_gssapi_build_ctx(Gssctxt **ctx)
{
	*ctx=xmalloc(sizeof (Gssctxt));
	(*ctx)->context=GSS_C_NO_CONTEXT;
	(*ctx)->name=GSS_C_NO_NAME;
	(*ctx)->oid=GSS_C_NO_OID;
	(*ctx)->creds=GSS_C_NO_CREDENTIAL;
	(*ctx)->client=GSS_C_NO_NAME;
	(*ctx)->client_creds=GSS_C_NO_CREDENTIAL;
}

/* Delete our context, providing it has been built correctly */
void
ssh_gssapi_delete_ctx(Gssctxt **ctx)
{
#if !defined(MECHGLUE)
	OM_uint32 ms;
#endif
	
	/* Return if there's no context */
	if ((*ctx)==NULL)
		return;
		
#if !defined(MECHGLUE) /* mechglue has some memory management issues */
	if ((*ctx)->context != GSS_C_NO_CONTEXT) 
		gss_delete_sec_context(&ms,&(*ctx)->context,GSS_C_NO_BUFFER);
	if ((*ctx)->name != GSS_C_NO_NAME)
		gss_release_name(&ms,&(*ctx)->name);
	if ((*ctx)->oid != GSS_C_NO_OID) {
		xfree((*ctx)->oid->elements);
		xfree((*ctx)->oid);
		(*ctx)->oid = GSS_C_NO_OID;
	}
	if ((*ctx)->creds != GSS_C_NO_CREDENTIAL)
		gss_release_cred(&ms,&(*ctx)->creds);
	if ((*ctx)->client != GSS_C_NO_NAME)
		gss_release_name(&ms,&(*ctx)->client);	
	if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL)
		gss_release_cred(&ms,&(*ctx)->client_creds);
#endif
	
	xfree(*ctx);
	*ctx=NULL; 
}

/* Wrapper to init_sec_context 
 * Requires that the context contains:
 *	oid
 * 	server name (from ssh_gssapi_import_name)
 */
OM_uint32 
ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
       	      	    gss_buffer_desc* send_tok, OM_uint32 *flags) 
{
      	OM_uint32 maj_status, min_status;
	int deleg_flag = 0;
	
	if (deleg_creds) {
		deleg_flag=GSS_C_DELEG_FLAG;
		debug("Delegating credentials");
	}
	      	
      	maj_status=gss_init_sec_context(&min_status,
      					GSS_C_NO_CREDENTIAL, /* def. cred */
      					&ctx->context,
      					ctx->name,
      					ctx->oid,
      					GSS_C_MUTUAL_FLAG |
      					GSS_C_INTEG_FLAG |
      					deleg_flag,
      					0, /* default lifetime */
      					NULL, /* no channel bindings */
      					recv_tok,
      					NULL,
      					send_tok,
      					flags,
      					NULL);
	ctx->status=maj_status;
      	if (GSS_ERROR(maj_status)) {
      		ssh_gssapi_error(ctx->oid,maj_status,min_status);
      	}
      	return(maj_status);
}

/* Create a service name for the given host */
OM_uint32
ssh_gssapi_import_name(Gssctxt *ctx, const char *host) {
	gss_buffer_desc gssbuf = {0,NULL};
	OM_uint32 maj_status, min_status;
	char *xhost;
	
	/* Make a copy of the host name, in case it was returned by a
	 * previous call to gethostbyname(). */	
	xhost = xstrdup(host);

	/* Make sure we have the FQHN. Some GSSAPI implementations don't do
	 * this for us themselves */
	resolve_localhost(&xhost);

        gssbuf.length = sizeof("host@")+strlen(xhost);

        gssbuf.value = xmalloc(gssbuf.length);
        if (gssbuf.value == NULL) {
		xfree(xhost);
		return(-1);
        }
        snprintf(gssbuf.value,gssbuf.length,"host@%s",xhost);
        if ((maj_status=gss_import_name(&min_status,
                                   	&gssbuf,
                                        GSS_C_NT_HOSTBASED_SERVICE,
                                        &ctx->name))) {
		ssh_gssapi_error(ctx->oid, maj_status,min_status);
	}
	
	xfree(xhost);
	xfree(gssbuf.value);
	return(maj_status);
}

/* Acquire credentials for a server running on the current host.
 * Requires that the context structure contains a valid OID
 */
 
