]>
Commit | Line | Data |
---|---|---|
9108f8d9 | 1 | /* $OpenBSD: gss-genr.c,v 1.17 2006/08/29 12:02:30 dtucker Exp $ */ |
0fff78ff | 2 | |
3 | /* | |
9108f8d9 | 4 | * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved. |
0fff78ff | 5 | * |
6 | * Redistribution and use in source and binary forms, with or without | |
7 | * modification, are permitted provided that the following conditions | |
8 | * are met: | |
9 | * 1. Redistributions of source code must retain the above copyright | |
10 | * notice, this list of conditions and the following disclaimer. | |
11 | * 2. Redistributions in binary form must reproduce the above copyright | |
12 | * notice, this list of conditions and the following disclaimer in the | |
13 | * documentation and/or other materials provided with the distribution. | |
14 | * | |
15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR | |
16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
25 | */ | |
26 | ||
27 | #include "includes.h" | |
28 | ||
29 | #ifdef GSSAPI | |
30 | ||
9108f8d9 | 31 | #include <sys/types.h> |
32 | #include <sys/param.h> | |
33 | ||
34 | #include <stdarg.h> | |
35 | #include <string.h> | |
36 | #include <unistd.h> | |
37 | ||
0fff78ff | 38 | #include "xmalloc.h" |
9108f8d9 | 39 | #include "buffer.h" |
0fff78ff | 40 | #include "log.h" |
cdd66111 | 41 | #include "ssh2.h" |
70e5f740 | 42 | #include "cipher.h" |
43 | #include "key.h" | |
44 | #include "kex.h" | |
45 | #include <openssl/evp.h> | |
0fff78ff | 46 | |
47 | #include "ssh-gss.h" | |
48 | ||
cdd66111 | 49 | extern u_char *session_id2; |
50 | extern u_int session_id2_len; | |
0fff78ff | 51 | |
70e5f740 | 52 | typedef struct { |
53 | char *encoded; | |
54 | gss_OID oid; | |
55 | } ssh_gss_kex_mapping; | |
56 | ||
57 | /* | |
58 | * XXX - It would be nice to find a more elegant way of handling the | |
59 | * XXX passing of the key exchange context to the userauth routines | |
60 | */ | |
61 | ||
62 | Gssctxt *gss_kex_context = NULL; | |
63 | ||
64 | static ssh_gss_kex_mapping *gss_enc2oid = NULL; | |
65 | ||
66 | int | |
67 | ssh_gssapi_oid_table_ok() { | |
68 | return (gss_enc2oid != NULL); | |
69 | } | |
70 | ||
71 | /* | |
72 | * Return a list of the gss-group1-sha1 mechanisms supported by this program | |
73 | * | |
74 | * We test mechanisms to ensure that we can use them, to avoid starting | |
75 | * a key exchange with a bad mechanism | |
76 | */ | |
77 | ||
78 | char * | |
79 | ssh_gssapi_client_mechanisms(const char *host) { | |
80 | gss_OID_set gss_supported; | |
81 | OM_uint32 min_status; | |
82 | ||
83 | gss_indicate_mechs(&min_status, &gss_supported); | |
84 | ||
85 | return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, | |
86 | host)); | |
87 | } | |
88 | ||
89 | char * | |
90 | ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, | |
91 | const char *data) { | |
92 | Buffer buf; | |
93 | size_t i; | |
94 | int oidpos, enclen; | |
95 | char *mechs, *encoded; | |
96 | u_char digest[EVP_MAX_MD_SIZE]; | |
97 | char deroid[2]; | |
98 | const EVP_MD *evp_md = EVP_md5(); | |
99 | EVP_MD_CTX md; | |
100 | ||
101 | if (gss_enc2oid != NULL) { | |
102 | for (i = 0; gss_enc2oid[i].encoded != NULL; i++) | |
103 | xfree(gss_enc2oid[i].encoded); | |
104 | xfree(gss_enc2oid); | |
105 | } | |
106 | ||
107 | gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) * | |
108 | (gss_supported->count + 1)); | |
109 | ||
110 | buffer_init(&buf); | |
111 | ||
112 | oidpos = 0; | |
113 | for (i = 0; i < gss_supported->count; i++) { | |
114 | if (gss_supported->elements[i].length < 128 && | |
115 | (*check)(NULL, &(gss_supported->elements[i]), data)) { | |
116 | ||
117 | deroid[0] = SSH_GSS_OIDTYPE; | |
118 | deroid[1] = gss_supported->elements[i].length; | |
