]>
Commit | Line | Data |
---|---|---|
73b00670 | 1 | /* |
2 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. * | |
3 | * Redistribution and use in source and binary forms, with or without | |
4 | * modification, are permitted provided that the following conditions | |
5 | * are met: | |
6 | * 1. Redistributions of source code must retain the above copyright | |
7 | * notice, this list of conditions and the following disclaimer. | |
8 | * 2. Redistributions in binary form must reproduce the above copyright | |
9 | * notice, this list of conditions and the following disclaimer in the | |
10 | * documentation and/or other materials provided with the distribution. | |
11 | * | |
12 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR | |
13 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
14 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
15 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
16 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
17 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
18 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
19 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
20 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
21 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
22 | */ | |
23 | ||
24 | #include "includes.h" | |
25 | ||
26 | #ifdef GSSAPI | |
27 | ||
28 | #include "ssh.h" | |
29 | #include "ssh2.h" | |
30 | #include "xmalloc.h" | |
31 | #include "buffer.h" | |
32 | #include "bufaux.h" | |
33 | #include "packet.h" | |
34 | #include "compat.h" | |
35 | #include <openssl/evp.h> | |
36 | #include "cipher.h" | |
37 | #include "kex.h" | |
38 | #include "log.h" | |
39 | #include "compat.h" | |
40 | #include "monitor_wrap.h" | |
41 | ||
42 | #include <netdb.h> | |
43 | ||
44 | #include "ssh-gss.h" | |
45 | ||
46 | typedef struct { | |
47 | char *encoded; | |
48 | gss_OID oid; | |
49 | } ssh_gss_kex_mapping; | |
50 | ||
51 | static ssh_gss_kex_mapping *gss_enc2oid; | |
52 | ||
53 | /* Return a list of the gss-group1-sha1-x mechanisms supported by this | |
54 | * program. | |
55 | * | |
56 | * On the client side, we don't need to worry about whether we 'know' | |
57 | * about the mechanism or not - we assume that any mechanism that we've been | |
58 | * linked against is suitable for inclusion. | |
59 | * | |
60 | * XXX - We might want to make this configurable in the future, so as to | |
61 | * XXX - allow the user control over which mechanisms to use. | |
62 | */ | |
63 | ||
64 | char * | |
65 | ssh_gssapi_client_mechanisms(char *host) { | |
66 | gss_OID_set supported; | |
67 | OM_uint32 min_status; | |
68 | Buffer buf; | |
69 | int i = 0; | |
70 | char *mechs; | |
71 | char *encoded; | |
72 | int enclen; | |
73 | char digest[EVP_MAX_MD_SIZE]; | |
74 | char deroid[2]; | |
75 | const EVP_MD *evp_md = EVP_md5(); | |
76 | EVP_MD_CTX md; | |
77 | int oidpos=0; | |
78 | ||
79 | if (datafellows & SSH_OLD_GSSAPI) return NULL; | |
80 | ||
81 | gss_indicate_mechs(&min_status,&supported); | |
82 | if (datafellows & SSH_BUG_GSSAPI_BER) { | |
83 | gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping) | |
3e196425 | 84 | *((supported->count*2)+1)); |
73b00670 | 85 | } else { |