/* Returns a GSSAPI error code */
OM_uint32
ssh_gssapi_acquire_cred(Gssctxt *ctx) {
	OM_uint32 maj_status, min_status;
	char lname[MAXHOSTNAMELEN];
	gss_OID_set oidset;
	
	gss_create_empty_oid_set(&min_status,&oidset);
	gss_add_oid_set_member(&min_status,ctx->oid,&oidset);
	
        if (gethostname(lname, MAXHOSTNAMELEN)) {
                return(-1);
        }

	if ((maj_status=ssh_gssapi_import_name(ctx,lname))) {
		return(maj_status);
	}
	if ((maj_status=gss_acquire_cred(&min_status,
			 	    ctx->name,
				    0,
				    oidset,
				    GSS_C_ACCEPT,
				    &ctx->creds,
				    NULL,
				    NULL))) {
	    ssh_gssapi_error(ctx->oid,maj_status,min_status);
	}
				
	gss_release_oid_set(&min_status, &oidset);
	return(maj_status);
}

/* Extract the client details from a given context. This can only reliably
 * be called once for a context */

OM_uint32 
ssh_gssapi_getclient(Gssctxt *ctx, enum ssh_gss_id *type,
		     gss_buffer_desc *name, gss_cred_id_t *creds) {

	OM_uint32 maj_status,min_status;
	
	*type=ssh_gssapi_get_ctype(ctx);
	if ((maj_status=gss_display_name(&min_status,ctx->client,name,NULL))) {
		ssh_gssapi_error(ctx->oid,maj_status,min_status);
	}
	
	/* This is icky. There appears to be no way to copy this structure,
	 * rather than the pointer to it, so we simply copy the pointer and
	 * mark the originator as empty so we don't destroy it. 
	 */
	*creds=ctx->client_creds;
	ctx->client_creds=GSS_C_NO_CREDENTIAL;
	return(maj_status);
}

OM_uint32
ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *buffer, gss_buffer_desc *hash) {
	OM_uint32 maj_status,min_status;
	
	/* ssh1 needs to exchange the hash of the keys */
	/* will us this hash to return it */
	if (!compat20) {
		if ((maj_status=gss_wrap(&min_status,ctx->context,
					0,
					GSS_C_QOP_DEFAULT,
					buffer,
					NULL,
					hash)))
			ssh_gssapi_error(ctx->oid,maj_status,min_status);
	}
	else

	if ((maj_status=gss_get_mic(&min_status,ctx->context,
				    GSS_C_QOP_DEFAULT, buffer, hash))) {
		ssh_gssapi_error(ctx->oid,maj_status,min_status);
	}
	
	return(maj_status);
}

OM_uint32 
ssh_gssapi_client_ctx(Gssctxt **ctx,gss_OID oid, char *host) {
	gss_buffer_desc token = {0,NULL};
	OM_uint32 major,minor;
	
	if (*ctx) ssh_gssapi_delete_ctx(ctx);
	ssh_gssapi_build_ctx(ctx);
	ssh_gssapi_set_oid(*ctx,oid);
	ssh_gssapi_import_name(*ctx,host);
	major=ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, NULL);
	gss_release_buffer(&minor,&token);
	return(major);
}

