[gssapi-openssh.git] / openssh / gss-genr.c

/*
 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "includes.h"

#ifdef GSSAPI

#include "ssh.h"
#include "ssh2.h"
#include "xmalloc.h"
#include "buffer.h"
#include "bufaux.h"
#include "packet.h"
#include "compat.h"
#include <openssl/evp.h>
#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "compat.h"
#include "monitor_wrap.h"

#include <netdb.h>

#include "ssh-gss.h"

typedef struct {
	char *encoded;
	gss_OID oid;
} ssh_gss_kex_mapping;
	
static ssh_gss_kex_mapping *gss_enc2oid;

/* Return a list of the gss-group1-sha1-x mechanisms supported by this
 * program.
 *
 * On the client side, we don't need to worry about whether we 'know'
 * about the mechanism or not - we assume that any mechanism that we've been
 * linked against is suitable for inclusion.
 *
 * XXX - We might want to make this configurable in the future, so as to
 * XXX - allow the user control over which mechanisms to use.
 */
 
char * 
ssh_gssapi_client_mechanisms(char *host) {
	gss_OID_set 	supported;
	OM_uint32	min_status;
	Buffer		buf;
	int 		i = 0;
	char 		*mechs;
	char		*encoded;
	int		enclen;
	char		digest[EVP_MAX_MD_SIZE];
	char		deroid[2];
	const EVP_MD	*evp_md = EVP_md5();
	EVP_MD_CTX	md;
	int 		oidpos=0;
	
	if (datafellows & SSH_OLD_GSSAPI) return NULL;
	
	gss_indicate_mechs(&min_status,&supported);
	if (datafellows & SSH_BUG_GSSAPI_BER) {
		gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping)
					*((supported->count*2)+1));
	} else {
		gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping)
					*(supported->count*2+1));
	}
	
	buffer_init(&buf);


	for (i=0;i<supported->count;i++) {

		gss_enc2oid[oidpos].encoded=NULL;
		
		if (supported->elements[i].length<128 &&
		    ssh_gssapi_check_mechanism(&(supported->elements[i]),host)) {

			/* Earlier versions of this code interpreted the
			 * spec incorrectly with regard to OID encoding. They
			 * also mis-encoded the krb5 OID. The following
			 * _temporary_ code interfaces with these broken
			 * servers */

			if (datafellows & SSH_BUG_GSSAPI_BER) {
				char *bodge=NULL;
				gss_OID_desc krb5oid={9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"};
				gss_OID_desc gsioid={9, "\x2B\x06\x01\x04\x01\x9B\x50\x01\x01"};
				
				if (supported->elements[i].length==krb5oid.length &&
				    memcmp(supported->elements[i].elements,
				    	   krb5oid.elements, krb5oid.length)==0) {
					bodge="Se3H81ismmOC3OE+FwYCiQ==";
				}
				
				if (supported->elements[i].length==gsioid.length &&
				    memcmp(supported->elements[i].elements,
				    	   gsioid.elements, gsioid.length)==0) {
					bodge="N3+k7/4wGxHyuP8Yxi4RhA==";
				}

				if (bodge) {				
					if (oidpos!=0) {
						buffer_put_char(&buf,',');
					}
				
					buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1);
					buffer_append(&buf, bodge, strlen(bodge));

					gss_enc2oid[oidpos].oid=&(supported->elements[i]);
					gss_enc2oid[oidpos].encoded=bodge;
			
					oidpos++;
				}
			}
			
			/* Add the required DER encoding octets and MD5 hash */
			deroid[0]=0x06; /* Object Identifier */
			deroid[1]=supported->elements[i].length;

			EVP_DigestInit(&md, evp_md);
			EVP_DigestUpdate(&md,deroid,2);
			EVP_DigestUpdate(&md,
					 supported->elements[i].elements,
					 supported->elements[i].length);
			EVP_DigestFinal(&md, digest, NULL);
			