86 | gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping) | |
3e196425 | 87 | *(supported->count*2+1)); |
73b00670 | 88 | } |
89 | ||
90 | buffer_init(&buf); | |
91 | ||
92 | ||
93 | for (i=0;i<supported->count;i++) { | |
94 | ||
95 | gss_enc2oid[oidpos].encoded=NULL; | |
96 | ||
97 | if (supported->elements[i].length<128 && | |
98 | ssh_gssapi_check_mechanism(&(supported->elements[i]),host)) { | |
99 | ||
100 | /* Earlier versions of this code interpreted the | |
3e196425 | 101 | * spec incorrectly with regard to OID encoding. They |
102 | * also mis-encoded the krb5 OID. The following | |
103 | * _temporary_ code interfaces with these broken | |
104 | * servers */ | |
73b00670 | 105 | |
106 | if (datafellows & SSH_BUG_GSSAPI_BER) { | |
107 | char *bodge=NULL; | |
108 | gss_OID_desc krb5oid={9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"}; | |
109 | gss_OID_desc gsioid={9, "\x2B\x06\x01\x04\x01\x9B\x50\x01\x01"}; | |
110 | ||
111 | if (supported->elements[i].length==krb5oid.length && | |
112 | memcmp(supported->elements[i].elements, | |
113 | krb5oid.elements, krb5oid.length)==0) { | |
114 | bodge="Se3H81ismmOC3OE+FwYCiQ=="; | |
115 | } | |
116 | ||
117 | if (supported->elements[i].length==gsioid.length && | |
118 | memcmp(supported->elements[i].elements, | |
119 | gsioid.elements, gsioid.length)==0) { | |
120 | bodge="N3+k7/4wGxHyuP8Yxi4RhA=="; | |
121 | } | |
122 | ||
123 | if (bodge) { | |
124 | if (oidpos!=0) { | |
125 | buffer_put_char(&buf,','); | |
126 | } | |
127 | ||
128 | buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1); | |
129 | buffer_append(&buf, bodge, strlen(bodge)); | |
130 | ||
131 | gss_enc2oid[oidpos].oid=&(supported->elements[i]); | |
132 | gss_enc2oid[oidpos].encoded=bodge; | |
133 | ||
134 | oidpos++; | |
135 | } | |
136 | } | |
137 | ||
138 | /* Add the required DER encoding octets and MD5 hash */ | |
139 | deroid[0]=0x06; /* Object Identifier */ | |
140 | deroid[1]=supported->elements[i].length; | |
141 | ||
142 | EVP_DigestInit(&md, evp_md); | |
143 | EVP_DigestUpdate(&md,deroid,2); | |
144 | EVP_DigestUpdate(&md, | |
3e196425 | 145 | supported->elements[i].elements, |
146 | supported->elements[i].length); | |
73b00670 | 147 | EVP_DigestFinal(&md, digest, NULL); |
148 | ||
149 | /* Base64 encode it */ | |
150 | encoded=xmalloc(EVP_MD_size(evp_md)*2); | |
151 | enclen=__b64_ntop(digest, EVP_MD_size(evp_md), | |
152 | encoded,EVP_MD_size(evp_md)*2); | |
153 | if (oidpos!=0) { | |
154 | buffer_put_char(&buf,','); | |
155 | } | |
156 | buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1); | |
157 | buffer_append(&buf, encoded, enclen); | |
158 | ||
159 | debug("Mechanism encoded as %s",encoded); | |
160 | ||
161 | gss_enc2oid[oidpos].oid=&(supported->elements[i]); | |
162 | gss_enc2oid[oidpos].encoded=encoded; | |
163 | oidpos++; | |
164 | } | |
165 | } | |
166 | gss_enc2oid[oidpos].oid=NULL; | |
167 | gss_enc2oid[oidpos].encoded=NULL; | |
168 | ||
169 | buffer_put_char(&buf,'\0'); | |
170 | ||
171 | mechs=xmalloc(buffer_len(&buf)); | |
172 | buffer_get(&buf,mechs,buffer_len(&buf)); | |
173 | buffer_free(&buf); | |
174 | if (strlen(mechs)==0) | |
175 | return(NULL); | |
176 | else | |
177 | return(mechs); | |
178 | } | |
179 | ||
180 | gss_OID | |