#endif /* GSSAPI */
Commit	Line	Data
5598e598	1	/*
b59afbfe	2	* Copyright (c) 2001,2002 Simon Wilkinson. All rights reserved. *
5598e598	3	* Redistribution and use in source and binary forms, with or without
	4	* modification, are permitted provided that the following conditions
	5	* are met:
	6	* 1. Redistributions of source code must retain the above copyright
	7	* notice, this list of conditions and the following disclaimer.
	8	* 2. Redistributions in binary form must reproduce the above copyright
	9	* notice, this list of conditions and the following disclaimer in the
	10	* documentation and/or other materials provided with the distribution.
	11	*
	12	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
	13	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	14	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	15	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	16	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	17	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	18	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	19	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	20	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	21	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	22	*/
	23
	24	#include "includes.h"
	25
	26	#ifdef GSSAPI
	27
	28	#include "ssh.h"
	29	#include "ssh2.h"
	30	#include "xmalloc.h"
	31	#include "buffer.h"
	32	#include "bufaux.h"
	33	#include "packet.h"
	34	#include "compat.h"
	35	#include <openssl/evp.h>
	36	#include "cipher.h"
	37	#include "kex.h"
	38	#include "log.h"
905081a4	39	#include "compat.h"
b59afbfe	40	#include "monitor_wrap.h"
4dd35ca9	41	#include "canohost.h"
5598e598	42
	43	#include <netdb.h>
	44
	45	#include "ssh-gss.h"
	46
	47	/* Assorted globals for tracking the clients identity once they've
	48	* authenticated */
	49
	50	gss_buffer_desc gssapi_client_name = {0,NULL}; /* Name of our client */
	51	gss_cred_id_t gssapi_client_creds = GSS_C_NO_CREDENTIAL; /* Their credentials */
	52	enum ssh_gss_id gssapi_client_type = GSS_LAST_ENTRY;
	53
b59afbfe	54	unsigned char ssh1_key_digest[16]; /* used for ssh1 gssapi */
b59afbfe	55
5598e598	56	/* The mechanism name used in the list below is defined in the internet
	57	* draft as the Base 64 encoding of the MD5 hash of the ASN.1 DER encoding
	58	* of the underlying GSSAPI mechanism's OID.
	59	*
	60	* Also from the draft, before considering adding SPNEGO, bear in mind that
	61	* "mechanisms ... MUST NOT use SPNEGO as the underlying GSSAPI mechanism"
	62	*/
	63
	64	/* These must be in the same order as ssh_gss_id, in ssh-gss.h */
	65
	66	ssh_gssapi_mech supported_mechs[]= {
	67	#ifdef KRB5
	68	/* Official OID - 1.2.850.113554.1.2.2 */
	69	{"Se3H81ismmOC3OE+FwYCiQ==","Kerberos",
	70	{9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"}},
	71	#endif
	72	#ifdef GSI
	73	/* gssapi_ssleay 1.3.6.1.4.1.3536.1.1 */
	74	{"N3+k7/4wGxHyuP8Yxi4RhA==",
	75	"GSI",
	76	{9, "\x2B\x06\x01\x04\x01\x9B\x50\x01\x01"}
	77	},
	78	#endif /* GSI */
	79	{NULL,NULL,{0,0}}
	80	};
	81
	82	char gssprefix[]=KEX_GSS_SHA1;
	83
