[gssapi-openssh.git] / openssh / gss-genr.c

/*	$OpenBSD: gss-genr.c,v 1.6 2005/10/13 22:24:31 stevesk Exp $	*/

/*
 * Copyright (c) 2001-2005 Simon Wilkinson. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "includes.h"

#ifdef GSSAPI

#include "xmalloc.h"
#include "buffer.h"
#include "bufaux.h"
#include "compat.h"
#include <openssl/evp.h>
#include "kex.h"
#include "log.h"
#include "monitor_wrap.h"
#include "canohost.h"
#include "ssh2.h"
#include <openssl/evp.h>

#include "ssh-gss.h"

extern u_char *session_id2;
extern u_int session_id2_len;

typedef struct {
	char *encoded;
	gss_OID oid;
} ssh_gss_kex_mapping;

/*
 * XXX - It would be nice to find a more elegant way of handling the
 * XXX   passing of the key exchange context to the userauth routines
 */

Gssctxt *gss_kex_context = NULL;

static ssh_gss_kex_mapping *gss_enc2oid = NULL;

int 
ssh_gssapi_oid_table_ok() {
	return (gss_enc2oid != NULL);
}

/*
 * Return a list of the gss-group1-sha1 mechanisms supported by this program
 *
 * We test mechanisms to ensure that we can use them, to avoid starting
 * a key exchange with a bad mechanism
 */


char *
ssh_gssapi_client_mechanisms(const char *host) {
	gss_OID_set gss_supported;
	OM_uint32 min_status;

	gss_indicate_mechs(&min_status, &gss_supported);

	return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
	    (void *)host));
}

char *
ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
    void *data) {
	Buffer buf;
	size_t i;
	int oidpos, enclen;
	char *mechs, *encoded;
	unsigned char digest[EVP_MAX_MD_SIZE];
	char deroid[2];
	const EVP_MD *evp_md = EVP_md5();
	EVP_MD_CTX md;

	if (gss_enc2oid != NULL) {
		for (i=0;gss_enc2oid[i].encoded!=NULL;i++)
			xfree(gss_enc2oid[i].encoded);
		xfree(gss_enc2oid);
	}

	gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping)*
	    (gss_supported->count+1));

	buffer_init(&buf);

	oidpos = 0;
	for (i = 0;i < gss_supported->count;i++) {
		if (gss_supported->elements[i].length < 128 &&
		    (*check)(&(gss_supported->elements[i]), data)) {

			deroid[0] = SSH_GSS_OIDTYPE;
			deroid[1] = gss_supported->elements[i].length;

			EVP_DigestInit(&md, evp_md);
			EVP_DigestUpdate(&md, deroid, 2);
			EVP_DigestUpdate(&md,
			    gss_supported->elements[i].elements,
			    gss_supported->elements[i].length);
			EVP_DigestFinal(&md, digest, NULL);

			encoded = xmalloc(EVP_MD_size(evp_md)*2);
			enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
			    encoded, EVP_MD_size(evp_md)*2);

			if (oidpos != 0)
			    buffer_put_char(&buf, ',');

			buffer_append(&buf, KEX_GSS_GEX_SHA1_ID,
			    sizeof(KEX_GSS_GEX_SHA1_ID)-1);
			buffer_append(&buf, encoded, enclen);
			buffer_put_char(&buf,',');
			buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, 
			    sizeof(KEX_GSS_GRP1_SHA1_ID)-1);
			buffer_append(&buf, encoded, enclen);

			gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
			gss_enc2oid[oidpos].encoded = encoded;
			oidpos++;
		}
	}
	gss_enc2oid[oidpos].oid = NULL;
	gss_enc2oid[oidpos].encoded = NULL;

	buffer_put_char(&buf, '\0');

	mechs = xmalloc(buffer_len(&buf));
	buffer_get(&buf, mechs, buffer_len(&buf));
	buffer_free(&buf);

	if (strlen(mechs) == 0) {
		xfree(mechs);
		mechs = NULL;
	}
	
	return (mechs);
}

gss_OID
ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int *gex) {
	int i = 0;

