X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/dfddba3d7e01aaef75b0f84b9f3c53f34e2504c9..HEAD:/openssh/gss-genr.c diff --git a/openssh/gss-genr.c b/openssh/gss-genr.c index 1ca2ff1..dff0921 100644 --- a/openssh/gss-genr.c +++ b/openssh/gss-genr.c @@ -1,7 +1,7 @@ -/* $OpenBSD: gss-genr.c,v 1.3 2003/11/21 11:57:03 djm Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.20 2009/06/22 05:39:28 dtucker Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -28,16 +28,22 @@ #ifdef GSSAPI +#include +#include + +#include +#include +#include + #include "xmalloc.h" #include "buffer.h" -#include "bufaux.h" -#include "compat.h" -#include -#include "kex.h" #include "log.h" -#include "monitor_wrap.h" #include "canohost.h" #include "ssh2.h" +#include "cipher.h" +#include "key.h" +#include "kex.h" +#include #include "ssh-gss.h" @@ -48,109 +54,150 @@ typedef struct { char *encoded; gss_OID oid; } ssh_gss_kex_mapping; - -static ssh_gss_kex_mapping *gss_enc2oid; -/* Return a list of the gss-group1-sha1-x mechanisms supported by this - * program. - * - * On the client side, we don't need to worry about whether we 'know' - * about the mechanism or not - we assume that any mechanism that we've been - * linked against is suitable for inclusion. +/* + * XXX - It would be nice to find a more elegant way of handling the + * XXX passing of the key exchange context to the userauth routines + */ + +Gssctxt *gss_kex_context = NULL; + +static ssh_gss_kex_mapping *gss_enc2oid = NULL; + +int +ssh_gssapi_oid_table_ok() { + return (gss_enc2oid != NULL); +} + +/* + * Return a list of the gss-group1-sha1 mechanisms supported by this program * - * XXX - We might want to make this configurable in the future, so as to - * XXX - allow the user control over which mechanisms to use. + * We test mechanisms to ensure that we can use them, to avoid starting + * a key exchange with a bad mechanism */ - -char * -ssh_gssapi_client_mechanisms(char *host) { - gss_OID_set supported; - OM_uint32 min_status; - Buffer buf; - int i = 0; - char *mechs; - char *encoded; - int enclen; - char digest[EVP_MAX_MD_SIZE]; - char deroid[2]; - const EVP_MD *evp_md = EVP_md5(); - EVP_MD_CTX md; - int oidpos=0; - - gss_indicate_mechs(&min_status,&supported); - gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping) - *(supported->count+1)); - - buffer_init(&buf); - for (i=0;icount;i++) { +char * +ssh_gssapi_client_mechanisms(const char *host, const char *client) { + gss_OID_set gss_supported; + OM_uint32 min_status; + + if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported))) + return NULL; + + return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, + host, client)); +} + +char * +ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, + const char *host, const char *client) { + Buffer buf; + size_t i; + int oidpos, enclen; + char *mechs, *encoded; + u_char digest[EVP_MAX_MD_SIZE]; + char deroid[2]; + const EVP_MD *evp_md = EVP_md5(); + EVP_MD_CTX md; + + if (gss_enc2oid != NULL) { + for (i = 0; gss_enc2oid[i].encoded != NULL; i++) + xfree(gss_enc2oid[i].encoded); + xfree(gss_enc2oid); + } + + gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) * + (gss_supported->count + 1)); - gss_enc2oid[oidpos].encoded=NULL; - - if (supported->elements[i].length<128 && - ssh_gssapi_check_mechanism(&(supported->elements[i]),host)) { + buffer_init(&buf); - /* Add the required DER encoding octets and MD5 hash */ - deroid[0]=0x06; /* Object Identifier */ - deroid[1]=supported->elements[i].length; + oidpos = 0; + for (i = 0; i < gss_supported->count; i++) { + if (gss_supported->elements[i].length < 128 && + (*check)(NULL, &(gss_supported->elements[i]), host, client)) { + + deroid[0] = SSH_GSS_OIDTYPE; + deroid[1] = gss_supported->elements[i].length; EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md,deroid,2); + EVP_DigestUpdate(&md, deroid, 2); EVP_DigestUpdate(&md, - supported->elements[i].elements, - supported->elements[i].length); + gss_supported->elements[i].elements, + gss_supported->elements[i].length); EVP_DigestFinal(&md, digest, NULL); - - /* Base64 encode it */ - encoded=xmalloc(EVP_MD_size(evp_md)*2); - enclen=__b64_ntop(digest, EVP_MD_size(evp_md), - encoded,EVP_MD_size(evp_md)*2); - if (oidpos!