diff options
Diffstat (limited to 'sys/kgssapi')
37 files changed, 8492 insertions, 0 deletions
diff --git a/sys/kgssapi/gss_accept_sec_context.c b/sys/kgssapi/gss_accept_sec_context.c new file mode 100644 index 0000000..59f2803 --- /dev/null +++ b/sys/kgssapi/gss_accept_sec_context.c @@ -0,0 +1,138 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> +#include <rpc/rpc.h> + +#include "gssd.h" +#include "kgss_if.h" + +OM_uint32 gss_accept_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + const gss_cred_id_t acceptor_cred_handle, + const gss_buffer_t input_token, + const gss_channel_bindings_t input_chan_bindings, + gss_name_t *src_name, + gss_OID *mech_type, + gss_buffer_t output_token, + OM_uint32 *ret_flags, + OM_uint32 *time_rec, + gss_cred_id_t *delegated_cred_handle) +{ + struct accept_sec_context_res res; + struct accept_sec_context_args args; + enum clnt_stat stat; + gss_ctx_id_t ctx = *context_handle; + gss_name_t name; + gss_cred_id_t cred; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + if (ctx) + args.ctx = ctx->handle; + else + args.ctx = 0; + if (acceptor_cred_handle) + args.cred = acceptor_cred_handle->handle; + else + args.cred = 0; + args.input_token = *input_token; + args.input_chan_bindings = input_chan_bindings; + + bzero(&res, sizeof(res)); + stat = gssd_accept_sec_context_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE + && res.major_status != GSS_S_CONTINUE_NEEDED) { + *minor_status = res.minor_status; + xdr_free((xdrproc_t) xdr_accept_sec_context_res, &res); + return (res.major_status); + } + + *minor_status = res.minor_status; + + if (!ctx) { + ctx = kgss_create_context(res.mech_type); + if (!ctx) { + xdr_free((xdrproc_t) xdr_accept_sec_context_res, &res); + *minor_status = 0; + return (GSS_S_BAD_MECH); + } + } + *context_handle = ctx; + + ctx->handle = res.ctx; + name = malloc(sizeof(struct _gss_name_t), M_GSSAPI, M_WAITOK); + name->handle = res.src_name; + if (src_name) { + *src_name = name; + } else { + OM_uint32 junk; + gss_release_name(&junk, &name); + } + if (mech_type) + *mech_type = KGSS_MECH_TYPE(ctx); + kgss_copy_buffer(&res.output_token, output_token); + if (ret_flags) + *ret_flags = res.ret_flags; + if (time_rec) + *time_rec = res.time_rec; + cred = malloc(sizeof(struct _gss_cred_id_t), M_GSSAPI, M_WAITOK); + cred->handle = res.delegated_cred_handle; + if (delegated_cred_handle) { + *delegated_cred_handle = cred; + } else { + OM_uint32 junk; + gss_release_cred(&junk, &cred); + } + + xdr_free((xdrproc_t) xdr_accept_sec_context_res, &res); + + /* + * If the context establishment is complete, export it from + * userland and hand the result (which includes key material + * etc.) to the kernel implementation. + */ + if (res.major_status == GSS_S_COMPLETE) + res.major_status = kgss_transfer_context(ctx); + + return (res.major_status); +} diff --git a/sys/kgssapi/gss_acquire_cred.c b/sys/kgssapi/gss_acquire_cred.c new file mode 100644 index 0000000..e5fe821 --- /dev/null +++ b/sys/kgssapi/gss_acquire_cred.c @@ -0,0 +1,105 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/proc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_acquire_cred(OM_uint32 *minor_status, + const gss_name_t desired_name, + OM_uint32 time_req, + const gss_OID_set desired_mechs, + gss_cred_usage_t cred_usage, + gss_cred_id_t *output_cred_handle, + gss_OID_set *actual_mechs, + OM_uint32 *time_rec) +{ + OM_uint32 major_status; + struct acquire_cred_res res; + struct acquire_cred_args args; + enum clnt_stat stat; + gss_cred_id_t cred; + int i; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + args.uid = curthread->td_ucred->cr_uid; + if (desired_name) + args.desired_name = desired_name->handle; + else + args.desired_name = 0; + args.time_req = time_req; + args.desired_mechs = desired_mechs; + args.cred_usage = cred_usage; + + bzero(&res, sizeof(res)); + stat = gssd_acquire_cred_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + + *minor_status = 0; + cred = malloc(sizeof(struct _gss_cred_id_t), M_GSSAPI, M_WAITOK); + cred->handle = res.output_cred; + *output_cred_handle = cred; + if (actual_mechs) { + major_status = gss_create_empty_oid_set(minor_status, + actual_mechs); + if (major_status) + return (major_status); + for (i = 0; i < res.actual_mechs->count; i++) { + major_status = gss_add_oid_set_member(minor_status, + &res.actual_mechs->elements[i], actual_mechs); + if (major_status) + return (major_status); + } + } + if (time_rec) + *time_rec = res.time_rec; + + xdr_free((xdrproc_t) xdr_acquire_cred_res, &res); + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_add_oid_set_member.c b/sys/kgssapi/gss_add_oid_set_member.c new file mode 100644 index 0000000..ecb8a85 --- /dev/null +++ b/sys/kgssapi/gss_add_oid_set_member.c @@ -0,0 +1,76 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +OM_uint32 +gss_add_oid_set_member(OM_uint32 *minor_status, + const gss_OID member_oid, + gss_OID_set *oid_set) +{ + OM_uint32 major_status; + gss_OID_set set = *oid_set; + gss_OID new_elements; + gss_OID new_oid; + int t; + + *minor_status = 0; + + major_status = gss_test_oid_set_member(minor_status, + member_oid, *oid_set, &t); + if (major_status) + return (major_status); + if (t) + return (GSS_S_COMPLETE); + + new_elements = malloc((set->count + 1) * sizeof(gss_OID_desc), + M_GSSAPI, M_WAITOK); + + new_oid = &new_elements[set->count]; + new_oid->elements = malloc(member_oid->length, M_GSSAPI, M_WAITOK); + new_oid->length = member_oid->length; + memcpy(new_oid->elements, member_oid->elements, member_oid->length); + + if (set->elements) { + memcpy(new_elements, set->elements, + set->count * sizeof(gss_OID_desc)); + free(set->elements, M_GSSAPI); + } + set->elements = new_elements; + set->count++; + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_canonicalize_name.c b/sys/kgssapi/gss_canonicalize_name.c new file mode 100644 index 0000000..bea3dd8 --- /dev/null +++ b/sys/kgssapi/gss_canonicalize_name.c @@ -0,0 +1,76 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_canonicalize_name(OM_uint32 *minor_status, + gss_name_t input_name, + const gss_OID mech_type, + gss_name_t *output_name) +{ + struct canonicalize_name_res res; + struct canonicalize_name_args args; + enum clnt_stat stat; + gss_name_t name; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + args.input_name = input_name->handle; + args.mech_type = mech_type; + + bzero(&res, sizeof(res)); + stat = gssd_canonicalize_name_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + + name = malloc(sizeof(struct _gss_name_t), M_GSSAPI, M_WAITOK); + name->handle = res.output_name; + *minor_status = 0; + *output_name = name; + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_create_empty_oid_set.c b/sys/kgssapi/gss_create_empty_oid_set.c new file mode 100644 index 0000000..dd9965c --- /dev/null +++ b/sys/kgssapi/gss_create_empty_oid_set.c @@ -0,0 +1,55 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +OM_uint32 +gss_create_empty_oid_set(OM_uint32 *minor_status, + gss_OID_set *oid_set) +{ + gss_OID_set set; + + *minor_status = 0; + *oid_set = GSS_C_NO_OID_SET; + + set = malloc(sizeof(gss_OID_set_desc), M_GSSAPI, M_WAITOK); + + set->count = 0; + set->elements = 0; + *oid_set = set; + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_delete_sec_context.c b/sys/kgssapi/gss_delete_sec_context.c new file mode 100644 index 0000000..e1582a2 --- /dev/null +++ b/sys/kgssapi/gss_delete_sec_context.c @@ -0,0 +1,91 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_delete_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, + gss_buffer_t output_token) +{ + struct delete_sec_context_res res; + struct delete_sec_context_args args; + enum clnt_stat stat; + gss_ctx_id_t ctx; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + if (*context_handle) { + ctx = *context_handle; + + /* + * If we are past the context establishment phase, let + * the in-kernel code do the delete, otherwise + * userland needs to deal with it. + */ + if (ctx->handle) { + args.ctx = ctx->handle; + + bzero(&res, sizeof(res)); + stat = gssd_delete_sec_context_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (output_token) + kgss_copy_buffer(&res.output_token, + output_token); + xdr_free((xdrproc_t) xdr_delete_sec_context_res, &res); + + kgss_delete_context(ctx, NULL); + } else { + kgss_delete_context(ctx, output_token); + } + *context_handle = NULL; + } else { + if (output_token) { + output_token->length = 0; + output_token->value = NULL; + } + } + + *minor_status = 0; + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_display_status.c b/sys/kgssapi/gss_display_status.c new file mode 100644 index 0000000..0b5b79d --- /dev/null +++ b/sys/kgssapi/gss_display_status.c @@ -0,0 +1,79 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_display_status(OM_uint32 *minor_status, + OM_uint32 status_value, + int status_type, + const gss_OID mech_type, + OM_uint32 *message_context, + gss_buffer_t status_string) /* status_string */ +{ + struct display_status_res res; + struct display_status_args args; + enum clnt_stat stat; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + args.status_value = status_value; + args.status_type = status_type; + args.mech_type = mech_type; + args.message_context = *message_context; + + bzero(&res, sizeof(res)); + stat = gssd_display_status_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + + *minor_status = 0; + *message_context = res.message_context; + kgss_copy_buffer(&res.status_string, status_string); + xdr_free((xdrproc_t) xdr_display_status_res, &res); + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_export_name.c b/sys/kgssapi/gss_export_name.c new file mode 100644 index 0000000..63c1e8a --- /dev/null +++ b/sys/kgssapi/gss_export_name.c @@ -0,0 +1,71 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_export_name(OM_uint32 *minor_status, gss_name_t input_name, + gss_buffer_t exported_name) +{ + struct export_name_res res; + struct export_name_args args; + enum clnt_stat stat; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + args.input_name = input_name->handle; + + bzero(&res, sizeof(res)); + stat = gssd_export_name_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + + *minor_status = 0; + kgss_copy_buffer(&res.exported_name, exported_name); + xdr_free((xdrproc_t) xdr_export_name_res, &res); + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_get_mic.c b/sys/kgssapi/gss_get_mic.c new file mode 100644 index 0000000..1e8dd52 --- /dev/null +++ b/sys/kgssapi/gss_get_mic.c @@ -0,0 +1,89 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/mbuf.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kgss_if.h" + +OM_uint32 +gss_get_mic(OM_uint32 *minor_status, + const gss_ctx_id_t ctx, + gss_qop_t qop_req, + const gss_buffer_t message_buffer, + gss_buffer_t message_token) +{ + OM_uint32 maj_stat; + struct mbuf *m, *mic; + + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + MGET(m, M_WAITOK, MT_DATA); + if (message_buffer->length > MLEN) + MCLGET(m, M_WAITOK); + m_append(m, message_buffer->length, message_buffer->value); + + maj_stat = KGSS_GET_MIC(ctx, minor_status, qop_req, m, &mic); + + m_freem(m); + if (maj_stat == GSS_S_COMPLETE) { + message_token->length = m_length(mic, NULL); + message_token->value = malloc(message_token->length, + M_GSSAPI, M_WAITOK); + m_copydata(mic, 0, message_token->length, + message_token->value); + m_freem(mic); + } + + return (maj_stat); +} + +OM_uint32 +gss_get_mic_mbuf(OM_uint32 *minor_status, const gss_ctx_id_t ctx, + gss_qop_t qop_req, struct mbuf *m, struct mbuf **micp) +{ + + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + return (KGSS_GET_MIC(ctx, minor_status, qop_req, m, micp)); +} + diff --git a/sys/kgssapi/gss_impl.c b/sys/kgssapi/gss_impl.c new file mode 100644 index 0000000..01d940a --- /dev/null +++ b/sys/kgssapi/gss_impl.c @@ -0,0 +1,266 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/module.h> +#include <sys/priv.h> +#include <sys/syscall.h> +#include <sys/sysent.h> +#include <sys/sysproto.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> +#include <rpc/rpc.h> +#include <rpc/rpc_com.h> + +#include "gssd.h" +#include "kgss_if.h" + +MALLOC_DEFINE(M_GSSAPI, "GSS-API", "GSS-API"); + +/* + * Syscall hooks + */ +static int gssd_syscall_offset = SYS_gssd_syscall; +static struct sysent gssd_syscall_prev_sysent; +MAKE_SYSENT(gssd_syscall); +static bool_t gssd_syscall_registered = FALSE; + +struct kgss_mech_list kgss_mechs; +CLIENT *kgss_gssd_handle; + +static void +kgss_init(void *dummy) +{ + int error; + + LIST_INIT(&kgss_mechs); + error = syscall_register(&gssd_syscall_offset, &gssd_syscall_sysent, + &gssd_syscall_prev_sysent); + if (error) + printf("Can't register GSSD syscall\n"); + else + gssd_syscall_registered = TRUE; +} +SYSINIT(kgss_init, SI_SUB_LOCK, SI_ORDER_FIRST, kgss_init, NULL); + +static void +kgss_uninit(void *dummy) +{ + + if (gssd_syscall_registered) + syscall_deregister(&gssd_syscall_offset, + &gssd_syscall_prev_sysent); +} +SYSUNINIT(kgss_uninit, SI_SUB_LOCK, SI_ORDER_FIRST, kgss_uninit, NULL); + +int +gssd_syscall(struct thread *td, struct gssd_syscall_args *uap) +{ + struct sockaddr_un sun; + struct netconfig *nconf; + char path[MAXPATHLEN]; + int error; + + error = priv_check(td, PRIV_NFS_DAEMON); + if (error) + return (error); + + if (kgss_gssd_handle) + CLNT_DESTROY(kgss_gssd_handle); + + error = copyinstr(uap->path, path, sizeof(path), NULL); + if (error) + return (error); + + sun.sun_family = AF_LOCAL; + strcpy(sun.sun_path, path); + sun.sun_len = SUN_LEN(&sun); + + nconf = getnetconfigent("local"); + kgss_gssd_handle = clnt_reconnect_create(nconf, + (struct sockaddr *) &sun, GSSD, GSSDVERS, + RPC_MAXDATASIZE, RPC_MAXDATASIZE); + + return (0); +} + +int +kgss_oid_equal(const gss_OID oid1, const gss_OID oid2) +{ + + if (oid1 == oid2) + return (1); + if (!oid1 || !oid2) + return (0); + if (oid1->length != oid2->length) + return (0); + if (memcmp(oid1->elements, oid2->elements, oid1->length)) + return (0); + return (1); +} + +void +kgss_install_mech(gss_OID mech_type, const char *name, struct kobj_class *cls) +{ + struct kgss_mech *km; + + km = malloc(sizeof(struct kgss_mech), M_GSSAPI, M_WAITOK); + km->km_mech_type = mech_type; + km->km_mech_name = name; + km->km_class = cls; + LIST_INSERT_HEAD(&kgss_mechs, km, km_link); +} + +void +kgss_uninstall_mech(gss_OID mech_type) +{ + struct kgss_mech *km; + + LIST_FOREACH(km, &kgss_mechs, km_link) { + if (kgss_oid_equal(km->km_mech_type, mech_type)) { + LIST_REMOVE(km, km_link); + free(km, M_GSSAPI); + return; + } + } +} + +gss_OID +kgss_find_mech_by_name(const char *name) +{ + struct kgss_mech *km; + + LIST_FOREACH(km, &kgss_mechs, km_link) { + if (!strcmp(km->km_mech_name, name)) { + return (km->km_mech_type); + } + } + return (GSS_C_NO_OID); +} + +const char * +kgss_find_mech_by_oid(const gss_OID oid) +{ + struct kgss_mech *km; + + LIST_FOREACH(km, &kgss_mechs, km_link) { + if (kgss_oid_equal(km->km_mech_type, oid)) { + return (km->km_mech_name); + } + } + return (NULL); +} + +gss_ctx_id_t +kgss_create_context(gss_OID mech_type) +{ + struct kgss_mech *km; + gss_ctx_id_t ctx; + + LIST_FOREACH(km, &kgss_mechs, km_link) { + if (kgss_oid_equal(km->km_mech_type, mech_type)) + break; + } + if (!km) + return (NULL); + + ctx = (gss_ctx_id_t) kobj_create(km->km_class, M_GSSAPI, M_WAITOK); + KGSS_INIT(ctx); + + return (ctx); +} + +void +kgss_delete_context(gss_ctx_id_t ctx, gss_buffer_t output_token) +{ + + KGSS_DELETE(ctx, output_token); + kobj_delete((kobj_t) ctx, M_GSSAPI); +} + +OM_uint32 +kgss_transfer_context(gss_ctx_id_t ctx) +{ + struct export_sec_context_res res; + struct export_sec_context_args args; + enum clnt_stat stat; + OM_uint32 maj_stat; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + args.ctx = ctx->handle; + bzero(&res, sizeof(res)); + stat = gssd_export_sec_context_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + return (GSS_S_FAILURE); + } + + maj_stat = KGSS_IMPORT(ctx, res.format, &res.interprocess_token); + ctx->handle = 0; + + xdr_free((xdrproc_t) xdr_export_sec_context_res, &res); + + return (maj_stat); +} + +void +kgss_copy_buffer(const gss_buffer_t from, gss_buffer_t to) +{ + to->length = from->length; + if (from->length) { + to->value = malloc(from->length, M_GSSAPI, M_WAITOK); + bcopy(from->value, to->value, from->length); + } else { + to->value = NULL; + } +} + +/* + * Kernel module glue + */ +static int +kgssapi_modevent(module_t mod, int type, void *data) +{ + + return (0); +} +static moduledata_t kgssapi_mod = { + "kgssapi", + kgssapi_modevent, + NULL, +}; +DECLARE_MODULE(kgssapi, kgssapi_mod, SI_SUB_VFS, SI_ORDER_ANY); +MODULE_DEPEND(kgssapi, krpc, 1, 1, 1); +MODULE_VERSION(kgssapi, 1); diff --git a/sys/kgssapi/gss_import_name.c b/sys/kgssapi/gss_import_name.c new file mode 100644 index 0000000..c8019c5 --- /dev/null +++ b/sys/kgssapi/gss_import_name.c @@ -0,0 +1,79 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_import_name(OM_uint32 *minor_status, + const gss_buffer_t input_name_buffer, + const gss_OID input_name_type, + gss_name_t *output_name) +{ + struct import_name_res res; + struct import_name_args args; + enum clnt_stat stat; + gss_name_t name; + + *minor_status = 0; + *output_name = GSS_C_NO_NAME; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + args.input_name_buffer = *input_name_buffer; + args.input_name_type = input_name_type; + + bzero(&res, sizeof(res)); + stat = gssd_import_name_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + + name = malloc(sizeof(struct _gss_name_t), M_GSSAPI, M_WAITOK); + name->handle = res.output_name; + *minor_status = 0; + *output_name = name; + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_init_sec_context.c b/sys/kgssapi/gss_init_sec_context.c new file mode 100644 index 0000000..0b7cee3 --- /dev/null +++ b/sys/kgssapi/gss_init_sec_context.c @@ -0,0 +1,135 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/proc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> +#include <rpc/rpc.h> + +#include "gssd.h" +#include "kgss_if.h" + +OM_uint32 +gss_init_sec_context(OM_uint32 * minor_status, + const gss_cred_id_t initiator_cred_handle, + gss_ctx_id_t * context_handle, + const gss_name_t target_name, + const gss_OID input_mech_type, + OM_uint32 req_flags, + OM_uint32 time_req, + const gss_channel_bindings_t input_chan_bindings, + const gss_buffer_t input_token, + gss_OID * actual_mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec) +{ + struct init_sec_context_res res; + struct init_sec_context_args args; + enum clnt_stat stat; + gss_ctx_id_t ctx = *context_handle; + + *minor_status = 0; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + args.uid = curthread->td_ucred->cr_uid; + if (initiator_cred_handle) + args.cred = initiator_cred_handle->handle; + else + args.cred = 0; + if (ctx) + args.ctx = ctx->handle; + else + args.ctx = 0; + args.name = target_name->handle; + args.mech_type = input_mech_type; + args.req_flags = req_flags; + args.time_req = time_req; + args.input_chan_bindings = input_chan_bindings; + if (input_token) + args.input_token = *input_token; + else { + args.input_token.length = 0; + args.input_token.value = NULL; + } + + bzero(&res, sizeof(res)); + stat = gssd_init_sec_context_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE + && res.major_status != GSS_S_CONTINUE_NEEDED) { + *minor_status = res.minor_status; + xdr_free((xdrproc_t) xdr_init_sec_context_res, &res); + return (res.major_status); + } + + *minor_status = res.minor_status; + + if (!ctx) { + ctx = kgss_create_context(res.actual_mech_type); + if (!ctx) { + xdr_free((xdrproc_t) xdr_init_sec_context_res, &res); + *minor_status = 0; + return (GSS_S_BAD_MECH); + } + } + *context_handle = ctx; + ctx->handle = res.ctx; + if (actual_mech_type) + *actual_mech_type = KGSS_MECH_TYPE(ctx); + kgss_copy_buffer(&res.output_token, output_token); + if (ret_flags) + *ret_flags = res.ret_flags; + if (time_rec) + *time_rec = res.time_rec; + + xdr_free((xdrproc_t) xdr_init_sec_context_res, &res); + + /* + * If the context establishment is complete, export it from + * userland and hand the result (which includes key material + * etc.) to the kernel implementation. + */ + if (res.major_status == GSS_S_COMPLETE) + res.major_status = kgss_transfer_context(ctx); + + return (res.major_status); +} diff --git a/sys/kgssapi/gss_names.c b/sys/kgssapi/gss_names.c new file mode 100644 index 0000000..a83693c --- /dev/null +++ b/sys/kgssapi/gss_names.c @@ -0,0 +1,176 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <kgssapi/gssapi.h> + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x01"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant + * GSS_C_NT_USER_NAME should be initialized to point + * to that gss_OID_desc. + */ +static gss_OID_desc GSS_C_NT_USER_NAME_storage = + {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"}; +gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_storage; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x02"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. + * The constant GSS_C_NT_MACHINE_UID_NAME should be + * initialized to point to that gss_OID_desc. + */ +static gss_OID_desc GSS_C_NT_MACHINE_UID_NAME_storage = + {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"}; +gss_OID GSS_C_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_storage; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x03"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. + * The constant GSS_C_NT_STRING_UID_NAME should be + * initialized to point to that gss_OID_desc. + */ +static gss_OID_desc GSS_C_NT_STRING_UID_NAME_storage = + {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03"}; +gss_OID GSS_C_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_storage; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, + * corresponding to an object-identifier value of + * {iso(1) org(3) dod(6) internet(1) security(5) + * nametypes(6) gss-host-based-services(2)). The constant + * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point + * to that gss_OID_desc. This is a deprecated OID value, and + * implementations wishing to support hostbased-service names + * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, + * defined below, to identify such names; + * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym + * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input + * parameter, but should not be emitted by GSS-API + * implementations + */ +static gss_OID_desc GSS_C_NT_HOSTBASED_SERVICE_X_storage = + {6, (void *)(uintptr_t)"\x2b\x06\x01\x05\x06\x02"}; +gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &GSS_C_NT_HOSTBASED_SERVICE_X_storage; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x04"}, corresponding to an + * object-identifier value of {iso(1) member-body(2) + * Unites States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) service_name(4)}. The constant + * GSS_C_NT_HOSTBASED_SERVICE should be initialized + * to point to that gss_OID_desc. + */ +static gss_OID_desc GSS_C_NT_HOSTBASED_SERVICE_storage = + {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04"}; +gss_OID GSS_C_NT_HOSTBASED_SERVICE = &GSS_C_NT_HOSTBASED_SERVICE_storage; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, + * corresponding to an object identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 3(gss-anonymous-name)}. The constant + * and GSS_C_NT_ANONYMOUS should be initialized to point + * to that gss_OID_desc. + */ +static gss_OID_desc GSS_C_NT_ANONYMOUS_storage = + {6, (void *)(uintptr_t)"\x2b\x06\01\x05\x06\x03"}; +gss_OID GSS_C_NT_ANONYMOUS = &GSS_C_NT_ANONYMOUS_storage; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, + * corresponding to an object-identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 4(gss-api-exported-name)}. The constant + * GSS_C_NT_EXPORT_NAME should be initialized to point + * to that gss_OID_desc. + */ +static gss_OID_desc GSS_C_NT_EXPORT_NAME_storage = + {6, (void *)(uintptr_t)"\x2b\x06\x01\x05\x06\x04"}; +gss_OID GSS_C_NT_EXPORT_NAME = &GSS_C_NT_EXPORT_NAME_storage; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * krb5(2) krb5_name(1)}. The recommended symbolic name for this type + * is "GSS_KRB5_NT_PRINCIPAL_NAME". + */ +static gss_OID_desc GSS_KRB5_NT_PRINCIPAL_NAME_storage = + {10, (void *)(uintptr_t)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"}; +gss_OID GSS_KRB5_NT_PRINCIPAL_NAME = &GSS_KRB5_NT_PRINCIPAL_NAME_storage; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) user_name(1)}. The recommended symbolic name for this + * type is "GSS_KRB5_NT_USER_NAME". + */ +gss_OID GSS_KRB5_NT_USER_NAME = &GSS_C_NT_USER_NAME_storage; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) machine_uid_name(2)}. The recommended symbolic name for + * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". + */ +gss_OID GSS_KRB5_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_storage; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) string_uid_name(3)}. The recommended symbolic name for + * this type is "GSS_KRB5_NT_STRING_UID_NAME". + */ +gss_OID GSS_KRB5_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_storage; + + diff --git a/sys/kgssapi/gss_pname_to_uid.c b/sys/kgssapi/gss_pname_to_uid.c new file mode 100644 index 0000000..b83fd73 --- /dev/null +++ b/sys/kgssapi/gss_pname_to_uid.c @@ -0,0 +1,122 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kgss_if.h" + +OM_uint32 +gss_pname_to_uid(OM_uint32 *minor_status, const gss_name_t pname, + const gss_OID mech, uid_t *uidp) +{ + struct pname_to_uid_res res; + struct pname_to_uid_args args; + enum clnt_stat stat; + + *minor_status = 0; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + if (pname == GSS_C_NO_NAME) + return (GSS_S_BAD_NAME); + + args.pname = pname->handle; + args.mech = mech; + + bzero(&res, sizeof(res)); + stat = gssd_pname_to_uid_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + + *uidp = res.uid; + return (GSS_S_COMPLETE); +} + +OM_uint32 +gss_pname_to_unix_cred(OM_uint32 *minor_status, const gss_name_t pname, + const gss_OID mech, uid_t *uidp, gid_t *gidp, + int *numgroups, gid_t *groups) + +{ + struct pname_to_uid_res res; + struct pname_to_uid_args args; + enum clnt_stat stat; + int i, n; + + *minor_status = 0; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + if (pname == GSS_C_NO_NAME) + return (GSS_S_BAD_NAME); + + args.pname = pname->handle; + args.mech = mech; + + bzero(&res, sizeof(res)); + stat = gssd_pname_to_uid_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + + *uidp = res.uid; + *gidp = res.gid; + n = res.gidlist.gidlist_len; + if (n > *numgroups) + n = *numgroups; + for (i = 0; i < n; i++) + groups[i] = res.gidlist.gidlist_val[i]; + *numgroups = n; + + xdr_free((xdrproc_t) xdr_pname_to_uid_res, &res); + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_release_buffer.c b/sys/kgssapi/gss_release_buffer.c new file mode 100644 index 0000000..ea5efc9 --- /dev/null +++ b/sys/kgssapi/gss_release_buffer.c @@ -0,0 +1,52 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +OM_uint32 +gss_release_buffer(OM_uint32 *minor_status, gss_buffer_t buffer) +{ + + *minor_status = 0; + if (buffer->value) { + free(buffer->value, M_GSSAPI); + } + buffer->length = 0; + buffer->value = NULL; + + return (GSS_S_COMPLETE); +} + diff --git a/sys/kgssapi/gss_release_cred.c b/sys/kgssapi/gss_release_cred.c new file mode 100644 index 0000000..6c68496 --- /dev/null +++ b/sys/kgssapi/gss_release_cred.c @@ -0,0 +1,69 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle) +{ + struct release_cred_res res; + struct release_cred_args args; + enum clnt_stat stat; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + if (*cred_handle) { + args.cred = (*cred_handle)->handle; + stat = gssd_release_cred_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + free((*cred_handle), M_GSSAPI); + *cred_handle = NULL; + + *minor_status = res.minor_status; + return (res.major_status); + } + + *minor_status = 0; + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_release_name.c b/sys/kgssapi/gss_release_name.c new file mode 100644 index 0000000..6f27e74 --- /dev/null +++ b/sys/kgssapi/gss_release_name.c @@ -0,0 +1,74 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_release_name(OM_uint32 *minor_status, gss_name_t *input_name) +{ + struct release_name_res res; + struct release_name_args args; + enum clnt_stat stat; + gss_name_t name; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + if (*input_name) { + name = *input_name; + args.input_name = name->handle; + + stat = gssd_release_name_1(&args, &res, kgss_gssd_handle); + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + free(name, M_GSSAPI); + *input_name = NULL; + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + } + + *minor_status = 0; + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_release_oid_set.c b/sys/kgssapi/gss_release_oid_set.c new file mode 100644 index 0000000..34b802a --- /dev/null +++ b/sys/kgssapi/gss_release_oid_set.c @@ -0,0 +1,52 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +OM_uint32 +gss_release_oid_set(OM_uint32 *minor_status, + gss_OID_set *set) +{ + + *minor_status = 0; + if (set && *set) { + if ((*set)->elements) + free((*set)->elements, M_GSSAPI); + free(*set, M_GSSAPI); + *set = GSS_C_NO_OID_SET; + } + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_set_cred_option.c b/sys/kgssapi/gss_set_cred_option.c new file mode 100644 index 0000000..ce781af --- /dev/null +++ b/sys/kgssapi/gss_set_cred_option.c @@ -0,0 +1,77 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "gssd.h" + +OM_uint32 +gss_set_cred_option(OM_uint32 *minor_status, + gss_cred_id_t *cred, + const gss_OID option_name, + const gss_buffer_t option_value) +{ + struct set_cred_option_res res; + struct set_cred_option_args args; + enum clnt_stat stat; + + *minor_status = 0; + + if (!kgss_gssd_handle) + return (GSS_S_FAILURE); + + if (cred) + args.cred = (*cred)->handle; + else + args.cred = 0; + args.option_name = option_name; + args.option_value = *option_value; + + bzero(&res, sizeof(res)); + stat = gssd_set_cred_option_1(&args, &res, kgss_gssd_handle); + + if (stat != RPC_SUCCESS) { + *minor_status = stat; + return (GSS_S_FAILURE); + } + + if (res.major_status != GSS_S_COMPLETE) { + *minor_status = res.minor_status; + return (res.major_status); + } + + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_test_oid_set_member.c b/sys/kgssapi/gss_test_oid_set_member.c new file mode 100644 index 0000000..9642478 --- /dev/null +++ b/sys/kgssapi/gss_test_oid_set_member.c @@ -0,0 +1,54 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +OM_uint32 +gss_test_oid_set_member(OM_uint32 *minor_status, + const gss_OID member, + const gss_OID_set set, + int *present) +{ + size_t i; + + *present = 0; + for (i = 0; i < set->count; i++) + if (kgss_oid_equal(member, &set->elements[i])) + *present = 1; + + *minor_status = 0; + return (GSS_S_COMPLETE); +} diff --git a/sys/kgssapi/gss_unwrap.c b/sys/kgssapi/gss_unwrap.c new file mode 100644 index 0000000..3b6d614 --- /dev/null +++ b/sys/kgssapi/gss_unwrap.c @@ -0,0 +1,97 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/mbuf.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kgss_if.h" + +OM_uint32 +gss_unwrap(OM_uint32 *minor_status, + const gss_ctx_id_t ctx, + const gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int *conf_state, + gss_qop_t *qop_state) +{ + OM_uint32 maj_stat; + struct mbuf *m; + + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + MGET(m, M_WAITOK, MT_DATA); + if (input_message_buffer->length > MLEN) + MCLGET(m, M_WAITOK); + m_append(m, input_message_buffer->length, input_message_buffer->value); + + maj_stat = KGSS_UNWRAP(ctx, minor_status, &m, conf_state, qop_state); + + /* + * On success, m is the wrapped message, on failure, m is + * freed. + */ + if (maj_stat == GSS_S_COMPLETE) { + output_message_buffer->length = m_length(m, NULL); + output_message_buffer->value = + malloc(output_message_buffer->length, + M_GSSAPI, M_WAITOK); + m_copydata(m, 0, output_message_buffer->length, + output_message_buffer->value); + m_freem(m); + } + + return (maj_stat); +} + +OM_uint32 +gss_unwrap_mbuf(OM_uint32 *minor_status, + const gss_ctx_id_t ctx, + struct mbuf **mp, + int *conf_state, + gss_qop_t *qop_state) +{ + + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + return (KGSS_UNWRAP(ctx, minor_status, mp, conf_state, qop_state)); +} + diff --git a/sys/kgssapi/gss_verify_mic.c b/sys/kgssapi/gss_verify_mic.c new file mode 100644 index 0000000..0a8e7c4 --- /dev/null +++ b/sys/kgssapi/gss_verify_mic.c @@ -0,0 +1,87 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/mbuf.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kgss_if.h" + +OM_uint32 +gss_verify_mic(OM_uint32 *minor_status, + const gss_ctx_id_t ctx, + const gss_buffer_t message_buffer, + const gss_buffer_t token_buffer, + gss_qop_t *qop_state) +{ + OM_uint32 maj_stat; + struct mbuf *m, *mic; + + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + MGET(m, M_WAITOK, MT_DATA); + if (message_buffer->length > MLEN) + MCLGET(m, M_WAITOK); + m_append(m, message_buffer->length, message_buffer->value); + + MGET(mic, M_WAITOK, MT_DATA); + if (token_buffer->length > MLEN) + MCLGET(mic, M_WAITOK); + m_append(mic, token_buffer->length, token_buffer->value); + + maj_stat = KGSS_VERIFY_MIC(ctx, minor_status, m, mic, qop_state); + + m_freem(m); + m_freem(mic); + + return (maj_stat); +} + +OM_uint32 +gss_verify_mic_mbuf(OM_uint32 *minor_status, const gss_ctx_id_t ctx, + struct mbuf *m, struct mbuf *mic, gss_qop_t *qop_state) +{ + + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + return (KGSS_VERIFY_MIC(ctx, minor_status, m, mic, qop_state)); +} + diff --git a/sys/kgssapi/gss_wrap.c b/sys/kgssapi/gss_wrap.c new file mode 100644 index 0000000..99bf686 --- /dev/null +++ b/sys/kgssapi/gss_wrap.c @@ -0,0 +1,96 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/mbuf.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kgss_if.h" + +OM_uint32 +gss_wrap(OM_uint32 *minor_status, + const gss_ctx_id_t ctx, + int conf_req_flag, + gss_qop_t qop_req, + const gss_buffer_t input_message_buffer, + int *conf_state, + gss_buffer_t output_message_buffer) +{ + OM_uint32 maj_stat; + struct mbuf *m; + + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + MGET(m, M_WAITOK, MT_DATA); + if (input_message_buffer->length > MLEN) + MCLGET(m, M_WAITOK); + m_append(m, input_message_buffer->length, input_message_buffer->value); + + maj_stat = KGSS_WRAP(ctx, minor_status, conf_req_flag, qop_req, + &m, conf_state); + + /* + * On success, m is the wrapped message, on failure, m is + * freed. + */ + if (maj_stat == GSS_S_COMPLETE) { + output_message_buffer->length = m_length(m, NULL); + output_message_buffer->value = + malloc(output_message_buffer->length, + M_GSSAPI, M_WAITOK); + m_copydata(m, 0, output_message_buffer->length, + output_message_buffer->value); + m_freem(m); + } + + return (maj_stat); +} + +OM_uint32 +gss_wrap_mbuf(OM_uint32 *minor_status, const gss_ctx_id_t ctx, + int conf_req_flag, gss_qop_t qop_req, struct mbuf **mp, int *conf_state) +{ + + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + return (KGSS_WRAP(ctx, minor_status, conf_req_flag, qop_req, + mp, conf_state)); +} diff --git a/sys/kgssapi/gss_wrap_size_limit.c b/sys/kgssapi/gss_wrap_size_limit.c new file mode 100644 index 0000000..17bedb2 --- /dev/null +++ b/sys/kgssapi/gss_wrap_size_limit.c @@ -0,0 +1,56 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kgss_if.h" + +OM_uint32 +gss_wrap_size_limit(OM_uint32 *minor_status, + const gss_ctx_id_t ctx, + int conf_req_flag, + gss_qop_t qop_req, + OM_uint32 req_output_size, + OM_uint32 *max_input_size) +{ + if (!ctx) { + *minor_status = 0; + return (GSS_S_NO_CONTEXT); + } + + return (KGSS_WRAP_SIZE_LIMIT(ctx, minor_status, conf_req_flag, + qop_req, req_output_size, max_input_size)); +} diff --git a/sys/kgssapi/gssapi.h b/sys/kgssapi/gssapi.h new file mode 100644 index 0000000..c8f86c6 --- /dev/null +++ b/sys/kgssapi/gssapi.h @@ -0,0 +1,620 @@ +/* + * Copyright (C) The Internet Society (2000). All Rights Reserved. + * + * This document and translations of it may be copied and furnished to + * others, and derivative works that comment on or otherwise explain it + * or assist in its implementation may be prepared, copied, published + * and distributed, in whole or in part, without restriction of any + * kind, provided that the above copyright notice and this paragraph are + * included on all such copies and derivative works. However, this + * document itself may not be modified in any way, such as by removing + * the copyright notice or references to the Internet Society or other + * Internet organizations, except as needed for the purpose of + * developing Internet standards in which case the procedures for + * copyrights defined in the Internet Standards process must be + * followed, or as required to translate it into languages other than + * English. + * + * The limited permissions granted above are perpetual and will not be + * revoked by the Internet Society or its successors or assigns. + * + * This document and the information contained herein is provided on an + * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING + * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING + * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION + * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF + * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + * + * $FreeBSD$ + */ + +#ifndef _KGSSAPI_GSSAPI_H_ +#define _KGSSAPI_GSSAPI_H_ + +/* + * A cut-down version of the GSS-API for in-kernel use + */ + +/* + * Now define the three implementation-dependent types. + */ +typedef struct _gss_ctx_id_t *gss_ctx_id_t; +typedef struct _gss_cred_id_t *gss_cred_id_t; +typedef struct _gss_name_t *gss_name_t; + +/* + * We can't use X/Open definitions, so roll our own. + */ +typedef uint32_t OM_uint32; +typedef uint64_t OM_uint64; + +typedef struct gss_OID_desc_struct { + OM_uint32 length; + void *elements; +} gss_OID_desc, *gss_OID; + +typedef struct gss_OID_set_desc_struct { + size_t count; + gss_OID elements; +} gss_OID_set_desc, *gss_OID_set; + +typedef struct gss_buffer_desc_struct { + size_t length; + void *value; +} gss_buffer_desc, *gss_buffer_t; + +typedef struct gss_channel_bindings_struct { + OM_uint32 initiator_addrtype; + gss_buffer_desc initiator_address; + OM_uint32 acceptor_addrtype; + gss_buffer_desc acceptor_address; + gss_buffer_desc application_data; +} *gss_channel_bindings_t; + +/* + * For now, define a QOP-type as an OM_uint32 + */ +typedef OM_uint32 gss_qop_t; + +typedef int gss_cred_usage_t; + +/* + * Flag bits for context-level services. + */ +#define GSS_C_DELEG_FLAG 1 +#define GSS_C_MUTUAL_FLAG 2 +#define GSS_C_REPLAY_FLAG 4 +#define GSS_C_SEQUENCE_FLAG 8 +#define GSS_C_CONF_FLAG 16 +#define GSS_C_INTEG_FLAG 32 +#define GSS_C_ANON_FLAG 64 +#define GSS_C_PROT_READY_FLAG 128 +#define GSS_C_TRANS_FLAG 256 + +/* + * Credential usage options + */ +#define GSS_C_BOTH 0 +#define GSS_C_INITIATE 1 +#define GSS_C_ACCEPT 2 + +/* + * Status code types for gss_display_status + */ +#define GSS_C_GSS_CODE 1 +#define GSS_C_MECH_CODE 2 + +/* + * The constant definitions for channel-bindings address families + */ +#define GSS_C_AF_UNSPEC 0 +#define GSS_C_AF_LOCAL 1 +#define GSS_C_AF_INET 2 +#define GSS_C_AF_IMPLINK 3 +#define GSS_C_AF_PUP 4 +#define GSS_C_AF_CHAOS 5 +#define GSS_C_AF_NS 6 +#define GSS_C_AF_NBS 7 +#define GSS_C_AF_ECMA 8 +#define GSS_C_AF_DATAKIT 9 +#define GSS_C_AF_CCITT 10 +#define GSS_C_AF_SNA 11 +#define GSS_C_AF_DECnet 12 +#define GSS_C_AF_DLI 13 +#define GSS_C_AF_LAT 14 +#define GSS_C_AF_HYLINK 15 +#define GSS_C_AF_APPLETALK 16 +#define GSS_C_AF_BSC 17 +#define GSS_C_AF_DSS 18 +#define GSS_C_AF_OSI 19 +#define GSS_C_AF_X25 21 +#define GSS_C_AF_NULLADDR 255 + +/* + * Various Null values + */ +#define GSS_C_NO_NAME ((gss_name_t) 0) +#define GSS_C_NO_BUFFER ((gss_buffer_t) 0) +#define GSS_C_NO_OID ((gss_OID) 0) +#define GSS_C_NO_OID_SET ((gss_OID_set) 0) +#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) +#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) +#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) +#define GSS_C_EMPTY_BUFFER {0, NULL} + +/* + * Some alternate names for a couple of the above + * values. These are defined for V1 compatibility. + */ +#define GSS_C_NULL_OID GSS_C_NO_OID +#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET + +/* + * Define the default Quality of Protection for per-message + * services. Note that an implementation that offers multiple + * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero + * (as done here) to mean "default protection", or to a specific + * explicit QOP value. However, a value of 0 should always be + * interpreted by a GSS-API implementation as a request for the + * default protection level. + */ +#define GSS_C_QOP_DEFAULT 0 + +/* + * Expiration time of 2^32-1 seconds means infinite lifetime for a + * credential or security context + */ +#define GSS_C_INDEFINITE 0xfffffffful + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x01"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant + * GSS_C_NT_USER_NAME should be initialized to point + * to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_USER_NAME; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x02"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. + * The constant GSS_C_NT_MACHINE_UID_NAME should be + * initialized to point to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_MACHINE_UID_NAME; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x03"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. + * The constant GSS_C_NT_STRING_UID_NAME should be + * initialized to point to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_STRING_UID_NAME; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, + * corresponding to an object-identifier value of + * {iso(1) org(3) dod(6) internet(1) security(5) + * nametypes(6) gss-host-based-services(2)). The constant + * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point + * to that gss_OID_desc. This is a deprecated OID value, and + * implementations wishing to support hostbased-service names + * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, + * defined below, to identify such names; + * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym + * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input + * parameter, but should not be emitted by GSS-API + * implementations + */ +extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x04"}, corresponding to an + * object-identifier value of {iso(1) member-body(2) + * Unites States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) service_name(4)}. The constant + * GSS_C_NT_HOSTBASED_SERVICE should be initialized + * to point to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, + * corresponding to an object identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 3(gss-anonymous-name)}. The constant + * and GSS_C_NT_ANONYMOUS should be initialized to point + * to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_ANONYMOUS; + + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, + * corresponding to an object-identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 4(gss-api-exported-name)}. The constant + * GSS_C_NT_EXPORT_NAME should be initialized to point + * to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_EXPORT_NAME; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * krb5(2) krb5_name(1)}. The recommended symbolic name for this type + * is "GSS_KRB5_NT_PRINCIPAL_NAME". + */ +extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) user_name(1)}. The recommended symbolic name for this + * type is "GSS_KRB5_NT_USER_NAME". + */ +extern gss_OID GSS_KRB5_NT_USER_NAME; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) machine_uid_name(2)}. The recommended symbolic name for + * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". + */ +extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) string_uid_name(3)}. The recommended symbolic name for + * this type is "GSS_KRB5_NT_STRING_UID_NAME". + */ +extern gss_OID GSS_KRB5_NT_STRING_UID_NAME; + +/* Major status codes */ + +#define GSS_S_COMPLETE 0 + +/* + * Some "helper" definitions to make the status code macros obvious. + */ +#define GSS_C_CALLING_ERROR_OFFSET 24 +#define GSS_C_ROUTINE_ERROR_OFFSET 16 +#define GSS_C_SUPPLEMENTARY_OFFSET 0 +#define GSS_C_CALLING_ERROR_MASK 0377ul +#define GSS_C_ROUTINE_ERROR_MASK 