	if (strncmp(name, KEX_GSS_GRP1_SHA1_ID,
	    sizeof(KEX_GSS_GRP1_SHA1_ID)-1) == 0) {
		name+=sizeof(KEX_GSS_GRP1_SHA1_ID)-1;
		*gex = 0;
	} else if (strncmp(name, KEX_GSS_GEX_SHA1_ID,
	    sizeof(KEX_GSS_GEX_SHA1_ID)-1) == 0) {
		name+=sizeof(KEX_GSS_GEX_SHA1_ID)-1;
		*gex = 1;
	} else {
		return NULL;
	}

	while (gss_enc2oid[i].encoded != NULL &&
	    strcmp(name, gss_enc2oid[i].encoded) != 0) {
		i++;
	}

	if (gss_enc2oid[i].oid != NULL && ctx != NULL)
		ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid);

	return gss_enc2oid[i].oid;
}

/* Check that the OID in a data stream matches that in the context */
int
ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
{
	return (ctx != NULL && ctx->oid != GSS_C_NO_OID &&
	    ctx->oid->length == len &&
	    memcmp(ctx->oid->elements, data, len) == 0);
}

/* Set the contexts OID from a data stream */
void
ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len)
{
	if (ctx->oid != GSS_C_NO_OID) {
		xfree(ctx->oid->elements);
		xfree(ctx->oid);
	}
	ctx->oid = xmalloc(sizeof(gss_OID_desc));
	ctx->oid->length = len;
	ctx->oid->elements = xmalloc(len);
	memcpy(ctx->oid->elements, data, len);
}

/* Set the contexts OID */
void
ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid)
{
	ssh_gssapi_set_oid_data(ctx, oid->elements, oid->length);
}

/* All this effort to report an error ... */
void
ssh_gssapi_error(Gssctxt *ctxt)
{
	debug("%s", ssh_gssapi_last_error(ctxt, NULL, NULL));
}

char *
ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
    OM_uint32 *minor_status)
{
	OM_uint32 lmin;
	gss_buffer_desc msg = GSS_C_EMPTY_BUFFER;
	OM_uint32 ctx;
	Buffer b;
	char *ret;

	buffer_init(&b);

	if (major_status != NULL)
		*major_status = ctxt->major;
	if (minor_status != NULL)
		*minor_status = ctxt->minor;

	ctx = 0;
	/* The GSSAPI error */
	do {
		gss_display_status(&lmin, ctxt->major,
		    GSS_C_GSS_CODE, ctxt->oid, &ctx, &msg);

		buffer_append(&b, msg.value, msg.length);
		buffer_put_char(&b, '\n');

		gss_release_buffer(&lmin, &msg);
	} while (ctx != 0);

	/* The mechanism specific error */
	do {
		gss_display_status(&lmin, ctxt->minor,
		    GSS_C_MECH_CODE, ctxt->oid, &ctx, &msg);

		buffer_append(&b, msg.value, msg.length);
		buffer_put_char(&b, '\n');

		gss_release_buffer(&lmin, &msg);
	} while (ctx != 0);

	buffer_put_char(&b, '\0');
	ret = xmalloc(buffer_len(&b));
	buffer_get(&b, ret, buffer_len(&b));
	buffer_free(&b);
	return (ret);
}

/*
 * Initialise our GSSAPI context. We use this opaque structure to contain all
 * of the data which both the client and server need to persist across
 * {accept,init}_sec_context calls, so that when we do it from the userauth
 * stuff life is a little easier
 */
void
ssh_gssapi_build_ctx(Gssctxt **ctx)
{
	*ctx = xmalloc(sizeof (Gssctxt));
	(*ctx)->major = 0;
	(*ctx)->minor = 0;
	(*ctx)->context = GSS_C_NO_CONTEXT;
	(*ctx)->name = GSS_C_NO_NAME;
	(*ctx)->oid = GSS_C_NO_OID;
	(*ctx)->creds = GSS_C_NO_CREDENTIAL;
	(*ctx)->client = GSS_C_NO_NAME;
	(*ctx)->client_creds = GSS_C_NO_CREDENTIAL;
}