119 | ||
120 | EVP_DigestInit(&md, evp_md); | |
121 | EVP_DigestUpdate(&md, deroid, 2); | |
122 | EVP_DigestUpdate(&md, | |
123 | gss_supported->elements[i].elements, | |
124 | gss_supported->elements[i].length); | |
125 | EVP_DigestFinal(&md, digest, NULL); | |
126 | ||
127 | encoded = xmalloc(EVP_MD_size(evp_md) * 2); | |
128 | enclen = __b64_ntop(digest, EVP_MD_size(evp_md), | |
129 | encoded, EVP_MD_size(evp_md) * 2); | |
130 | ||
131 | if (oidpos != 0) | |
132 | buffer_put_char(&buf, ','); | |
133 | ||
134 | buffer_append(&buf, KEX_GSS_GEX_SHA1_ID, | |
135 | sizeof(KEX_GSS_GEX_SHA1_ID) - 1); | |
136 | buffer_append(&buf, encoded, enclen); | |
137 | buffer_put_char(&buf, ','); | |
138 | buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, | |
139 | sizeof(KEX_GSS_GRP1_SHA1_ID) - 1); | |
140 | buffer_append(&buf, encoded, enclen); | |
141 | buffer_put_char(&buf, ','); | |
142 | buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID, | |
143 | sizeof(KEX_GSS_GRP14_SHA1_ID) - 1); | |
144 | buffer_append(&buf, encoded, enclen); | |
145 | ||
146 | gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); | |
147 | gss_enc2oid[oidpos].encoded = encoded; | |
148 | oidpos++; | |
149 | } | |
150 | } | |
151 | gss_enc2oid[oidpos].oid = NULL; | |
152 | gss_enc2oid[oidpos].encoded = NULL; | |
153 | ||
154 | buffer_put_char(&buf, '\0'); | |
155 | ||
156 | mechs = xmalloc(buffer_len(&buf)); | |
157 | buffer_get(&buf, mechs, buffer_len(&buf)); | |
158 | buffer_free(&buf); | |
159 | ||
160 | if (strlen(mechs) == 0) { | |
161 | xfree(mechs); | |
162 | mechs = NULL; | |
163 | } | |
164 | ||
165 | return (mechs); | |
166 | } | |
167 | ||
168 | gss_OID | |
169 | ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) { | |
170 | int i = 0; | |
171 | ||
172 | switch (kex_type) { | |
173 | case KEX_GSS_GRP1_SHA1: | |
174 | name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1; | |
175 | break; | |
176 | case KEX_GSS_GRP14_SHA1: | |
177 | name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1; | |
178 | break; | |
179 | case KEX_GSS_GEX_SHA1: | |
180 | name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1; | |
181 | break; | |
182 | default: | |
183 | return GSS_C_NO_OID; | |
184 | } | |
185 | ||
186 | while (gss_enc2oid[i].encoded != NULL && | |
187 | strcmp(name, gss_enc2oid[i].encoded) != 0) | |
188 | i++; | |
189 | ||
190 | if (gss_enc2oid[i].oid != NULL && ctx != NULL) | |
191 | ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid); | |
192 | ||
193 | return gss_enc2oid[i].oid; | |
194 | } | |
195 | ||
0fff78ff | 196 | /* Check that the OID in a data stream matches that in the context */ |
197 | int | |
198 | ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) | |
199 | { | |
200 | return (ctx != NULL && ctx->oid != GSS_C_NO_OID && | |
201 | ctx->oid->length == len && | |
202 | memcmp(ctx->oid->elements, data, len) == 0); | |
203 | } | |
204 | ||
205 | /* Set the contexts OID from a data stream */ | |
206 | void | |
207 | ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len) | |
208 | { | |
209 | if (ctx->oid != GSS_C_NO_OID) { | |
210 | xfree(ctx->oid->elements); | |
211 | xfree(ctx->oid); | |
212 | } | |
213 | ctx->oid = xmalloc(sizeof(gss_OID_desc)); | |
214 | ctx->oid->length = len; | |
215 | ctx->oid->elements = xmalloc(len); | |
216 | memcpy(ctx->oid->elements, data, len); | |
217 | } | |
218 | ||
219 | /* Set the contexts OID */ | |
220 | void | |
221 | ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid) | |
222 | { | |
223 | ssh_gssapi_set_oid_data(ctx, oid->elements, oid->length); | |
224 | } | |
225 | ||
226 | /* All this effort to report an error ... */ | |
227 | void | |
228 | ssh_gssapi_error(Gssctxt *ctxt) | |