0377ul +#define GSS_C_SUPPLEMENTARY_MASK 0177777ul + +/* + * The macros that test status codes for error conditions. + * Note that the GSS_ERROR() macro has changed slightly from + * the V1 GSS-API so that it now evaluates its argument + * only once. + */ +#define GSS_CALLING_ERROR(x) \ + (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) +#define GSS_ROUTINE_ERROR(x) \ + (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) +#define GSS_SUPPLEMENTARY_INFO(x) \ + (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) +#define GSS_ERROR(x) \ + (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ + (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) + +/* + * Now the actual status code definitions + */ + +/* + * Calling errors: + */ +#define GSS_S_CALL_INACCESSIBLE_READ \ +(1ul << GSS_C_CALLING_ERROR_OFFSET) +#define GSS_S_CALL_INACCESSIBLE_WRITE \ +(2ul << GSS_C_CALLING_ERROR_OFFSET) +#define GSS_S_CALL_BAD_STRUCTURE \ +(3ul << GSS_C_CALLING_ERROR_OFFSET) + +/* + * Routine errors: + */ +#define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_MIC GSS_S_BAD_SIG +#define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET) + +/* + * Supplementary info bits: + */ +#define GSS_S_CONTINUE_NEEDED \ + (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) +#define GSS_S_DUPLICATE_TOKEN \ + (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) +#define GSS_S_OLD_TOKEN \ + (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) +#define GSS_S_UNSEQ_TOKEN \ + (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) +#define GSS_S_GAP_TOKEN \ + (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) + +__BEGIN_DECLS + +/* + * Finally, function prototypes for the GSS-API routines. + */ +OM_uint32 gss_acquire_cred + (OM_uint32 *, /* minor_status */ + const gss_name_t, /* desired_name */ + OM_uint32, /* time_req */ + const gss_OID_set, /* desired_mechs */ + gss_cred_usage_t, /* cred_usage */ + gss_cred_id_t *, /* output_cred_handle */ + gss_OID_set *, /* actual_mechs */ + OM_uint32 * /* time_rec */ + ); + +OM_uint32 gss_release_cred + (OM_uint32 *, /* minor_status */ + gss_cred_id_t * /* cred_handle */ + ); + +OM_uint32 gss_init_sec_context + (OM_uint32 *, /* minor_status */ + const gss_cred_id_t, /* initiator_cred_handle */ + gss_ctx_id_t *, /* context_handle */ + const gss_name_t, /* target_name */ + const gss_OID, /* mech_type */ + OM_uint32, /* req_flags */ + OM_uint32, /* time_req */ + const gss_channel_bindings_t, + /* input_chan_bindings */ + const gss_buffer_t, /* input_token */ + gss_OID *, /* actual_mech_type */ + gss_buffer_t, /* output_token */ + OM_uint32 *, /* ret_flags */ + OM_uint32 * /* time_rec */ + ); + +OM_uint32 gss_accept_sec_context + (OM_uint32 *, /* minor_status */ + gss_ctx_id_t *, /* context_handle */ + const gss_cred_id_t, /* acceptor_cred_handle */ + const gss_buffer_t, /* input_token_buffer */ + const gss_channel_bindings_t, + /* input_chan_bindings */ + gss_name_t *, /* src_name */ + gss_OID *, /* mech_type */ + gss_buffer_t, /* output_token */ + OM_uint32 *, /* ret_flags */ + OM_uint32 *, /* time_rec */ + gss_cred_id_t * /* delegated_cred_handle */ + ); + +OM_uint32 gss_delete_sec_context + (OM_uint32 *, /* minor_status */ + gss_ctx_id_t *, /* context_handle */ + gss_buffer_t /* output_token */ + ); + +OM_uint32 gss_get_mic + (OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + gss_qop_t, /* qop_req */ + const gss_buffer_t, /* message_buffer */ + gss_buffer_t /* message_token */ + ); + +OM_uint32 gss_verify_mic + (OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + const gss_buffer_t, /* message_buffer */ + const gss_buffer_t, /* token_buffer */ + gss_qop_t * /* qop_state */ + ); + +OM_uint32 gss_wrap + (OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + int, /* conf_req_flag */ + gss_qop_t, /* qop_req */ + const gss_buffer_t, /* input_message_buffer */ + int *, /* conf_state */ + gss_buffer_t /* output_message_buffer */ + ); + +OM_uint32 gss_unwrap + (OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + const gss_buffer_t, /* input_message_buffer */ + gss_buffer_t, /* output_message_buffer */ + int *, /* conf_state */ + gss_qop_t * /* qop_state */ + ); + +OM_uint32 gss_display_status + (OM_uint32 *, /* minor_status */ + OM_uint32, /* status_value */ + int, /* status_type */ + const gss_OID, /* mech_type */ + OM_uint32 *, /* message_context */ + gss_buffer_t /* status_string */ + ); + +OM_uint32 gss_import_name + (OM_uint32 *, /* minor_status */ + const gss_buffer_t, /* input_name_buffer */ + const gss_OID, /* input_name_type */ + gss_name_t * /* output_name */ + ); + +OM_uint32 gss_export_name + (OM_uint32 *, /* minor_status */ + const gss_name_t, /* input_name */ + gss_buffer_t /* exported_name */ + ); + +OM_uint32 gss_release_name + (OM_uint32 *, /* minor_status */ + gss_name_t * /* input_name */ + ); + +OM_uint32 gss_release_buffer + (OM_uint32 *, /* minor_status */ + gss_buffer_t /* buffer */ + ); + +OM_uint32 gss_release_oid_set + (OM_uint32 *, /* minor_status */ + gss_OID_set * /* set */ + ); + +OM_uint32 gss_wrap_size_limit ( + OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + int, /* conf_req_flag */ + gss_qop_t, /* qop_req */ + OM_uint32, /* req_output_size */ + OM_uint32 * /* max_input_size */ + ); + +OM_uint32 gss_create_empty_oid_set ( + OM_uint32 *, /* minor_status */ + gss_OID_set * /* oid_set */ + ); + +OM_uint32 gss_add_oid_set_member ( + OM_uint32 *, /* minor_status */ + const gss_OID, /* member_oid */ + gss_OID_set * /* oid_set */ + ); + +OM_uint32 gss_test_oid_set_member ( + OM_uint32 *, /* minor_status */ + const gss_OID, /* member */ + const gss_OID_set, /* set */ + int * /* present */ + ); + +OM_uint32 gss_canonicalize_name ( + OM_uint32 *, /* minor_status */ + const gss_name_t, /* input_name */ + const gss_OID, /* mech_type */ + gss_name_t * /* output_name */ + ); + +/* + * Other extensions and helper functions. + */ + +OM_uint32 gss_set_cred_option + (OM_uint32 *, /* minor status */ + gss_cred_id_t *, /* cred */ + const gss_OID, /* option to set */ + const gss_buffer_t /* option value */ + ); + +OM_uint32 gss_pname_to_uid + (OM_uint32 *, /* minor status */ + const gss_name_t pname, /* principal name */ + const gss_OID mech, /* mechanism to query */ + uid_t *uidp /* pointer to UID for result */ + ); + +/* + * On entry, *numgroups is set to the maximum number of groups to return. On exit, *numgroups is set to the actual number of groups returned. + */ +OM_uint32 gss_pname_to_unix_cred + (OM_uint32 *, /* minor status */ + const gss_name_t pname, /* principal name */ + const gss_OID mech, /* mechanism to query */ + uid_t *uidp, /* pointer to UID for result */ + gid_t *gidp, /* pointer to GID for result */ + int *numgroups, /* number of groups */ + gid_t *groups /* pointer to group list */ + ); + +/* + * Mbuf oriented message signing and encryption. + * + * Get_mic allocates an mbuf to hold the message checksum. Verify_mic + * may modify the passed-in mic but will not free it. + * + * Wrap and unwrap + * consume the message and generate a new mbuf chain with the + * result. The original message is freed on error. + */ +struct mbuf; +OM_uint32 gss_get_mic_mbuf + (OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + gss_qop_t, /* qop_req */ + struct mbuf *, /* message_buffer */ + struct mbuf ** /* message_token */ + ); + +OM_uint32 gss_verify_mic_mbuf + (OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + struct mbuf *, /* message_buffer */ + struct mbuf *, /* token_buffer */ + gss_qop_t * /* qop_state */ + ); + +OM_uint32 gss_wrap_mbuf + (OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + int, /* conf_req_flag */ + gss_qop_t, /* qop_req */ + struct mbuf **, /* message_buffer */ + int * /* conf_state */ + ); + +OM_uint32 gss_unwrap_mbuf + (OM_uint32 *, /* minor_status */ + const gss_ctx_id_t, /* context_handle */ + struct mbuf **, /* message_buffer */ + int *, /* conf_state */ + gss_qop_t * /* qop_state */ + ); + +__END_DECLS + +#endif /* _KGSSAPI_GSSAPI_H_ */ diff --git a/sys/kgssapi/gssapi_impl.h b/sys/kgssapi/gssapi_impl.h new file mode 100644 index 0000000..629b80b --- /dev/null +++ b/sys/kgssapi/gssapi_impl.h @@ -0,0 +1,67 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include "gssd.h" + +MALLOC_DECLARE(M_GSSAPI); + +struct _gss_ctx_id_t { + KOBJ_FIELDS; + gssd_ctx_id_t handle; +}; + +struct _gss_cred_id_t { + gssd_cred_id_t handle; +}; + +struct _gss_name_t { + gssd_name_t handle; +}; + +struct kgss_mech { + LIST_ENTRY(kgss_mech) km_link; + gss_OID km_mech_type; + const char *km_mech_name; + struct kobj_class *km_class; +}; +LIST_HEAD(kgss_mech_list, kgss_mech); + +extern CLIENT *kgss_gssd_handle; +extern struct kgss_mech_list kgss_mechs; + +int kgss_oid_equal(const gss_OID oid1, const gss_OID oid2); +extern void kgss_install_mech(gss_OID mech_type, const char *name, + struct kobj_class *cls); +extern void kgss_uninstall_mech(gss_OID mech_type); +extern gss_OID kgss_find_mech_by_name(const char *name); +extern const char *kgss_find_mech_by_oid(const gss_OID oid); +extern gss_ctx_id_t kgss_create_context(gss_OID mech_type); +extern void kgss_delete_context(gss_ctx_id_t ctx, gss_buffer_t output_token); +extern OM_uint32 kgss_transfer_context(gss_ctx_id_t ctx); +extern void kgss_copy_buffer(const gss_buffer_t from, gss_buffer_t to); diff --git a/sys/kgssapi/gssd.x b/sys/kgssapi/gssd.x new file mode 100644 index 0000000..f5682a0 --- /dev/null +++ b/sys/kgssapi/gssd.x @@ -0,0 +1,265 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $FreeBSD$ */ + +#ifdef RPC_HDR + +%#ifdef _KERNEL +%#include <kgssapi/gssapi.h> +%#else +%#include <gssapi/gssapi.h> +%#endif + +%extern bool_t xdr_gss_buffer_desc(XDR *xdrs, gss_buffer_desc *buf); +%extern bool_t xdr_gss_OID_desc(XDR *xdrs, gss_OID_desc *oid); +%extern bool_t xdr_gss_OID(XDR *xdrs, gss_OID *oidp); +%extern bool_t xdr_gss_OID_set_desc(XDR *xdrs, gss_OID_set_desc *set); +%extern bool_t xdr_gss_OID_set(XDR *xdrs, gss_OID_set *setp); +%extern bool_t xdr_gss_channel_bindings_t(XDR *xdrs, gss_channel_bindings_t *chp); + +#endif + +typedef uint64_t gssd_ctx_id_t; +typedef uint64_t gssd_cred_id_t; +typedef uint64_t gssd_name_t; + +struct init_sec_context_res { + uint32_t major_status; + uint32_t minor_status; + gssd_ctx_id_t ctx; + gss_OID actual_mech_type; + gss_buffer_desc output_token; + uint32_t ret_flags; + uint32_t time_rec; +}; + +struct init_sec_context_args { + uint32_t uid; + gssd_cred_id_t cred; + gssd_ctx_id_t ctx; + gssd_name_t name; + gss_OID mech_type; + uint32_t req_flags; + uint32_t time_req; + gss_channel_bindings_t input_chan_bindings; + gss_buffer_desc input_token; +}; + +struct accept_sec_context_res { + uint32_t major_status; + uint32_t minor_status; + gssd_ctx_id_t ctx; + gssd_name_t src_name; + gss_OID mech_type; + gss_buffer_desc output_token; + uint32_t ret_flags; + uint32_t time_rec; + gssd_cred_id_t delegated_cred_handle; +}; + +struct accept_sec_context_args { + gssd_ctx_id_t ctx; + gssd_cred_id_t cred; + gss_buffer_desc input_token; + gss_channel_bindings_t input_chan_bindings; +}; + +struct delete_sec_context_res { + uint32_t major_status; + uint32_t minor_status; + gss_buffer_desc output_token; +}; + +struct delete_sec_context_args { + gssd_ctx_id_t ctx; +}; + +enum sec_context_format { + KGSS_HEIMDAL_0_6, + KGSS_HEIMDAL_1_1 +}; + +struct export_sec_context_res { + uint32_t major_status; + uint32_t minor_status; + enum sec_context_format format; + gss_buffer_desc interprocess_token; +}; + +struct export_sec_context_args { + gssd_ctx_id_t ctx; +}; + +struct import_name_res { + uint32_t major_status; + uint32_t minor_status; + gssd_name_t output_name; +}; + +struct import_name_args { + gss_buffer_desc input_name_buffer; + gss_OID input_name_type; +}; + +struct canonicalize_name_res { + uint32_t major_status; + uint32_t minor_status; + gssd_name_t output_name; +}; + +struct canonicalize_name_args { + gssd_name_t input_name; + gss_OID mech_type; +}; + +struct export_name_res { + uint32_t major_status; + uint32_t minor_status; + gss_buffer_desc exported_name; +}; + +struct export_name_args { + gssd_name_t input_name; +}; + +struct release_name_res { + uint32_t major_status; + uint32_t minor_status; +}; + +struct release_name_args { + gssd_name_t input_name; +}; + +struct pname_to_uid_res { + uint32_t major_status; + uint32_t minor_status; + uint32_t uid; + uint32_t gid; + uint32_t gidlist<>; +}; + +struct pname_to_uid_args { + gssd_name_t pname; + gss_OID mech; +}; + +struct acquire_cred_res { + uint32_t major_status; + uint32_t minor_status; + gssd_cred_id_t output_cred; + gss_OID_set actual_mechs; + uint32_t time_rec; +}; + +struct acquire_cred_args { + uint32_t uid; + gssd_name_t desired_name; + uint32_t time_req; + gss_OID_set desired_mechs; + int cred_usage; +}; + +struct set_cred_option_res { + uint32_t major_status; + uint32_t minor_status; +}; + +struct set_cred_option_args { + gssd_cred_id_t cred; + gss_OID option_name; + gss_buffer_desc option_value; +}; + +struct release_cred_res { + uint32_t major_status; + uint32_t minor_status; +}; + +struct release_cred_args { + gssd_cred_id_t cred; +}; + +struct display_status_res { + uint32_t major_status; + uint32_t minor_status; + uint32_t message_context; + gss_buffer_desc status_string; +}; + +struct display_status_args { + uint32_t status_value; + int status_type; + gss_OID mech_type; + uint32_t message_context; +}; + +program GSSD { + version GSSDVERS { + void GSSD_NULL(void) = 0; + + init_sec_context_res + GSSD_INIT_SEC_CONTEXT(init_sec_context_args) = 1; + + accept_sec_context_res + GSSD_ACCEPT_SEC_CONTEXT(accept_sec_context_args) = 2; + + delete_sec_context_res + GSSD_DELETE_SEC_CONTEXT(delete_sec_context_args) = 3; + + export_sec_context_res + GSSD_EXPORT_SEC_CONTEXT(export_sec_context_args) = 4; + + import_name_res + GSSD_IMPORT_NAME(import_name_args) = 5; + + canonicalize_name_res + GSSD_CANONICALIZE_NAME(canonicalize_name_args) = 6; + + export_name_res + GSSD_EXPORT_NAME(export_name_args) = 7; + + release_name_res + GSSD_RELEASE_NAME(release_name_args) = 8; + + pname_to_uid_res + GSSD_PNAME_TO_UID(pname_to_uid_args) = 9; + + acquire_cred_res + GSSD_ACQUIRE_CRED(acquire_cred_args) = 10; + + set_cred_option_res + GSSD_SET_CRED_OPTION(set_cred_option_args) = 11; + + release_cred_res + GSSD_RELEASE_CRED(release_cred_args) = 12; + + display_status_res + GSSD_DISPLAY_STATUS(display_status_args) = 13; + } = 1; +} = 0x40677373; diff --git a/sys/kgssapi/gssd_prot.c b/sys/kgssapi/gssd_prot.c new file mode 100644 index 0000000..3b8fbc5 --- /dev/null +++ b/sys/kgssapi/gssd_prot.c @@ -0,0 +1,244 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#ifdef _KERNEL +#include <sys/malloc.h> +#else +#include <stdlib.h> +#include <string.h> +#endif + +#include <rpc/rpc.h> +#include <rpc/rpc_com.h> + +#include "gssd.h" + +bool_t +xdr_gss_buffer_desc(XDR *xdrs, gss_buffer_desc *buf) +{ + char *val; + u_int len; + + len = buf->length; + val = buf->value; + if (!xdr_bytes(xdrs, &val, &len, ~0)) + return (FALSE); + buf->length = len; + buf->value = val; + + return (TRUE); +} + +bool_t +xdr_gss_OID_desc(XDR *xdrs, gss_OID_desc *oid) +{ + char *val; + u_int len; + + len = oid->length; + val = oid->elements; + if (!xdr_bytes(xdrs, &val, &len, ~0)) + return (FALSE); + oid->length = len; + oid->elements = val; + + return (TRUE); +} + +bool_t +xdr_gss_OID(XDR *xdrs, gss_OID *oidp) +{ + gss_OID oid; + bool_t is_null; + + switch (xdrs->x_op) { + case XDR_ENCODE: + oid = *oidp; + if (oid) { + is_null = FALSE; + if (!xdr_bool(xdrs, &is_null) + || !xdr_gss_OID_desc(xdrs, oid)) + return (FALSE); + } else { + is_null = TRUE; + if (!xdr_bool(xdrs, &is_null)) + return (FALSE); + } + break; + + case XDR_DECODE: + if (!xdr_bool(xdrs, &is_null)) + return (FALSE); + if (is_null) { + *oidp = GSS_C_NO_OID; + } else { + oid = mem_alloc(sizeof(gss_OID_desc)); + memset(oid, 0, sizeof(*oid)); + if (!xdr_gss_OID_desc(xdrs, oid)) + return (FALSE); + *oidp = oid; + } + break; + + case XDR_FREE: + oid = *oidp; + if (oid) { + xdr_gss_OID_desc(xdrs, oid); + mem_free(oid, sizeof(gss_OID_desc)); + } + } + + return (TRUE); +} + +bool_t +xdr_gss_OID_set_desc(XDR *xdrs, gss_OID_set_desc *set) +{ + caddr_t addr; + u_int len; + + len = set->count; + addr = (caddr_t) set->elements; + if (!xdr_array(xdrs, &addr, &len, ~0, sizeof(gss_OID_desc), + (xdrproc_t) xdr_gss_OID_desc)) + return (FALSE); + set->count = len; + set->elements = (gss_OID) addr; + + return (TRUE); +} + +bool_t +xdr_gss_OID_set(XDR *xdrs, gss_OID_set *setp) +{ + gss_OID_set set; + bool_t is_null; + + switch (xdrs->x_op) { + case XDR_ENCODE: + set = *setp; + if (set) { + is_null = FALSE; + if (!xdr_bool(xdrs, &is_null) + || !xdr_gss_OID_set_desc(xdrs, set)) + return (FALSE); + } else { + is_null = TRUE; + if (!xdr_bool(xdrs, &is_null)) + return (FALSE); + } + break; + + case XDR_DECODE: + if (!xdr_bool(xdrs, &is_null)) + return (FALSE); + if (is_null) { + *setp = GSS_C_NO_OID_SET; + } else { + set = mem_alloc(sizeof(gss_OID_set_desc)); + memset(set, 0, sizeof(*set)); + if (!xdr_gss_OID_set_desc(xdrs, set)) + return (FALSE); + *setp = set; + } + break; + + case XDR_FREE: + set = *setp; + if (set) { + xdr_gss_OID_set_desc(xdrs, set); + mem_free(set, sizeof(gss_OID_set_desc)); + } + } + + return (TRUE); +} + +bool_t +xdr_gss_channel_bindings_t(XDR *xdrs, gss_channel_bindings_t *chp) +{ + gss_channel_bindings_t ch; + bool_t is_null; + + switch (xdrs->x_op) { + case XDR_ENCODE: + ch = *chp; + if (ch) { + is_null = FALSE; + if (!xdr_bool(xdrs, &is_null) + || !xdr_uint32_t(xdrs, &ch->initiator_addrtype) + || !xdr_gss_buffer_desc(xdrs, + &ch->initiator_address) + || !xdr_uint32_t(xdrs, &ch->acceptor_addrtype) + || !xdr_gss_buffer_desc(xdrs, + &ch->acceptor_address) + || !xdr_gss_buffer_desc(xdrs, + &ch->application_data)) + return (FALSE); + } else { + is_null = TRUE; + if (!xdr_bool(xdrs, &is_null)) + return (FALSE); + } + break; + + case XDR_DECODE: + if (!xdr_bool(xdrs, &is_null)) + return (FALSE); + if (is_null) { + *chp = GSS_C_NO_CHANNEL_BINDINGS; + } else { + ch = mem_alloc(sizeof(*ch)); + memset(ch, 0, sizeof(*ch)); + if (!xdr_uint32_t(xdrs, &ch->initiator_addrtype) + || !xdr_gss_buffer_desc(xdrs, + &ch->initiator_address) + || !xdr_uint32_t(xdrs, &ch->acceptor_addrtype) + || !xdr_gss_buffer_desc(xdrs, + &ch->acceptor_address) + || !xdr_gss_buffer_desc(xdrs, + &ch->application_data)) + return (FALSE); + *chp = ch; + } + break; + + case XDR_FREE: + ch = *chp; + if (ch) { + xdr_gss_buffer_desc(xdrs, &ch->initiator_address); + xdr_gss_buffer_desc(xdrs, &ch->acceptor_address); + xdr_gss_buffer_desc(xdrs, &ch->application_data); + mem_free(ch, sizeof(*ch)); + } + } + + return (TRUE); +} diff --git a/sys/kgssapi/gsstest.c b/sys/kgssapi/gsstest.c new file mode 100644 index 0000000..1764703 --- /dev/null +++ b/sys/kgssapi/gsstest.c @@ -0,0 +1,1141 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/ctype.h> +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/module.h> +#include <sys/proc.h> +#include <sys/socketvar.h> +#include <sys/sysent.h> +#include <sys/sysproto.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> +#include <rpc/rpc.h> +#include <rpc/rpc_com.h> +#include <rpc/rpcb_prot.h> +#include <rpc/rpcsec_gss.h> + +static void +report_error(gss_OID mech, OM_uint32 maj, OM_uint32 min) +{ + OM_uint32 maj_stat, min_stat; + OM_uint32 message_context; + gss_buffer_desc buf; + + uprintf("major_stat=%d, minor_stat=%d\n", maj, min); + message_context = 0; + do { + maj_stat = gss_display_status(&min_stat, maj, + GSS_C_GSS_CODE, GSS_C_NO_OID, &message_context, &buf); + if (GSS_ERROR(maj_stat)) + break; + uprintf("%.*s\n", (int)buf.length, (char *) buf.value); + gss_release_buffer(&min_stat, &buf); + } while (message_context); + if (mech && min) { + message_context = 0; + do { + maj_stat = gss_display_status(&min_stat, min, + GSS_C_MECH_CODE, mech, &message_context, &buf); + if (GSS_ERROR(maj_stat)) + break; + uprintf("%.*s\n", (int)buf.length, (char *) buf.value); + gss_release_buffer(&min_stat, &buf); + } while (message_context); + } +} + +#if 0 +static void +send_token_to_peer(const gss_buffer_t token) +{ + const uint8_t *p; + size_t i; + + printf("send token:\n"); + printf("%d ", (int) token->length); + p = (const uint8_t *) token->value; + for (i = 0; i < token->length; i++) + printf("%02x", *p++); + printf("\n"); +} + +static void +receive_token_from_peer(gss_buffer_t token) +{ + char line[8192]; + char *p; + uint8_t *q; + int len, val; + + printf("receive token:\n"); + fgets(line, sizeof(line), stdin); + if (line[strlen(line) - 1] != '\n') { + printf("token truncated\n"); + exit(1); + } + p = line; + if (sscanf(line, "%d ", &len) != 1) { + printf("bad token\n"); + exit(1); + } + p = strchr(p, ' ') + 1; + token->length = len; + token->value = malloc(len); + q = (uint8_t *) token->value; + while (len) { + if (sscanf(p, "%02x", &val) != 1) { + printf("bad token\n"); + exit(1); + } + *q++ = val; + p += 2; + len--; + } +} +#endif + +#if 0 +void +server(int argc, char** argv) +{ + OM_uint32 maj_stat, min_stat; + gss_buffer_desc input_token, output_token; + gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT; + gss_name_t client_name; + gss_OID mech_type; + + if (argc != 1) + usage(); + + do { + receive_token_from_peer(&input_token); + maj_stat = gss_accept_sec_context(&min_stat, + &context_hdl, + GSS_C_NO_CREDENTIAL, + &input_token, + GSS_C_NO_CHANNEL_BINDINGS, + &client_name, + &mech_type, + &output_token, + NULL, + NULL, + NULL); + if (GSS_ERROR(maj_stat)) { + report_error(mech_type, maj_stat, min_stat); + } + if (output_token.length != 0) { + send_token_to_peer(&output_token); + gss_release_buffer(&min_stat, &output_token); + } + if (GSS_ERROR(maj_stat)) { + if (context_hdl != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, + &context_hdl, + GSS_C_NO_BUFFER); + break; + } + } while (maj_stat & GSS_S_CONTINUE_NEEDED); + + if (client_name) { + gss_buffer_desc name_desc; + char buf[512]; + + gss_display_name(&min_stat, client_name, &name_desc, NULL); + memcpy(buf, name_desc.value, name_desc.length); + buf[name_desc.length] = 0; + gss_release_buffer(&min_stat, &name_desc); + printf("client name is %s\n", buf); + } + + receive_token_from_peer(&input_token); + gss_unwrap(&min_stat, context_hdl, &input_token, &output_token, + NULL, NULL); + printf("%.