/* Delete our context, providing it has been built correctly */
void
ssh_gssapi_delete_ctx(Gssctxt **ctx)
{
#if !defined(MECHGLUE)
	OM_uint32 ms;
#endif

	if ((*ctx) == NULL)
		return;
#if !defined(MECHGLUE) /* mechglue has some memory management issues */
	if ((*ctx)->context != GSS_C_NO_CONTEXT)
		gss_delete_sec_context(&ms, &(*ctx)->context, GSS_C_NO_BUFFER);
	if ((*ctx)->name != GSS_C_NO_NAME)
		gss_release_name(&ms, &(*ctx)->name);
	if ((*ctx)->oid != GSS_C_NO_OID) {
		xfree((*ctx)->oid->elements);
		xfree((*ctx)->oid);
		(*ctx)->oid = GSS_C_NO_OID;
	}
	if ((*ctx)->creds != GSS_C_NO_CREDENTIAL)
		gss_release_cred(&ms, &(*ctx)->creds);
	if ((*ctx)->client != GSS_C_NO_NAME)
		gss_release_name(&ms, &(*ctx)->client);
	if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL)
		gss_release_cred(&ms, &(*ctx)->client_creds);
#endif

	xfree(*ctx);
	*ctx = NULL;
}

/*
 * Wrapper to init_sec_context
 * Requires that the context contains:
 *	oid
 *	server name (from ssh_gssapi_import_name)
 */
OM_uint32
ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
    gss_buffer_desc* send_tok, OM_uint32 *flags)
{
	int deleg_flag = 0;

	if (deleg_creds) {
		deleg_flag = GSS_C_DELEG_FLAG;
		debug("Delegating credentials");
	}

	ctx->major = gss_init_sec_context(&ctx->minor,
	    GSS_C_NO_CREDENTIAL, &ctx->context, ctx->name, ctx->oid,
	    GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag,
	    0, NULL, recv_tok, NULL, send_tok, flags, NULL);

	if (GSS_ERROR(ctx->major))
		ssh_gssapi_error(ctx);

	return (ctx->major);
}

/* Create a service name for the given host */
OM_uint32
ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
{
	gss_buffer_desc gssbuf;
	char *xhost;

	/* Make a copy of the host name, in case it was returned by a
	 * previous call to gethostbyname(). */	
	xhost = xstrdup(host);

	/* Make sure we have the FQDN. Some GSSAPI implementations don't do
	 * this for us themselves */
	resolve_localhost(&xhost);
	
	gssbuf.length = sizeof("host@") + strlen(xhost);
	gssbuf.value = xmalloc(gssbuf.length);
	snprintf(gssbuf.value, gssbuf.length, "host@%s", xhost);

	if ((ctx->major = gss_import_name(&ctx->minor,
	    &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))
		ssh_gssapi_error(ctx);

	xfree(xhost);
	xfree(gssbuf.value);
	return (ctx->major);
}

/* Acquire credentials for a server running on the current host.
 * Requires that the context structure contains a valid OID
 */

/* Returns a GSSAPI error code */
OM_uint32
ssh_gssapi_acquire_cred(Gssctxt *ctx)
{
	OM_uint32 status;
	char lname[MAXHOSTNAMELEN];
	gss_OID_set oidset;

	gss_create_empty_oid_set(&status, &oidset);
	gss_add_oid_set_member(&status, ctx->oid, &oidset);

	if (gethostname(lname, MAXHOSTNAMELEN))
		return (-1);

	if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname)))
		return (ctx->major);

	if ((ctx->major = gss_acquire_cred(&ctx->minor,
	    ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
		ssh_gssapi_error(ctx);

	gss_release_oid_set(&status, &oidset);
	return (ctx->major);
}

OM_uint32
ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
{
	if (ctx == NULL) 
		return -1;

	if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
	    GSS_C_QOP_DEFAULT, buffer, hash)))
		ssh_gssapi_error(ctx);

	return (ctx->major);
}

/* Priviledged when used by server */
OM_uint32
ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
{
	if (ctx == NULL)
		return -1;

	ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
	    gssbuf, gssmic, NULL);

	return (ctx->major);
}

void
ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
    const char *context)
{
	buffer_init(b);
	buffer_put_string(b, session_id2, session_id2_len);
	buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST);
	buffer_put_cstring(b, user);
	buffer_put_cstring(b, service);
	buffer_put_cstring(b, context);
}