			/* Base64 encode it */
			encoded=xmalloc(EVP_MD_size(evp_md)*2);
			enclen=__b64_ntop(digest, EVP_MD_size(evp_md),
				          encoded,EVP_MD_size(evp_md)*2);
			if (oidpos!=0) {
				buffer_put_char(&buf,',');
			}	
			buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1);
			buffer_append(&buf, encoded, enclen);

			debug("Mechanism encoded as %s",encoded);

			gss_enc2oid[oidpos].oid=&(supported->elements[i]);
			gss_enc2oid[oidpos].encoded=encoded;			
			oidpos++;
		}
	}
	gss_enc2oid[oidpos].oid=NULL;
	gss_enc2oid[oidpos].encoded=NULL;
	
	buffer_put_char(&buf,'\0');
	
	mechs=xmalloc(buffer_len(&buf));
	buffer_get(&buf,mechs,buffer_len(&buf));
	buffer_free(&buf);
	if (strlen(mechs)==0)
		return(NULL);
	else
		return(mechs);
}

gss_OID
ssh_gssapi_client_id_kex(Gssctxt *ctx, char *name) {
	int i=0;
	
	if (strncmp(name, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1) !=0) {
		return(NULL);
	}
	
	name+=sizeof(KEX_GSS_SHA1)-1; /* Move to the start of the ID string */
	
	while (gss_enc2oid[i].encoded!=NULL &&
	       	strcmp(name,gss_enc2oid[i].encoded)!=0) {
	      	i++;
	}
	
	if (gss_enc2oid[i].oid!=NULL) {
		ssh_gssapi_set_oid(ctx,gss_enc2oid[i].oid);
	}

	return gss_enc2oid[i].oid;
}

/* Check that the OID in a data stream matches that in the context */
int ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) {
  
  return (ctx!=NULL && ctx->oid != GSS_C_NO_OID && 
  	  ctx->oid->length == len &&
  	  memcmp(ctx->oid->elements,data,len)==0);
}
  	
/* Set the contexts OID from a data stream */
void ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len) { 
  if (ctx->oid != GSS_C_NO_OID) {
	xfree(ctx->oid->elements);
   	xfree(ctx->oid);
  }
  ctx->oid=xmalloc(sizeof(gss_OID_desc));
  ctx->oid->length=len;
  ctx->oid->elements=xmalloc(len);
  memcpy(ctx->oid->elements,data,len);
}

/* Set the contexts OID */
void ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid) {  
  ssh_gssapi_set_oid_data(ctx,oid->elements,oid->length);
}

/* All this effort to report an error ... */

void
ssh_gssapi_error(Gssctxt *ctxt) {
	
	debug(ssh_gssapi_last_error(ctxt,NULL,NULL));
}

char *
ssh_gssapi_last_error(Gssctxt *ctxt, 
		      OM_uint32 *major_status, OM_uint32 *minor_status) {
	OM_uint32 lmin;
        gss_buffer_desc msg;
        OM_uint32 ctx;
        Buffer b;
        char *ret;
        
        buffer_init(&b);

	if (major_status!=NULL) *major_status=ctxt->major;
	if (minor_status!=NULL) *minor_status=ctxt->minor;
	
        ctx = 0;
	/* The GSSAPI error */
        do {
        	gss_display_status(&lmin, ctxt->major,
        			   GSS_C_GSS_CODE, GSS_C_NULL_OID,
        		           &ctx, &msg);

        	buffer_append(&b,msg.value,msg.length);
        	buffer_put_char(&b,'\n');
        	
       	    	gss_release_buffer(&lmin, &msg);
        } while (ctx!=0);

        /* The mechanism specific error */
        do {
        	gss_display_status(&lmin, ctxt->minor,
        			   GSS_C_MECH_CODE, GSS_C_NULL_OID,
        			   &ctx, &msg);
        	
        	buffer_append(&b,msg.value,msg.length);
        	buffer_put_char(&b,'\n');
        	
        	gss_release_buffer(&lmin, &msg);
        } while (ctx!=0);
        
        buffer_put_char(&b,'\0');
        ret=xmalloc(buffer_len(&b));
        buffer_get(&b,ret,buffer_len(&b));
        buffer_free(&b);
        return(ret);
}