	84	/* Return a list of the gss-group1-sha1-x mechanisms supported by this
	85	* program.
	86	*
	87	* We only support the mechanisms that we've indicated in the list above,
	88	* but we check that they're supported by the GSSAPI mechanism on the
	89	* machine. We also check, before including them in the list, that
	90	* we have the necesary information in order to carry out the key exchange
	91	* (that is, that the user has credentials, the server's creds are accessible,
	92	* etc)
	93	*
	94	* The way that this is done is fairly nasty, as we do a lot of work that
	95	* is then thrown away. This should possibly be implemented with a cache
	96	* that stores the results (in an expanded Gssctxt structure), which are
	97	* then used by the first calls if that key exchange mechanism is chosen.
	98	*/
	99
	100	char *
f001f132	101	ssh_gssapi_mechanisms(char *host) {
5598e598	102	gss_OID_set supported;
	103	OM_uint32 maj_status, min_status;
	104	Buffer buf;
	105	int i = 0;
	106	int present;
d4ab470d	107	int mech_count=0;
5598e598	108	char * mechs;
b59afbfe	109	Gssctxt * ctx = NULL;
5598e598	110
905081a4	111	if (datafellows & SSH_OLD_GSSAPI) return NULL;
905081a4	112
f001f132	113	gss_indicate_mechs(&min_status, &supported);
5598e598	114
	115	buffer_init(&buf);
	116
	117	do {
	118	if ((maj_status=gss_test_oid_set_member(&min_status,
	119	&supported_mechs[i].oid,
	120	supported,
	121	&present))) {
	122	present=0;
	123	}
	124	if (present) {
f001f132	125	if (!GSS_ERROR(ssh_gssapi_client_ctx(&ctx,
	126	&supported_mechs[i].oid,
	127	host))) {
b59afbfe	128	/* Append gss_group1_sha1_x to our list */
d4ab470d	129	if (++mech_count > 1) {
	130	buffer_append(&buf, ",", 1);
	131	}
b59afbfe	132	buffer_append(&buf, gssprefix,
	133	strlen(gssprefix));
	134	buffer_append(&buf,
	135	supported_mechs[i].enc_name,
	136	strlen(supported_mechs[i].enc_name));
d4ab470d	137	debug("GSSAPI mechanism %s (%s%s) supported",
	138	supported_mechs[i].name, gssprefix,
	139	supported_mechs[i].enc_name);
	140	} else {
	141	debug("no credentials for GSSAPI mechanism %s",
	142	supported_mechs[i].name);
	143	}
	144	} else {
	145	debug("GSSAPI mechanism %s not supported",
	146	supported_mechs[i].name);
	147	}
5598e598	148	} while (supported_mechs[++i].name != NULL);
	149
	150	buffer_put_char(&buf,'\0');
	151
	152	mechs=xmalloc(buffer_len(&buf));
	153	buffer_get(&buf,mechs,buffer_len(&buf));
	154	buffer_free(&buf);
	155	if (strlen(mechs)==0)
	156	return(NULL);
	157	else
	158	return(mechs);
	159	}
	160
5598e598	161	/* Set the contexts OID from a data stream */
	162	void ssh_gssapi_set_oid_data(Gssctxt ctx, void data, size_t len) {
	163	if (ctx->oid != GSS_C_NO_OID) {
	164	xfree(ctx->oid->elements);
	165	xfree(ctx->oid);
	166	}
	167	ctx->oid=xmalloc(sizeof(gss_OID_desc));
	168	ctx->oid->length=len;
	169	ctx->oid->elements=xmalloc(len);
	170	memcpy(ctx->oid->elements,data,len);
	171	}
	172
	173	/* Set the contexts OID */
	174	void ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid) {
	175	ssh_gssapi_set_oid_data(ctx,oid->elements,oid->length);
	176	}
	177
	178	/* Find out which GSS type (out of the list we define in ssh-gss.h) a