OM_uint32
ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
{
	if (*ctx)
		ssh_gssapi_delete_ctx(ctx);
	ssh_gssapi_build_ctx(ctx);
	ssh_gssapi_set_oid(*ctx, oid);
	return (ssh_gssapi_acquire_cred(*ctx));
}

int
ssh_gssapi_check_mechanism(gss_OID oid, void *host) {
	Gssctxt * ctx = NULL;
	gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
	OM_uint32 major, minor;
	
	ssh_gssapi_build_ctx(&ctx);
	ssh_gssapi_set_oid(ctx, oid);
	ssh_gssapi_import_name(ctx, host);
	major = ssh_gssapi_init_ctx(ctx, 0, GSS_C_NO_BUFFER, &token, NULL);
	gss_release_buffer(&minor, &token);
	ssh_gssapi_delete_ctx(&ctx);
	return (!GSS_ERROR(major));
}

#endif /* GSSAPI */
Commit	Line	Data
08822d99	1	/* $OpenBSD: gss-genr.c,v 1.6 2005/10/13 22:24:31 stevesk Exp $ */
7cac2b65	2
5598e598	3	/*
fe4ad273	4	* Copyright (c) 2001-2005 Simon Wilkinson. All rights reserved.
7cac2b65	5	*
5598e598	6	* Redistribution and use in source and binary forms, with or without
	7	* modification, are permitted provided that the following conditions
	8	* are met:
	9	* 1. Redistributions of source code must retain the above copyright
	10	* notice, this list of conditions and the following disclaimer.
	11	* 2. Redistributions in binary form must reproduce the above copyright
	12	* notice, this list of conditions and the following disclaimer in the
	13	* documentation and/or other materials provided with the distribution.
	14	*
	15	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
	16	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	17	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	18	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	19	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	20	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	21	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	22	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	23	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	25	*/
	26
	27	#include "includes.h"
	28
	29	#ifdef GSSAPI
	30
5598e598	31	#include "xmalloc.h"
	32	#include "buffer.h"
	33	#include "bufaux.h"
5598e598	34	#include "compat.h"
5598e598	35	#include <openssl/evp.h>
5598e598	36	#include "kex.h"
5598e598	37	#include "log.h"
b59afbfe	38	#include "monitor_wrap.h"
4dd35ca9	39	#include "canohost.h"
540d72c3	40	#include "ssh2.h"
fe4ad273	41	#include <openssl/evp.h>
5598e598	42
	43	#include "ssh-gss.h"
	44
540d72c3	45	extern u_char *session_id2;
	46	extern u_int session_id2_len;
	47
23987cb8	48	typedef struct {
	49	char *encoded;
	50	gss_OID oid;
	51	} ssh_gss_kex_mapping;
5598e598	52
fe4ad273	53	/*
	54	* XXX - It would be nice to find a more elegant way of handling the
	55	* XXX passing of the key exchange context to the userauth routines
	56	*/
	57
	58	Gssctxt *gss_kex_context = NULL;
	59
	60	static ssh_gss_kex_mapping *gss_enc2oid = NULL;
	61
	62	int
	63	ssh_gssapi_oid_table_ok() {
	64	return (gss_enc2oid != NULL);
	65	}
	66
	67	/*
	68	* Return a list of the gss-group1-sha1 mechanisms supported by this program
5598e598	69	*
fe4ad273	70	* We test mechanisms to ensure that we can use them, to avoid starting
fe4ad273	71	* a key exchange with a bad mechanism
5598e598	72	*/
23987cb8	73