/* Initialise our GSSAPI context. We use this opaque structure to contain all
 * of the data which both the client and server need to persist across
 * {accept,init}_sec_context calls, so that when we do it from the userauth
 * stuff life is a little easier
 */
void
ssh_gssapi_build_ctx(Gssctxt **ctx)
{
	*ctx=xmalloc(sizeof (Gssctxt));
	(*ctx)->major=0;
	(*ctx)->minor=0;
	(*ctx)->context=GSS_C_NO_CONTEXT;
	(*ctx)->name=GSS_C_NO_NAME;
	(*ctx)->oid=GSS_C_NO_OID;
	(*ctx)->creds=GSS_C_NO_CREDENTIAL;
	(*ctx)->client=GSS_C_NO_NAME;
	(*ctx)->client_creds=GSS_C_NO_CREDENTIAL;
}

/* Delete our context, providing it has been built correctly */
void
ssh_gssapi_delete_ctx(Gssctxt **ctx)
{
	OM_uint32 ms;
	
	/* Return if there's no context */
	if ((*ctx)==NULL)
		return;
		
	if ((*ctx)->context != GSS_C_NO_CONTEXT) 
		gss_delete_sec_context(&ms,&(*ctx)->context,GSS_C_NO_BUFFER);
	if ((*ctx)->name != GSS_C_NO_NAME)
		gss_release_name(&ms,&(*ctx)->name);
	if ((*ctx)->oid != GSS_C_NO_OID) {
		xfree((*ctx)->oid->elements);
		xfree((*ctx)->oid);
		(*ctx)->oid = GSS_C_NO_OID;
	}
	if ((*ctx)->creds != GSS_C_NO_CREDENTIAL)
		gss_release_cred(&ms,&(*ctx)->creds);
	if ((*ctx)->client != GSS_C_NO_NAME)
		gss_release_name(&ms,&(*ctx)->client);	
	if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL)
		gss_release_cred(&ms,&(*ctx)->client_creds);
	
	xfree(*ctx);
	*ctx=NULL; 
}

/* Wrapper to init_sec_context 
 * Requires that the context contains:
 *	oid
 * 	server name (from ssh_gssapi_import_name)
 */
OM_uint32 
ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
       	      	    gss_buffer_desc* send_tok, OM_uint32 *flags) 
{
	int deleg_flag = 0;
	
	if (deleg_creds) {
		deleg_flag=GSS_C_DELEG_FLAG;
		debug("Delegating credentials");
	}
	      	
      	ctx->major=gss_init_sec_context(&ctx->minor,
      					GSS_C_NO_CREDENTIAL, /* def. cred */
      					&ctx->context,
      					ctx->name,
      					ctx->oid,
      					GSS_C_MUTUAL_FLAG |
      					GSS_C_INTEG_FLAG |
      					deleg_flag,
      					0, /* default lifetime */
      					NULL, /* no channel bindings */
      					recv_tok,
      					NULL,
      					send_tok,
      					flags,
      					NULL);
      	if (GSS_ERROR(ctx->major)) {
      		ssh_gssapi_error(ctx);
      	}
      	return(ctx->major);
}

/* Create a service name for the given host */
OM_uint32
ssh_gssapi_import_name(Gssctxt *ctx, const char *host) {
	gss_buffer_desc gssbuf;
	struct hostent *hostinfo = NULL;
	char *xhost;
	
	/* Make a copy of the host name, in case it was returned by a
	 * previous call to gethostbyname(). */	
	xhost = xstrdup(host);

	/* Make sure we have the FQDN. Some GSSAPI implementations don't do
	 * this for us themselves */
	
	hostinfo = gethostbyname(xhost);
	
	if ((hostinfo == NULL) || (hostinfo->h_name == NULL)) {
		debug("Unable to get FQDN for \"%s\"", xhost);
	} else {
		xfree(xhost);
		xhost = xstrdup(hostinfo->h_name);
	}
		
        gssbuf.length = sizeof("host@")+strlen(xhost);

        gssbuf.value = xmalloc(gssbuf.length);
        if (gssbuf.value == NULL) {
		xfree(xhost);
		return(-1);
        }
        snprintf(gssbuf.value,gssbuf.length,"host@%s",xhost);
        if ((ctx->major=gss_import_name(&ctx->minor,
                                   	&gssbuf,
                                        GSS_C_NT_HOSTBASED_SERVICE,
                                        &ctx->name))) {
		ssh_gssapi_error(ctx);
	}
	
	xfree(xhost);
	xfree(gssbuf.value);
	return(ctx->major);
}

/* Acquire credentials for a server running on the current host.
 * Requires that the context structure contains a valid OID
 */
 