181 | ssh_gssapi_client_id_kex(Gssctxt *ctx, char *name) { | |
182 | int i=0; | |
183 | ||
184 | if (strncmp(name, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1) !=0) { | |
185 | return(NULL); | |
186 | } | |
187 | ||
188 | name+=sizeof(KEX_GSS_SHA1)-1; /* Move to the start of the ID string */ | |
189 | ||
190 | while (gss_enc2oid[i].encoded!=NULL && | |
191 | strcmp(name,gss_enc2oid[i].encoded)!=0) { | |
192 | i++; | |
193 | } | |
194 | ||
195 | if (gss_enc2oid[i].oid!=NULL) { | |
196 | ssh_gssapi_set_oid(ctx,gss_enc2oid[i].oid); | |
197 | } | |
198 | ||
199 | return gss_enc2oid[i].oid; | |
200 | } | |
201 | ||
202 | /* Check that the OID in a data stream matches that in the context */ | |
203 | int ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) { | |
204 | ||
205 | return (ctx!=NULL && ctx->oid != GSS_C_NO_OID && | |
206 | ctx->oid->length == len && | |
207 | memcmp(ctx->oid->elements,data,len)==0); | |
208 | } | |
209 | ||
210 | /* Set the contexts OID from a data stream */ | |
211 | void ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len) { | |
212 | if (ctx->oid != GSS_C_NO_OID) { | |
213 | xfree(ctx->oid->elements); | |
214 | xfree(ctx->oid); | |
215 | } | |
216 | ctx->oid=xmalloc(sizeof(gss_OID_desc)); | |
217 | ctx->oid->length=len; | |
218 | ctx->oid->elements=xmalloc(len); | |
219 | memcpy(ctx->oid->elements,data,len); | |
220 | } | |
221 | ||
222 | /* Set the contexts OID */ | |
223 | void ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid) { | |
224 | ssh_gssapi_set_oid_data(ctx,oid->elements,oid->length); | |
225 | } | |
226 | ||
227 | /* All this effort to report an error ... */ | |
228 | ||
229 | void | |
230 | ssh_gssapi_error(Gssctxt *ctxt) { | |
231 | ||
232 | debug(ssh_gssapi_last_error(ctxt,NULL,NULL)); | |
233 | } | |
234 | ||
235 | char * | |
236 | ssh_gssapi_last_error(Gssctxt *ctxt, | |
237 | OM_uint32 *major_status, OM_uint32 *minor_status) { | |
238 | OM_uint32 lmin; | |
239 | gss_buffer_desc msg; | |
240 | OM_uint32 ctx; | |
241 | Buffer b; | |
242 | char *ret; | |
243 | ||
244 | buffer_init(&b); | |
245 | ||
246 | if (major_status!=NULL) *major_status=ctxt->major; | |
247 | if (minor_status!=NULL) *minor_status=ctxt->minor; | |
248 | ||
249 | ctx = 0; | |
250 | /* The GSSAPI error */ | |
251 | do { | |
252 | gss_display_status(&lmin, ctxt->major, | |
253 | GSS_C_GSS_CODE, GSS_C_NULL_OID, | |
254 | &ctx, &msg); | |
255 | ||
256 | buffer_append(&b,msg.value,msg.length); | |
257 | buffer_put_char(&b,'\n'); | |
258 | ||
259 | gss_release_buffer(&lmin, &msg); | |
260 | } while (ctx!=0); | |
261 | ||
262 | /* The mechanism specific error */ | |
263 | do { | |
264 | gss_display_status(&lmin, ctxt->minor, | |
265 | GSS_C_MECH_CODE, GSS_C_NULL_OID, | |
266 | &ctx, &msg); | |
267 | ||
268 | buffer_append(&b,msg.value,msg.length); | |
269 | buffer_put_char(&b,'\n'); | |
270 | ||
271 | gss_release_buffer(&lmin, &msg); | |
272 | } while (ctx!=0); | |
273 | ||
274 | buffer_put_char(&b,'\0'); | |
275 | ret=xmalloc(buffer_len(&b)); | |
276 | buffer_get(&b,ret,buffer_len(&b)); | |
277 | buffer_free(&b); | |
278 | return(ret); | |
279 | } | |
280 | ||
281 | /* Initialise our GSSAPI context. We use this opaque structure to contain all | |