229 | { | |
9108f8d9 | 230 | char *s; |
231 | ||
232 | s = ssh_gssapi_last_error(ctxt, NULL, NULL); | |
233 | debug("%s", s); | |
234 | xfree(s); | |
0fff78ff | 235 | } |
236 | ||
237 | char * | |
665a873d | 238 | ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status, |
239 | OM_uint32 *minor_status) | |
0fff78ff | 240 | { |
241 | OM_uint32 lmin; | |
242 | gss_buffer_desc msg = GSS_C_EMPTY_BUFFER; | |
243 | OM_uint32 ctx; | |
244 | Buffer b; | |
245 | char *ret; | |
246 | ||
247 | buffer_init(&b); | |
248 | ||
249 | if (major_status != NULL) | |
250 | *major_status = ctxt->major; | |
251 | if (minor_status != NULL) | |
252 | *minor_status = ctxt->minor; | |
253 | ||
254 | ctx = 0; | |
255 | /* The GSSAPI error */ | |
256 | do { | |
257 | gss_display_status(&lmin, ctxt->major, | |
70e5f740 | 258 | GSS_C_GSS_CODE, ctxt->oid, &ctx, &msg); |
0fff78ff | 259 | |
260 | buffer_append(&b, msg.value, msg.length); | |
261 | buffer_put_char(&b, '\n'); | |
262 | ||
263 | gss_release_buffer(&lmin, &msg); | |
264 | } while (ctx != 0); | |
265 | ||
266 | /* The mechanism specific error */ | |
267 | do { | |
268 | gss_display_status(&lmin, ctxt->minor, | |
70e5f740 | 269 | GSS_C_MECH_CODE, ctxt->oid, &ctx, &msg); |
0fff78ff | 270 | |
271 | buffer_append(&b, msg.value, msg.length); | |
272 | buffer_put_char(&b, '\n'); | |
273 | ||
274 | gss_release_buffer(&lmin, &msg); | |
275 | } while (ctx != 0); | |
276 | ||
277 | buffer_put_char(&b, '\0'); | |
278 | ret = xmalloc(buffer_len(&b)); | |
279 | buffer_get(&b, ret, buffer_len(&b)); | |
280 | buffer_free(&b); | |
281 | return (ret); | |
282 | } | |
283 | ||
284 | /* | |
285 | * Initialise our GSSAPI context. We use this opaque structure to contain all | |
286 | * of the data which both the client and server need to persist across | |
287 | * {accept,init}_sec_context calls, so that when we do it from the userauth | |
288 | * stuff life is a little easier | |
289 | */ | |
290 | void | |
291 | ssh_gssapi_build_ctx(Gssctxt **ctx) | |
292 | { | |
9108f8d9 | 293 | *ctx = xcalloc(1, sizeof (Gssctxt)); |
0fff78ff | 294 | (*ctx)->context = GSS_C_NO_CONTEXT; |
295 | (*ctx)->name = GSS_C_NO_NAME; | |
296 | (*ctx)->oid = GSS_C_NO_OID; | |
297 | (*ctx)->creds = GSS_C_NO_CREDENTIAL; | |
298 | (*ctx)->client = GSS_C_NO_NAME; | |
299 | (*ctx)->client_creds = GSS_C_NO_CREDENTIAL; | |
300 | } | |
301 | ||
302 | /* Delete our context, providing it has been built correctly */ | |
303 | void | |
304 | ssh_gssapi_delete_ctx(Gssctxt **ctx) | |
305 | { | |
306 | OM_uint32 ms; | |
307 | ||
308 | if ((*ctx) == NULL) | |
309 | return; | |
310 | if ((*ctx)->context != GSS_C_NO_CONTEXT) | |
311 | gss_delete_sec_context(&ms, &(*ctx)->context, GSS_C_NO_BUFFER); | |
312 | if ((*ctx)->name != GSS_C_NO_NAME) | |
313 | gss_release_name(&ms, &(*ctx)->name); | |
314 | if ((*ctx)->oid != GSS_C_NO_OID) { | |
315 | xfree((*ctx)->oid->elements); | |
316 | xfree((*ctx)->oid); | |
317 | (*ctx)->oid = GSS_C_NO_OID; | |
318 | } | |
319 | if ((*ctx)->creds != GSS_C_NO_CREDENTIAL) | |
320 | gss_release_cred(&ms, &(*ctx)->creds); | |
321 | if ((*ctx)->client != GSS_C_NO_NAME) | |
322 | gss_release_name(&ms, &(*ctx)->client); | |
323 | if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL) | |
324 | gss_release_cred(&ms, &(*ctx)->client_creds); | |
325 | ||
326 | xfree(*ctx); | |
327 | *ctx = NULL; | |
328 | } | |
329 | ||
330 | /* | |
331 | * Wrapper to init_sec_context | |
332 | * Requires that the context contains: | |
333 | * oid | |
334 | * server name (from ssh_gssapi_import_name) | |
335 | */ | |
336 | OM_uint32 | |
337 | ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, | |
338 | gss_buffer_desc* send_tok, OM_uint32 *flags) | |
339 | { | |
340 | int deleg_flag = 0; | |