/* Returns a GSSAPI error code */
OM_uint32
ssh_gssapi_acquire_cred(Gssctxt *ctx) {
	OM_uint32 status;
	char lname[MAXHOSTNAMELEN];
	gss_OID_set oidset;
	
	gss_create_empty_oid_set(&status,&oidset);
	gss_add_oid_set_member(&status,ctx->oid,&oidset);
	
        if (gethostname(lname, MAXHOSTNAMELEN)) {
                return(-1);
        }

	if (GSS_ERROR(ssh_gssapi_import_name(ctx,lname))) {
		return(ctx->major);
	}
	
	if ((ctx->major=gss_acquire_cred(&ctx->minor,
			 	    ctx->name,
				    0,
				    oidset,
				    GSS_C_ACCEPT,
				    &ctx->creds,
				    NULL,
				    NULL))) {
		ssh_gssapi_error(ctx);
	}
				
	gss_release_oid_set(&status, &oidset);
	return(ctx->major);
}

OM_uint32
ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *buffer, gss_buffer_desc *hash) {
	
	if ((ctx->major=gss_get_mic(&ctx->minor,ctx->context,
				    GSS_C_QOP_DEFAULT, buffer, hash))) {
		ssh_gssapi_error(ctx);
	}
	
	return(ctx->major);
}

OM_uint32
ssh_gssapi_server_ctx(Gssctxt **ctx,gss_OID oid) {
	if (*ctx) ssh_gssapi_delete_ctx(ctx);
	ssh_gssapi_build_ctx(ctx);
	ssh_gssapi_set_oid(*ctx,oid);
	return(ssh_gssapi_acquire_cred(*ctx));
}

int
ssh_gssapi_check_mechanism(gss_OID oid, char *host) {
	Gssctxt * ctx = NULL;
	gss_buffer_desc token;
	OM_uint32 major,minor;
	
	ssh_gssapi_build_ctx(&ctx);
	ssh_gssapi_set_oid(ctx,oid);
	ssh_gssapi_import_name(ctx,host);
	major=ssh_gssapi_init_ctx(ctx,0, GSS_C_NO_BUFFER, &token, NULL);
	gss_release_buffer(&minor,&token);
	ssh_gssapi_delete_ctx(&ctx);
	return(!GSS_ERROR(major));
}