*s\n", (int)output_token.length, (char *) output_token.value); + gss_release_buffer(&min_stat, &output_token); +} +#endif + +/* 1.2.752.43.13.14 */ +static gss_OID_desc gss_krb5_set_allowable_enctypes_x_desc = +{6, (void *) "\x2a\x85\x70\x2b\x0d\x0e"}; + +gss_OID GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X = &gss_krb5_set_allowable_enctypes_x_desc; +#define ETYPE_DES_CBC_CRC 1 + +/* + * Create an initiator context and acceptor context in the kernel and + * use them to exchange signed and sealed messages. + */ +static int +gsstest_1(void) +{ + OM_uint32 maj_stat, min_stat; + OM_uint32 smaj_stat, smin_stat; + int context_established = 0; + gss_ctx_id_t client_context = GSS_C_NO_CONTEXT; + gss_ctx_id_t server_context = GSS_C_NO_CONTEXT; + gss_cred_id_t client_cred = GSS_C_NO_CREDENTIAL; + gss_cred_id_t server_cred = GSS_C_NO_CREDENTIAL; + gss_name_t name = GSS_C_NO_NAME; + gss_name_t received_name = GSS_C_NO_NAME; + gss_buffer_desc name_desc; + gss_buffer_desc client_token, server_token, message_buf; + gss_OID mech, actual_mech, mech_type; + static gss_OID_desc krb5_desc = + {9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"}; +#if 0 + static gss_OID_desc spnego_desc = + {6, (void *)"\x2b\x06\x01\x05\x05\x02"}; + static gss_OID_desc ntlm_desc = + {10, (void *)"\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a"}; +#endif + char enctype[sizeof(uint32_t)]; + + mech = GSS_C_NO_OID; + + { + static char sbuf[512]; + snprintf(sbuf, sizeof(sbuf), "nfs@%s", hostname); + name_desc.value = sbuf; + } + + name_desc.length = strlen((const char *) name_desc.value); + maj_stat = gss_import_name(&min_stat, &name_desc, + GSS_C_NT_HOSTBASED_SERVICE, &name); + if (GSS_ERROR(maj_stat)) { + printf("gss_import_name failed\n"); + report_error(mech, maj_stat, min_stat); + goto out; + } + + maj_stat = gss_acquire_cred(&min_stat, GSS_C_NO_NAME, + 0, GSS_C_NO_OID_SET, GSS_C_INITIATE, &client_cred, + NULL, NULL); + if (GSS_ERROR(maj_stat)) { + printf("gss_acquire_cred (client) failed\n"); + report_error(mech, maj_stat, min_stat); + goto out; + } + + enctype[0] = (ETYPE_DES_CBC_CRC >> 24) & 0xff; + enctype[1] = (ETYPE_DES_CBC_CRC >> 16) & 0xff; + enctype[2] = (ETYPE_DES_CBC_CRC >> 8) & 0xff; + enctype[3] = ETYPE_DES_CBC_CRC & 0xff; + message_buf.length = sizeof(enctype); + message_buf.value = enctype; + maj_stat = gss_set_cred_option(&min_stat, &client_cred, + GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X, &message_buf); + if (GSS_ERROR(maj_stat)) { + printf("gss_set_cred_option failed\n"); + report_error(mech, maj_stat, min_stat); + goto out; + } + + server_token.length = 0; + server_token.value = NULL; + while (!context_established) { + client_token.length = 0; + client_token.value = NULL; + maj_stat = gss_init_sec_context(&min_stat, + client_cred, + &client_context, + name, + mech, + GSS_C_MUTUAL_FLAG|GSS_C_CONF_FLAG|GSS_C_INTEG_FLAG, + 0, + GSS_C_NO_CHANNEL_BINDINGS, + &server_token, + &actual_mech, + &client_token, + NULL, + NULL); + if (server_token.length) + gss_release_buffer(&smin_stat, &server_token); + if (GSS_ERROR(maj_stat)) { + printf("gss_init_sec_context failed\n"); + report_error(mech, maj_stat, min_stat); + goto out; + } + + if (client_token.length != 0) { + if (!server_cred) { + gss_OID_set_desc oid_set; + oid_set.count = 1; + oid_set.elements = &krb5_desc; + smaj_stat = gss_acquire_cred(&smin_stat, + name, 0, &oid_set, GSS_C_ACCEPT, &server_cred, + NULL, NULL); + if (GSS_ERROR(smaj_stat)) { + printf("gss_acquire_cred (server) failed\n"); + report_error(mech_type, smaj_stat, smin_stat); + goto out; + } + } + smaj_stat = gss_accept_sec_context(&smin_stat, + &server_context, + server_cred, + &client_token, + GSS_C_NO_CHANNEL_BINDINGS, + &received_name, + &mech_type, + &server_token, + NULL, + NULL, + NULL); + if (GSS_ERROR(smaj_stat)) { + printf("gss_accept_sec_context failed\n"); + report_error(mech_type, smaj_stat, smin_stat); + goto out; + } + gss_release_buffer(&min_stat, &client_token); + } + if (GSS_ERROR(maj_stat)) { + if (client_context != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, + &client_context, + GSS_C_NO_BUFFER); + break; + } + + if (maj_stat == GSS_S_COMPLETE) { + context_established = 1; + } + } + + message_buf.length = strlen("Hello world"); + message_buf.value = (void *) "Hello world"; + + maj_stat = gss_get_mic(&min_stat, client_context, + GSS_C_QOP_DEFAULT, &message_buf, &client_token); + if (GSS_ERROR(maj_stat)) { + printf("gss_get_mic failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + maj_stat = gss_verify_mic(&min_stat, server_context, + &message_buf, &client_token, NULL); + if (GSS_ERROR(maj_stat)) { + printf("gss_verify_mic failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + gss_release_buffer(&min_stat, &client_token); + + maj_stat = gss_wrap(&min_stat, client_context, + TRUE, GSS_C_QOP_DEFAULT, &message_buf, NULL, &client_token); + if (GSS_ERROR(maj_stat)) { + printf("gss_wrap failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + maj_stat = gss_unwrap(&min_stat, server_context, + &client_token, &server_token, NULL, NULL); + if (GSS_ERROR(maj_stat)) { + printf("gss_unwrap failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + + if (message_buf.length != server_token.length + || memcmp(message_buf.value, server_token.value, + message_buf.length)) + printf("unwrap result corrupt\n"); + + gss_release_buffer(&min_stat, &client_token); + gss_release_buffer(&min_stat, &server_token); + +out: + if (client_context) + gss_delete_sec_context(&min_stat, &client_context, + GSS_C_NO_BUFFER); + if (server_context) + gss_delete_sec_context(&min_stat, &server_context, + GSS_C_NO_BUFFER); + if (client_cred) + gss_release_cred(&min_stat, &client_cred); + if (server_cred) + gss_release_cred(&min_stat, &server_cred); + if (name) + gss_release_name(&min_stat, &name); + if (received_name) + gss_release_name(&min_stat, &received_name); + + return (0); +} + +/* + * Interoperability with userland. This takes several steps: + * + * 1. Accept an initiator token from userland, return acceptor + * token. Repeat this step until both userland and kernel return + * GSS_S_COMPLETE. + * + * 2. Receive a signed message from userland and verify the + * signature. Return a signed reply to userland for it to verify. + * + * 3. Receive a wrapped message from userland and unwrap it. Return a + * wrapped reply to userland. + */ +static int +gsstest_2(int step, const gss_buffer_t input_token, + OM_uint32 *maj_stat_res, OM_uint32 *min_stat_res, gss_buffer_t output_token) +{ + OM_uint32 maj_stat, min_stat; + static int context_established = 0; + static gss_ctx_id_t server_context = GSS_C_NO_CONTEXT; + static gss_cred_id_t server_cred = GSS_C_NO_CREDENTIAL; + static gss_name_t name = GSS_C_NO_NAME; + gss_buffer_desc name_desc; + gss_buffer_desc message_buf; + gss_OID mech_type = GSS_C_NO_OID; + char enctype[sizeof(uint32_t)]; + int error = EINVAL; + + maj_stat = GSS_S_FAILURE; + min_stat = 0; + switch (step) { + + case 1: + if (server_context == GSS_C_NO_CONTEXT) { + static char sbuf[512]; + snprintf(sbuf, sizeof(sbuf), "nfs@%s", hostname); + name_desc.value = sbuf; + name_desc.length = strlen((const char *) + name_desc.value); + maj_stat = gss_import_name(&min_stat, &name_desc, + GSS_C_NT_HOSTBASED_SERVICE, &name); + if (GSS_ERROR(maj_stat)) { + printf("gss_import_name failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + + maj_stat = gss_acquire_cred(&min_stat, + name, 0, GSS_C_NO_OID_SET, GSS_C_ACCEPT, + &server_cred, NULL, NULL); + if (GSS_ERROR(maj_stat)) { + printf("gss_acquire_cred (server) failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + + enctype[0] = (ETYPE_DES_CBC_CRC >> 24) & 0xff; + enctype[1] = (ETYPE_DES_CBC_CRC >> 16) & 0xff; + enctype[2] = (ETYPE_DES_CBC_CRC >> 8) & 0xff; + enctype[3] = ETYPE_DES_CBC_CRC & 0xff; + message_buf.length = sizeof(enctype); + message_buf.value = enctype; + maj_stat = gss_set_cred_option(&min_stat, &server_cred, + GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X, &message_buf); + if (GSS_ERROR(maj_stat)) { + printf("gss_set_cred_option failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + } + + maj_stat = gss_accept_sec_context(&min_stat, + &server_context, + server_cred, + input_token, + GSS_C_NO_CHANNEL_BINDINGS, + NULL, + &mech_type, + output_token, + NULL, + NULL, + NULL); + if (GSS_ERROR(maj_stat)) { + printf("gss_accept_sec_context failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + + if (maj_stat == GSS_S_COMPLETE) { + context_established = 1; + } + *maj_stat_res = maj_stat; + *min_stat_res = min_stat; + break; + + case 2: + message_buf.length = strlen("Hello world"); + message_buf.value = (void *) "Hello world"; + + maj_stat = gss_verify_mic(&min_stat, server_context, + &message_buf, input_token, NULL); + if (GSS_ERROR(maj_stat)) { + printf("gss_verify_mic failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + + maj_stat = gss_get_mic(&min_stat, server_context, + GSS_C_QOP_DEFAULT, &message_buf, output_token); + if (GSS_ERROR(maj_stat)) { + printf("gss_get_mic failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + break; + + case 3: + maj_stat = gss_unwrap(&min_stat, server_context, + input_token, &message_buf, NULL, NULL); + if (GSS_ERROR(maj_stat)) { + printf("gss_unwrap failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + gss_release_buffer(&min_stat, &message_buf); + + message_buf.length = strlen("Hello world"); + message_buf.value = (void *) "Hello world"; + maj_stat = gss_wrap(&min_stat, server_context, + TRUE, GSS_C_QOP_DEFAULT, &message_buf, NULL, output_token); + if (GSS_ERROR(maj_stat)) { + printf("gss_wrap failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + break; + + case 4: + maj_stat = gss_unwrap(&min_stat, server_context, + input_token, &message_buf, NULL, NULL); + if (GSS_ERROR(maj_stat)) { + printf("gss_unwrap failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + gss_release_buffer(&min_stat, &message_buf); + + message_buf.length = strlen("Hello world"); + message_buf.value = (void *) "Hello world"; + maj_stat = gss_wrap(&min_stat, server_context, + FALSE, GSS_C_QOP_DEFAULT, &message_buf, NULL, output_token); + if (GSS_ERROR(maj_stat)) { + printf("gss_wrap failed\n"); + report_error(mech_type, maj_stat, min_stat); + goto out; + } + break; + + case 5: + error = 0; + goto out; + } + *maj_stat_res = maj_stat; + *min_stat_res = min_stat; + return (0); + +out: + *maj_stat_res = maj_stat; + *min_stat_res = min_stat; + if (server_context) + gss_delete_sec_context(&min_stat, &server_context, + GSS_C_NO_BUFFER); + if (server_cred) + gss_release_cred(&min_stat, &server_cred); + if (name) + gss_release_name(&min_stat, &name); + + return (error); +} + +/* + * Create an RPC client handle for the given (address,prog,vers) + * triple using UDP. + */ +static CLIENT * +gsstest_get_rpc(struct sockaddr *sa, rpcprog_t prog, rpcvers_t vers) +{ + struct thread *td = curthread; + const char* protofmly; + struct sockaddr_storage ss; + struct socket *so; + CLIENT *rpcb; + struct timeval timo; + RPCB parms; + char *uaddr; + enum clnt_stat stat = RPC_SUCCESS; + int rpcvers = RPCBVERS4; + bool_t do_tcp = FALSE; + struct portmap mapping; + u_short port = 0; + + /* + * First we need to contact the remote RPCBIND service to find + * the right port. + */ + memcpy(&ss, sa, sa->sa_len); + switch (ss.ss_family) { + case AF_INET: + ((struct sockaddr_in *)&ss)->sin_port = htons(111); + protofmly = "inet"; + socreate(AF_INET, &so, SOCK_DGRAM, 0, td->td_ucred, td); + break; + +#ifdef INET6 + case AF_INET6: + ((struct sockaddr_in6 *)&ss)->sin6_port = htons(111); + protofmly = "inet6"; + socreate(AF_INET6, &so, SOCK_DGRAM, 0, td->td_ucred, td); + break; +#endif + + default: + /* + * Unsupported address family - fail. + */ + return (NULL); + } + + rpcb = clnt_dg_create(so, (struct sockaddr *)&ss, + RPCBPROG, rpcvers, 0, 0); + if (!rpcb) + return (NULL); + +try_tcp: + parms.r_prog = prog; + parms.r_vers = vers; + if (do_tcp) + parms.r_netid = "tcp"; + else + parms.r_netid = "udp"; + parms.r_addr = ""; + parms.r_owner = ""; + + /* + * Use the default timeout. + */ + timo.tv_sec = 25; + timo.tv_usec = 0; +again: + switch (rpcvers) { + case RPCBVERS4: + case RPCBVERS: + /* + * Try RPCBIND 4 then 3. + */ + uaddr = NULL; + stat = CLNT_CALL(rpcb, (rpcprog_t) RPCBPROC_GETADDR, + (xdrproc_t) xdr_rpcb, &parms, + (xdrproc_t) xdr_wrapstring, &uaddr, timo); + if (stat == RPC_PROGVERSMISMATCH) { + if (rpcvers == RPCBVERS4) + rpcvers = RPCBVERS; + else if (rpcvers == RPCBVERS) + rpcvers = PMAPVERS; + CLNT_CONTROL(rpcb, CLSET_VERS, &rpcvers); + goto again; + } else if (stat == RPC_SUCCESS) { + /* + * We have a reply from the remote RPCBIND - turn it + * into an appropriate address and make a new client + * that can talk to the remote service. + * + * XXX fixup IPv6 scope ID. + */ + struct netbuf *a; + a = __rpc_uaddr2taddr_af(ss.ss_family, uaddr); + xdr_free((xdrproc_t) xdr_wrapstring, &uaddr); + if (!a) { + CLNT_DESTROY(rpcb); + return (NULL); + } + memcpy(&ss, a->buf, a->len); + free(a->buf, M_RPC); + free(a, M_RPC); + } + break; + case PMAPVERS: + /* + * Try portmap. + */ + mapping.pm_prog = parms.r_prog; + mapping.pm_vers = parms.r_vers; + mapping.pm_prot = do_tcp ? IPPROTO_TCP : IPPROTO_UDP; + mapping.pm_port = 0; + + stat = CLNT_CALL(rpcb, (rpcprog_t) PMAPPROC_GETPORT, + (xdrproc_t) xdr_portmap, &mapping, + (xdrproc_t) xdr_u_short, &port, timo); + + if (stat == RPC_SUCCESS) { + switch (ss.ss_family) { + case AF_INET: + ((struct sockaddr_in *)&ss)->sin_port = + htons(port); + break; + +#ifdef INET6 + case AF_INET6: + ((struct sockaddr_in6 *)&ss)->sin6_port = + htons(port); + break; +#endif + } + } + break; + default: + panic("invalid rpcvers %d", rpcvers); + } + /* + * We may have a positive response from the portmapper, but + * the requested service was not found. Make sure we received + * a valid port. + */ + switch (ss.ss_family) { + case AF_INET: + port = ((struct sockaddr_in *)&ss)->sin_port; + break; +#ifdef INET6 + case AF_INET6: + port = ((struct sockaddr_in6 *)&ss)->sin6_port; + break; +#endif + } + if (stat != RPC_SUCCESS || !port) { + /* + * If we were able to talk to rpcbind or portmap, but the udp + * variant wasn't available, ask about tcp. + * + * XXX - We could also check for a TCP portmapper, but + * if the host is running a portmapper at all, we should be able + * to hail it over UDP. + */ + if (stat == RPC_SUCCESS && !do_tcp) { + do_tcp = TRUE; + goto try_tcp; + } + + /* Otherwise, bad news. */ + printf("gsstest_get_rpc: failed to contact remote rpcbind, " + "stat = %d, port = %d\n", + (int) stat, port); + CLNT_DESTROY(rpcb); + return (NULL); + } + + if (do_tcp) { + /* + * Destroy the UDP client we used to speak to rpcbind and + * recreate as a TCP client. + */ + struct netconfig *nconf = NULL; + + CLNT_DESTROY(rpcb); + + switch (ss.ss_family) { + case AF_INET: + nconf = getnetconfigent("tcp"); + break; +#ifdef INET6 + case AF_INET6: + nconf = getnetconfigent("tcp6"); + break; +#endif + } + + rpcb = clnt_reconnect_create(nconf, (struct sockaddr *)&ss, + prog, vers, 0, 0); + } else { + /* + * Re-use the client we used to speak to rpcbind. + */ + CLNT_CONTROL(rpcb, CLSET_SVC_ADDR, &ss); + CLNT_CONTROL(rpcb, CLSET_PROG, &prog); + CLNT_CONTROL(rpcb, CLSET_VERS, &vers); + } + + return (rpcb); +} + +/* + * RPCSEC_GSS client + */ +static int +gsstest_3(void) +{ + struct sockaddr_in sin; + char service[128]; + CLIENT *client; + AUTH *auth; + rpc_gss_options_ret_t options_ret; + enum clnt_stat stat; + struct timeval tv; + rpc_gss_service_t svc; + int i; + + sin.sin_len = sizeof(sin); + sin.sin_family = AF_INET; + sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + sin.sin_port = 0; + + client = gsstest_get_rpc((struct sockaddr *) &sin, 123456, 1); + if (!client) { + uprintf("Can't connect to service\n"); + return(1); + } + + snprintf(service, sizeof(service), "host@%s", hostname); + + auth = rpc_gss_seccreate(client, curthread->td_ucred, + service, "kerberosv5", rpc_gss_svc_privacy, + NULL, NULL, &options_ret); + if (!auth) { + gss_OID oid; + uprintf("Can't authorize to service (mech=%s)\n", + options_ret.actual_mechanism); + oid = GSS_C_NO_OID; + rpc_gss_mech_to_oid(options_ret.actual_mechanism, &oid); + report_error(oid, options_ret.major_status, + options_ret.minor_status); + CLNT_DESTROY(client); + return (1); + } + + for (svc = rpc_gss_svc_none; svc <= rpc_gss_svc_privacy; svc++) { + const char *svc_names[] = { + "rpc_gss_svc_default", + "rpc_gss_svc_none", + "rpc_gss_svc_integrity", + "rpc_gss_svc_privacy" + }; + int num; + + rpc_gss_set_defaults(auth, svc, NULL); + + client->cl_auth = auth; + tv.tv_sec = 5; + tv.tv_usec = 0; + for (i = 42; i < 142; i++) { + num = i; + stat = CLNT_CALL(client, 1, + (xdrproc_t) xdr_int, (char *) &num, + (xdrproc_t) xdr_int, (char *) &num, tv); + if (stat == RPC_SUCCESS) { + if (num != i + 100) + uprintf("unexpected reply %d\n", num); + } else { + uprintf("call failed, stat=%d\n", (int) stat); + break; + } + } + if (i == 142) + uprintf("call succeeded with %s\n", svc_names[svc]); + } + + AUTH_DESTROY(auth); + CLNT_RELEASE(client); + + return (0); +} + +/* + * RPCSEC_GSS server + */ +static rpc_gss_principal_t server_acl = NULL; +static bool_t server_new_context(struct svc_req *req, gss_cred_id_t deleg, + gss_ctx_id_t gss_context, rpc_gss_lock_t *lock, void **cookie); +static void server_program_1(struct svc_req *rqstp, register SVCXPRT *transp); + +static int +gsstest_4(void) +{ + SVCPOOL *pool; + char principal[128 + 5]; + const char **mechs; + static rpc_gss_callback_t cb; + + snprintf(principal, sizeof(principal), "host@%s", hostname); + + mechs = rpc_gss_get_mechanisms(); + while (*mechs) { + if (!rpc_gss_set_svc_name(principal, *mechs, GSS_C_INDEFINITE, + 123456, 1)) { + rpc_gss_error_t e; + + rpc_gss_get_error(&e); + printf("setting name for %s for %s failed: %d, %d\n", + principal, *mechs, + e.rpc_gss_error, e.system_error); + } + mechs++; + } + + cb.program = 123456; + cb.version = 1; + cb.callback = server_new_context; + rpc_gss_set_callback(&cb); + + pool = svcpool_create("gsstest", NULL); + + svc_create(pool, server_program_1, 123456, 1, NULL); + svc_run(pool); + + rpc_gss_clear_svc_name(123456, 1); + rpc_gss_clear_callback(&cb); + + svcpool_destroy(pool); + + return (0); +} + +static void +server_program_1(struct svc_req *rqstp, register SVCXPRT *transp) +{ + rpc_gss_rawcred_t *rcred; + rpc_gss_ucred_t *ucred; + int i, num; + + if (rqstp->rq_cred.oa_flavor != RPCSEC_GSS) { + svcerr_weakauth(rqstp); + return; + } + + if (!rpc_gss_getcred(rqstp, &rcred, &ucred, NULL)) { + svcerr_systemerr(rqstp); + return; + } + + printf("svc=%d, mech=%s, uid=%d, gid=%d, gids={", + rcred->service, rcred->mechanism, ucred->uid, ucred->gid); + for (i = 0; i < ucred->gidlen; i++) { + if (i > 0) printf(","); + printf("%d", ucred->gidlist[i]); + } + printf("}\n"); + + switch (rqstp->rq_proc) { + case 0: + if (!svc_getargs(rqstp, (xdrproc_t) xdr_void, 0)) { + svcerr_decode(rqstp); + goto out; + } + if (!svc_sendreply(rqstp, (xdrproc_t) xdr_void, 0)) { + svcerr_systemerr(rqstp); + } + goto out; + + case 1: + if (!svc_getargs(rqstp, (xdrproc_t) xdr_int, + (char *) &num)) { + svcerr_decode(rqstp); + goto out; + } + num += 100; + if (!svc_sendreply(rqstp, (xdrproc_t) xdr_int, + (char *) &num)) { + svcerr_systemerr(rqstp); + } + goto out; + + default: + svcerr_noproc(rqstp); + goto out; + } + +out: + return; +} + +static void +print_principal(rpc_gss_principal_t principal) +{ + int i, len, n; + uint8_t *p; + + len = principal->len; + p = (uint8_t *) principal->name; + while (len > 0) { + n = len; + if (n > 16) + n = 16; + for (i = 0; i < n; i++) + printf("%02x ", p[i]); + for (; i < 16; i++) + printf(" "); + printf("|"); + for (i = 0; i < n; i++) + printf("%c", isprint(p[i]) ? p[i] : '.'); + printf("|\n"); + len -= n; + p += n; + } +} + +static bool_t +server_new_context(__unused struct svc_req *req, + gss_cred_id_t deleg, + __unused gss_ctx_id_t gss_context, + rpc_gss_lock_t *lock, + __unused void **cookie) +{ + rpc_gss_rawcred_t *rcred = lock->raw_cred; + OM_uint32 junk; + + printf("new security context version=%d, mech=%s, qop=%s:\n", + rcred->version, rcred->mechanism, rcred->qop); + print_principal(rcred->client_principal); + + if (server_acl) { + if (rcred->client_principal->len != server_acl->len + || memcmp(rcred->client_principal->name, server_acl->name, + server_acl->len)) { + return (FALSE); + } + } + gss_release_cred(&junk, &deleg); + + return (TRUE); +} + +/* + * Hook up a syscall for gssapi testing. + */ + +struct gsstest_args { + int a_op; + void *a_args; + void *a_res; +}; + +struct gsstest_2_args { + int step; /* test step number */ + gss_buffer_desc input_token; /* token from userland */ + gss_buffer_desc output_token; /* buffer to receive reply token */ +}; +struct gsstest_2_res { + OM_uint32 maj_stat; /* maj_stat from kernel */ + OM_uint32 min_stat; /* min_stat from kernel */ + gss_buffer_desc output_token; /* reply token (using space from gsstest_2_args.output) */ +}; + +static int +gsstest(struct thread *td, struct gsstest_args *uap) +{ + int error; + + switch (uap->a_op) { + case 1: + return (gsstest_1()); + + case 2: { + struct gsstest_2_args args; + struct gsstest_2_res res; + gss_buffer_desc input_token, output_token; + OM_uint32 junk; + + error = copyin(uap->a_args, &args, sizeof(args)); + if (error) + return (error); + input_token.length = args.input_token.length; + input_token.value = malloc(input_token.length, M_GSSAPI, + M_WAITOK); + error = copyin(args.input_token.value, input_token.value, + input_token.length); + if (error) { + gss_release_buffer(&junk, &input_token); + return (error); + } + output_token.length = 0; + output_token.value = NULL; + gsstest_2(args.step, &input_token, + &res.maj_stat, &res.min_stat, &output_token); + gss_release_buffer(&junk, &input_token); + if (output_token.length > args.output_token.length) { + gss_release_buffer(&junk, &output_token); + return (EOVERFLOW); + } + res.output_token.length = output_token.length; + res.output_token.value = args.output_token.value; + error = copyout(output_token.value, res.output_token.value, + output_token.length); + gss_release_buffer(&junk, &output_token); + if (error) + return (error); + + return (copyout(&res, uap->a_res, sizeof(res))); + + break; + } + case 3: + return (gsstest_3()); + case 4: + return (gsstest_4()); + } + + return (EINVAL); +} + +/* + * The `sysent' for the new syscall + */ +static struct sysent gsstest_sysent = { + 3, /* sy_narg */ + (sy_call_t *) gsstest /* sy_call */ +}; + +/* + * The offset in sysent where the syscall is allocated. + */ +static int gsstest_offset = NO_SYSCALL; + +/* + * The function called at load/unload. + */ + + +static int +gsstest_load(struct module *module, int cmd, void *arg) +{ + int error = 0; + + switch (cmd) { + case MOD_LOAD : + break; + case MOD_UNLOAD : + break; + default : + error = EOPNOTSUPP; + break; + } + return error; +} + +SYSCALL_MODULE(gsstest_syscall, &gsstest_offset, &gsstest_sysent, + gsstest_load, NULL); diff --git a/sys/kgssapi/kgss_if.m b/sys/kgssapi/kgss_if.m new file mode 100644 index 0000000..53d499a --- /dev/null +++ b/sys/kgssapi/kgss_if.m @@ -0,0 +1,95 @@ +#- +# Copyright (c) 2008 Isilon Inc http://www.isilon.com/ +# Authors: Doug Rabson <dfr@rabson.org> +# Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ + +# Interface for the in-kernel part of a GSS-API mechanism + +#include <kgssapi/gssapi.h> +#include "gssd.h" + +INTERFACE kgss; + +METHOD void init { + gss_ctx_id_t ctx; +}; + +METHOD OM_uint32 import { + gss_ctx_id_t ctx; + enum sec_context_format format; + const gss_buffer_t context_token; +}; + +METHOD void delete { + gss_ctx_id_t ctx; + gss_buffer_t output_token; +}; + +METHOD gss_OID mech_type { + gss_ctx_id_t ctx; +}; + +METHOD OM_uint32 get_mic { + gss_ctx_id_t ctx; + OM_uint32 *minor_status; + gss_qop_t qop_req; + struct mbuf *message_buffer; + struct mbuf **message_token; +}; + +METHOD OM_uint32 verify_mic { + gss_ctx_id_t ctx; + OM_uint32 *minor_status; + struct mbuf *message_buffer; + struct mbuf *token_buffer; + gss_qop_t *qop_state; +}; + +METHOD OM_uint32 wrap { + gss_ctx_id_t ctx; + OM_uint32 *minor_status; + int conf_req_flag; + gss_qop_t qop_req; + struct mbuf **message_buffer; + int *conf_state; +}; + +METHOD OM_uint32 unwrap { + gss_ctx_id_t ctx; + OM_uint32 *minor_status; + struct mbuf **message_buffer; + int *conf_state; + gss_qop_t *qop_state; +}; + +METHOD OM_uint32 wrap_size_limit { + gss_ctx_id_t ctx; + OM_uint32 *minor_status; + int conf_req_flag; + gss_qop_t qop_req; + OM_uint32 req_ouput_size; + OM_uint32 *max_input_size; +} diff --git a/sys/kgssapi/krb5/kcrypto.c b/sys/kgssapi/krb5/kcrypto.c new file mode 100644 index 0000000..27ee3ec --- /dev/null +++ b/sys/kgssapi/krb5/kcrypto.c @@ -0,0 +1,266 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/malloc.h> +#include <sys/kobj.h> +#include <sys/mbuf.