23987cb8	74
fe4ad273	75	char *
	76	ssh_gssapi_client_mechanisms(const char *host) {
	77	gss_OID_set gss_supported;
	78	OM_uint32 min_status;
	79
	80	gss_indicate_mechs(&min_status, &gss_supported);
23987cb8	81
fe4ad273	82	return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
	83	(void *)host));
	84	}
	85
	86	char *
	87	ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
	88	void *data) {
	89	Buffer buf;
	90	size_t i;
	91	int oidpos, enclen;
	92	char mechs, encoded;
	93	unsigned char digest[EVP_MAX_MD_SIZE];
	94	char deroid[2];
	95	const EVP_MD *evp_md = EVP_md5();
	96	EVP_MD_CTX md;
	97
	98	if (gss_enc2oid != NULL) {
	99	for (i=0;gss_enc2oid[i].encoded!=NULL;i++)
	100	xfree(gss_enc2oid[i].encoded);
	101	xfree(gss_enc2oid);
	102	}
	103
	104	gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping)*
	105	(gss_supported->count+1));
	106
	107	buffer_init(&buf);
	108
	109	oidpos = 0;
	110	for (i = 0;i < gss_supported->count;i++) {
	111	if (gss_supported->elements[i].length < 128 &&
	112	(*check)(&(gss_supported->elements[i]), data)) {
	113
	114	deroid[0] = SSH_GSS_OIDTYPE;
	115	deroid[1] = gss_supported->elements[i].length;
23987cb8	116
23987cb8	117	EVP_DigestInit(&md, evp_md);
fe4ad273	118	EVP_DigestUpdate(&md, deroid, 2);
23987cb8	119	EVP_DigestUpdate(&md,
fe4ad273	120	gss_supported->elements[i].elements,
fe4ad273	121	gss_supported->elements[i].length);
23987cb8	122	EVP_DigestFinal(&md, digest, NULL);
23987cb8	123
fe4ad273	124	encoded = xmalloc(EVP_MD_size(evp_md)*2);
	125	enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
	126	encoded, EVP_MD_size(evp_md)*2);
23987cb8	127
fe4ad273	128	if (oidpos != 0)
	129	buffer_put_char(&buf, ',');
	130
	131	buffer_append(&buf, KEX_GSS_GEX_SHA1_ID,
	132	sizeof(KEX_GSS_GEX_SHA1_ID)-1);
	133	buffer_append(&buf, encoded, enclen);
	134	buffer_put_char(&buf,',');
	135	buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID,
	136	sizeof(KEX_GSS_GRP1_SHA1_ID)-1);
	137	buffer_append(&buf, encoded, enclen);
	138
	139	gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
	140	gss_enc2oid[oidpos].encoded = encoded;
23987cb8	141	oidpos++;
d4ab470d	142	}
23987cb8	143	}
fe4ad273	144	gss_enc2oid[oidpos].oid = NULL;
	145	gss_enc2oid[oidpos].encoded = NULL;
	146
	147	buffer_put_char(&buf, '\0');
	148
	149	mechs = xmalloc(buffer_len(&buf));
	150	buffer_get(&buf, mechs, buffer_len(&buf));
5598e598	151	buffer_free(&buf);
23987cb8	152
fe4ad273	153	if (strlen(mechs) == 0) {
	154	xfree(mechs);
	155	mechs = NULL;
23987cb8	156	}
23987cb8	157
fe4ad273	158	return (mechs);
	159	}
	160
	161	gss_OID
	162	ssh_gssapi_id_kex(Gssctxt ctx, char name, int *gex) {
	163	int i = 0;
	164
	165	if (strncmp(name, KEX_GSS_GRP1_SHA1_ID,
	166	sizeof(KEX_GSS_GRP1_SHA1_ID)-1) == 0) {
	167	name+=sizeof(KEX_GSS_GRP1_SHA1_ID)-1;
	168	*gex = 0;
	169	} else if (strncmp(name, KEX_GSS_GEX_SHA1_ID,
	170	sizeof(KEX_GSS_GEX_SHA1_ID)-1) == 0) {
	171	name+=sizeof(KEX_GSS_GEX_SHA1_ID)-1;
	172	*gex = 1;
	173	} else {
	174	return NULL;
23987cb8	175	}
fe4ad273	176
	177	while (gss_enc2oid[i].encoded != NULL &&
	178	strcmp(name, gss_enc2oid[i].encoded) != 0) {
	179	i++;
23987cb8	180	}
23987cb8	181