341 | ||
342 | if (deleg_creds) { | |
343 | deleg_flag = GSS_C_DELEG_FLAG; | |
344 | debug("Delegating credentials"); | |
345 | } | |
346 | ||
347 | ctx->major = gss_init_sec_context(&ctx->minor, | |
348 | GSS_C_NO_CREDENTIAL, &ctx->context, ctx->name, ctx->oid, | |
349 | GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, | |
350 | 0, NULL, recv_tok, NULL, send_tok, flags, NULL); | |
351 | ||
352 | if (GSS_ERROR(ctx->major)) | |
353 | ssh_gssapi_error(ctx); | |
354 | ||
355 | return (ctx->major); | |
356 | } | |
357 | ||
358 | /* Create a service name for the given host */ | |
359 | OM_uint32 | |
360 | ssh_gssapi_import_name(Gssctxt *ctx, const char *host) | |
361 | { | |
362 | gss_buffer_desc gssbuf; | |
9108f8d9 | 363 | char *val; |
0fff78ff | 364 | |
9108f8d9 | 365 | xasprintf(&val, "host@%s", host); |
366 | gssbuf.value = val; | |
367 | gssbuf.length = strlen(gssbuf.value); | |
0fff78ff | 368 | |
369 | if ((ctx->major = gss_import_name(&ctx->minor, | |
370 | &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name))) | |
371 | ssh_gssapi_error(ctx); | |
372 | ||
373 | xfree(gssbuf.value); | |
374 | return (ctx->major); | |
375 | } | |
376 | ||
0fff78ff | 377 | OM_uint32 |
70e5f740 | 378 | ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) |
0fff78ff | 379 | { |
70e5f740 | 380 | if (ctx == NULL) |
381 | return -1; | |
0fff78ff | 382 | |
70e5f740 | 383 | if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, |
384 | GSS_C_QOP_DEFAULT, buffer, hash))) | |
0fff78ff | 385 | ssh_gssapi_error(ctx); |
386 | ||
0fff78ff | 387 | return (ctx->major); |
388 | } | |
389 | ||
70e5f740 | 390 | /* Priviledged when used by server */ |
cdd66111 | 391 | OM_uint32 |
70e5f740 | 392 | ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) |
cdd66111 | 393 | { |
70e5f740 | 394 | if (ctx == NULL) |
395 | return -1; | |
396 | ||
397 | ctx->major = gss_verify_mic(&ctx->minor, ctx->context, | |
398 | gssbuf, gssmic, NULL); | |
cdd66111 | 399 | |
400 | return (ctx->major); | |
401 | } | |
402 | ||
403 | void | |
404 | ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, | |
405 | const char *context) | |
406 | { | |
407 | buffer_init(b); | |
408 | buffer_put_string(b, session_id2, session_id2_len); | |
409 | buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST); | |
410 | buffer_put_cstring(b, user); | |
411 | buffer_put_cstring(b, service); | |
412 | buffer_put_cstring(b, context); | |
413 | } | |
414 | ||
9108f8d9 | 415 | int |
416 | ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) | |
417 | { | |
418 | gss_buffer_desc token = GSS_C_EMPTY_BUFFER; | |
419 | OM_uint32 major, minor; | |
420 | gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"}; | |
70e5f740 | 421 | Gssctxt *intctx = NULL; |
422 | ||
423 | if (ctx == NULL) | |
424 | ctx = &intctx; | |
9108f8d9 | 425 | |
426 | /* RFC 4462 says we MUST NOT do SPNEGO */ | |
427 | if (oid->length == spnego_oid.length && | |
428 | (memcmp(oid->elements, spnego_oid.elements, oid->length) == 0)) | |
429 | return 0; /* false */ | |
430 | ||
431 | ssh_gssapi_build_ctx(ctx); | |
432 | ssh_gssapi_set_oid(*ctx, oid); | |
433 | major = ssh_gssapi_import_name(*ctx, host); | |
434 | if (!GSS_ERROR(major)) { | |
435 | major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, | |
436 | NULL); | |
437 | gss_release_buffer(&minor, &token); | |
438 | if ((*ctx)->context != GSS_C_NO_CONTEXT) | |
439 | gss_delete_sec_context(&minor, &(*ctx)->context, | |
440 | GSS_C_NO_BUFFER); | |
441 | } | |
442 | ||
70e5f740 | 443 | if (GSS_ERROR(major) || intctx != NULL) |
9108f8d9 | 444 | ssh_gssapi_delete_ctx(ctx); |
445 | ||
446 | return (!GSS_ERROR(major)); | |
447 | } | |
448 | ||
0fff78ff | 449 | #endif /* GSSAPI */ |