282 | * of the data which both the client and server need to persist across | |
283 | * {accept,init}_sec_context calls, so that when we do it from the userauth | |
284 | * stuff life is a little easier | |
285 | */ | |
286 | void | |
287 | ssh_gssapi_build_ctx(Gssctxt **ctx) | |
288 | { | |
289 | *ctx=xmalloc(sizeof (Gssctxt)); | |
290 | (*ctx)->major=0; | |
291 | (*ctx)->minor=0; | |
292 | (*ctx)->context=GSS_C_NO_CONTEXT; | |
293 | (*ctx)->name=GSS_C_NO_NAME; | |
294 | (*ctx)->oid=GSS_C_NO_OID; | |
295 | (*ctx)->creds=GSS_C_NO_CREDENTIAL; | |
296 | (*ctx)->client=GSS_C_NO_NAME; | |
297 | (*ctx)->client_creds=GSS_C_NO_CREDENTIAL; | |
298 | } | |
299 | ||
300 | /* Delete our context, providing it has been built correctly */ | |
301 | void | |
302 | ssh_gssapi_delete_ctx(Gssctxt **ctx) | |
303 | { | |
304 | OM_uint32 ms; | |
305 | ||
306 | /* Return if there's no context */ | |
307 | if ((*ctx)==NULL) | |
308 | return; | |
309 | ||
310 | if ((*ctx)->context != GSS_C_NO_CONTEXT) | |
311 | gss_delete_sec_context(&ms,&(*ctx)->context,GSS_C_NO_BUFFER); | |
312 | if ((*ctx)->name != GSS_C_NO_NAME) | |
313 | gss_release_name(&ms,&(*ctx)->name); | |
314 | if ((*ctx)->oid != GSS_C_NO_OID) { | |
315 | xfree((*ctx)->oid->elements); | |
316 | xfree((*ctx)->oid); | |
317 | (*ctx)->oid = GSS_C_NO_OID; | |
318 | } | |
319 | if ((*ctx)->creds != GSS_C_NO_CREDENTIAL) | |
320 | gss_release_cred(&ms,&(*ctx)->creds); | |
321 | if ((*ctx)->client != GSS_C_NO_NAME) | |
322 | gss_release_name(&ms,&(*ctx)->client); | |
323 | if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL) | |
324 | gss_release_cred(&ms,&(*ctx)->client_creds); | |
325 | ||
326 | xfree(*ctx); | |
327 | *ctx=NULL; | |
328 | } | |
329 | ||
330 | /* Wrapper to init_sec_context | |
331 | * Requires that the context contains: | |
332 | * oid | |
333 | * server name (from ssh_gssapi_import_name) | |
334 | */ | |
335 | OM_uint32 | |
336 | ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, | |
337 | gss_buffer_desc* send_tok, OM_uint32 *flags) | |
338 | { | |
339 | int deleg_flag = 0; | |
340 | ||
341 | if (deleg_creds) { | |
342 | deleg_flag=GSS_C_DELEG_FLAG; | |
343 | debug("Delegating credentials"); | |
344 | } | |
345 | ||
346 | ctx->major=gss_init_sec_context(&ctx->minor, | |
347 | GSS_C_NO_CREDENTIAL, /* def. cred */ | |
348 | &ctx->context, | |
349 | ctx->name, | |
350 | ctx->oid, | |
351 | GSS_C_MUTUAL_FLAG | | |
352 | GSS_C_INTEG_FLAG | | |
353 | deleg_flag, | |
354 | 0, /* default lifetime */ | |
355 | NULL, /* no channel bindings */ | |
356 | recv_tok, | |
357 | NULL, | |
358 | send_tok, | |
359 | flags, | |
360 | NULL); | |
361 | if (GSS_ERROR(ctx->major)) { | |
362 | ssh_gssapi_error(ctx); | |
363 | } | |
364 | return(ctx->major); | |
365 | } | |
366 | ||
367 | /* Create a service name for the given host */ | |
368 | OM_uint32 | |
369 | ssh_gssapi_import_name(Gssctxt *ctx, const char *host) { | |
370 | gss_buffer_desc gssbuf; | |
371 | struct hostent *hostinfo = NULL; | |
372 | char *xhost; | |
373 | ||
374 | /* Make a copy of the host name, in case it was returned by a | |
3e196425 | 375 | * previous call to gethostbyname(). */ |
73b00670 | 376 | xhost = xstrdup(host); |
377 | ||