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kcrypto.h" + +static struct krb5_encryption_class *krb5_encryption_classes[] = { + &krb5_des_encryption_class, + &krb5_des3_encryption_class, + &krb5_aes128_encryption_class, + &krb5_aes256_encryption_class, + &krb5_arcfour_encryption_class, + &krb5_arcfour_56_encryption_class, + NULL +}; + +struct krb5_encryption_class * +krb5_find_encryption_class(int etype) +{ + int i; + + for (i = 0; krb5_encryption_classes[i]; i++) { + if (krb5_encryption_classes[i]->ec_type == etype) + return (krb5_encryption_classes[i]); + } + return (NULL); +} + +struct krb5_key_state * +krb5_create_key(const struct krb5_encryption_class *ec) +{ + struct krb5_key_state *ks; + + ks = malloc(sizeof(struct krb5_key_state), M_GSSAPI, M_WAITOK); + ks->ks_class = ec; + refcount_init(&ks->ks_refs, 1); + ks->ks_key = malloc(ec->ec_keylen, M_GSSAPI, M_WAITOK); + ec->ec_init(ks); + + return (ks); +} + +void +krb5_free_key(struct krb5_key_state *ks) +{ + + if (refcount_release(&ks->ks_refs)) { + ks->ks_class->ec_destroy(ks); + bzero(ks->ks_key, ks->ks_class->ec_keylen); + free(ks->ks_key, M_GSSAPI); + free(ks, M_GSSAPI); + } +} + +static size_t +gcd(size_t a, size_t b) +{ + + if (b == 0) + return (a); + return gcd(b, a % b); +} + +static size_t +lcm(size_t a, size_t b) +{ + return ((a * b) / gcd(a, b)); +} + +/* + * Rotate right 13 of a variable precision number in 'in', storing the + * result in 'out'. The number is assumed to be big-endian in memory + * representation. + */ +static void +krb5_rotate_right_13(uint8_t *out, uint8_t *in, size_t numlen) +{ + uint32_t carry; + size_t i; + + /* + * Special case when numlen == 1. A rotate right 13 of a + * single byte number changes to a rotate right 5. + */ + if (numlen == 1) { + carry = in[0] >> 5; + out[0] = (in[0] << 3) | carry; + return; + } + + carry = ((in[numlen - 2] & 31) << 8) | in[numlen - 1]; + for (i = 2; i < numlen; i++) { + out[i] = ((in[i - 2] & 31) << 3) | (in[i - 1] >> 5); + } + out[1] = ((carry & 31) << 3) | (in[0] >> 5); + out[0] = carry >> 5; +} + +/* + * Add two variable precision numbers in big-endian representation + * using ones-complement arithmetic. + */ +static void +krb5_ones_complement_add(uint8_t *out, const uint8_t *in, size_t len) +{ + int n, i; + + /* + * First calculate the 2s complement sum, remembering the + * carry. + */ + n = 0; + for (i = len - 1; i >= 0; i--) { + n = out[i] + in[i] + n; + out[i] = n; + n >>= 8; + } + /* + * Then add back the carry. + */ + for (i = len - 1; n && i >= 0; i--) { + n = out[i] + n; + out[i] = n; + n >>= 8; + } +} + +static void +krb5_n_fold(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) +{ + size_t tmplen; + uint8_t *tmp; + size_t i; + uint8_t *p; + + tmplen = lcm(inlen, outlen); + tmp = malloc(tmplen, M_GSSAPI, M_WAITOK); + + bcopy(in, tmp, inlen); + for (i = inlen, p = tmp; i < tmplen; i += inlen, p += inlen) { + krb5_rotate_right_13(p + inlen, p, inlen); + } + bzero(out, outlen); + for (i = 0, p = tmp; i < tmplen; i += outlen, p += outlen) { + krb5_ones_complement_add(out, p, outlen); + } + free(tmp, M_GSSAPI); +} + +struct krb5_key_state * +krb5_derive_key(struct krb5_key_state *inkey, + void *constant, size_t constantlen) +{ + struct krb5_key_state *dk; + const struct krb5_encryption_class *ec = inkey->ks_class; + uint8_t *folded; + uint8_t *bytes, *p, *q; + struct mbuf *m; + int randomlen, i; + + /* + * Expand the constant to blocklen bytes. + */ + folded = malloc(ec->ec_blocklen, M_GSSAPI, M_WAITOK); + krb5_n_fold(folded, ec->ec_blocklen, constant, constantlen); + + /* + * Generate enough bytes for keybits rounded up to a multiple + * of blocklen. + */ + randomlen = ((ec->ec_keybits/8 + ec->ec_blocklen - 1) / ec->ec_blocklen) + * ec->ec_blocklen; + bytes = malloc(randomlen, M_GSSAPI, M_WAITOK); + MGET(m, M_WAITOK, MT_DATA); + m->m_len = ec->ec_blocklen; + for (i = 0, p = bytes, q = folded; i < randomlen; + q = p, i += ec->ec_blocklen, p += ec->ec_blocklen) { + bcopy(q, m->m_data, ec->ec_blocklen); + krb5_encrypt(inkey, m, 0, ec->ec_blocklen, NULL, 0); + bcopy(m->m_data, p, ec->ec_blocklen); + } + m_free(m); + + dk = krb5_create_key(ec); + krb5_random_to_key(dk, bytes); + + free(folded, M_GSSAPI); + free(bytes, M_GSSAPI); + + return (dk); +} + +static struct krb5_key_state * +krb5_get_usage_key(struct krb5_key_state *basekey, int usage, int which) +{ + const struct krb5_encryption_class *ec = basekey->ks_class; + + if (ec->ec_flags & EC_DERIVED_KEYS) { + uint8_t constant[5]; + + constant[0] = usage >> 24; + constant[1] = usage >> 16; + constant[2] = usage >> 8; + constant[3] = usage; + constant[4] = which; + return (krb5_derive_key(basekey, constant, 5)); + } else { + refcount_acquire(&basekey->ks_refs); + return (basekey); + } +} + +struct krb5_key_state * +krb5_get_encryption_key(struct krb5_key_state *basekey, int usage) +{ + + return (krb5_get_usage_key(basekey, usage, 0xaa)); +} + +struct krb5_key_state * +krb5_get_integrity_key(struct krb5_key_state *basekey, int usage) +{ + + return (krb5_get_usage_key(basekey, usage, 0x55)); +} + +struct krb5_key_state * +krb5_get_checksum_key(struct krb5_key_state *basekey, int usage) +{ + + return (krb5_get_usage_key(basekey, usage, 0x99)); +} diff --git a/sys/kgssapi/krb5/kcrypto.h b/sys/kgssapi/krb5/kcrypto.h new file mode 100644 index 0000000..5486641 --- /dev/null +++ b/sys/kgssapi/krb5/kcrypto.h @@ -0,0 +1,154 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include <sys/_iovec.h> + +#define ETYPE_NULL 0 +#define ETYPE_DES_CBC_CRC 1 +#define ETYPE_DES_CBC_MD4 2 +#define ETYPE_DES_CBC_MD5 3 +#define ETYPE_DES3_CBC_MD5 5 +#define ETYPE_OLD_DES3_CBC_SHA1 7 +#define ETYPE_DES3_CBC_SHA1 16 +#define ETYPE_AES128_CTS_HMAC_SHA1_96 17 +#define ETYPE_AES256_CTS_HMAC_SHA1_96 18 +#define ETYPE_ARCFOUR_HMAC_MD5 23 +#define ETYPE_ARCFOUR_HMAC_MD5_56 24 + +/* + * Key usages for des3-cbc-sha1 tokens + */ +#define KG_USAGE_SEAL 22 +#define KG_USAGE_SIGN 23 +#define KG_USAGE_SEQ 24 + +/* + * Key usages for RFC4121 tokens + */ +#define KG_USAGE_ACCEPTOR_SEAL 22 +#define KG_USAGE_ACCEPTOR_SIGN 23 +#define KG_USAGE_INITIATOR_SEAL 24 +#define KG_USAGE_INITIATOR_SIGN 25 + +struct krb5_key_state; + +typedef void init_func(struct krb5_key_state *ks); +typedef void destroy_func(struct krb5_key_state *ks); +typedef void set_key_func(struct krb5_key_state *ks, const void *in); +typedef void random_to_key_func(struct krb5_key_state *ks, const void *in); +typedef void encrypt_func(const struct krb5_key_state *ks, + struct mbuf *inout, size_t skip, size_t len, void *ivec, size_t ivlen); +typedef void checksum_func(const struct krb5_key_state *ks, int usage, + struct mbuf *inout, size_t skip, size_t inlen, size_t outlen); + +struct krb5_encryption_class { + const char *ec_name; + int ec_type; + int ec_flags; +#define EC_DERIVED_KEYS 1 + size_t ec_blocklen; + size_t ec_msgblocklen; + size_t ec_checksumlen; + size_t ec_keybits; /* key length in bits */ + size_t ec_keylen; /* size of key in memory */ + init_func *ec_init; + destroy_func *ec_destroy; + set_key_func *ec_set_key; + random_to_key_func *ec_random_to_key; + encrypt_func *ec_encrypt; + encrypt_func *ec_decrypt; + checksum_func *ec_checksum; +}; + +struct krb5_key_state { + const struct krb5_encryption_class *ks_class; + volatile u_int ks_refs; + void *ks_key; + void *ks_priv; +}; + +extern struct krb5_encryption_class krb5_des_encryption_class; +extern struct krb5_encryption_class krb5_des3_encryption_class; +extern struct krb5_encryption_class krb5_aes128_encryption_class; +extern struct krb5_encryption_class krb5_aes256_encryption_class; +extern struct krb5_encryption_class krb5_arcfour_encryption_class; +extern struct krb5_encryption_class krb5_arcfour_56_encryption_class; + +static __inline void +krb5_set_key(struct krb5_key_state *ks, const void *keydata) +{ + + ks->ks_class->ec_set_key(ks, keydata); +} + +static __inline void +krb5_random_to_key(struct krb5_key_state *ks, const void *keydata) +{ + + ks->ks_class->ec_random_to_key(ks, keydata); +} + +static __inline void +krb5_encrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + + ks->ks_class->ec_encrypt(ks, inout, skip, len, ivec, ivlen); +} + +static __inline void +krb5_decrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + + ks->ks_class->ec_decrypt(ks, inout, skip, len, ivec, ivlen); +} + +static __inline void +krb5_checksum(const struct krb5_key_state *ks, int usage, + struct mbuf *inout, size_t skip, size_t inlen, size_t outlen) +{ + + ks->ks_class->ec_checksum(ks, usage, inout, skip, inlen, outlen); +} + +extern struct krb5_encryption_class * + krb5_find_encryption_class(int etype); +extern struct krb5_key_state * + krb5_create_key(const struct krb5_encryption_class *ec); +extern void krb5_free_key(struct krb5_key_state *ks); +extern struct krb5_key_state * + krb5_derive_key(struct krb5_key_state *inkey, + void *constant, size_t constantlen); +extern struct krb5_key_state * + krb5_get_encryption_key(struct krb5_key_state *basekey, int usage); +extern struct krb5_key_state * + krb5_get_integrity_key(struct krb5_key_state *basekey, int usage); +extern struct krb5_key_state * + krb5_get_checksum_key(struct krb5_key_state *basekey, int usage); diff --git a/sys/kgssapi/krb5/kcrypto_aes.c b/sys/kgssapi/krb5/kcrypto_aes.c new file mode 100644 index 0000000..d2dac21 --- /dev/null +++ b/sys/kgssapi/krb5/kcrypto_aes.c @@ -0,0 +1,384 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/lock.h> +#include <sys/malloc.h> +#include <sys/mutex.h> +#include <sys/kobj.h> +#include <sys/mbuf.h> +#include <opencrypto/cryptodev.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kcrypto.h" + +struct aes_state { + struct mtx as_lock; + uint64_t as_session; +}; + +static void +aes_init(struct krb5_key_state *ks) +{ + struct aes_state *as; + + as = malloc(sizeof(struct aes_state), M_GSSAPI, M_WAITOK|M_ZERO); + mtx_init(&as->as_lock, "gss aes lock", NULL, MTX_DEF); + ks->ks_priv = as; +} + +static void +aes_destroy(struct krb5_key_state *ks) +{ + struct aes_state *as = ks->ks_priv; + + if (as->as_session) + crypto_freesession(as->as_session); + mtx_destroy(&as->as_lock); + free(ks->ks_priv, M_GSSAPI); +} + +static void +aes_set_key(struct krb5_key_state *ks, const void *in) +{ + void *kp = ks->ks_key; + struct aes_state *as = ks->ks_priv; + struct cryptoini cri[2]; + + if (kp != in) + bcopy(in, kp, ks->ks_class->ec_keylen); + + if (as->as_session) + crypto_freesession(as->as_session); + + bzero(cri, sizeof(cri)); + + /* + * We only want the first 96 bits of the HMAC. + */ + cri[0].cri_alg = CRYPTO_SHA1_HMAC; + cri[0].cri_klen = ks->ks_class->ec_keybits; + cri[0].cri_mlen = 12; + cri[0].cri_key = ks->ks_key; + cri[0].cri_next = &cri[1]; + + cri[1].cri_alg = CRYPTO_AES_CBC; + cri[1].cri_klen = ks->ks_class->ec_keybits; + cri[1].cri_mlen = 0; + cri[1].cri_key = ks->ks_key; + cri[1].cri_next = NULL; + + crypto_newsession(&as->as_session, cri, + CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE); +} + +static void +aes_random_to_key(struct krb5_key_state *ks, const void *in) +{ + + aes_set_key(ks, in); +} + +static int +aes_crypto_cb(struct cryptop *crp) +{ + int error; + struct aes_state *as = (struct aes_state *) crp->crp_opaque; + + if (CRYPTO_SESID2CAPS(as->as_session) & CRYPTOCAP_F_SYNC) + return (0); + + error = crp->crp_etype; + if (error == EAGAIN) + error = crypto_dispatch(crp); + mtx_lock(&as->as_lock); + if (error || (crp->crp_flags & CRYPTO_F_DONE)) + wakeup(crp); + mtx_unlock(&as->as_lock); + + return (0); +} + +static void +aes_encrypt_1(const struct krb5_key_state *ks, int buftype, void *buf, + size_t skip, size_t len, void *ivec, int encdec) +{ + struct aes_state *as = ks->ks_priv; + struct cryptop *crp; + struct cryptodesc *crd; + int error; + + crp = crypto_getreq(1); + crd = crp->crp_desc; + + crd->crd_skip = skip; + crd->crd_len = len; + crd->crd_flags = CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT | encdec; + if (ivec) { + bcopy(ivec, crd->crd_iv, 16); + } else { + bzero(crd->crd_iv, 16); + } + crd->crd_next = NULL; + crd->crd_alg = CRYPTO_AES_CBC; + + crp->crp_sid = as->as_session; + crp->crp_flags = buftype | CRYPTO_F_CBIFSYNC; + crp->crp_buf = buf; + crp->crp_opaque = (void *) as; + crp->crp_callback = aes_crypto_cb; + + error = crypto_dispatch(crp); + + if ((CRYPTO_SESID2CAPS(as->as_session) & CRYPTOCAP_F_SYNC) == 0) { + mtx_lock(&as->as_lock); + if (!error && !(crp->crp_flags & CRYPTO_F_DONE)) + error = msleep(crp, &as->as_lock, 0, "gssaes", 0); + mtx_unlock(&as->as_lock); + } + + crypto_freereq(crp); +} + +static void +aes_encrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + size_t blocklen = 16, plen; + struct { + uint8_t cn_1[16], cn[16]; + } last2; + int i, off; + + /* + * AES encryption with cyphertext stealing: + * + * CTSencrypt(P[0], ..., P[n], IV, K): + * len = length(P[n]) + * (C[0], ..., C[n-2], E[n-1]) = + * CBCencrypt(P[0], ..., P[n-1], IV, K) + * P = pad(P[n], 0, blocksize) + * E[n] = CBCencrypt(P, E[n-1], K); + * C[n-1] = E[n] + * C[n] = E[n-1]{0..len-1} + */ + plen = len % blocklen; + if (len == blocklen) { + /* + * Note: caller will ensure len >= blocklen. + */ + aes_encrypt_1(ks, CRYPTO_F_IMBUF, inout, skip, len, ivec, + CRD_F_ENCRYPT); + } else if (plen == 0) { + /* + * This is equivalent to CBC mode followed by swapping + * the last two blocks. We assume that neither of the + * last two blocks cross iov boundaries. + */ + aes_encrypt_1(ks, CRYPTO_F_IMBUF, inout, skip, len, ivec, + CRD_F_ENCRYPT); + off = skip + len - 2 * blocklen; + m_copydata(inout, off, 2 * blocklen, (void*) &last2); + m_copyback(inout, off, blocklen, last2.cn); + m_copyback(inout, off + blocklen, blocklen, last2.cn_1); + } else { + /* + * This is the difficult case. We encrypt all but the + * last partial block first. We then create a padded + * copy of the last block and encrypt that using the + * second to last encrypted block as IV. Once we have + * the encrypted versions of the last two blocks, we + * reshuffle to create the final result. + */ + aes_encrypt_1(ks, CRYPTO_F_IMBUF, inout, skip, len - plen, + ivec, CRD_F_ENCRYPT); + + /* + * Copy out the last two blocks, pad the last block + * and encrypt it. Rearrange to get the final + * result. The cyphertext for cn_1 is in cn. The + * cyphertext for cn is the first plen bytes of what + * is in cn_1 now. + */ + off = skip + len - blocklen - plen; + m_copydata(inout, off, blocklen + plen, (void*) &last2); + for (i = plen; i < blocklen; i++) + last2.cn[i] = 0; + aes_encrypt_1(ks, 0, last2.cn, 0, blocklen, last2.cn_1, + CRD_F_ENCRYPT); + m_copyback(inout, off, blocklen, last2.cn); + m_copyback(inout, off + blocklen, plen, last2.cn_1); + } +} + +static void +aes_decrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + size_t blocklen = 16, plen; + struct { + uint8_t cn_1[16], cn[16]; + } last2; + int i, off, t; + + /* + * AES decryption with cyphertext stealing: + * + * CTSencrypt(C[0], ..., C[n], IV, K): + * len = length(C[n]) + * E[n] = C[n-1] + * X = decrypt(E[n], K) + * P[n] = (X ^ C[n]){0..len-1} + * E[n-1] = {C[n,0],...,C[n,len-1],X[len],...,X[blocksize-1]} + * (P[0],...,P[n-1]) = CBCdecrypt(C[0],...,C[n-2],E[n-1], IV, K) + */ + plen = len % blocklen; + if (len == blocklen) { + /* + * Note: caller will ensure len >= blocklen. + */ + aes_encrypt_1(ks, CRYPTO_F_IMBUF, inout, skip, len, ivec, 0); + } else if (plen == 0) { + /* + * This is equivalent to CBC mode followed by swapping + * the last two blocks. + */ + off = skip + len - 2 * blocklen; + m_copydata(inout, off, 2 * blocklen, (void*) &last2); + m_copyback(inout, off, blocklen, last2.cn); + m_copyback(inout, off + blocklen, blocklen, last2.cn_1); + aes_encrypt_1(ks, CRYPTO_F_IMBUF, inout, skip, len, ivec, 0); + } else { + /* + * This is the difficult case. We first decrypt the + * second to last block with a zero IV to make X. The + * plaintext for the last block is the XOR of X and + * the last cyphertext block. + * + * We derive a new cypher text for the second to last + * block by mixing the unused bytes of X with the last + * cyphertext block. The result of that can be + * decrypted with the rest in CBC mode. + */ + off = skip + len - plen - blocklen; + aes_encrypt_1(ks, CRYPTO_F_IMBUF, inout, off, blocklen, + NULL, 0); + m_copydata(inout, off, blocklen + plen, (void*) &last2); + + for (i = 0; i < plen; i++) { + t = last2.cn[i]; + last2.cn[i] ^= last2.cn_1[i]; + last2.cn_1[i] = t; + } + + m_copyback(inout, off, blocklen + plen, (void*) &last2); + aes_encrypt_1(ks, CRYPTO_F_IMBUF, inout, skip, len - plen, + ivec, 0); + } + +} + +static void +aes_checksum(const struct krb5_key_state *ks, int usage, + struct mbuf *inout, size_t skip, size_t inlen, size_t outlen) +{ + struct aes_state *as = ks->ks_priv; + struct cryptop *crp; + struct cryptodesc *crd; + int error; + + crp = crypto_getreq(1); + crd = crp->crp_desc; + + crd->crd_skip = skip; + crd->crd_len = inlen; + crd->crd_inject = skip + inlen; + crd->crd_flags = 0; + crd->crd_next = NULL; + crd->crd_alg = CRYPTO_SHA1_HMAC; + + crp->crp_sid = as->as_session; + crp->crp_ilen = inlen; + crp->crp_olen = 12; + crp->crp_etype = 0; + crp->crp_flags = CRYPTO_F_IMBUF | CRYPTO_F_CBIFSYNC; + crp->crp_buf = (void *) inout; + crp->crp_opaque = (void *) as; + crp->crp_callback = aes_crypto_cb; + + error = crypto_dispatch(crp); + + if ((CRYPTO_SESID2CAPS(as->as_session) & CRYPTOCAP_F_SYNC) == 0) { + mtx_lock(&as->as_lock); + if (!error && !(crp->crp_flags & CRYPTO_F_DONE)) + error = msleep(crp, &as->as_lock, 0, "gssaes", 0); + mtx_unlock(&as->as_lock); + } + + crypto_freereq(crp); +} + +struct krb5_encryption_class krb5_aes128_encryption_class = { + "aes128-cts-hmac-sha1-96", /* name */ + ETYPE_AES128_CTS_HMAC_SHA1_96, /* etype */ + EC_DERIVED_KEYS, /* flags */ + 16, /* blocklen */ + 1, /* msgblocklen */ + 12, /* checksumlen */ + 128, /* keybits */ + 16, /* keylen */ + aes_init, + aes_destroy, + aes_set_key, + aes_random_to_key, + aes_encrypt, + aes_decrypt, + aes_checksum +}; + +struct krb5_encryption_class krb5_aes256_encryption_class = { + "aes256-cts-hmac-sha1-96", /* name */ + ETYPE_AES256_CTS_HMAC_SHA1_96, /* etype */ + EC_DERIVED_KEYS, /* flags */ + 16, /* blocklen */ + 1, /* msgblocklen */ + 12, /* checksumlen */ + 256, /* keybits */ + 32, /* keylen */ + aes_init, + aes_destroy, + aes_set_key, + aes_random_to_key, + aes_encrypt, + aes_decrypt, + aes_checksum +}; diff --git a/sys/kgssapi/krb5/kcrypto_arcfour.c b/sys/kgssapi/krb5/kcrypto_arcfour.c new file mode 100644 index 0000000..d672186 --- /dev/null +++ b/sys/kgssapi/krb5/kcrypto_arcfour.c @@ -0,0 +1,220 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/lock.h> +#include <sys/malloc.h> +#include <sys/md5.h> +#include <sys/kobj.h> +#include <sys/mbuf.h> +#include <crypto/rc4/rc4.