#endif /* GSSAPI */
Commit	Line	Data
73b00670	1	/*
	2	* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. *
	3	* Redistribution and use in source and binary forms, with or without
	4	* modification, are permitted provided that the following conditions
	5	* are met:
	6	* 1. Redistributions of source code must retain the above copyright
	7	* notice, this list of conditions and the following disclaimer.
	8	* 2. Redistributions in binary form must reproduce the above copyright
	9	* notice, this list of conditions and the following disclaimer in the
	10	* documentation and/or other materials provided with the distribution.
	11	*
	12	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
	13	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	14	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	15	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	16	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	17	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	18	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	19	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	20	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	21	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	22	*/
	23
	24	#include "includes.h"
	25
	26	#ifdef GSSAPI
	27
	28	#include "ssh.h"
	29	#include "ssh2.h"
	30	#include "xmalloc.h"
	31	#include "buffer.h"
	32	#include "bufaux.h"
	33	#include "packet.h"
	34	#include "compat.h"
	35	#include <openssl/evp.h>
	36	#include "cipher.h"
	37	#include "kex.h"
	38	#include "log.h"
	39	#include "compat.h"
	40	#include "monitor_wrap.h"
	41
	42	#include <netdb.h>
	43
	44	#include "ssh-gss.h"
	45
	46	typedef struct {
	47	char *encoded;
	48	gss_OID oid;
	49	} ssh_gss_kex_mapping;
	50
	51	static ssh_gss_kex_mapping *gss_enc2oid;
	52
	53	/* Return a list of the gss-group1-sha1-x mechanisms supported by this
	54	* program.
	55	*
	56	* On the client side, we don't need to worry about whether we 'know'
	57	* about the mechanism or not - we assume that any mechanism that we've been
	58	* linked against is suitable for inclusion.
	59	*
	60	* XXX - We might want to make this configurable in the future, so as to
	61	* XXX - allow the user control over which mechanisms to use.
	62	*/
	63
	64	char *
65	ssh_gssapi_client_mechanisms(char *host) {
66	gss_OID_set supported;
67	OM_uint32 min_status;
68	Buffer buf;
69	int i = 0;
70	char *mechs;
71	char *encoded;
72	int enclen;
73	char digest[EVP_MAX_MD_SIZE];
74	char deroid[2];
75	const EVP_MD *evp_md = EVP_md5();
76	EVP_MD_CTX md;
77	int oidpos=0;
78
79	if (datafellows & SSH_OLD_GSSAPI) return NULL;
80
81	gss_indicate_mechs(&min_status,&supported);
82	if (datafellows & SSH_BUG_GSSAPI_BER) {
83	gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping)
3e196425	84	((supported->count2)+1));
73b00670	85	} else {
73b00670	86	gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping)
3e196425	87	(supported->count2+1));
73b00670	88	}
	89
	90	buffer_init(&buf);
	91
	92
	93	for (i=0;i<supported->count;i++) {
	94
	95	gss_enc2oid[oidpos].encoded=NULL;
	96
	97	if (supported->elements[i].length<128 &&
	98	ssh_gssapi_check_mechanism(&(supported->elements[i]),host)) {
	99
	100	/* Earlier versions of this code interpreted the
3e196425	101	* spec incorrectly with regard to OID encoding. They
	102	* also mis-encoded the krb5 OID. The following
	103	* _temporary_ code interfaces with these broken
	104	* servers */
73b00670	105