=0) { - buffer_put_char(&buf,','); - } - buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1); - buffer_append(&buf, encoded, enclen); - debug("Mechanism encoded as %s",encoded); + encoded = xmalloc(EVP_MD_size(evp_md) * 2); + enclen = __b64_ntop(digest, EVP_MD_size(evp_md), + encoded, EVP_MD_size(evp_md) * 2); + + if (oidpos != 0) + buffer_put_char(&buf, ','); + + buffer_append(&buf, KEX_GSS_GEX_SHA1_ID, + sizeof(KEX_GSS_GEX_SHA1_ID) - 1); + buffer_append(&buf, encoded, enclen); + buffer_put_char(&buf, ','); + buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, + sizeof(KEX_GSS_GRP1_SHA1_ID) - 1); + buffer_append(&buf, encoded, enclen); + buffer_put_char(&buf, ','); + buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID, + sizeof(KEX_GSS_GRP14_SHA1_ID) - 1); + buffer_append(&buf, encoded, enclen); - gss_enc2oid[oidpos].oid=&(supported->elements[i]); - gss_enc2oid[oidpos].encoded=encoded; + gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); + gss_enc2oid[oidpos].encoded = encoded; oidpos++; } } - gss_enc2oid[oidpos].oid=NULL; - gss_enc2oid[oidpos].encoded=NULL; - - buffer_put_char(&buf,'\0'); - - mechs=xmalloc(buffer_len(&buf)); - buffer_get(&buf,mechs,buffer_len(&buf)); + gss_enc2oid[oidpos].oid = NULL; + gss_enc2oid[oidpos].encoded = NULL; + + buffer_put_char(&buf, '\0'); + + mechs = xmalloc(buffer_len(&buf)); + buffer_get(&buf, mechs, buffer_len(&buf)); buffer_free(&buf); - if (strlen(mechs)==0) - return(NULL); - else - return(mechs); -} -gss_OID -ssh_gssapi_client_id_kex(Gssctxt *ctx, char *name) { - int i=0; - - if (strncmp(name, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1) !=0) { - return(NULL); + if (strlen(mechs) == 0) { + xfree(mechs); + mechs = NULL; } - name+=sizeof(KEX_GSS_SHA1)-1; /* Move to the start of the ID string */ - - while (gss_enc2oid[i].encoded!=NULL && - strcmp(name,gss_enc2oid[i].encoded)!=0) { - i++; - } + return (mechs); +} + +gss_OID +ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) { + int i = 0; - if (gss_enc2oid[i].oid!=NULL) { - ssh_gssapi_set_oid(ctx,gss_enc2oid[i].oid); + switch (kex_type) { + case KEX_GSS_GRP1_SHA1: + if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID)) + return GSS_C_NO_OID; + name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1; + break; + case KEX_GSS_GRP14_SHA1: + if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID)) + return GSS_C_NO_OID; + name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1; + break; + case KEX_GSS_GEX_SHA1: + if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID)) + return GSS_C_NO_OID; + name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1; + break; + default: + return GSS_C_NO_OID; } + while (gss_enc2oid[i].encoded != NULL && + strcmp(name, gss_enc2oid[i].encoded) != 0) + i++; + + if (gss_enc2oid[i].oid != NULL && ctx != NULL) + ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid); + return gss_enc2oid[i].oid; } @@ -188,12 +235,16 @@ ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid) void ssh_gssapi_error(Gssctxt *ctxt) { - debug("%s", ssh_gssapi_last_error(ctxt, NULL, NULL)); + char *s; + + s = ssh_gssapi_last_error(ctxt, NULL, NULL); + debug("%s", s); + xfree(s); } char * -ssh_gssapi_last_error(Gssctxt *ctxt, - OM_uint32 *major_status, OM_uint32 *minor_status) +ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status, + OM_uint32 *minor_status) { OM_uint32 lmin; gss_buffer_desc msg = GSS_C_EMPTY_BUFFER; @@ -247,9 +298,7 @@ ssh_gssapi_last_error(Gssctxt *ctxt, void ssh_gssapi_build_ctx(Gssctxt **ctx) { - *ctx = xmalloc(sizeof (Gssctxt)); - (*ctx)->major = 0; - (*ctx)->minor = 0; + *ctx = xcalloc(1, sizeof (Gssctxt)); (*ctx)->context = GSS_C_NO_CONTEXT; (*ctx)->name = GSS_C_NO_NAME; (*ctx)->oid = GSS_C_NO_OID; @@ -308,7 +357,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, } ctx->major = gss_init_sec_context(&ctx->minor, - GSS_C_NO_CREDENTIAL, &ctx->context, ctx->name, ctx->oid, + ctx->client_creds, &ctx->context, ctx->name, ctx->oid, GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); @@ -324,6 +373,7 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) { gss_buffer_desc gssbuf; char *xhost; + char *val; /* Make a copy of the host name, in case it was returned by a * previous call to gethostbyname(). */ @@ -333,9 +383,9 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) * this for us themselves */ resolve_localhost(&xhost); - gssbuf.length = sizeof("host@") + strlen(xhost); - gssbuf.value = xmalloc(gssbuf.length); - snprintf(gssbuf.value, gssbuf.length, "host@%s", xhost); + xasprintf(&val, "host@%s", xhost); + gssbuf.value = val; + gssbuf.length = strlen(gssbuf.value); if ((ctx->major = gss_import_name(&ctx->minor, &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name))) @@ -346,38 +396,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) return (ctx->major); } -/* Acquire credentials for a server running on the current host. - * Requires that the context structure contains a valid OID - */ - -/* Returns a GSSAPI error