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kcrypto.h" + +static void +arcfour_init(struct krb5_key_state *ks) +{ + + ks->ks_priv = NULL; +} + +static void +arcfour_destroy(struct krb5_key_state *ks) +{ + +} + +static void +arcfour_set_key(struct krb5_key_state *ks, const void *in) +{ + void *kp = ks->ks_key; + + if (kp != in) + bcopy(in, kp, 16); +} + +static void +arcfour_random_to_key(struct krb5_key_state *ks, const void *in) +{ + + arcfour_set_key(ks, in); +} + +static void +arcfour_hmac(uint8_t *key, uint8_t *data, size_t datalen, + uint8_t *result) +{ + uint8_t buf[64]; + MD5_CTX md5; + int i; + + for (i = 0; i < 16; i++) + buf[i] = key[i] ^ 0x36; + for (; i < 64; i++) + buf[i] = 0x36; + + MD5Init(&md5); + MD5Update(&md5, buf, 64); + MD5Update(&md5, data, datalen); + MD5Final(result, &md5); + + for (i = 0; i < 16; i++) + buf[i] = key[i] ^ 0x5c; + for (; i < 64; i++) + buf[i] = 0x5c; + + MD5Init(&md5); + MD5Update(&md5, buf, 64); + MD5Update(&md5, result, 16); + MD5Final(result, &md5); +} + +static void +arcfour_derive_key(const struct krb5_key_state *ks, uint32_t usage, + uint8_t *newkey) +{ + uint8_t t[4]; + + t[0] = (usage >> 24); + t[1] = (usage >> 16); + t[2] = (usage >> 8); + t[3] = (usage >> 0); + if (ks->ks_class->ec_type == ETYPE_ARCFOUR_HMAC_MD5_56) { + uint8_t L40[14] = "fortybits"; + bcopy(t, L40 + 10, 4); + arcfour_hmac(ks->ks_key, L40, 14, newkey); + memset(newkey + 7, 0xab, 9); + } else { + arcfour_hmac(ks->ks_key, t, 4, newkey); + } +} + +static int +rc4_crypt_int(void *rs, void *buf, u_int len) +{ + + rc4_crypt(rs, buf, buf, len); + return (0); +} + +static void +arcfour_encrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + struct rc4_state rs; + uint8_t newkey[16]; + + arcfour_derive_key(ks, 0, newkey); + + /* + * If we have an IV, then generate a new key from it using HMAC. + */ + if (ivec) { + uint8_t kk[16]; + arcfour_hmac(newkey, ivec, ivlen, kk); + rc4_init(&rs, kk, 16); + } else { + rc4_init(&rs, newkey, 16); + } + + m_apply(inout, skip, len, rc4_crypt_int, &rs); +} + +static int +MD5Update_int(void *ctx, void *buf, u_int len) +{ + + MD5Update(ctx, buf, len); + return (0); +} + +static void +arcfour_checksum(const struct krb5_key_state *ks, int usage, + struct mbuf *inout, size_t skip, size_t inlen, size_t outlen) +{ + MD5_CTX md5; + uint8_t Ksign[16]; + uint8_t t[4]; + uint8_t sgn_cksum[16]; + + arcfour_hmac(ks->ks_key, "signaturekey", 13, Ksign); + + t[0] = usage >> 0; + t[1] = usage >> 8; + t[2] = usage >> 16; + t[3] = usage >> 24; + + MD5Init(&md5); + MD5Update(&md5, t, 4); + m_apply(inout, skip, inlen, MD5Update_int, &md5); + MD5Final(sgn_cksum, &md5); + + arcfour_hmac(Ksign, sgn_cksum, 16, sgn_cksum); + m_copyback(inout, skip + inlen, outlen, sgn_cksum); +} + +struct krb5_encryption_class krb5_arcfour_encryption_class = { + "arcfour-hmac-md5", /* name */ + ETYPE_ARCFOUR_HMAC_MD5, /* etype */ + 0, /* flags */ + 1, /* blocklen */ + 1, /* msgblocklen */ + 8, /* checksumlen */ + 128, /* keybits */ + 16, /* keylen */ + arcfour_init, + arcfour_destroy, + arcfour_set_key, + arcfour_random_to_key, + arcfour_encrypt, + arcfour_encrypt, + arcfour_checksum +}; + +struct krb5_encryption_class krb5_arcfour_56_encryption_class = { + "arcfour-hmac-md5-56", /* name */ + ETYPE_ARCFOUR_HMAC_MD5_56, /* etype */ + 0, /* flags */ + 1, /* blocklen */ + 1, /* msgblocklen */ + 8, /* checksumlen */ + 128, /* keybits */ + 16, /* keylen */ + arcfour_init, + arcfour_destroy, + arcfour_set_key, + arcfour_random_to_key, + arcfour_encrypt, + arcfour_encrypt, + arcfour_checksum +}; diff --git a/sys/kgssapi/krb5/kcrypto_des.c b/sys/kgssapi/krb5/kcrypto_des.c new file mode 100644 index 0000000..3958897 --- /dev/null +++ b/sys/kgssapi/krb5/kcrypto_des.c @@ -0,0 +1,262 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/lock.h> +#include <sys/kobj.h> +#include <sys/malloc.h> +#include <sys/md5.h> +#include <sys/mutex.h> +#include <sys/mbuf.h> +#include <crypto/des/des.h> +#include <opencrypto/cryptodev.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kcrypto.h" + +struct des1_state { + struct mtx ds_lock; + uint64_t ds_session; +}; + +static void +des1_init(struct krb5_key_state *ks) +{ + struct des1_state *ds; + + ds = malloc(sizeof(struct des1_state), M_GSSAPI, M_WAITOK|M_ZERO); + mtx_init(&ds->ds_lock, "gss des lock", NULL, MTX_DEF); + ks->ks_priv = ds; +} + +static void +des1_destroy(struct krb5_key_state *ks) +{ + struct des1_state *ds = ks->ks_priv; + + if (ds->ds_session) + crypto_freesession(ds->ds_session); + mtx_destroy(&ds->ds_lock); + free(ks->ks_priv, M_GSSAPI); + +} + +static void +des1_set_key(struct krb5_key_state *ks, const void *in) +{ + void *kp = ks->ks_key; + struct des1_state *ds = ks->ks_priv; + struct cryptoini cri[1]; + + if (kp != in) + bcopy(in, kp, ks->ks_class->ec_keylen); + + if (ds->ds_session) + crypto_freesession(ds->ds_session); + + bzero(cri, sizeof(cri)); + + cri[0].cri_alg = CRYPTO_DES_CBC; + cri[0].cri_klen = 64; + cri[0].cri_mlen = 0; + cri[0].cri_key = ks->ks_key; + cri[0].cri_next = NULL; + + crypto_newsession(&ds->ds_session, cri, + CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE); +} + +static void +des1_random_to_key(struct krb5_key_state *ks, const void *in) +{ + uint8_t *outkey = ks->ks_key; + const uint8_t *inkey = in; + + /* + * Expand 56 bits of random data to 64 bits as follows + * (in the example, bit number 1 is the MSB of the 56 + * bits of random data): + * + * expanded = + * 1 2 3 4 5 6 7 p + * 9 10 11 12 13 14 15 p + * 17 18 19 20 21 22 23 p + * 25 26 27 28 29 30 31 p + * 33 34 35 36 37 38 39 p + * 41 42 43 44 45 46 47 p + * 49 50 51 52 53 54 55 p + * 56 48 40 32 24 16 8 p + */ + outkey[0] = inkey[0]; + outkey[1] = inkey[1]; + outkey[2] = inkey[2]; + outkey[3] = inkey[3]; + outkey[4] = inkey[4]; + outkey[5] = inkey[5]; + outkey[6] = inkey[6]; + outkey[7] = (((inkey[0] & 1) << 1) + | ((inkey[1] & 1) << 2) + | ((inkey[2] & 1) << 3) + | ((inkey[3] & 1) << 4) + | ((inkey[4] & 1) << 5) + | ((inkey[5] & 1) << 6) + | ((inkey[6] & 1) << 7)); + des_set_odd_parity((des_cblock *) outkey); + if (des_is_weak_key((des_cblock *) outkey)) + outkey[7] ^= 0xf0; + + des1_set_key(ks, ks->ks_key); +} + +static int +des1_crypto_cb(struct cryptop *crp) +{ + int error; + struct des1_state *ds = (struct des1_state *) crp->crp_opaque; + + if (CRYPTO_SESID2CAPS(ds->ds_session) & CRYPTOCAP_F_SYNC) + return (0); + + error = crp->crp_etype; + if (error == EAGAIN) + error = crypto_dispatch(crp); + mtx_lock(&ds->ds_lock); + if (error || (crp->crp_flags & CRYPTO_F_DONE)) + wakeup(crp); + mtx_unlock(&ds->ds_lock); + + return (0); +} + +static void +des1_encrypt_1(const struct krb5_key_state *ks, int buftype, void *buf, + size_t skip, size_t len, void *ivec, int encdec) +{ + struct des1_state *ds = ks->ks_priv; + struct cryptop *crp; + struct cryptodesc *crd; + int error; + + crp = crypto_getreq(1); + crd = crp->crp_desc; + + crd->crd_skip = skip; + crd->crd_len = len; + crd->crd_flags = CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT | encdec; + if (ivec) { + bcopy(ivec, crd->crd_iv, 8); + } else { + bzero(crd->crd_iv, 8); + } + crd->crd_next = NULL; + crd->crd_alg = CRYPTO_DES_CBC; + + crp->crp_sid = ds->ds_session; + crp->crp_flags = buftype | CRYPTO_F_CBIFSYNC; + crp->crp_buf = buf; + crp->crp_opaque = (void *) ds; + crp->crp_callback = des1_crypto_cb; + + error = crypto_dispatch(crp); + + if ((CRYPTO_SESID2CAPS(ds->ds_session) & CRYPTOCAP_F_SYNC) == 0) { + mtx_lock(&ds->ds_lock); + if (!error && !(crp->crp_flags & CRYPTO_F_DONE)) + error = msleep(crp, &ds->ds_lock, 0, "gssdes", 0); + mtx_unlock(&ds->ds_lock); + } + + crypto_freereq(crp); +} + +static void +des1_encrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + + des1_encrypt_1(ks, CRYPTO_F_IMBUF, inout, skip, len, ivec, + CRD_F_ENCRYPT); +} + +static void +des1_decrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + + des1_encrypt_1(ks, CRYPTO_F_IMBUF, inout, skip, len, ivec, 0); +} + +static int +MD5Update_int(void *ctx, void *buf, u_int len) +{ + + MD5Update(ctx, buf, len); + return (0); +} + +static void +des1_checksum(const struct krb5_key_state *ks, int usage, + struct mbuf *inout, size_t skip, size_t inlen, size_t outlen) +{ + char hash[16]; + MD5_CTX md5; + + /* + * This checksum is specifically for GSS-API. First take the + * MD5 checksum of the message, then calculate the CBC mode + * checksum of that MD5 checksum using a zero IV. + */ + MD5Init(&md5); + m_apply(inout, skip, inlen, MD5Update_int, &md5); + MD5Final(hash, &md5); + + des1_encrypt_1(ks, 0, hash, 0, 16, NULL, CRD_F_ENCRYPT); + m_copyback(inout, skip + inlen, outlen, hash + 8); +} + +struct krb5_encryption_class krb5_des_encryption_class = { + "des-cbc-md5", /* name */ + ETYPE_DES_CBC_CRC, /* etype */ + 0, /* flags */ + 8, /* blocklen */ + 8, /* msgblocklen */ + 8, /* checksumlen */ + 56, /* keybits */ + 8, /* keylen */ + des1_init, + des1_destroy, + des1_set_key, + des1_random_to_key, + des1_encrypt, + des1_decrypt, + des1_checksum +}; diff --git a/sys/kgssapi/krb5/kcrypto_des3.c b/sys/kgssapi/krb5/kcrypto_des3.c new file mode 100644 index 0000000..ea39c10 --- /dev/null +++ b/sys/kgssapi/krb5/kcrypto_des3.c @@ -0,0 +1,402 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <sys/param.h> +#include <sys/lock.h> +#include <sys/malloc.h> +#include <sys/mutex.h> +#include <sys/kobj.h> +#include <sys/mbuf.h> +#include <crypto/des/des.h> +#include <opencrypto/cryptodev.h> + +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kcrypto.h" + +#define DES3_FLAGS (CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE) + +struct des3_state { + struct mtx ds_lock; + uint64_t ds_session; +}; + +static void +des3_init(struct krb5_key_state *ks) +{ + struct des3_state *ds; + + ds = malloc(sizeof(struct des3_state), M_GSSAPI, M_WAITOK|M_ZERO); + mtx_init(&ds->ds_lock, "gss des3 lock", NULL, MTX_DEF); + ks->ks_priv = ds; +} + +static void +des3_destroy(struct krb5_key_state *ks) +{ + struct des3_state *ds = ks->ks_priv; + + if (ds->ds_session) + crypto_freesession(ds->ds_session); + mtx_destroy(&ds->ds_lock); + free(ks->ks_priv, M_GSSAPI); +} + +static void +des3_set_key(struct krb5_key_state *ks, const void *in) +{ + void *kp = ks->ks_key; + struct des3_state *ds = ks->ks_priv; + struct cryptoini cri[2]; + + if (kp != in) + bcopy(in, kp, ks->ks_class->ec_keylen); + + if (ds->ds_session) + crypto_freesession(ds->ds_session); + + bzero(cri, sizeof(cri)); + + cri[0].cri_alg = CRYPTO_SHA1_HMAC; + cri[0].cri_klen = 192; + cri[0].cri_mlen = 0; + cri[0].cri_key = ks->ks_key; + cri[0].cri_next = &cri[1]; + + cri[1].cri_alg = CRYPTO_3DES_CBC; + cri[1].cri_klen = 192; + cri[1].cri_mlen = 0; + cri[1].cri_key = ks->ks_key; + cri[1].cri_next = NULL; + + crypto_newsession(&ds->ds_session, cri, + CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE); +} + +static void +des3_random_to_key(struct krb5_key_state *ks, const void *in) +{ + uint8_t *outkey; + const uint8_t *inkey; + int subkey; + + for (subkey = 0, outkey = ks->ks_key, inkey = in; subkey < 3; + subkey++, outkey += 8, inkey += 7) { + /* + * Expand 56 bits of random data to 64 bits as follows + * (in the example, bit number 1 is the MSB of the 56 + * bits of random data): + * + * expanded = + * 1 2 3 4 5 6 7 p + * 9 10 11 12 13 14 15 p + * 17 18 19 20 21 22 23 p + * 25 26 27 28 29 30 31 p + * 33 34 35 36 37 38 39 p + * 41 42 43 44 45 46 47 p + * 49 50 51 52 53 54 55 p + * 56 48 40 32 24 16 8 p + */ + outkey[0] = inkey[0]; + outkey[1] = inkey[1]; + outkey[2] = inkey[2]; + outkey[3] = inkey[3]; + outkey[4] = inkey[4]; + outkey[5] = inkey[5]; + outkey[6] = inkey[6]; + outkey[7] = (((inkey[0] & 1) << 1) + | ((inkey[1] & 1) << 2) + | ((inkey[2] & 1) << 3) + | ((inkey[3] & 1) << 4) + | ((inkey[4] & 1) << 5) + | ((inkey[5] & 1) << 6) + | ((inkey[6] & 1) << 7)); + des_set_odd_parity((des_cblock *) outkey); + if (des_is_weak_key((des_cblock *) outkey)) + outkey[7] ^= 0xf0; + } + + des3_set_key(ks, ks->ks_key); +} + +static int +des3_crypto_cb(struct cryptop *crp) +{ + int error; + struct des3_state *ds = (struct des3_state *) crp->crp_opaque; + + if (CRYPTO_SESID2CAPS(ds->ds_session) & CRYPTOCAP_F_SYNC) + return (0); + + error = crp->crp_etype; + if (error == EAGAIN) + error = crypto_dispatch(crp); + mtx_lock(&ds->ds_lock); + if (error || (crp->crp_flags & CRYPTO_F_DONE)) + wakeup(crp); + mtx_unlock(&ds->ds_lock); + + return (0); +} + +static void +des3_encrypt_1(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, int encdec) +{ + struct des3_state *ds = ks->ks_priv; + struct cryptop *crp; + struct cryptodesc *crd; + int error; + + crp = crypto_getreq(1); + crd = crp->crp_desc; + + crd->crd_skip = skip; + crd->crd_len = len; + crd->crd_flags = CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT | encdec; + if (ivec) { + bcopy(ivec, crd->crd_iv, 8); + } else { + bzero(crd->crd_iv, 8); + } + crd->crd_next = NULL; + crd->crd_alg = CRYPTO_3DES_CBC; + + crp->crp_sid = ds->ds_session; + crp->crp_flags = CRYPTO_F_IMBUF | CRYPTO_F_CBIFSYNC; + crp->crp_buf = (void *) inout; + crp->crp_opaque = (void *) ds; + crp->crp_callback = des3_crypto_cb; + + error = crypto_dispatch(crp); + + if ((CRYPTO_SESID2CAPS(ds->ds_session) & CRYPTOCAP_F_SYNC) == 0) { + mtx_lock(&ds->ds_lock); + if (!error && !(crp->crp_flags & CRYPTO_F_DONE)) + error = msleep(crp, &ds->ds_lock, 0, "gssdes3", 0); + mtx_unlock(&ds->ds_lock); + } + + crypto_freereq(crp); +} + +static void +des3_encrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + + des3_encrypt_1(ks, inout, skip, len, ivec, CRD_F_ENCRYPT); +} + +static void +des3_decrypt(const struct krb5_key_state *ks, struct mbuf *inout, + size_t skip, size_t len, void *ivec, size_t ivlen) +{ + + des3_encrypt_1(ks, inout, skip, len, ivec, 0); +} + +static void +des3_checksum(const struct krb5_key_state *ks, int usage, + struct mbuf *inout, size_t skip, size_t inlen, size_t outlen) +{ + struct des3_state *ds = ks->ks_priv; + struct cryptop *crp; + struct cryptodesc *crd; + int error; + + crp = crypto_getreq(1); + crd = crp->crp_desc; + + crd->crd_skip = skip; + crd->crd_len = inlen; + crd->crd_inject = skip + inlen; + crd->crd_flags = 0; + crd->crd_next = NULL; + crd->crd_alg = CRYPTO_SHA1_HMAC; + + crp->crp_sid = ds->ds_session; + crp->crp_ilen = inlen; + crp->crp_olen = 20; + crp->crp_etype = 0; + crp->crp_flags = CRYPTO_F_IMBUF | CRYPTO_F_CBIFSYNC; + crp->crp_buf = (void *) inout; + crp->crp_opaque = (void *) ds; + crp->crp_callback = des3_crypto_cb; + + error = crypto_dispatch(crp); + + if ((CRYPTO_SESID2CAPS(ds->ds_session) & CRYPTOCAP_F_SYNC) == 0) { + mtx_lock(&ds->ds_lock); + if (!error && !(crp->crp_flags & CRYPTO_F_DONE)) + error = msleep(crp, &ds->ds_lock, 0, "gssdes3", 0); + mtx_unlock(&ds->ds_lock); + } + + crypto_freereq(crp); +} + +struct krb5_encryption_class krb5_des3_encryption_class = { + "des3-cbc-sha1", /* name */ + ETYPE_DES3_CBC_SHA1, /* etype */ + EC_DERIVED_KEYS, /* flags */ + 8, /* blocklen */ + 8, /* msgblocklen */ + 20, /* checksumlen */ + 168, /* keybits */ + 24, /* keylen */ + des3_init, + des3_destroy, + des3_set_key, + des3_random_to_key, + des3_encrypt, + des3_decrypt, + des3_checksum +}; + +#if 0 +struct des3_dk_test { + uint8_t key[24]; + uint8_t usage[8]; + size_t usagelen; + uint8_t dk[24]; +}; +struct des3_dk_test tests[] = { + {{0xdc, 0xe0, 0x6b, 0x1f, 0x64, 0xc8, 0x57, 0xa1, 0x1c, 0x3d, 0xb5, + 0x7c, 0x51, 0x89, 0x9b, 0x2c, 0xc1, 0x79, 0x10, 0x08, 0xce, 0x97, + 0x3b, 0x92}, + {0x00, 0x00, 0x00, 0x01, 0x55}, 5, + {0x92, 0x51, 0x79, 0xd0, 0x45, 0x91, 0xa7, 0x9b, 0x5d, 0x31, 0x92, + 0xc4, 0xa7, 0xe9, 0xc2, 0x89, 0xb0, 0x49, 0xc7, 0x1f, 0x6e, 0xe6, + 0x04, 0xcd}}, + + {{0x5e, 0x13, 0xd3, 0x1c, 0x70, 0xef, 0x76, 0x57, 0x46, 0x57, 0x85, + 0x31, 0xcb, 0x51, 0xc1, 0x5b, 0xf1, 0x1c, 0xa8, 0x2c, 0x97, 0xce, + 0xe9, 0xf2}, + {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, + {0x9e, 0x58, 0xe5, 0xa1, 0x46, 0xd9, 0x94, 0x2a, 0x10, 0x1c, 0x46, + 0x98, 0x45, 0xd6, 0x7a, 0x20, 0xe3, 0xc4, 0x25, 0x9e, 0xd9, 0x13, + 0xf2, 0x07}}, + + {{0x98, 0xe6, 0xfd, 0x8a, 0x04, 0xa4, 0xb6, 0x85, 0x9b, 0x75, 0xa1, + 0x76, 0x54, 0x0b, 0x97, 0x52, 0xba, 0xd3, 0xec, 0xd6, 0x10, 0xa2, + 0x52, 0xbc}, + {0x00, 0x00, 0x00, 0x01, 0x55}, 5, + {0x13, 0xfe, 0xf8, 0x0d, 0x76, 0x3e, 0x94, 0xec, 0x6d, 0x13, 0xfd, + 0x2c, 0xa1, 0xd0, 0x85, 0x07, 0x02, 0x49, 0xda, 0xd3, 0x98, 0x08, + 0xea, 0xbf}}, + + {{0x62, 0x2a, 0xec, 0x25, 0xa2, 0xfe, 0x2c, 0xad, 0x70, 0x94, 0x68, + 0x0b, 0x7c, 0x64, 0x94, 0x02, 0x80, 0x08, 0x4c, 0x1a, 0x7c, 0xec, + 0x92, 0xb5}, + {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, + {0xf8, 0xdf, 0xbf, 0x04, 0xb0, 0x97, 0xe6, 0xd9, 0xdc, 0x07, 0x02, + 0x68, 0x6b, 0xcb, 0x34, 0x89, 0xd9, 0x1f, 0xd9, 0xa4, 0x51, 0x6b, + 0x70, 0x3e}}, + + {{0xd3, 0xf8, 0x29, 0x8c, 0xcb, 0x16, 0x64, 0x38, 0xdc, 0xb9, 0xb9, + 0x3e, 0xe5, 0xa7, 0x62, 0x92, 0x86, 0xa4, 0x91, 0xf8, 0x38, 0xf8, + 0x02, 0xfb}, + {0x6b, 0x65, 0x72, 0x62, 0x65, 0x72, 0x6f, 0x73}, 8, + {0x23, 0x70, 0xda, 0x57, 0x5d, 0x2a, 0x3d, 0xa8, 0x64, 0xce, 0xbf, + 0xdc, 0x52, 0x04, 0xd5, 0x6d, 0xf7, 0x79, 0xa7, 0xdf, 0x43, 0xd9, + 0xda, 0x43}}, + + {{0xc1, 0x08, 0x16, 0x49, 0xad, 0xa7, 0x43, 0x62, 0xe6, 0xa1, 0x45, + 0x9d, 0x01, 0xdf, 0xd3, 0x0d, 0x67, 0xc2, 0x23, 0x4c, 0x94, 0x07, + 0x04, 0xda}, + {0x00, 0x00, 0x00, 0x01, 0x55}, 5, + {0x34, 0x80, 0x57, 0xec, 0x98, 0xfd, 0xc4, 0x80, 0x16, 0x16, 0x1c, + 0x2a, 0x4c, 0x7a, 0x94, 0x3e, 0x92, 0xae, 0x49, 0x2c, 0x98, 0x91, + 0x75, 0xf7}}, + + {{0x5d, 0x15, 0x4a, 0xf2, 0x38, 0xf4, 0x67, 0x13, 0x15, 0x57, 0x19, + 0xd5, 0x5e, 0x2f, 0x1f, 0x79, 0x0d, 0xd6, 0x61, 0xf2, 0x79, 0xa7, + 0x91, 0x7c}, + {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, + {0xa8, 0x80, 0x8a, 0xc2, 0x67, 0xda, 0xda, 0x3d, 0xcb, 0xe9, 0xa7, + 0xc8, 0x46, 0x26, 0xfb, 0xc7, 0x61, 0xc2, 0x94, 0xb0, 0x13, 0x15, + 0xe5, 0xc1}}, + + {{0x79, 0x85, 0x62, 0xe0, 0x49, 0x85, 0x2f, 0x57, 0xdc, 0x8c, 0x34, + 0x3b, 0xa1, 0x7f, 0x2c, 0xa1, 0xd9, 0x73, 0x94, 0xef, 0xc8, 0xad, + 0xc4, 0x43}, + {0x00, 0x00, 0x00, 0x01, 0x55}, 5, + {0xc8, 0x13, 0xf8, 0x8a, 0x3b, 0xe3, 0xb3, 0x34, 0xf7, 0x54, 0x25, + 0xce, 0x91, 0x75, 0xfb, 0xe3, 0xc8, 0x49, 0x3b, 0x89, 0xc8, 0x70, + 0x3b, 0x49}}, + + {{0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f, 0x2f, 0xea, 0xb9, + 0xa8, 0x70, 0x1a, 0x89, 0xa4, 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, + 0xd0, 0x16}, + {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, + {0xf4, 0x8f, 0xfd, 0x6e, 0x83, 0xf8, 0x3e, 0x73, 0x54, 0xe6, 0x94, + 0xfd, 0x25, 0x2c, 0xf8, 0x3b, 0xfe, 0x58, 0xf7, 0xd5, 0xba, 0x37, + 0xec, 0x5d}}, +}; +#define N_TESTS (sizeof(tests) / sizeof(tests[0])) + +int +main(int argc, char **argv) +{ + struct krb5_key_state *key, *dk; + uint8_t *dkp; + int j, i; + + for (j = 0; j < N_TESTS; j++) { + struct des3_dk_test *t = &tests[j]; + key = krb5_create_key(&des3_encryption_class); + krb5_set_key(key, t->key); + dk = krb5_derive_key(key, t->usage, t->usagelen); + krb5_free_key(key); + if (memcmp(dk->ks_key, t->dk, 24)) { + printf("DES3 dk("); + for (i = 0; i < 24; i++) + printf("%02x", t->key[i]); + printf(", "); + for (i = 0; i < t->usagelen; i++) + printf("%02x", t->usage[i]); + printf(") failed\n"); + printf("should be: "); + for (i = 0; i < 24; i++) + printf("%02x", t->dk[i]); + printf("\n result was: "); + dkp = dk->ks_key; + for (i = 0; i < 24; i++) + printf("%02x", dkp[i]); + printf("\n"); + } + krb5_free_key(dk); + } + + return (0); +} +#endif diff --git a/sys/kgssapi/krb5/krb5_mech.c b/sys/kgssapi/krb5/krb5_mech.c new file mode 100644 index 0000000..2a1c0b6 --- /dev/null +++ b/sys/kgssapi/krb5/krb5_mech.c @@ -0,0 +1,2100 @@ +/*- + * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ + * Authors: Doug Rabson <dfr@rabson.org> + * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include "opt_inet6.h" + +#include <sys/param.h> +#include <sys/kernel.h> +#include <sys/kobj.h> +#include <sys/lock.h> +#include <sys/malloc.h> +#include <sys/mbuf.h> +#include <sys/module.h> +#include <sys/mutex.h> +#include <kgssapi/gssapi.h> +#include <kgssapi/gssapi_impl.h> + +#include "kgss_if.h" +#include "kcrypto.h" + +#define GSS_TOKEN_SENT_BY_ACCEPTOR 1 +#define GSS_TOKEN_SEALED 2 +#define GSS_TOKEN_ACCEPTOR_SUBKEY 4 + +static gss_OID_desc krb5_mech_oid = +{9, (void *) "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" }; + +struct krb5_data { + size_t kd_length; + void *kd_data; +}; + +struct krb5_keyblock { + uint16_t kk_type; /* encryption type */ + struct krb5_data kk_key; /* key data */ +}; + +struct krb5_address { + uint16_t ka_type; + struct krb5_data ka_addr; +}; + +/* + * The km_elem array is ordered so that the highest received sequence + * number is listed first. + */ +struct krb5_msg_order { + uint32_t km_flags; + uint32_t km_start; + uint32_t km_length; + uint32_t km_jitter_window; + uint32_t km_first_seq; + uint32_t *km_elem; +}; + +struct krb5_context { + struct _gss_ctx_id_t kc_common; + struct mtx kc_lock; + uint32_t kc_ac_flags; + uint32_t kc_ctx_flags; + uint32_t kc_more_flags; +#define LOCAL 1 +#define OPEN 2 +#define COMPAT_OLD_DES3 4 +#define COMPAT_OLD_DES3_SELECTED 8 +#define ACCEPTOR_SUBKEY 16 + struct krb5_address kc_local_address; + struct krb5_address kc_remote_address; + uint16_t kc_local_port; + uint16_t kc_remote_port; + struct krb5_keyblock kc_keyblock; + struct krb5_keyblock kc_local_subkey; + struct krb5_keyblock kc_remote_subkey; + volatile uint32_t kc_local_seqnumber; + uint32_t kc_remote_seqnumber; + uint32_t kc_keytype; + uint32_t kc_cksumtype; + struct krb5_data kc_source_name; + struct krb5_data kc_target_name; + uint32_t kc_lifetime; + struct krb5_msg_order kc_msg_order; + struct krb5_key_state *kc_tokenkey; + struct krb5_key_state *kc_encryptkey; + struct krb5_key_state *kc_checksumkey; + + struct krb5_key_state *kc_send_seal_Ke; + struct krb5_key_state *kc_send_seal_Ki; + struct krb5_key_state *kc_send_seal_Kc; + struct krb5_key_state *kc_send_sign_Kc; + + struct krb5_key_state *kc_recv_seal_Ke; + struct krb5_key_state *kc_recv_seal_Ki; + struct krb5_key_state *kc_recv_seal_Kc; + struct krb5_key_state *kc_recv_sign_Kc; +}; + +static uint16_t +get_uint16(const uint8_t **pp, size_t *lenp) +{ + const uint8_t *p = *pp; + uint16_t v; + + if (*lenp < 2) + return (0); + + v = (p[0] << 8) | p[1]; + *pp = p + 2; + *lenp = *lenp - 2; + + return (v); +} + +static uint32_t +get_uint32(const uint8_t **pp, size_t *lenp) +{ + const uint8_t *p = *pp; + uint32_t v; + + if (*lenp < 4) + return (0); + + v = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; + *pp = p + 4; + *lenp = *lenp - 4; + + return (v); +} + +static void +get_data(const uint8_t **pp, size_t *lenp, struct krb5_data *dp) +{ + size_t sz = get_uint32(pp, lenp); + + dp->kd_length = sz; + dp->kd_data = malloc(sz, M_GSSAPI, M_WAITOK); + + if (*lenp < sz) + sz = *lenp; + bcopy(*pp, dp->kd_data, sz); + (*pp) += sz; + (*lenp) -= sz; +} + +static void +delete_data(struct krb5_data *dp) +{ + if (dp->kd_data) { + free(dp->kd_data, M_GSSAPI); + dp->kd_length = 0; + dp->kd_data = NULL; + } +} + +static void +get_address(const uint8_t **pp, size_t *lenp, struct krb5_address *ka) +{ + + ka->ka_type = get_uint16(pp, lenp); + get_data(pp, lenp, &ka->ka_addr); +} + +static void +delete_address(struct krb5_address *ka) +{ + delete_data(&ka->ka_addr); +} + +static void +get_keyblock(const uint8_t **pp, size_t *lenp, struct krb5_keyblock *kk) +{ + + kk->kk_type = get_uint16(pp, lenp); + get_data(pp, lenp, &kk->kk_key); +} + +static void +delete_keyblock(struct krb5_keyblock *kk) +{ + if (kk->kk_key.kd_data) + bzero(kk->kk_key.kd_data, kk->kk_key.kd_length); + delete_data(&kk->kk_key); +} + +static void +copy_key(struct krb5_keyblock *from, struct krb5_keyblock **to) +{ + + if (from->kk_key.kd_length) + *to = from; + else + *to = NULL; +} + +/* + * Return non-zero if we are initiator. + */ +static __inline int +is_initiator(struct krb5_context *kc) +{ + return (kc->kc_more_flags & LOCAL); +} + +/* + * Return non-zero if we are acceptor. + */ +static __inline int +is_acceptor(struct krb5_context *kc) +{ + return !