	106	if (datafellows & SSH_BUG_GSSAPI_BER) {
	107	char *bodge=NULL;
	108	gss_OID_desc krb5oid={9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"};
	109	gss_OID_desc gsioid={9, "\x2B\x06\x01\x04\x01\x9B\x50\x01\x01"};
	110
	111	if (supported->elements[i].length==krb5oid.length &&
	112	memcmp(supported->elements[i].elements,
	113	krb5oid.elements, krb5oid.length)==0) {
	114	bodge="Se3H81ismmOC3OE+FwYCiQ==";
	115	}
	116
	117	if (supported->elements[i].length==gsioid.length &&
	118	memcmp(supported->elements[i].elements,
	119	gsioid.elements, gsioid.length)==0) {
	120	bodge="N3+k7/4wGxHyuP8Yxi4RhA==";
	121	}
	122
	123	if (bodge) {
	124	if (oidpos!=0) {
	125	buffer_put_char(&buf,',');
	126	}
	127
	128	buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1);
	129	buffer_append(&buf, bodge, strlen(bodge));
	130
	131	gss_enc2oid[oidpos].oid=&(supported->elements[i]);
	132	gss_enc2oid[oidpos].encoded=bodge;
	133
	134	oidpos++;
	135	}
	136	}
	137
	138	/* Add the required DER encoding octets and MD5 hash */
	139	deroid[0]=0x06; /* Object Identifier */
	140	deroid[1]=supported->elements[i].length;
	141
	142	EVP_DigestInit(&md, evp_md);
	143	EVP_DigestUpdate(&md,deroid,2);
	144	EVP_DigestUpdate(&md,
3e196425	145	supported->elements[i].elements,
3e196425	146	supported->elements[i].length);
73b00670	147	EVP_DigestFinal(&md, digest, NULL);
	148
	149	/* Base64 encode it */
	150	encoded=xmalloc(EVP_MD_size(evp_md)*2);
	151	enclen=__b64_ntop(digest, EVP_MD_size(evp_md),
	152	encoded,EVP_MD_size(evp_md)*2);
	153	if (oidpos!=0) {
	154	buffer_put_char(&buf,',');
	155	}
	156	buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1);
	157	buffer_append(&buf, encoded, enclen);
	158
	159	debug("Mechanism encoded as %s",encoded);
	160
	161	gss_enc2oid[oidpos].oid=&(supported->elements[i]);
	162	gss_enc2oid[oidpos].encoded=encoded;
	163	oidpos++;
	164	}
	165	}
	166	gss_enc2oid[oidpos].oid=NULL;
	167	gss_enc2oid[oidpos].encoded=NULL;
	168
	169	buffer_put_char(&buf,'\0');
	170
	171	mechs=xmalloc(buffer_len(&buf));
	172	buffer_get(&buf,mechs,buffer_len(&buf));
	173	buffer_free(&buf);
	174	if (strlen(mechs)==0)
	175	return(NULL);
	176	else
	177	return(mechs);
	178	}
	179
	180	gss_OID
	181	ssh_gssapi_client_id_kex(Gssctxt ctx, char name) {
	182	int i=0;
	183
	184	if (strncmp(name, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1) !=0) {
	185	return(NULL);
	186	}
	187
	188	name+=sizeof(KEX_GSS_SHA1)-1; /* Move to the start of the ID string */
	189
	190	while (gss_enc2oid[i].encoded!=NULL &&
	191	strcmp(name,gss_enc2oid[i].encoded)!=0) {
	192	i++;
	193	}
	194
	195	if (gss_enc2oid[i].oid!=NULL) {
	196	ssh_gssapi_set_oid(ctx,gss_enc2oid[i].oid);
	197	}
	198
	199	return gss_enc2oid[i].oid;
	200	}
	201
	202	/* Check that the OID in a data stream matches that in the context */
	203	int ssh_gssapi_check_oid(Gssctxt ctx, void data, size_t len) {
	204
	205	return (ctx!=NULL && ctx->oid != GSS_C_NO_OID &&
	206	ctx->oid->length == len &&
	207	memcmp(ctx->oid->elements,data,len)==0);
	208	}
	209
	210	/* Set the contexts OID from a data stream */
211	void ssh_gssapi_set_oid_data(Gssctxt ctx, void data, size_t len) {
212	if (ctx->oid != GSS_C_NO_OID) {
213	xfree(ctx->oid->elements);
214	xfree(ctx->oid);
215	}
216	ctx->oid=xmalloc(sizeof(gss_OID_desc));
217	ctx->oid->length=len;
218	ctx->oid->elements=xmalloc(len);
219	memcpy(ctx->oid->elements,data,len);
220	}
221
222	/* Set the contexts OID */