378 | /* Make sure we have the FQDN. Some GSSAPI implementations don't do | |
3e196425 | 379 | * this for us themselves */ |
73b00670 | 380 | |
381 | hostinfo = gethostbyname(xhost); | |
382 | ||
383 | if ((hostinfo == NULL) || (hostinfo->h_name == NULL)) { | |
384 | debug("Unable to get FQDN for \"%s\"", xhost); | |
385 | } else { | |
386 | xfree(xhost); | |
387 | xhost = xstrdup(hostinfo->h_name); | |
388 | } | |
389 | ||
390 | gssbuf.length = sizeof("host@")+strlen(xhost); | |
391 | ||
392 | gssbuf.value = xmalloc(gssbuf.length); | |
393 | if (gssbuf.value == NULL) { | |
394 | xfree(xhost); | |
395 | return(-1); | |
396 | } | |
397 | snprintf(gssbuf.value,gssbuf.length,"host@%s",xhost); | |
398 | if ((ctx->major=gss_import_name(&ctx->minor, | |
399 | &gssbuf, | |
400 | GSS_C_NT_HOSTBASED_SERVICE, | |
401 | &ctx->name))) { | |
402 | ssh_gssapi_error(ctx); | |
403 | } | |
404 | ||
405 | xfree(xhost); | |
406 | xfree(gssbuf.value); | |
407 | return(ctx->major); | |
408 | } | |
409 | ||
410 | /* Acquire credentials for a server running on the current host. | |
411 | * Requires that the context structure contains a valid OID | |
412 | */ | |
413 | ||
414 | /* Returns a GSSAPI error code */ | |
415 | OM_uint32 | |
416 | ssh_gssapi_acquire_cred(Gssctxt *ctx) { | |
417 | OM_uint32 status; | |
418 | char lname[MAXHOSTNAMELEN]; | |
419 | gss_OID_set oidset; | |
420 | ||
421 | gss_create_empty_oid_set(&status,&oidset); | |
422 | gss_add_oid_set_member(&status,ctx->oid,&oidset); | |
423 | ||
424 | if (gethostname(lname, MAXHOSTNAMELEN)) { | |
425 | return(-1); | |
426 | } | |
427 | ||
428 | if (GSS_ERROR(ssh_gssapi_import_name(ctx,lname))) { | |
429 | return(ctx->major); | |
430 | } | |
431 | ||
432 | if ((ctx->major=gss_acquire_cred(&ctx->minor, | |
3e196425 | 433 | ctx->name, |
73b00670 | 434 | 0, |
435 | oidset, | |
436 | GSS_C_ACCEPT, | |
437 | &ctx->creds, | |
438 | NULL, | |
439 | NULL))) { | |
440 | ssh_gssapi_error(ctx); | |
441 | } | |
442 | ||
443 | gss_release_oid_set(&status, &oidset); | |
444 | return(ctx->major); | |
445 | } | |
446 | ||
447 | OM_uint32 | |
448 | ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *buffer, gss_buffer_desc *hash) { | |
449 | ||
450 | if ((ctx->major=gss_get_mic(&ctx->minor,ctx->context, | |
451 | GSS_C_QOP_DEFAULT, buffer, hash))) { | |
452 | ssh_gssapi_error(ctx); | |
453 | } | |
454 | ||
455 | return(ctx->major); | |
456 | } | |
457 | ||
458 | OM_uint32 | |
459 | ssh_gssapi_server_ctx(Gssctxt **ctx,gss_OID oid) { | |
460 | if (*ctx) ssh_gssapi_delete_ctx(ctx); | |
461 | ssh_gssapi_build_ctx(ctx); | |
462 | ssh_gssapi_set_oid(*ctx,oid); | |
463 | return(ssh_gssapi_acquire_cred(*ctx)); | |
464 | } | |
465 | ||
466 | int | |
467 | ssh_gssapi_check_mechanism(gss_OID oid, char *host) { | |
468 | Gssctxt * ctx = NULL; | |
469 | gss_buffer_desc token; | |
470 | OM_uint32 major,minor; | |
471 | ||
472 | ssh_gssapi_build_ctx(&ctx); | |
473 | ssh_gssapi_set_oid(ctx,oid); | |
474 | ssh_gssapi_import_name(ctx,host); | |
475 | major=ssh_gssapi_init_ctx(ctx,0, GSS_C_NO_BUFFER, &token, NULL); | |
476 | gss_release_buffer(&minor,&token); | |
477 | ssh_gssapi_delete_ctx(&ctx); | |
478 | return(!GSS_ERROR(major)); | |
479 | } | |
480 | ||
481 | #endif /* GSSAPI */ |