(kc->kc_more_flags & LOCAL); +} + +static void +get_initiator_subkey(struct krb5_context *kc, struct krb5_keyblock **kdp) +{ + + if (is_initiator(kc)) + copy_key(&kc->kc_local_subkey, kdp); + else + copy_key(&kc->kc_remote_subkey, kdp); + if (!*kdp) + copy_key(&kc->kc_keyblock, kdp); +} + +static void +get_acceptor_subkey(struct krb5_context *kc, struct krb5_keyblock **kdp) +{ + + if (is_initiator(kc)) + copy_key(&kc->kc_remote_subkey, kdp); + else + copy_key(&kc->kc_local_subkey, kdp); +} + +static OM_uint32 +get_keys(struct krb5_context *kc) +{ + struct krb5_keyblock *keydata; + struct krb5_encryption_class *ec; + struct krb5_key_state *key; + int etype; + + keydata = NULL; + get_acceptor_subkey(kc, &keydata); + if (!keydata) + if ((kc->kc_more_flags & ACCEPTOR_SUBKEY) == 0) + get_initiator_subkey(kc, &keydata); + if (!keydata) + return (GSS_S_FAILURE); + + /* + * GSS-API treats all DES etypes the same and all DES3 etypes + * the same. + */ + switch (keydata->kk_type) { + case ETYPE_DES_CBC_CRC: + case ETYPE_DES_CBC_MD4: + case ETYPE_DES_CBC_MD5: + etype = ETYPE_DES_CBC_CRC; + break; + + case ETYPE_DES3_CBC_MD5: + case ETYPE_DES3_CBC_SHA1: + case ETYPE_OLD_DES3_CBC_SHA1: + etype = ETYPE_DES3_CBC_SHA1; + + default: + etype = keydata->kk_type; + } + + ec = krb5_find_encryption_class(etype); + if (!ec) + return (GSS_S_FAILURE); + + key = krb5_create_key(ec); + krb5_set_key(key, keydata->kk_key.kd_data); + kc->kc_tokenkey = key; + + switch (etype) { + case ETYPE_DES_CBC_CRC: + case ETYPE_ARCFOUR_HMAC_MD5: + case ETYPE_ARCFOUR_HMAC_MD5_56: { + /* + * Single DES and ARCFOUR uses a 'derived' key (XOR + * with 0xf0) for encrypting wrap tokens. The original + * key is used for checksums and sequence numbers. + */ + struct krb5_key_state *ekey; + uint8_t *ekp, *kp; + int i; + + ekey = krb5_create_key(ec); + ekp = ekey->ks_key; + kp = key->ks_key; + for (i = 0; i < ec->ec_keylen; i++) + ekp[i] = kp[i] ^ 0xf0; + krb5_set_key(ekey, ekp); + kc->kc_encryptkey = ekey; + refcount_acquire(&key->ks_refs); + kc->kc_checksumkey = key; + break; + } + + case ETYPE_DES3_CBC_SHA1: + /* + * Triple DES uses a RFC 3961 style derived key with + * usage number KG_USAGE_SIGN for checksums. The + * original key is used for encryption and sequence + * numbers. + */ + kc->kc_checksumkey = krb5_get_checksum_key(key, KG_USAGE_SIGN); + refcount_acquire(&key->ks_refs); + kc->kc_encryptkey = key; + break; + + default: + /* + * We need eight derived keys four for sending and + * four for receiving. + */ + if (is_initiator(kc)) { + /* + * We are initiator. + */ + kc->kc_send_seal_Ke = krb5_get_encryption_key(key, + KG_USAGE_INITIATOR_SEAL); + kc->kc_send_seal_Ki = krb5_get_integrity_key(key, + KG_USAGE_INITIATOR_SEAL); + kc->kc_send_seal_Kc = krb5_get_checksum_key(key, + KG_USAGE_INITIATOR_SEAL); + kc->kc_send_sign_Kc = krb5_get_checksum_key(key, + KG_USAGE_INITIATOR_SIGN); + + kc->kc_recv_seal_Ke = krb5_get_encryption_key(key, + KG_USAGE_ACCEPTOR_SEAL); + kc->kc_recv_seal_Ki = krb5_get_integrity_key(key, + KG_USAGE_ACCEPTOR_SEAL); + kc->kc_recv_seal_Kc = krb5_get_checksum_key(key, + KG_USAGE_ACCEPTOR_SEAL); + kc->kc_recv_sign_Kc = krb5_get_checksum_key(key, + KG_USAGE_ACCEPTOR_SIGN); + } else { + /* + * We are acceptor. + */ + kc->kc_send_seal_Ke = krb5_get_encryption_key(key, + KG_USAGE_ACCEPTOR_SEAL); + kc->kc_send_seal_Ki = krb5_get_integrity_key(key, + KG_USAGE_ACCEPTOR_SEAL); + kc->kc_send_seal_Kc = krb5_get_checksum_key(key, + KG_USAGE_ACCEPTOR_SEAL); + kc->kc_send_sign_Kc = krb5_get_checksum_key(key, + KG_USAGE_ACCEPTOR_SIGN); + + kc->kc_recv_seal_Ke = krb5_get_encryption_key(key, + KG_USAGE_INITIATOR_SEAL); + kc->kc_recv_seal_Ki = krb5_get_integrity_key(key, + KG_USAGE_INITIATOR_SEAL); + kc->kc_recv_seal_Kc = krb5_get_checksum_key(key, + KG_USAGE_INITIATOR_SEAL); + kc->kc_recv_sign_Kc = krb5_get_checksum_key(key, + KG_USAGE_INITIATOR_SIGN); + } + break; + } + + return (GSS_S_COMPLETE); +} + +static void +krb5_init(struct krb5_context *kc) +{ + + mtx_init(&kc->kc_lock, "krb5 gss lock", NULL, MTX_DEF); +} + +static OM_uint32 +krb5_import(struct krb5_context *kc, + enum sec_context_format format, + const gss_buffer_t context_token) +{ + OM_uint32 res; + const uint8_t *p = (const uint8_t *) context_token->value; + size_t len = context_token->length; + uint32_t flags; + int i; + + /* + * We support heimdal 0.6 and heimdal 1.1 + */ + if (format != KGSS_HEIMDAL_0_6 && format != KGSS_HEIMDAL_1_1) + return (GSS_S_DEFECTIVE_TOKEN); + +#define SC_LOCAL_ADDRESS 1 +#define SC_REMOTE_ADDRESS 2 +#define SC_KEYBLOCK 4 +#define SC_LOCAL_SUBKEY 8 +#define SC_REMOTE_SUBKEY 16 + + /* + * Ensure that the token starts with krb5 oid. + */ + if (p[0] != 0x00 || p[1] != krb5_mech_oid.length + || len < krb5_mech_oid.length + 2 + || bcmp(krb5_mech_oid.elements, p + 2, + krb5_mech_oid.length)) + return (GSS_S_DEFECTIVE_TOKEN); + p += krb5_mech_oid.length + 2; + len -= krb5_mech_oid.length + 2; + + flags = get_uint32(&p, &len); + kc->kc_ac_flags = get_uint32(&p, &len); + if (flags & SC_LOCAL_ADDRESS) + get_address(&p, &len, &kc->kc_local_address); + if (flags & SC_REMOTE_ADDRESS) + get_address(&p, &len, &kc->kc_remote_address); + kc->kc_local_port = get_uint16(&p, &len); + kc->kc_remote_port = get_uint16(&p, &len); + if (flags & SC_KEYBLOCK) + get_keyblock(&p, &len, &kc->kc_keyblock); + if (flags & SC_LOCAL_SUBKEY) + get_keyblock(&p, &len, &kc->kc_local_subkey); + if (flags & SC_REMOTE_SUBKEY) + get_keyblock(&p, &len, &kc->kc_remote_subkey); + kc->kc_local_seqnumber = get_uint32(&p, &len); + kc->kc_remote_seqnumber = get_uint32(&p, &len); + kc->kc_keytype = get_uint32(&p, &len); + kc->kc_cksumtype = get_uint32(&p, &len); + get_data(&p, &len, &kc->kc_source_name); + get_data(&p, &len, &kc->kc_target_name); + kc->kc_ctx_flags = get_uint32(&p, &len); + kc->kc_more_flags = get_uint32(&p, &len); + kc->kc_lifetime = get_uint32(&p, &len); + /* + * Heimdal 1.1 adds the message order stuff. + */ + if (format == KGSS_HEIMDAL_1_1) { + kc->kc_msg_order.km_flags = get_uint32(&p, &len); + kc->kc_msg_order.km_start = get_uint32(&p, &len); + kc->kc_msg_order.km_length = get_uint32(&p, &len); + kc->kc_msg_order.km_jitter_window = get_uint32(&p, &len); + kc->kc_msg_order.km_first_seq = get_uint32(&p, &len); + kc->kc_msg_order.km_elem = + malloc(kc->kc_msg_order.km_jitter_window * sizeof(uint32_t), + M_GSSAPI, M_WAITOK); + for (i = 0; i < kc->kc_msg_order.km_jitter_window; i++) + kc->kc_msg_order.km_elem[i] = get_uint32(&p, &len); + } else { + kc->kc_msg_order.km_flags = 0; + } + + res = get_keys(kc); + if (GSS_ERROR(res)) + return (res); + + /* + * We don't need these anymore. + */ + delete_keyblock(&kc->kc_keyblock); + delete_keyblock(&kc->kc_local_subkey); + delete_keyblock(&kc->kc_remote_subkey); + + return (GSS_S_COMPLETE); +} + +static void +krb5_delete(struct krb5_context *kc, gss_buffer_t output_token) +{ + + delete_address(&kc->kc_local_address); + delete_address(&kc->kc_remote_address); + delete_keyblock(&kc->kc_keyblock); + delete_keyblock(&kc->kc_local_subkey); + delete_keyblock(&kc->kc_remote_subkey); + delete_data(&kc->kc_source_name); + delete_data(&kc->kc_target_name); + if (kc->kc_msg_order.km_elem) + free(kc->kc_msg_order.km_elem, M_GSSAPI); + if (output_token) { + output_token->length = 0; + output_token->value = NULL; + } + if (kc->kc_tokenkey) { + krb5_free_key(kc->kc_tokenkey); + if (kc->kc_encryptkey) { + krb5_free_key(kc->kc_encryptkey); + krb5_free_key(kc->kc_checksumkey); + } else { + krb5_free_key(kc->kc_send_seal_Ke); + krb5_free_key(kc->kc_send_seal_Ki); + krb5_free_key(kc->kc_send_seal_Kc); + krb5_free_key(kc->kc_send_sign_Kc); + krb5_free_key(kc->kc_recv_seal_Ke); + krb5_free_key(kc->kc_recv_seal_Ki); + krb5_free_key(kc->kc_recv_seal_Kc); + krb5_free_key(kc->kc_recv_sign_Kc); + } + } + mtx_destroy(&kc->kc_lock); +} + +static gss_OID +krb5_mech_type(struct krb5_context *kc) +{ + + return (&krb5_mech_oid); +} + +/* + * Make a token with the given type and length (the length includes + * the TOK_ID), initialising the token header appropriately. Return a + * pointer to the TOK_ID of the token. A new mbuf is allocated with + * the framing header plus hlen bytes of space. + * + * Format is as follows: + * + * 0x60 [APPLICATION 0] SEQUENCE + * DER encoded length length of oid + type + inner token length + * 0x06 NN <oid data> OID of mechanism type + * TT TT TOK_ID + * <inner token> data for inner token + * + * 1: der encoded length + */ +static void * +krb5_make_token(char tok_id[2], size_t hlen, size_t len, struct mbuf **mp) +{ + size_t inside_len, len_len, tlen; + gss_OID oid = &krb5_mech_oid; + struct mbuf *m; + uint8_t *p; + + inside_len = 2 + oid->length + len; + if (inside_len < 128) + len_len = 1; + else if (inside_len < 0x100) + len_len = 2; + else if (inside_len < 0x10000) + len_len = 3; + else if (inside_len < 0x1000000) + len_len = 4; + else + len_len = 5; + + tlen = 1 + len_len + 2 + oid->length + hlen; + KASSERT(tlen <= MLEN, ("token head too large")); + MGET(m, M_WAITOK, MT_DATA); + M_ALIGN(m, tlen); + m->m_len = tlen; + + p = (uint8_t *) m->m_data; + *p++ = 0x60; + switch (len_len) { + case 1: + *p++ = inside_len; + break; + case 2: + *p++ = 0x81; + *p++ = inside_len; + break; + case 3: + *p++ = 0x82; + *p++ = inside_len >> 8; + *p++ = inside_len; + break; + case 4: + *p++ = 0x83; + *p++ = inside_len >> 16; + *p++ = inside_len >> 8; + *p++ = inside_len; + break; + case 5: + *p++ = 0x84; + *p++ = inside_len >> 24; + *p++ = inside_len >> 16; + *p++ = inside_len >> 8; + *p++ = inside_len; + break; + } + + *p++ = 0x06; + *p++ = oid->length; + bcopy(oid->elements, p, oid->length); + p += oid->length; + + p[0] = tok_id[0]; + p[1] = tok_id[1]; + + *mp = m; + + return (p); +} + +/* + * Verify a token, checking the inner token length and mechanism oid. + * pointer to the first byte of the TOK_ID. The length of the + * encapsulated data is checked to be at least len bytes; the actual + * length of the encapsulated data (including TOK_ID) is returned in + * *encap_len. + * + * If can_pullup is TRUE and the token header is fragmented, we will + * rearrange it. + * + * Format is as follows: + * + * 0x60 [APPLICATION 0] SEQUENCE + * DER encoded length length of oid + type + inner token length + * 0x06 NN <oid data> OID of mechanism type + * TT TT TOK_ID + * <inner token> data for inner token + * + * 1: der encoded length + */ +static void * +krb5_verify_token(char tok_id[2], size_t len, struct mbuf **mp, + size_t *encap_len, bool_t can_pullup) +{ + struct mbuf *m; + size_t tlen, hlen, len_len, inside_len; + gss_OID oid = &krb5_mech_oid; + uint8_t *p; + + m = *mp; + tlen = m_length(m, NULL); + if (tlen < 2) + return (NULL); + + /* + * Ensure that at least the framing part of the token is + * contigous. + */ + if (m->m_len < 2) { + if (can_pullup) + *mp = m = m_pullup(m, 2); + else + return (NULL); + } + + p = m->m_data; + + if (*p++ != 0x60) + return (NULL); + + if (*p < 0x80) { + inside_len = *p++; + len_len = 1; + } else { + /* + * Ensure there is enough space for the DER encoded length. + */ + len_len = (*p & 0x7f) + 1; + if (tlen < len_len + 1) + return (NULL); + if (m->m_len < len_len + 1) { + if (can_pullup) + *mp = m = m_pullup(m, len_len + 1); + else + return (NULL); + p = m->m_data + 1; + } + + switch (*p++) { + case 0x81: + inside_len = *p++; + break; + + case 0x82: + inside_len = (p[0] << 8) | p[1]; + p += 2; + break; + + case 0x83: + inside_len = (p[0] << 16) | (p[1] << 8) | p[2]; + p += 3; + break; + + case 0x84: + inside_len = (p[0] << 24) | (p[1] << 16) + | (p[2] << 8) | p[3]; + p += 4; + break; + + default: + return (NULL); + } + } + + if (tlen != inside_len + len_len + 1) + return (NULL); + if (inside_len < 2 + oid->length + len) + return (NULL); + + /* + * Now that we know the value of len_len, we can pullup the + * whole header. The header is 1 + len_len + 2 + oid->length + + * len bytes. + */ + hlen = 1 + len_len + 2 + oid->length + len; + if (m->m_len < hlen) { + if (can_pullup) + *mp = m = m_pullup(m, hlen); + else + return (NULL); + p = m->m_data + 1 + len_len; + } + + if (*p++ != 0x06) + return (NULL); + if (*p++ != oid->length) + return (NULL); + if (bcmp(oid->elements, p, oid->length)) + return (NULL); + p += oid->length; + + if (p[0] != tok_id[0]) + return (NULL); + + if (p[1] != tok_id[1]) + return (NULL); + + *encap_len = inside_len - 2 - oid->length; + + return (p); +} + +static void +krb5_insert_seq(struct krb5_msg_order *mo, uint32_t seq, int index) +{ + int i; + + if (mo->km_length < mo->km_jitter_window) + mo->km_length++; + + for (i = mo->km_length - 1; i > index; i--) + mo->km_elem[i] = mo->km_elem[i - 1]; + mo->km_elem[index] = seq; +} + +/* + * Check sequence numbers according to RFC 2743 section 1.2.3. + */ +static OM_uint32 +krb5_sequence_check(struct krb5_context *kc, uint32_t seq) +{ + OM_uint32 res = GSS_S_FAILURE; + struct krb5_msg_order *mo = &kc->kc_msg_order; + int check_sequence = mo->km_flags & GSS_C_SEQUENCE_FLAG; + int check_replay = mo->km_flags & GSS_C_REPLAY_FLAG; + int i; + + mtx_lock(&kc->kc_lock); + + /* + * Message is in-sequence with no gap. + */ + if (mo->km_length == 0 || seq == mo->km_elem[0] + 1) { + /* + * This message is received in-sequence with no gaps. + */ + krb5_insert_seq(mo, seq, 0); + res = GSS_S_COMPLETE; + goto out; + } + + if (seq > mo->km_elem[0]) { + /* + * This message is received in-sequence with a gap. + */ + krb5_insert_seq(mo, seq, 0); + if (check_sequence) + res = GSS_S_GAP_TOKEN; + else + res = GSS_S_COMPLETE; + goto out; + } + + if (seq < mo->km_elem[mo->km_length - 1]) { + if (check_replay && !check_sequence) + res = GSS_S_OLD_TOKEN; + else + res = GSS_S_UNSEQ_TOKEN; + goto out; + } + + for (i = 0; i < mo->km_length; i++) { + if (mo->km_elem[i] == seq) { + res = GSS_S_DUPLICATE_TOKEN; + goto out; + } + if (mo->km_elem[i] < seq) { + /* + * We need to insert this seq here, + */ + krb5_insert_seq(mo, seq, i); + if (check_replay && !check_sequence) + res = GSS_S_COMPLETE; + else + res = GSS_S_UNSEQ_TOKEN; + goto out; + } + } + +out: + mtx_unlock(&kc->kc_lock); + + return (res); +} + +static uint8_t sgn_alg_des_md5[] = { 0x00, 0x00 }; +static uint8_t seal_alg_des[] = { 0x00, 0x00 }; +static uint8_t sgn_alg_des3_sha1[] = { 0x04, 0x00 }; +static uint8_t seal_alg_des3[] = { 0x02, 0x00 }; +static uint8_t seal_alg_rc4[] = { 0x10, 0x00 }; +static uint8_t sgn_alg_hmac_md5[] = { 0x11, 0x00 }; + +/* + * Return the size of the inner token given the use of the key's + * encryption class. For wrap tokens, the length of the padded + * plaintext will be added to this. + */ +static size_t +token_length(struct krb5_key_state *key) +{ + + return (16 + key->ks_class->ec_checksumlen); +} + +static OM_uint32 +krb5_get_mic_old(struct krb5_context *kc, struct mbuf *m, + struct mbuf **micp, uint8_t sgn_alg[2]) +{ + struct mbuf *mlast, *mic, *tm; + uint8_t *p, dir; + size_t tlen, mlen, cklen; + uint32_t seq; + char buf[8]; + + mlen = m_length(m, &mlast); + + tlen = token_length(kc->kc_tokenkey); + p = krb5_make_token("\x01\x01", tlen, tlen, &mic); + p += 2; /* TOK_ID */ + *p++ = sgn_alg[0]; /* SGN_ALG */ + *p++ = sgn_alg[1]; + + *p++ = 0xff; /* filler */ + *p++ = 0xff; + *p++ = 0xff; + *p++ = 0xff; + + /* + * SGN_CKSUM: + * + * Calculate the keyed checksum of the token header plus the + * message. + */ + cklen = kc->kc_checksumkey->ks_class->ec_checksumlen; + + mic->m_len = p - (uint8_t *) mic->m_data; + mic->m_next = m; + MGET(tm, M_WAITOK, MT_DATA); + tm->m_len = cklen; + mlast->m_next = tm; + + krb5_checksum(kc->kc_checksumkey, 15, mic, mic->m_len - 8, + 8 + mlen, cklen); + bcopy(tm->m_data, p + 8, cklen); + mic->m_next = NULL; + mlast->m_next = NULL; + m_free(tm); + + /* + * SND_SEQ: + * + * Take the four bytes of the sequence number least + * significant first followed by four bytes of direction + * marker (zero for initiator and 0xff for acceptor). Encrypt + * that data using the SGN_CKSUM as IV. Note: ARC4 wants the + * sequence number big-endian. + */ + seq = atomic_fetchadd_32(&kc->kc_local_seqnumber, 1); + if (sgn_alg[0] == 0x11) { + p[0] = (seq >> 24); + p[1] = (seq >> 16); + p[2] = (seq >> 8); + p[3] = (seq >> 0); + } else { + p[0] = (seq >> 0); + p[1] = (seq >> 8); + p[2] = (seq >> 16); + p[3] = (seq >> 24); + } + if (is_initiator(kc)) { + dir = 0; + } else { + dir = 0xff; + } + p[4] = dir; + p[5] = dir; + p[6] = dir; + p[7] = dir; + bcopy(p + 8, buf, 8); + + /* + * Set the mic buffer to its final size so that the encrypt + * can see the SND_SEQ part. + */ + mic->m_len += 8 + cklen; + krb5_encrypt(kc->kc_tokenkey, mic, mic->m_len - cklen - 8, 8, buf, 8); + + *micp = mic; + return (GSS_S_COMPLETE); +} + +static OM_uint32 +krb5_get_mic_new(struct krb5_context *kc, struct mbuf *m, + struct mbuf **micp) +{ + struct krb5_key_state *key = kc->kc_send_sign_Kc; + struct mbuf *mlast, *mic; + uint8_t *p; + int flags; + size_t mlen, cklen; + uint32_t seq; + + mlen = m_length(m, &mlast); + cklen = key->ks_class->ec_checksumlen; + + KASSERT(16 + cklen <= MLEN, ("checksum too large for an mbuf")); + MGET(mic, M_WAITOK, MT_DATA); + M_ALIGN(mic, 16 + cklen); + mic->m_len = 16 + cklen; + p = mic->m_data; + + /* TOK_ID */ + p[0] = 0x04; + p[1] = 0x04; + + /* Flags */ + flags = 0; + if (is_acceptor(kc)) + flags |= GSS_TOKEN_SENT_BY_ACCEPTOR; + if (kc->kc_more_flags & ACCEPTOR_SUBKEY) + flags |= GSS_TOKEN_ACCEPTOR_SUBKEY; + p[2] = flags; + + /* Filler */ + p[3] = 0xff; + p[4] = 0xff; + p[5] = 0xff; + p[6] = 0xff; + p[7] = 0xff; + + /* SND_SEQ */ + p[8] = 0; + p[9] = 0; + p[10] = 0; + p[11] = 0; + seq = atomic_fetchadd_32(&kc->kc_local_seqnumber, 1); + p[12] = (seq >> 24); + p[13] = (seq >> 16); + p[14] = (seq >> 8); + p[15] = (seq >> 0); + + /* + * SGN_CKSUM: + * + * Calculate the keyed checksum of the message plus the first + * 16 bytes of the token header. + */ + mlast->m_next = mic; + krb5_checksum(key, 0, m, 0, mlen + 16, cklen); + mlast->m_next = NULL; + + *micp = mic; + return (GSS_S_COMPLETE); +} + +static OM_uint32 +krb5_get_mic(struct krb5_context *kc, OM_uint32 *minor_status, + gss_qop_t qop_req, struct mbuf *m, struct mbuf **micp) +{ + + *minor_status = 0; + + if (qop_req != GSS_C_QOP_DEFAULT) + return (GSS_S_BAD_QOP); + + if (time_uptime > kc->kc_lifetime) + return (GSS_S_CONTEXT_EXPIRED); + + switch (kc->kc_tokenkey->ks_class->ec_type) { + case ETYPE_DES_CBC_CRC: + return (krb5_get_mic_old(kc, m, micp, sgn_alg_des_md5)); + + case ETYPE_DES3_CBC_SHA1: + return (krb5_get_mic_old(kc, m, micp, sgn_alg_des3_sha1)); + + case ETYPE_ARCFOUR_HMAC_MD5: + case ETYPE_ARCFOUR_HMAC_MD5_56: + return (krb5_get_mic_old(kc, m, micp, sgn_alg_hmac_md5)); + + default: + return (krb5_get_mic_new(kc, m, micp)); + } + + return (GSS_S_FAILURE); +} + +static OM_uint32 +krb5_verify_mic_old(struct krb5_context *kc, struct mbuf *m, struct mbuf *mic, + uint8_t sgn_alg[2]) +{ + struct mbuf *mlast, *tm; + uint8_t *p, *tp, dir; + size_t mlen, tlen, elen, miclen; + size_t cklen; + uint32_t seq; + + mlen = m_length(m, &mlast); + + tlen = token_length(kc->kc_tokenkey); + p = krb5_verify_token("\x01\x01", tlen, &mic, &elen, FALSE); + if (!p) + return (GSS_S_DEFECTIVE_TOKEN); +#if 0 + /* + * Disable this check - heimdal-1.1 generates DES3 MIC tokens + * that are 2 bytes too big. + */ + if (elen != tlen) + return (GSS_S_DEFECTIVE_TOKEN); +#endif + /* TOK_ID */ + p += 2; + + /* SGN_ALG */ + if (p[0] != sgn_alg[0] || p[1] != sgn_alg[1]) + return (GSS_S_DEFECTIVE_TOKEN); + p += 2; + + if (p[0] != 0xff || p[1] != 0xff || p[2] != 0xff || p[3] != 0xff) + return (GSS_S_DEFECTIVE_TOKEN); + p += 4; + + /* + * SGN_CKSUM: + * + * Calculate the keyed checksum of the token header plus the + * message. + */ + cklen = kc->kc_checksumkey->ks_class->ec_checksumlen; + miclen = mic->m_len; + mic->m_len = p - (uint8_t *) mic->m_data; + mic->m_next = m; + MGET(tm, M_WAITOK, MT_DATA); + tm->m_len = cklen; + mlast->m_next = tm; + + krb5_checksum(kc->kc_checksumkey, 15, mic, mic->m_len - 8, + 8 + mlen, cklen); + mic->m_next = NULL; + mlast->m_next = NULL; + if (bcmp(tm->m_data, p + 8, cklen)) { + m_free(tm); + return (GSS_S_BAD_SIG); + } + + /* + * SND_SEQ: + * + * Take the four bytes of the sequence number least + * significant first followed by four bytes of direction + * marker (zero for initiator and 0xff for acceptor). Encrypt + * that data using the SGN_CKSUM as IV. Note: ARC4 wants the + * sequence number big-endian. + */ + bcopy(p, tm->m_data, 8); + tm->m_len = 8; + krb5_decrypt(kc->kc_tokenkey, tm, 0, 8, p + 8, 8); + + tp = tm->m_data; + if (sgn_alg[0] == 0x11) { + seq = tp[3] | (tp[2] << 8) | (tp[1] << 16) | (tp[0] << 24); + } else { + seq = tp[0] | (tp[1] << 8) | (tp[2] << 16) | (tp[3] << 24); + } + + if (is_initiator(kc)) { + dir = 0xff; + } else { + dir = 0; + } + if (tp[4] != dir || tp[5] != dir || tp[6] != dir || tp[7] != dir) { + m_free(tm); + return (GSS_S_DEFECTIVE_TOKEN); + } + m_free(tm); + + if (kc->kc_msg_order.km_flags & + (GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG)) { + return (krb5_sequence_check(kc, seq)); + } + + return (GSS_S_COMPLETE); +} + +static OM_uint32 +krb5_verify_mic_new(struct krb5_context *kc, struct mbuf *m, struct mbuf *mic) +{ + OM_uint32 res; + struct