223	void ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid) {
224	ssh_gssapi_set_oid_data(ctx,oid->elements,oid->length);
225	}
226
227	/* All this effort to report an error ... */
228
229	void
230	ssh_gssapi_error(Gssctxt *ctxt) {
231
232	debug(ssh_gssapi_last_error(ctxt,NULL,NULL));
233	}
234
235	char *
236	ssh_gssapi_last_error(Gssctxt *ctxt,
237	OM_uint32 major_status, OM_uint32 minor_status) {
238	OM_uint32 lmin;
239	gss_buffer_desc msg;
240	OM_uint32 ctx;
241	Buffer b;
242	char *ret;
243
244	buffer_init(&b);
245
246	if (major_status!=NULL) *major_status=ctxt->major;
247	if (minor_status!=NULL) *minor_status=ctxt->minor;
248
249	ctx = 0;
250	/* The GSSAPI error */
251	do {
252	gss_display_status(&lmin, ctxt->major,
253	GSS_C_GSS_CODE, GSS_C_NULL_OID,
254	&ctx, &msg);
255
256	buffer_append(&b,msg.value,msg.length);
257	buffer_put_char(&b,'\n');
258
259	gss_release_buffer(&lmin, &msg);
260	} while (ctx!=0);
261
262	/* The mechanism specific error */
263	do {
264	gss_display_status(&lmin, ctxt->minor,
265	GSS_C_MECH_CODE, GSS_C_NULL_OID,
266	&ctx, &msg);
267
268	buffer_append(&b,msg.value,msg.length);
269	buffer_put_char(&b,'\n');
270
271	gss_release_buffer(&lmin, &msg);
272	} while (ctx!=0);
273
274	buffer_put_char(&b,'\0');
275	ret=xmalloc(buffer_len(&b));
276	buffer_get(&b,ret,buffer_len(&b));
277	buffer_free(&b);
278	return(ret);
279	}
280
281	/* Initialise our GSSAPI context. We use this opaque structure to contain all
282	* of the data which both the client and server need to persist across
283	* {accept,init}_sec_context calls, so that when we do it from the userauth
284	* stuff life is a little easier
285	*/
286	void
287	ssh_gssapi_build_ctx(Gssctxt **ctx)
288	{
289	*ctx=xmalloc(sizeof (Gssctxt));
290	(*ctx)->major=0;
291	(*ctx)->minor=0;
292	(*ctx)->context=GSS_C_NO_CONTEXT;
293	(*ctx)->name=GSS_C_NO_NAME;
294	(*ctx)->oid=GSS_C_NO_OID;
295	(*ctx)->creds=GSS_C_NO_CREDENTIAL;
296	(*ctx)->client=GSS_C_NO_NAME;
297	(*ctx)->client_creds=GSS_C_NO_CREDENTIAL;
298	}
299
300	/* Delete our context, providing it has been built correctly */
301	void
302	ssh_gssapi_delete_ctx(Gssctxt **ctx)
303	{
304	OM_uint32 ms;
305
306	/* Return if there's no context */
307	if ((*ctx)==NULL)
308	return;
309
310	if ((*ctx)->context != GSS_C_NO_CONTEXT)
311	gss_delete_sec_context(&ms,&(*ctx)->context,GSS_C_NO_BUFFER);
312	if ((*ctx)->name != GSS_C_NO_NAME)
313	gss_release_name(&ms,&(*ctx)->name);
314	if ((*ctx)->oid != GSS_C_NO_OID) {
315	xfree((*ctx)->oid->elements);
316	xfree((*ctx)->oid);
317	(*ctx)->oid = GSS_C_NO_OID;
318	}
319	if ((*ctx)->creds != GSS_C_NO_CREDENTIAL)
320	gss_release_cred(&ms,&(*ctx)->creds);
321	if ((*ctx)->client != GSS_C_NO_NAME)
322	gss_release_name(&ms,&(*ctx)->client);
323	if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL)
324	gss_release_cred(&ms,&(*ctx)->client_creds);
325
326	xfree(*ctx);
327	*ctx=NULL;
328	}
329
330	/* Wrapper to init_sec_context
331	* Requires that the context contains:
332	* oid
333	* server name (from ssh_gssapi_import_name)
334	*/
335	OM_uint32
336	ssh_gssapi_init_ctx(Gssctxt ctx, int deleg_creds, gss_buffer_desc recv_tok,
337	gss_buffer_desc* send_tok, OM_uint32 *flags)
338	{
339	int deleg_flag = 0;
340
341	if (deleg_creds) {
342	deleg_flag=GSS_C_DELEG_FLAG;
343	debug("Delegating credentials");
344	}
345
346	ctx->major=gss_init_sec_context(&ctx->minor,
347	GSS_C_NO_CREDENTIAL, /* def. cred */
348	&ctx->context,