	179	* particular connection is using
	180	*/
	181	enum ssh_gss_id ssh_gssapi_get_ctype(Gssctxt *ctxt) {
	182	enum ssh_gss_id i=0;
	183
c57ffeb1	184	while(supported_mechs[i].name!=NULL) {
	185	if (supported_mechs[i].oid.length == ctxt->oid->length &&
	186	(memcmp(supported_mechs[i].oid.elements,
	187	ctxt->oid->elements,ctxt->oid->length) == 0))
	188	return i;
5598e598	189	i++;
5598e598	190	}
c57ffeb1	191	return(GSS_LAST_ENTRY);
5598e598	192	}
	193
	194	/* Set the GSS context's OID to the oid indicated by the given key exchange
	195	* name. */
b59afbfe	196	gss_OID ssh_gssapi_id_kex(Gssctxt ctx, char name) {
5598e598	197	enum ssh_gss_id i=0;
	198
	199	if (strncmp(name, gssprefix, strlen(gssprefix)-1) !=0) {
b59afbfe	200	return(NULL);
5598e598	201	}
	202
	203	name+=strlen(gssprefix); /* Move to the start of the MIME string */
	204
	205	while (supported_mechs[i].name!=NULL &&
	206	strcmp(name,supported_mechs[i].enc_name)!=0) {
	207	i++;
	208	}
	209
	210	if (supported_mechs[i].name==NULL)
b59afbfe	211	return (NULL);
5598e598	212
b59afbfe	213	if (ctx) ssh_gssapi_set_oid(ctx,&supported_mechs[i].oid);
5598e598	214
d4ab470d	215	debug("using GSSAPI mechanism %s (%s%s)", supported_mechs[i].name,
	216	gssprefix, supported_mechs[i].enc_name);
	217
b59afbfe	218	return &supported_mechs[i].oid;
5598e598	219	}
	220
	221
	222	/* All this effort to report an error ... */
f001f132	223	void
	224	ssh_gssapi_error(gss_OID mech, OM_uint32 major_status,
	225	OM_uint32 minor_status) {
5598e598	226	OM_uint32 lmaj, lmin;
d4ab470d	227	gss_buffer_desc msg = {0,NULL};
5598e598	228	OM_uint32 ctx;
	229
	230	ctx = 0;
	231	/* The GSSAPI error */
	232	do {
f001f132	233	lmaj = gss_display_status(&lmin, major_status,
	234	GSS_C_GSS_CODE,
	235	mech, &ctx, &msg);
5598e598	236	if (lmaj == GSS_S_COMPLETE) {
	237	debug((char *)msg.value);
	238	(void) gss_release_buffer(&lmin, &msg);
	239	}
	240	} while (ctx!=0);
	241
	242	/* The mechanism specific error */
	243	do {
f001f132	244	lmaj = gss_display_status(&lmin, minor_status,
	245	GSS_C_MECH_CODE,
	246	mech, &ctx, &msg);
5598e598	247	if (lmaj == GSS_S_COMPLETE) {
	248	debug((char *)msg.value);
	249	(void) gss_release_buffer(&lmin, &msg);
	250	}
	251	} while (ctx!=0);
	252	}
	253
	254	/* Initialise our GSSAPI context. We use this opaque structure to contain all
	255	* of the data which both the client and server need to persist across
	256	* {accept,init}_sec_context calls, so that when we do it from the userauth
	257	* stuff life is a little easier
	258	*/
	259	void
b59afbfe	260	ssh_gssapi_build_ctx(Gssctxt **ctx)
5598e598	261	{
b59afbfe	262	*ctx=xmalloc(sizeof (Gssctxt));
	263	(*ctx)->context=GSS_C_NO_CONTEXT;
	264	(*ctx)->name=GSS_C_NO_NAME;
	265	(*ctx)->oid=GSS_C_NO_OID;
	266	(*ctx)->creds=GSS_C_NO_CREDENTIAL;
	267	(*ctx)->client=GSS_C_NO_NAME;
	268	(*ctx)->client_creds=GSS_C_NO_CREDENTIAL;
5598e598	269	}
	270
	271	/* Delete our context, providing it has been built correctly */
	272	void
b59afbfe	273	ssh_gssapi_delete_ctx(Gssctxt **ctx)
5598e598	274	{
9eeaa28e	275	#if !defined(MECHGLUE)
5598e598	276	OM_uint32 ms;