fe4ad273	182	if (gss_enc2oid[i].oid != NULL && ctx != NULL)
	183	ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid);
	184
23987cb8	185	return gss_enc2oid[i].oid;
5598e598	186	}
5598e598	187
23987cb8	188	/* Check that the OID in a data stream matches that in the context */
7cac2b65	189	int
	190	ssh_gssapi_check_oid(Gssctxt ctx, void data, size_t len)
	191	{
	192	return (ctx != NULL && ctx->oid != GSS_C_NO_OID &&
	193	ctx->oid->length == len &&
	194	memcmp(ctx->oid->elements, data, len) == 0);
23987cb8	195	}
7cac2b65	196
5598e598	197	/* Set the contexts OID from a data stream */
7cac2b65	198	void
	199	ssh_gssapi_set_oid_data(Gssctxt ctx, void data, size_t len)
	200	{
	201	if (ctx->oid != GSS_C_NO_OID) {
	202	xfree(ctx->oid->elements);
	203	xfree(ctx->oid);
	204	}
	205	ctx->oid = xmalloc(sizeof(gss_OID_desc));
	206	ctx->oid->length = len;
	207	ctx->oid->elements = xmalloc(len);
	208	memcpy(ctx->oid->elements, data, len);
5598e598	209	}
	210
	211	/* Set the contexts OID */
7cac2b65	212	void
	213	ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid)
	214	{
	215	ssh_gssapi_set_oid_data(ctx, oid->elements, oid->length);
5598e598	216	}
5598e598	217
23987cb8	218	/* All this effort to report an error ... */
23987cb8	219	void
7cac2b65	220	ssh_gssapi_error(Gssctxt *ctxt)
	221	{
	222	debug("%s", ssh_gssapi_last_error(ctxt, NULL, NULL));
5598e598	223	}
5598e598	224
23987cb8	225	char *
2ce0bfe4	226	ssh_gssapi_last_error(Gssctxt ctxt, OM_uint32 major_status,
2ce0bfe4	227	OM_uint32 *minor_status)
7cac2b65	228	{
23987cb8	229	OM_uint32 lmin;
7cac2b65	230	gss_buffer_desc msg = GSS_C_EMPTY_BUFFER;
	231	OM_uint32 ctx;
	232	Buffer b;
	233	char *ret;
	234
	235	buffer_init(&b);
	236
	237	if (major_status != NULL)
	238	*major_status = ctxt->major;
	239	if (minor_status != NULL)
	240	*minor_status = ctxt->minor;
	241
	242	ctx = 0;
5598e598	243	/* The GSSAPI error */
7cac2b65	244	do {
	245	gss_display_status(&lmin, ctxt->major,
	246	GSS_C_GSS_CODE, ctxt->oid, &ctx, &msg);
	247
	248	buffer_append(&b, msg.value, msg.length);
	249	buffer_put_char(&b, '\n');
	250
	251	gss_release_buffer(&lmin, &msg);
	252	} while (ctx != 0);
	253
	254	/* The mechanism specific error */
	255	do {
	256	gss_display_status(&lmin, ctxt->minor,
	257	GSS_C_MECH_CODE, ctxt->oid, &ctx, &msg);
	258
	259	buffer_append(&b, msg.value, msg.length);
	260	buffer_put_char(&b, '\n');
	261
	262	gss_release_buffer(&lmin, &msg);
	263	} while (ctx != 0);
	264
	265	buffer_put_char(&b, '\0');
	266	ret = xmalloc(buffer_len(&b));
	267	buffer_get(&b, ret, buffer_len(&b));
	268	buffer_free(&b);
	269	return (ret);
5598e598	270	}
5598e598	271
7cac2b65	272	/*
7cac2b65	273	* Initialise our GSSAPI context. We use this opaque structure to contain all
5598e598	274	* of the data which both the client and server need to persist across
	275	* {accept,init}_sec_context calls, so that when we do it from the userauth
	276	* stuff life is a little easier
	277	*/
	278	void
b59afbfe	279	ssh_gssapi_build_ctx(Gssctxt **ctx)
5598e598	280	{
7cac2b65	281	*ctx = xmalloc(sizeof (Gssctxt));
	282	(*ctx)->major = 0;
	283	(*ctx)->minor = 0;
	284	(*ctx)->context = GSS_C_NO_CONTEXT;
	285	(*ctx)->name = GSS_C_NO_NAME;