349	ctx->name,
350	ctx->oid,
351	GSS_C_MUTUAL_FLAG \|
352	GSS_C_INTEG_FLAG \|
353	deleg_flag,
354	0, /* default lifetime */
355	NULL, /* no channel bindings */
356	recv_tok,
357	NULL,
358	send_tok,
359	flags,
360	NULL);
361	if (GSS_ERROR(ctx->major)) {
362	ssh_gssapi_error(ctx);
363	}
364	return(ctx->major);
365	}
366
367	/* Create a service name for the given host */
368	OM_uint32
369	ssh_gssapi_import_name(Gssctxt ctx, const char host) {
370	gss_buffer_desc gssbuf;
371	struct hostent *hostinfo = NULL;
372	char *xhost;
373
374	/* Make a copy of the host name, in case it was returned by a
3e196425	375	* previous call to gethostbyname(). */
73b00670	376	xhost = xstrdup(host);
	377
	378	/* Make sure we have the FQDN. Some GSSAPI implementations don't do
3e196425	379	* this for us themselves */
73b00670	380
	381	hostinfo = gethostbyname(xhost);
	382
	383	if ((hostinfo == NULL) \|\| (hostinfo->h_name == NULL)) {
	384	debug("Unable to get FQDN for \"%s\"", xhost);
	385	} else {
	386	xfree(xhost);
	387	xhost = xstrdup(hostinfo->h_name);
	388	}
	389
	390	gssbuf.length = sizeof("host@")+strlen(xhost);
	391
	392	gssbuf.value = xmalloc(gssbuf.length);
	393	if (gssbuf.value == NULL) {
	394	xfree(xhost);
	395	return(-1);
	396	}
	397	snprintf(gssbuf.value,gssbuf.length,"host@%s",xhost);
	398	if ((ctx->major=gss_import_name(&ctx->minor,
	399	&gssbuf,
	400	GSS_C_NT_HOSTBASED_SERVICE,
	401	&ctx->name))) {
	402	ssh_gssapi_error(ctx);
	403	}
	404
	405	xfree(xhost);
	406	xfree(gssbuf.value);
	407	return(ctx->major);
	408	}
	409
	410	/* Acquire credentials for a server running on the current host.
	411	* Requires that the context structure contains a valid OID
	412	*/
	413
	414	/* Returns a GSSAPI error code */
	415	OM_uint32
	416	ssh_gssapi_acquire_cred(Gssctxt *ctx) {
	417	OM_uint32 status;
	418	char lname[MAXHOSTNAMELEN];
	419	gss_OID_set oidset;
	420
	421	gss_create_empty_oid_set(&status,&oidset);
	422	gss_add_oid_set_member(&status,ctx->oid,&oidset);
	423
	424	if (gethostname(lname, MAXHOSTNAMELEN)) {
	425	return(-1);
	426	}
	427
	428	if (GSS_ERROR(ssh_gssapi_import_name(ctx,lname))) {
	429	return(ctx->major);
	430	}
	431
	432	if ((ctx->major=gss_acquire_cred(&ctx->minor,
3e196425	433	ctx->name,
73b00670	434	0,
	435	oidset,
	436	GSS_C_ACCEPT,
	437	&ctx->creds,
	438	NULL,
	439	NULL))) {
	440	ssh_gssapi_error(ctx);
	441	}
	442
	443	gss_release_oid_set(&status, &oidset);
	444	return(ctx->major);
	445	}
	446
	447	OM_uint32
	448	ssh_gssapi_sign(Gssctxt ctx, gss_buffer_desc buffer, gss_buffer_desc *hash) {
	449
	450	if ((ctx->major=gss_get_mic(&ctx->minor,ctx->context,
	451	GSS_C_QOP_DEFAULT, buffer, hash))) {
	452	ssh_gssapi_error(ctx);
	453	}
	454
	455	return(ctx->major);
	456	}
	457
	458	OM_uint32
	459	ssh_gssapi_server_ctx(Gssctxt **ctx,gss_OID oid) {
	460	if (*ctx) ssh_gssapi_delete_ctx(ctx);
	461	ssh_gssapi_build_ctx(ctx);
	462	ssh_gssapi_set_oid(*ctx,oid);
	463	return(ssh_gssapi_acquire_cred(*ctx));
	464	}
	465
	466	int
	467	ssh_gssapi_check_mechanism(gss_OID oid, char *host) {
	468	Gssctxt * ctx = NULL;
	469	gss_buffer_desc token;
	470	OM_uint32 major,minor;
	471
	472	ssh_gssapi_build_ctx(&ctx);
	473	ssh_gssapi_set_oid(ctx,oid);
	474	ssh_gssapi_import_name(ctx,host);
	475	major=ssh_gssapi_init_ctx(ctx,0, GSS_C_NO_BUFFER, &token, NULL);
	476	gss_release_buffer(&minor,&token);
	477	ssh_gssapi_delete_ctx(&ctx);
	478	return(!GSS_ERROR(major));
	479	}
	480
	481	#endif /* GSSAPI */