9eeaa28e	277	#endif
5598e598	278
b59afbfe	279	/* Return if there's no context */
	280	if ((*ctx)==NULL)
	281	return;
	282
d4ab470d	283	#if !defined(MECHGLUE) /* mechglue has some memory management issues */
b59afbfe	284	if ((*ctx)->context != GSS_C_NO_CONTEXT)
	285	gss_delete_sec_context(&ms,&(*ctx)->context,GSS_C_NO_BUFFER);
	286	if ((*ctx)->name != GSS_C_NO_NAME)
	287	gss_release_name(&ms,&(*ctx)->name);
	288	if ((*ctx)->oid != GSS_C_NO_OID) {
	289	xfree((*ctx)->oid->elements);
	290	xfree((*ctx)->oid);
	291	(*ctx)->oid = GSS_C_NO_OID;
5598e598	292	}
b59afbfe	293	if ((*ctx)->creds != GSS_C_NO_CREDENTIAL)
	294	gss_release_cred(&ms,&(*ctx)->creds);
	295	if ((*ctx)->client != GSS_C_NO_NAME)
	296	gss_release_name(&ms,&(*ctx)->client);
	297	if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL)
	298	gss_release_cred(&ms,&(*ctx)->client_creds);
d4ab470d	299	#endif
b59afbfe	300
	301	xfree(*ctx);
	302	*ctx=NULL;
5598e598	303	}
	304
	305	/* Wrapper to init_sec_context
	306	* Requires that the context contains:
	307	* oid
	308	* server name (from ssh_gssapi_import_name)
	309	*/
	310	OM_uint32
	311	ssh_gssapi_init_ctx(Gssctxt ctx, int deleg_creds, gss_buffer_desc recv_tok,
	312	gss_buffer_desc* send_tok, OM_uint32 *flags)
	313	{
	314	OM_uint32 maj_status, min_status;
	315	int deleg_flag = 0;
	316
	317	if (deleg_creds) {
	318	deleg_flag=GSS_C_DELEG_FLAG;
	319	debug("Delegating credentials");
	320	}
	321
	322	maj_status=gss_init_sec_context(&min_status,
	323	GSS_C_NO_CREDENTIAL, /* def. cred */
	324	&ctx->context,
	325	ctx->name,
	326	ctx->oid,
	327	GSS_C_MUTUAL_FLAG \|
	328	GSS_C_INTEG_FLAG \|
	329	deleg_flag,
	330	0, /* default lifetime */
	331	NULL, /* no channel bindings */
	332	recv_tok,
	333	NULL,
	334	send_tok,
	335	flags,
	336	NULL);
	337	ctx->status=maj_status;
	338	if (GSS_ERROR(maj_status)) {
6f9f4dab	339	ssh_gssapi_error(ctx->oid,maj_status,min_status);
5598e598	340	}
	341	return(maj_status);
	342	}
	343
5598e598	344	/* Create a service name for the given host */
5598e598	345	OM_uint32
1c828c5c	346	ssh_gssapi_import_name(Gssctxt ctx, const char host) {
d4ab470d	347	gss_buffer_desc gssbuf = {0,NULL};
5598e598	348	OM_uint32 maj_status, min_status;
4dd35ca9	349	char *xhost;
5598e598	350
	351	/* Make a copy of the host name, in case it was returned by a
	352	* previous call to gethostbyname(). */
	353	xhost = xstrdup(host);
	354
4dd35ca9	355	/* Make sure we have the FQHN. Some GSSAPI implementations don't do
5598e598	356	* this for us themselves */
1df48666	357	resolve_localhost(&xhost);
9e495a24	358
33fd981a	359	gssbuf.length = sizeof("host@")+strlen(xhost);
5598e598	360
	361	gssbuf.value = xmalloc(gssbuf.length);
	362	if (gssbuf.value == NULL) {
1c828c5c	363	xfree(xhost);
5598e598	364	return(-1);
5598e598	365	}
33fd981a	366	snprintf(gssbuf.value,gssbuf.length,"host@%s",xhost);
5598e598	367	if ((maj_status=gss_import_name(&min_status,
	368	&gssbuf,
	369	GSS_C_NT_HOSTBASED_SERVICE,
	370	&ctx->name))) {
6f9f4dab	371	ssh_gssapi_error(ctx->oid, maj_status,min_status);
5598e598	372	}
5598e598	373
1c828c5c	374	xfree(xhost);