	286	(*ctx)->oid = GSS_C_NO_OID;
	287	(*ctx)->creds = GSS_C_NO_CREDENTIAL;
	288	(*ctx)->client = GSS_C_NO_NAME;
	289	(*ctx)->client_creds = GSS_C_NO_CREDENTIAL;
5598e598	290	}
	291
	292	/* Delete our context, providing it has been built correctly */
	293	void
b59afbfe	294	ssh_gssapi_delete_ctx(Gssctxt **ctx)
5598e598	295	{
9eeaa28e	296	#if !defined(MECHGLUE)
5598e598	297	OM_uint32 ms;
9eeaa28e	298	#endif
7cac2b65	299
7cac2b65	300	if ((*ctx) == NULL)
b59afbfe	301	return;
d4ab470d	302	#if !defined(MECHGLUE) /* mechglue has some memory management issues */
7cac2b65	303	if ((*ctx)->context != GSS_C_NO_CONTEXT)
7cac2b65	304	gss_delete_sec_context(&ms, &(*ctx)->context, GSS_C_NO_BUFFER);
b59afbfe	305	if ((*ctx)->name != GSS_C_NO_NAME)
7cac2b65	306	gss_release_name(&ms, &(*ctx)->name);
b59afbfe	307	if ((*ctx)->oid != GSS_C_NO_OID) {
	308	xfree((*ctx)->oid->elements);
	309	xfree((*ctx)->oid);
	310	(*ctx)->oid = GSS_C_NO_OID;
5598e598	311	}
b59afbfe	312	if ((*ctx)->creds != GSS_C_NO_CREDENTIAL)
7cac2b65	313	gss_release_cred(&ms, &(*ctx)->creds);
b59afbfe	314	if ((*ctx)->client != GSS_C_NO_NAME)
7cac2b65	315	gss_release_name(&ms, &(*ctx)->client);
b59afbfe	316	if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL)
7cac2b65	317	gss_release_cred(&ms, &(*ctx)->client_creds);
d4ab470d	318	#endif
7cac2b65	319
b59afbfe	320	xfree(*ctx);
7cac2b65	321	*ctx = NULL;
5598e598	322	}
5598e598	323
7cac2b65	324	/*
7cac2b65	325	* Wrapper to init_sec_context
5598e598	326	* Requires that the context contains:
5598e598	327	* oid
7cac2b65	328	* server name (from ssh_gssapi_import_name)
5598e598	329	*/
7cac2b65	330	OM_uint32
5598e598	331	ssh_gssapi_init_ctx(Gssctxt ctx, int deleg_creds, gss_buffer_desc recv_tok,
7cac2b65	332	gss_buffer_desc* send_tok, OM_uint32 *flags)
5598e598	333	{
5598e598	334	int deleg_flag = 0;
7cac2b65	335
5598e598	336	if (deleg_creds) {
7cac2b65	337	deleg_flag = GSS_C_DELEG_FLAG;
5598e598	338	debug("Delegating credentials");
5598e598	339	}
7cac2b65	340
	341	ctx->major = gss_init_sec_context(&ctx->minor,
	342	GSS_C_NO_CREDENTIAL, &ctx->context, ctx->name, ctx->oid,
	343	GSS_C_MUTUAL_FLAG \| GSS_C_INTEG_FLAG \| deleg_flag,
	344	0, NULL, recv_tok, NULL, send_tok, flags, NULL);
	345
	346	if (GSS_ERROR(ctx->major))
	347	ssh_gssapi_error(ctx);
	348
	349	return (ctx->major);
5598e598	350	}
5598e598	351
5598e598	352	/* Create a service name for the given host */
5598e598	353	OM_uint32
7cac2b65	354	ssh_gssapi_import_name(Gssctxt ctx, const char host)
7cac2b65	355	{
23987cb8	356	gss_buffer_desc gssbuf;
4dd35ca9	357	char *xhost;
7cac2b65	358
5598e598	359	/* Make a copy of the host name, in case it was returned by a
e23e524c	360	* previous call to gethostbyname(). */
5598e598	361	xhost = xstrdup(host);
5598e598	362
23987cb8	363	/* Make sure we have the FQDN. Some GSSAPI implementations don't do
e23e524c	364	* this for us themselves */
1df48666	365	resolve_localhost(&xhost);
23987cb8	366
7cac2b65	367	gssbuf.length = sizeof("host@") + strlen(xhost);
7cac2b65	368	gssbuf.value = xmalloc(gssbuf.length);
5682ddfd	369	snprintf(gssbuf.value, gssbuf.length, "host@%s", xhost);
7cac2b65	370