code */ OM_uint32 -ssh_gssapi_acquire_cred(Gssctxt *ctx) +ssh_gssapi_client_identity(Gssctxt *ctx, const char *name) { + gss_buffer_desc gssbuf; + gss_name_t gssname; OM_uint32 status; - char lname[MAXHOSTNAMELEN]; gss_OID_set oidset; + gssbuf.value = (void *) name; + gssbuf.length = strlen(gssbuf.value); + gss_create_empty_oid_set(&status, &oidset); gss_add_oid_set_member(&status, ctx->oid, &oidset); - if (gethostname(lname, MAXHOSTNAMELEN)) - return (-1); + ctx->major = gss_import_name(&ctx->minor, &gssbuf, + GSS_C_NT_USER_NAME, &gssname); + + if (!ctx->major) + ctx->major = gss_acquire_cred(&ctx->minor, + gssname, 0, oidset, GSS_C_INITIATE, + &ctx->client_creds, NULL, NULL); - if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) - return (ctx->major); + gss_release_name(&status, &gssname); + gss_release_oid_set(&status, &oidset); - if ((ctx->major = gss_acquire_cred(&ctx->minor, - ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL))) + if (ctx->major) ssh_gssapi_error(ctx); - gss_release_oid_set(&status, &oidset); - return (ctx->major); + return(ctx->major); } OM_uint32 ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) { + if (ctx == NULL) + return -1; + if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); @@ -385,6 +440,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) return (ctx->major); } +/* Priviledged when used by server */ +OM_uint32 +ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) +{ + if (ctx == NULL) + return -1; + + ctx->major = gss_verify_mic(&ctx->minor, ctx->context, + gssbuf, gssmic, NULL); + + return (ctx->major); +} + void ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, const char *context) @@ -397,28 +465,99 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, buffer_put_cstring(b, context); } -OM_uint32 -ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) { - if (*ctx) - ssh_gssapi_delete_ctx(ctx); +int +ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, + const char *client) +{ + gss_buffer_desc token = GSS_C_EMPTY_BUFFER; + OM_uint32 major, minor; + gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"}; + Gssctxt *intctx = NULL; + + if (ctx == NULL) + ctx = &intctx; + + /* RFC 4462 says we MUST NOT do SPNEGO */ + if (oid->length == spnego_oid.length && + (memcmp(oid->elements, spnego_oid.elements, oid->length) == 0)) + return 0; /* false */ + ssh_gssapi_build_ctx(ctx); ssh_gssapi_set_oid(*ctx, oid); - return (ssh_gssapi_acquire_cred(*ctx)); + major = ssh_gssapi_import_name(*ctx, host); + + if (!GSS_ERROR(major) && client) + major = ssh_gssapi_client_identity(*ctx, client); + + if (!GSS_ERROR(major)) { + major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, + NULL); + gss_release_buffer(&minor, &token); + if ((*ctx)->context != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&minor, &(*ctx)->context, + GSS_C_NO_BUFFER); + } + + if (GSS_ERROR(major) || intctx != NULL) + ssh_gssapi_delete_ctx(ctx); + + return (!GSS_ERROR(major)); } int -ssh_gssapi_check_mechanism(gss_OID oid, const char *host) { - Gssctxt * ctx = NULL; - gss_buffer_desc token; - OM_uint32 major,minor; +ssh_gssapi_credentials_updated(Gssctxt *ctxt) { + static gss_name_t saved_name = GSS_C_NO_NAME; + static OM_uint32 saved_lifetime = 0; + static gss_OID saved_mech = GSS_C_NO_OID; + static gss_name_t name; + static OM_uint32 last_call = 0; + OM_uint32 lifetime, now, major, minor; + int equal; + + now = time(NULL); + + if (ctxt) { + debug("Rekey has happened - updating saved versions"); + + if (saved_name != GSS_C_NO_NAME) + gss_release_name(&minor, &saved_name); + + major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, + &saved_name, &saved_lifetime, NULL, NULL); + + if (!GSS_ERROR(major)) { + saved_mech = ctxt->oid; + saved_lifetime+= now; + } else { + /* Handle the error */ + } + return 0; + } + + if (now - last_call < 10) + return 0; + + last_call = now; + + if (saved_mech == GSS_C_NO_OID) + return 0; - ssh_gssapi_build_ctx(&ctx); - ssh_gssapi_set_oid(ctx,oid); - ssh_gssapi_import_name(ctx,host); - major=ssh_gssapi_init_ctx(ctx,0, GSS_C_NO_BUFFER, &token, NULL); - gss_release_buffer(&minor,&token); - ssh_gssapi_delete_ctx(&ctx); - return(!GSS_ERROR(major)); + major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, + &name, &lifetime, NULL, NULL); + if (major == GSS_S_CREDENTIALS_EXPIRED) + return 0; + else if (GSS_ERROR(major)) + return 0; + + major = gss_compare_name(&minor, saved_name, name, &equal); + gss_release_name(&minor, &name); + if (GSS_ERROR(major)) + return 0; + + if (equal && (saved_lifetime < lifetime + now - 10)) + return 1; + + return 0; } #endif /* GSSAPI */