5598e598	375	xfree(gssbuf.value);
	376	return(maj_status);
	377	}
	378
	379	/* Acquire credentials for a server running on the current host.
	380	* Requires that the context structure contains a valid OID
b59afbfe	381	*/
	382
	383	/* Returns a GSSAPI error code */
5598e598	384	OM_uint32
	385	ssh_gssapi_acquire_cred(Gssctxt *ctx) {
	386	OM_uint32 maj_status, min_status;
	387	char lname[MAXHOSTNAMELEN];
	388	gss_OID_set oidset;
	389
	390	gss_create_empty_oid_set(&min_status,&oidset);
	391	gss_add_oid_set_member(&min_status,ctx->oid,&oidset);
	392
	393	if (gethostname(lname, MAXHOSTNAMELEN)) {
	394	return(-1);
	395	}
	396
	397	if ((maj_status=ssh_gssapi_import_name(ctx,lname))) {
	398	return(maj_status);
	399	}
	400	if ((maj_status=gss_acquire_cred(&min_status,
	401	ctx->name,
	402	0,
	403	oidset,
	404	GSS_C_ACCEPT,
	405	&ctx->creds,
	406	NULL,
	407	NULL))) {
9eeaa28e	408	ssh_gssapi_error(ctx->oid,maj_status,min_status);
5598e598	409	}
	410
	411	gss_release_oid_set(&min_status, &oidset);
	412	return(maj_status);
	413	}
	414
	415	/* Extract the client details from a given context. This can only reliably
	416	* be called once for a context */
	417
	418	OM_uint32
	419	ssh_gssapi_getclient(Gssctxt ctx, enum ssh_gss_id type,
	420	gss_buffer_desc name, gss_cred_id_t creds) {
	421
	422	OM_uint32 maj_status,min_status;
	423
	424	*type=ssh_gssapi_get_ctype(ctx);
	425	if ((maj_status=gss_display_name(&min_status,ctx->client,name,NULL))) {
9eeaa28e	426	ssh_gssapi_error(ctx->oid,maj_status,min_status);
5598e598	427	}
	428
	429	/* This is icky. There appears to be no way to copy this structure,
	430	* rather than the pointer to it, so we simply copy the pointer and
	431	* mark the originator as empty so we don't destroy it.
	432	*/
	433	*creds=ctx->client_creds;
	434	ctx->client_creds=GSS_C_NO_CREDENTIAL;
	435	return(maj_status);
	436	}
b59afbfe	437
	438	OM_uint32
	439	ssh_gssapi_sign(Gssctxt ctx, gss_buffer_desc buffer, gss_buffer_desc *hash) {
	440	OM_uint32 maj_status,min_status;
5598e598	441
b59afbfe	442	/* ssh1 needs to exchange the hash of the keys */
	443	/* will us this hash to return it */
	444	if (!compat20) {
	445	if ((maj_status=gss_wrap(&min_status,ctx->context,
	446	0,
	447	GSS_C_QOP_DEFAULT,
	448	buffer,
	449	NULL,
	450	hash)))
6f9f4dab	451	ssh_gssapi_error(ctx->oid,maj_status,min_status);
b59afbfe	452	}
	453	else
	454
	455	if ((maj_status=gss_get_mic(&min_status,ctx->context,
	456	GSS_C_QOP_DEFAULT, buffer, hash))) {
6f9f4dab	457	ssh_gssapi_error(ctx->oid,maj_status,min_status);
b59afbfe	458	}
	459
	460	return(maj_status);
	461	}
	462
b59afbfe	463	OM_uint32
b59afbfe	464	ssh_gssapi_client_ctx(Gssctxt *ctx,gss_OID oid, char host) {
d4ab470d	465	gss_buffer_desc token = {0,NULL};
b59afbfe	466	OM_uint32 major,minor;
	467
	468	if (*ctx) ssh_gssapi_delete_ctx(ctx);
	469	ssh_gssapi_build_ctx(ctx);
	470	ssh_gssapi_set_oid(*ctx,oid);
	471	ssh_gssapi_import_name(*ctx,host);
	472	major=ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, NULL);
	473	gss_release_buffer(&minor,&token);
	474	return(major);
	475	}
f001f132	476
5598e598	477	#endif /* GSSAPI */