	371	if ((ctx->major = gss_import_name(&ctx->minor,
	372	&gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))
23987cb8	373	ssh_gssapi_error(ctx);
7cac2b65	374
1c828c5c	375	xfree(xhost);
5598e598	376	xfree(gssbuf.value);
7cac2b65	377	return (ctx->major);
5598e598	378	}
	379
	380	/* Acquire credentials for a server running on the current host.
	381	* Requires that the context structure contains a valid OID
b59afbfe	382	*/
7cac2b65	383
b59afbfe	384	/* Returns a GSSAPI error code */
5598e598	385	OM_uint32
7cac2b65	386	ssh_gssapi_acquire_cred(Gssctxt *ctx)
7cac2b65	387	{
23987cb8	388	OM_uint32 status;
5598e598	389	char lname[MAXHOSTNAMELEN];
5598e598	390	gss_OID_set oidset;
5598e598	391
7cac2b65	392	gss_create_empty_oid_set(&status, &oidset);
	393	gss_add_oid_set_member(&status, ctx->oid, &oidset);
	394
	395	if (gethostname(lname, MAXHOSTNAMELEN))
	396	return (-1);
	397
	398	if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname)))
	399	return (ctx->major);
	400
	401	if ((ctx->major = gss_acquire_cred(&ctx->minor,
	402	ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
23987cb8	403	ssh_gssapi_error(ctx);
7cac2b65	404
23987cb8	405	gss_release_oid_set(&status, &oidset);
7cac2b65	406	return (ctx->major);
	407	}
	408
540d72c3	409	OM_uint32
	410	ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
	411	{
fe4ad273	412	if (ctx == NULL)
	413	return -1;
	414
540d72c3	415	if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
	416	GSS_C_QOP_DEFAULT, buffer, hash)))
	417	ssh_gssapi_error(ctx);
	418
	419	return (ctx->major);
	420	}
	421
fe4ad273	422	/* Priviledged when used by server */
	423	OM_uint32
	424	ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
	425	{
	426	if (ctx == NULL)
	427	return -1;
	428
	429	ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
	430	gssbuf, gssmic, NULL);
	431
	432	return (ctx->major);
	433	}
	434
540d72c3	435	void
	436	ssh_gssapi_buildmic(Buffer b, const char user, const char *service,
	437	const char *context)
	438	{
	439	buffer_init(b);
	440	buffer_put_string(b, session_id2, session_id2_len);
	441	buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST);
	442	buffer_put_cstring(b, user);
	443	buffer_put_cstring(b, service);
	444	buffer_put_cstring(b, context);
	445	}
	446
7cac2b65	447	OM_uint32
08822d99	448	ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
08822d99	449	{
7cac2b65	450	if (*ctx)
	451	ssh_gssapi_delete_ctx(ctx);
	452	ssh_gssapi_build_ctx(ctx);
	453	ssh_gssapi_set_oid(*ctx, oid);
	454	return (ssh_gssapi_acquire_cred(*ctx));
5598e598	455	}
b59afbfe	456
23987cb8	457	int
fe4ad273	458	ssh_gssapi_check_mechanism(gss_OID oid, void *host) {
23987cb8	459	Gssctxt * ctx = NULL;
fe4ad273	460	gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
fe4ad273	461	OM_uint32 major, minor;
23987cb8	462
23987cb8	463	ssh_gssapi_build_ctx(&ctx);
fe4ad273	464	ssh_gssapi_set_oid(ctx, oid);
	465	ssh_gssapi_import_name(ctx, host);
	466	major = ssh_gssapi_init_ctx(ctx, 0, GSS_C_NO_BUFFER, &token, NULL);
	467	gss_release_buffer(&minor, &token);
23987cb8	468	ssh_gssapi_delete_ctx(&ctx);
fe4ad273	469	return (!GSS_ERROR(major));
b59afbfe	470	}
f001f132	471
5598e598	472	#endif /* GSSAPI */