krb5_key_state *key = kc->kc_recv_sign_Kc; + struct mbuf *mlast; + uint8_t *p; + int flags; + size_t mlen, cklen; + char buf[32]; + + mlen = m_length(m, &mlast); + cklen = key->ks_class->ec_checksumlen; + + KASSERT(mic->m_next == NULL, ("MIC should be contiguous")); + if (mic->m_len != 16 + cklen) + return (GSS_S_DEFECTIVE_TOKEN); + p = mic->m_data; + + /* TOK_ID */ + if (p[0] != 0x04) + return (GSS_S_DEFECTIVE_TOKEN); + if (p[1] != 0x04) + return (GSS_S_DEFECTIVE_TOKEN); + + /* Flags */ + flags = 0; + if (is_initiator(kc)) + flags |= GSS_TOKEN_SENT_BY_ACCEPTOR; + if (kc->kc_more_flags & ACCEPTOR_SUBKEY) + flags |= GSS_TOKEN_ACCEPTOR_SUBKEY; + if (p[2] != flags) + return (GSS_S_DEFECTIVE_TOKEN); + + /* Filler */ + if (p[3] != 0xff) + return (GSS_S_DEFECTIVE_TOKEN); + if (p[4] != 0xff) + return (GSS_S_DEFECTIVE_TOKEN); + if (p[5] != 0xff) + return (GSS_S_DEFECTIVE_TOKEN); + if (p[6] != 0xff) + return (GSS_S_DEFECTIVE_TOKEN); + if (p[7] != 0xff) + return (GSS_S_DEFECTIVE_TOKEN); + + /* SND_SEQ */ + if (kc->kc_msg_order.km_flags & + (GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG)) { + uint32_t seq; + if (p[8] || p[9] || p[10] || p[11]) { + res = GSS_S_UNSEQ_TOKEN; + } else { + seq = (p[12] << 24) | (p[13] << 16) + | (p[14] << 8) | p[15]; + res = krb5_sequence_check(kc, seq); + } + if (GSS_ERROR(res)) + return (res); + } else { + res = GSS_S_COMPLETE; + } + + /* + * SGN_CKSUM: + * + * Calculate the keyed checksum of the message plus the first + * 16 bytes of the token header. + */ + m_copydata(mic, 16, cklen, buf); + mlast->m_next = mic; + krb5_checksum(key, 0, m, 0, mlen + 16, cklen); + mlast->m_next = NULL; + if (bcmp(buf, p + 16, cklen)) { + return (GSS_S_BAD_SIG); + } + + return (GSS_S_COMPLETE); +} + +static OM_uint32 +krb5_verify_mic(struct krb5_context *kc, OM_uint32 *minor_status, + struct mbuf *m, struct mbuf *mic, gss_qop_t *qop_state) +{ + + *minor_status = 0; + if (qop_state) + *qop_state = GSS_C_QOP_DEFAULT; + + if (time_uptime > kc->kc_lifetime) + return (GSS_S_CONTEXT_EXPIRED); + + switch (kc->kc_tokenkey->ks_class->ec_type) { + case ETYPE_DES_CBC_CRC: + return (krb5_verify_mic_old(kc, m, mic, sgn_alg_des_md5)); + + case ETYPE_ARCFOUR_HMAC_MD5: + case ETYPE_ARCFOUR_HMAC_MD5_56: + return (krb5_verify_mic_old(kc, m, mic, sgn_alg_hmac_md5)); + + case ETYPE_DES3_CBC_SHA1: + return (krb5_verify_mic_old(kc, m, mic, sgn_alg_des3_sha1)); + + default: + return (krb5_verify_mic_new(kc, m, mic)); + } + + return (GSS_S_FAILURE); +} + +static OM_uint32 +krb5_wrap_old(struct krb5_context *kc, int conf_req_flag, + struct mbuf **mp, int *conf_state, + uint8_t sgn_alg[2], uint8_t seal_alg[2]) +{ + struct mbuf *m, *mlast, *tm, *cm, *pm; + size_t mlen, tlen, padlen, datalen; + uint8_t *p, dir; + size_t cklen; + uint8_t buf[8]; + uint32_t seq; + + /* + * How many trailing pad bytes do we need? + */ + m = *mp; + mlen = m_length(m, &mlast); + tlen = kc->kc_tokenkey->ks_class->ec_msgblocklen; + padlen = tlen - (mlen % tlen); + + /* + * The data part of the token has eight bytes of random + * confounder prepended and followed by up to eight bytes of + * padding bytes each of which is set to the number of padding + * bytes. + */ + datalen = mlen + 8 + padlen; + tlen = token_length(kc->kc_tokenkey); + + p = krb5_make_token("\x02\x01", tlen, datalen + tlen, &tm); + p += 2; /* TOK_ID */ + *p++ = sgn_alg[0]; /* SGN_ALG */ + *p++ = sgn_alg[1]; + if (conf_req_flag) { + *p++ = seal_alg[0]; /* SEAL_ALG */ + *p++ = seal_alg[1]; + } else { + *p++ = 0xff; /* SEAL_ALG = none */ + *p++ = 0xff; + } + + *p++ = 0xff; /* filler */ + *p++ = 0xff; + + /* + * Copy the padded message data. + */ + if (M_LEADINGSPACE(m) >= 8) { + m->m_data -= 8; + m->m_len += 8; + } else { + MGET(cm, M_WAITOK, MT_DATA); + cm->m_len = 8; + cm->m_next = m; + m = cm; + } + arc4rand(m->m_data, 8, 0); + if (M_TRAILINGSPACE(mlast) >= padlen) { + memset(mlast->m_data + mlast->m_len, padlen, padlen); + mlast->m_len += padlen; + } else { + MGET(pm, M_WAITOK, MT_DATA); + memset(pm->m_data, padlen, padlen); + pm->m_len = padlen; + mlast->m_next = pm; + mlast = pm; + } + tm->m_next = m; + + /* + * SGN_CKSUM: + * + * Calculate the keyed checksum of the token header plus the + * padded message. Fiddle with tm->m_len so that we only + * checksum the 8 bytes of head that we care about. + */ + cklen = kc->kc_checksumkey->ks_class->ec_checksumlen; + tlen = tm->m_len; + tm->m_len = p - (uint8_t *) tm->m_data; + MGET(cm, M_WAITOK, MT_DATA); + cm->m_len = cklen; + mlast->m_next = cm; + krb5_checksum(kc->kc_checksumkey, 13, tm, tm->m_len - 8, + datalen + 8, cklen); + tm->m_len = tlen; + mlast->m_next = NULL; + bcopy(cm->m_data, p + 8, cklen); + m_free(cm); + + /* + * SND_SEQ: + * + * Take the four bytes of the sequence number least + * significant first (most signficant first for ARCFOUR) + * followed by four bytes of direction marker (zero for + * initiator and 0xff for acceptor). Encrypt that data using + * the SGN_CKSUM as IV. + */ + seq = atomic_fetchadd_32(&kc->kc_local_seqnumber, 1); + if (sgn_alg[0] == 0x11) { + p[0] = (seq >> 24); + p[1] = (seq >> 16); + p[2] = (seq >> 8); + p[3] = (seq >> 0); + } else { + p[0] = (seq >> 0); + p[1] = (seq >> 8); + p[2] = (seq >> 16); + p[3] = (seq >> 24); + } + if (is_initiator(kc)) { + dir = 0; + } else { + dir = 0xff; + } + p[4] = dir; + p[5] = dir; + p[6] = dir; + p[7] = dir; + krb5_encrypt(kc->kc_tokenkey, tm, p - (uint8_t *) tm->m_data, + 8, p + 8, 8); + + if (conf_req_flag) { + /* + * Encrypt the padded message with an IV of zero for + * DES and DES3, or an IV of the sequence number in + * big-endian format for ARCFOUR. + */ + if (seal_alg[0] == 0x10) { + buf[0] = (seq >> 24); + buf[1] = (seq >> 16); + buf[2] = (seq >> 8); + buf[3] = (seq >> 0); + krb5_encrypt(kc->kc_encryptkey, m, 0, datalen, + buf, 4); + } else { + krb5_encrypt(kc->kc_encryptkey, m, 0, datalen, + NULL, 0); + } + } + + if (conf_state) + *conf_state = conf_req_flag; + + *mp = tm; + return (GSS_S_COMPLETE); +} + +static OM_uint32 +krb5_wrap_new(struct krb5_context *kc, int conf_req_flag, + struct mbuf **mp, int *conf_state) +{ + struct krb5_key_state *Ke = kc->kc_send_seal_Ke; + struct krb5_key_state *Ki = kc->kc_send_seal_Ki; + struct krb5_key_state *Kc = kc->kc_send_seal_Kc; + const struct krb5_encryption_class *ec = Ke->ks_class; + struct mbuf *m, *mlast, *tm; + uint8_t *p; + int flags, EC; + size_t mlen, blen, mblen, cklen, ctlen; + uint32_t seq; + static char zpad[32]; + + m = *mp; + mlen = m_length(m, &mlast); + + blen = ec->ec_blocklen; + mblen = ec->ec_msgblocklen; + cklen = ec->ec_checksumlen; + + if (conf_req_flag) { + /* + * For sealed messages, we need space for 16 bytes of + * header, blen confounder, plaintext, padding, copy + * of header and checksum. + * + * We pad to mblen (which may be different from + * blen). If the encryption class is using CTS, mblen + * will be one (i.e. no padding required). + */ + if (mblen > 1) + EC = mlen % mblen; + else + EC = 0; + ctlen = blen + mlen + EC + 16; + + /* + * Put initial header and confounder before the + * message. + */ + M_PREPEND(m, 16 + blen, M_WAITOK); + + /* + * Append padding + copy of header and checksum. Try + * to fit this into the end of the original message, + * otherwise allocate a trailer. + */ + if (M_TRAILINGSPACE(mlast) >= EC + 16 + cklen) { + tm = NULL; + mlast->m_len += EC + 16 + cklen; + } else { + MGET(tm, M_WAITOK, MT_DATA); + tm->m_len = EC + 16 + cklen; + mlast->m_next = tm; + } + } else { + /* + * For unsealed messages, we need 16 bytes of header + * plus space for the plaintext and a checksum. EC is + * set to the checksum size. We leave space in tm for + * a copy of the header - this will be trimmed later. + */ + M_PREPEND(m, 16, M_WAITOK); + + MGET(tm, M_WAITOK, MT_DATA); + tm->m_len = cklen + 16; + mlast->m_next = tm; + ctlen = 0; + EC = cklen; + } + + p = m->m_data; + + /* TOK_ID */ + p[0] = 0x05; + p[1] = 0x04; + + /* Flags */ + flags = 0; + if (conf_req_flag) + flags = GSS_TOKEN_SEALED; + if (is_acceptor(kc)) + flags |= GSS_TOKEN_SENT_BY_ACCEPTOR; + if (kc->kc_more_flags & ACCEPTOR_SUBKEY) + flags |= GSS_TOKEN_ACCEPTOR_SUBKEY; + p[2] = flags; + + /* Filler */ + p[3] = 0xff; + + /* EC + RRC - set to zero initially */ + p[4] = 0; + p[5] = 0; + p[6] = 0; + p[7] = 0; + + /* SND_SEQ */ + p[8] = 0; + p[9] = 0; + p[10] = 0; + p[11] = 0; + seq = atomic_fetchadd_32(&kc->kc_local_seqnumber, 1); + p[12] = (seq >> 24); + p[13] = (seq >> 16); + p[14] = (seq >> 8); + p[15] = (seq >> 0); + + if (conf_req_flag) { + /* + * Encrypt according to RFC 4121 section 4.2 and RFC + * 3961 section 5.3. Note: we don't generate tokens + * with RRC values other than zero. If we did, we + * should zero RRC in the copied header. + */ + arc4rand(p + 16, blen, 0); + if (EC) { + m_copyback(m, 16 + blen + mlen, EC, zpad); + } + m_copyback(m, 16 + blen + mlen + EC, 16, p); + + krb5_checksum(Ki, 0, m, 16, ctlen, cklen); + krb5_encrypt(Ke, m, 16, ctlen, NULL, 0); + } else { + /* + * The plaintext message is followed by a checksum of + * the plaintext plus a version of the header where EC + * and RRC are set to zero. Also, the original EC must + * be our checksum size. + */ + bcopy(p, tm->m_data, 16); + krb5_checksum(Kc, 0, m, 16, mlen + 16, cklen); + tm->m_data += 16; + tm->m_len -= 16; + } + + /* + * Finally set EC to its actual value + */ + p[4] = EC >> 8; + p[5] = EC; + + *mp = m; + return (GSS_S_COMPLETE); +} + +static OM_uint32 +krb5_wrap(struct krb5_context *kc, OM_uint32 *minor_status, + int conf_req_flag, gss_qop_t qop_req, + struct mbuf **mp, int *conf_state) +{ + + *minor_status = 0; + if (conf_state) + *conf_state = 0; + + if (qop_req != GSS_C_QOP_DEFAULT) + return (GSS_S_BAD_QOP); + + if (time_uptime > kc->kc_lifetime) + return (GSS_S_CONTEXT_EXPIRED); + + switch (kc->kc_tokenkey->ks_class->ec_type) { + case ETYPE_DES_CBC_CRC: + return (krb5_wrap_old(kc, conf_req_flag, + mp, conf_state, sgn_alg_des_md5, seal_alg_des)); + + case ETYPE_ARCFOUR_HMAC_MD5: + case ETYPE_ARCFOUR_HMAC_MD5_56: + return (krb5_wrap_old(kc, conf_req_flag, + mp, conf_state, sgn_alg_hmac_md5, seal_alg_rc4)); + + case ETYPE_DES3_CBC_SHA1: + return (krb5_wrap_old(kc, conf_req_flag, + mp, conf_state, sgn_alg_des3_sha1, seal_alg_des3)); + + default: + return (krb5_wrap_new(kc, conf_req_flag, mp, conf_state)); + } + + return (GSS_S_FAILURE); +} + +static void +m_trim(struct mbuf *m, int len) +{ + struct mbuf *n; + int off; + + n = m_getptr(m, len, &off); + if (n) { + n->m_len = off; + if (n->m_next) { + m_freem(n->m_next); + n->m_next = NULL; + } + } +} + +static OM_uint32 +krb5_unwrap_old(struct krb5_context *kc, struct mbuf **mp, int *conf_state, + uint8_t sgn_alg[2], uint8_t seal_alg[2]) +{ + OM_uint32 res; + struct mbuf *m, *mlast, *hm, *cm; + uint8_t *p, dir; + size_t mlen, tlen, elen, datalen, padlen; + size_t cklen; + uint8_t buf[32]; + uint32_t seq; + int i, conf; + + m = *mp; + mlen = m_length(m, &mlast); + + tlen = token_length(kc->kc_tokenkey); + cklen = kc->kc_tokenkey->ks_class->ec_checksumlen; + + p = krb5_verify_token("\x02\x01", tlen, &m, &elen, TRUE); + *mp = m; + if (!p) + return (GSS_S_DEFECTIVE_TOKEN); + datalen = elen - tlen; + + /* + * Trim the framing header first to make life a little easier + * later. + */ + m_adj(m, p - (uint8_t *) m->m_data); + + /* TOK_ID */ + p += 2; + + /* SGN_ALG */ + if (p[0] != sgn_alg[0] || p[1] != sgn_alg[1]) + return (GSS_S_DEFECTIVE_TOKEN); + p += 2; + + /* SEAL_ALG */ + if (p[0] == seal_alg[0] && p[1] == seal_alg[1]) + conf = 1; + else if (p[0] == 0xff && p[1] == 0xff) + conf = 0; + else + return (GSS_S_DEFECTIVE_TOKEN); + p += 2; + + if (p[0] != 0xff || p[1] != 0xff) + return (GSS_S_DEFECTIVE_TOKEN); + p += 2; + + /* + * SND_SEQ: + * + * Take the four bytes of the sequence number least + * significant first (most significant for ARCFOUR) followed + * by four bytes of direction marker (zero for initiator and + * 0xff for acceptor). Encrypt that data using the SGN_CKSUM + * as IV. + */ + krb5_decrypt(kc->kc_tokenkey, m, 8, 8, p + 8, 8); + if (sgn_alg[0] == 0x11) { + seq = p[3] | (p[2] << 8) | (p[1] << 16) | (p[0] << 24); + } else { + seq = p[0] | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); + } + + if (is_initiator(kc)) { + dir = 0xff; + } else { + dir = 0; + } + if (p[4] != dir || p[5] != dir || p[6] != dir || p[7] != dir) + return (GSS_S_DEFECTIVE_TOKEN); + + if (kc->kc_msg_order.km_flags & + (GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG)) { + res = krb5_sequence_check(kc, seq); + if (GSS_ERROR(res)) + return (res); + } else { + res = GSS_S_COMPLETE; + } + + /* + * If the token was encrypted, decode it in-place. + */ + if (conf) { + /* + * Decrypt the padded message with an IV of zero for + * DES and DES3 or an IV of the big-endian encoded + * sequence number for ARCFOUR. + */ + if (seal_alg[0] == 0x10) { + krb5_decrypt(kc->kc_encryptkey, m, 16 + cklen, + datalen, p, 4); + } else { + krb5_decrypt(kc->kc_encryptkey, m, 16 + cklen, + datalen, NULL, 0); + } + } + if (conf_state) + *conf_state = conf; + + /* + * Check the trailing pad bytes. + */ + KASSERT(mlast->m_len > 0, ("Unexpected empty mbuf")); + padlen = mlast->m_data[mlast->m_len - 1]; + m_copydata(m, tlen + datalen - padlen, padlen, buf); + for (i = 0; i < padlen; i++) { + if (buf[i] != padlen) { + return (GSS_S_DEFECTIVE_TOKEN); + } + } + + /* + * SGN_CKSUM: + * + * Calculate the keyed checksum of the token header plus the + * padded message. We do a little mbuf surgery to trim out the + * parts we don't want to checksum. + */ + hm = m; + *mp = m = m_split(m, 16 + cklen, M_WAITOK); + mlast = m_last(m); + hm->m_len = 8; + hm->m_next = m; + MGET(cm, M_WAITOK, MT_DATA); + cm->m_len = cklen; + mlast->m_next = cm; + + krb5_checksum(kc->kc_checksumkey, 13, hm, 0, datalen + 8, cklen); + hm->m_next = NULL; + mlast->m_next = NULL; + + if (bcmp(cm->m_data, hm->m_data + 16, cklen)) { + m_freem(hm); + m_free(cm); + return (GSS_S_BAD_SIG); + } + m_freem(hm); + m_free(cm); + + /* + * Trim off the confounder and padding. + */ + m_adj(m, 8); + if (mlast->m_len >= padlen) { + mlast->m_len -= padlen; + } else { + m_trim(m, datalen - 8 - padlen); + } + + *mp = m; + return (res); +} + +static OM_uint32 +krb5_unwrap_new(struct krb5_context *kc, struct mbuf **mp, int *conf_state) +{ + OM_uint32 res; + struct krb5_key_state *Ke = kc->kc_recv_seal_Ke; + struct krb5_key_state *Ki = kc->kc_recv_seal_Ki; + struct krb5_key_state *Kc = kc->kc_recv_seal_Kc; + const struct krb5_encryption_class *ec = Ke->ks_class; + struct mbuf *m, *mlast, *hm, *cm; + uint8_t *p, *pp; + int sealed, flags, EC, RRC; + size_t blen, cklen, ctlen, mlen, plen, tlen; + char buf[32], buf2[32]; + + m = *mp; + mlen = m_length(m, &mlast); + + if (mlen <= 16) + return (GSS_S_DEFECTIVE_TOKEN); + if (m->m_len < 16) { + m = m_pullup(m, 16); + *mp = m; + } + p = m->m_data; + + /* TOK_ID */ + if (p[0] != 0x05) + return (GSS_S_DEFECTIVE_TOKEN); + if (p[1] != 0x04) + return (GSS_S_DEFECTIVE_TOKEN); + + /* Flags */ + sealed = p[2] & GSS_TOKEN_SEALED; + flags = sealed; + if (is_initiator(kc)) + flags |= GSS_TOKEN_SENT_BY_ACCEPTOR; + if (kc->kc_more_flags & ACCEPTOR_SUBKEY) + flags |= GSS_TOKEN_ACCEPTOR_SUBKEY; + if (p[2] != flags) + return (GSS_S_DEFECTIVE_TOKEN); + + /* Filler */ + if (p[3] != 0xff) + return (GSS_S_DEFECTIVE_TOKEN); + + /* EC + RRC */ + EC = (p[4] << 8) + p[5]; + RRC = (p[6] << 8) + p[7]; + + /* SND_SEQ */ + if (kc->kc_msg_order.km_flags & + (GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG)) { + uint32_t seq; + if (p[8] || p[9] || p[10] || p[11]) { + res = GSS_S_UNSEQ_TOKEN; + } else { + seq = (p[12] << 24) | (p[13] << 16) + | (p[14] << 8) | p[15]; + res = krb5_sequence_check(kc, seq); + } + if (GSS_ERROR(res)) + return (res); + } else { + res = GSS_S_COMPLETE; + } + + /* + * Separate the header before dealing with RRC. We only need + * to keep the header if the message isn't encrypted. + */ + if (sealed) { + hm = NULL; + m_adj(m, 16); + } else { + hm = m; + *mp = m = m_split(m, 16, M_WAITOK); + mlast = m_last(m); + } + + /* + * Undo the effects of RRC by rotating left. + */ + if (RRC > 0) { + struct mbuf *rm; + size_t rlen; + + rlen = mlen - 16; + if (RRC <= sizeof(buf) && m->m_len >= rlen) { + /* + * Simple case, just rearrange the bytes in m. + */ + bcopy(m->m_data, buf, RRC); + bcopy(m->m_data + RRC, m->m_data, rlen - RRC); + bcopy(buf, m->m_data + rlen - RRC, RRC); + } else { + /* + * More complicated - rearrange the mbuf + * chain. + */ + rm = m; + *mp = m = m_split(m, RRC, M_WAITOK); + m_cat(m, rm); + mlast = rm; + } + } + + blen = ec->ec_blocklen; + cklen = ec->ec_checksumlen; + if (sealed) { + /* + * Decrypt according to RFC 4121 section 4.2 and RFC + * 3961 section 5.3. The message must be large enough + * for a blocksize confounder, at least one block of + * cyphertext and a checksum. + */ + if (mlen < 16 + 2*blen + cklen) + return (GSS_S_DEFECTIVE_TOKEN); + + ctlen = mlen - 16 - cklen; + krb5_decrypt(Ke, m, 0, ctlen, NULL, 0); + + /* + * The size of the plaintext is ctlen minus blocklen + * (for the confounder), 16 (for the copy of the token + * header) and EC (for the filler). The actual + * plaintext starts after the confounder. + */ + plen = ctlen - blen - 16 - EC; + pp = p + 16 + blen; + + /* + * Checksum the padded plaintext. + */ + m_copydata(m, ctlen, cklen, buf); + krb5_checksum(Ki, 0, m, 0, ctlen, cklen); + m_copydata(m, ctlen, cklen, buf2); + + if (bcmp(buf, buf2, cklen)) + return (GSS_S_BAD_SIG); + + /* + * Trim the message back to just plaintext. + */ + m_adj(m, blen); + tlen = 16 + EC + cklen; + if (mlast->m_len >= tlen) { + mlast->m_len -= tlen; + } else { + m_trim(m, plen); + } + } else { + /* + * The plaintext message is followed by a checksum of + * the plaintext plus a version of the header where EC + * and RRC are set to zero. Also, the original EC must + * be our checksum size. + */ + if (mlen < 16 + cklen || EC != cklen) + return (GSS_S_DEFECTIVE_TOKEN); + + /* + * The size of the plaintext is simply the message + * size less header and checksum. The plaintext starts + * right after the header (which we have saved in hm). + */ + plen = mlen - 16 - cklen; + + /* + * Insert a copy of the header (with EC and RRC set to + * zero) between the plaintext message and the + * checksum. + */ + p = hm->m_data; + p[4] = p[5] = p[6] = p[7] = 0; + + cm = m_split(m, plen, M_WAITOK); + mlast = m_last(m); + m->m_next = hm; + hm->m_next = cm; + + bcopy(cm->m_data, buf, cklen); + krb5_checksum(Kc, 0, m, 0, plen + 16, cklen); + if (bcmp(cm->m_data, buf, cklen)) + return (GSS_S_BAD_SIG); + + /* + * The checksum matches, discard all buf the plaintext. + */ + mlast->m_next = NULL; + m_freem(hm); + } + + if (conf_state) + *conf_state = (sealed != 0); + + return (res); +} + +static OM_uint32 +krb5_unwrap(struct krb5_context *kc, OM_uint32 *minor_status, + struct mbuf **mp, int *conf_state, gss_qop_t *qop_state) +{ + OM_uint32 maj_stat; + + *minor_status = 0; + if (qop_state) + *qop_state = GSS_C_QOP_DEFAULT; + if (conf_state) + *conf_state = 0; + + if (time_uptime > kc->kc_lifetime) + return (GSS_S_CONTEXT_EXPIRED); + + switch (kc->kc_tokenkey->ks_class->ec_type) { + case ETYPE_DES_CBC_CRC: + maj_stat = krb5_unwrap_old(kc, mp, conf_state, + sgn_alg_des_md5, seal_alg_des); + break; + + case ETYPE_ARCFOUR_HMAC_MD5: + case ETYPE_ARCFOUR_HMAC_MD5_56: + maj_stat = krb5_unwrap_old(kc, mp, conf_state, + sgn_alg_hmac_md5, seal_alg_rc4); + break; + + case ETYPE_DES3_CBC_SHA1: + maj_stat = krb5_unwrap_old(kc, mp, conf_state, + sgn_alg_des3_sha1, seal_alg_des3); + break; + + default: + maj_stat = krb5_unwrap_new(kc, mp, conf_state); + break; + } + + if (GSS_ERROR(maj_stat)) { + m_freem(*mp); + *mp = NULL; + } + + return (maj_stat); +} + +static OM_uint32 +krb5_wrap_size_limit(struct krb5_context *kc, OM_uint32 *minor_status, + int conf_req_flag, gss_qop_t qop_req, OM_uint32 req_output_size, + OM_uint32 *max_input_size) +{ + const struct krb5_encryption_class *ec; + OM_uint32 overhead; + + *minor_status = 0; + *max_input_size = 0; + + if (qop_req != GSS_C_QOP_DEFAULT) + return (GSS_S_BAD_QOP); + + ec = kc->kc_tokenkey->ks_class; + switch (ec->ec_type) { + case ETYPE_DES_CBC_CRC: + case ETYPE_DES3_CBC_SHA1: + case ETYPE_ARCFOUR_HMAC_MD5: + case ETYPE_ARCFOUR_HMAC_MD5_56: + /* + * up to 5 bytes for [APPLICATION 0] SEQUENCE + * 2 + krb5 oid length + * 8 bytes of header + * 8 bytes of confounder + * maximum of 8 bytes of padding + * checksum + */ + overhead = 5 + 2 + krb5_mech_oid.length; + overhead += 8 + 8 + ec->ec_msgblocklen; + overhead += ec->ec_checksumlen; + break; + + default: + if (conf_req_flag) { + /* + * 16 byts of header + * blocklen bytes of confounder + * up to msgblocklen - 1 bytes of padding + * 16 bytes for copy of header + * checksum + */ + overhead = 16 + ec->ec_blocklen; + overhead += ec->ec_msgblocklen - 1; + overhead += 16; + overhead += ec->ec_checksumlen; + } else { + /* + * 16 bytes of header plus checksum. + */ + overhead = 16 + ec->ec_checksumlen; + } + } + + *max_input_size = req_output_size - overhead; + + return (GSS_S_COMPLETE); +} + +static kobj_method_t krb5_methods[] = { + KOBJMETHOD(kgss_init, krb5_init), + KOBJMETHOD(kgss_import, krb5_import), + KOBJMETHOD(kgss_delete, krb5_delete), + KOBJMETHOD(kgss_mech_type, krb5_mech_type), + KOBJMETHOD(kgss_get_mic, krb5_get_mic), + KOBJMETHOD(kgss_verify_mic, krb5_verify_mic), + KOBJMETHOD(kgss_wrap, krb5_wrap), + KOBJMETHOD(kgss_unwrap, krb5_unwrap), + KOBJMETHOD(kgss_wrap_size_limit, krb5_wrap_size_limit), + { 0, 0 } +}; + +static struct kobj_class krb5_class = { + "kerberosv5", + krb5_methods, + sizeof(struct krb5_context) +}; + +/* + * Kernel module glue + */ +static int +kgssapi_krb5_modevent(module_t mod, int type, void *data) +{ + + switch (type) { + case MOD_LOAD: + kgss_install_mech(&krb5_mech_oid, "kerberosv5", &krb5_class); + break; + + case MOD_UNLOAD: + kgss_uninstall_mech(&krb5_mech_oid); + break; + } + + + return (0); +} +static moduledata_t kgssapi_krb5_mod = { + "kgssapi_krb5", + kgssapi_krb5_modevent, + NULL, +}; +DECLARE_MODULE(kgssapi_krb5, kgssapi_krb5_mod, SI_SUB_VFS, SI_ORDER_ANY); +MODULE_DEPEND(kgssapi_krb5, kgssapi, 1, 1, 1); +MODULE_DEPEND(kgssapi_krb5, crypto, 1, 1, 1); +MODULE_DEPEND(kgssapi_krb5, rc4, 1, 1, 1); +MODULE_VERSION(kgssapi_krb5, 1); |
