/*- * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ * Authors: Doug Rabson * Developed with Red Inc: Alfred Perlstein * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include static void report_error(gss_OID mech, OM_uint32 maj, OM_uint32 min) { OM_uint32 maj_stat, min_stat; OM_uint32 message_context; gss_buffer_desc buf; uprintf("major_stat=%d, minor_stat=%d\n", maj, min); message_context = 0; do { maj_stat = gss_display_status(&min_stat, maj, GSS_C_GSS_CODE, GSS_C_NO_OID, &message_context, &buf); if (GSS_ERROR(maj_stat)) break; uprintf("%.*s\n", (int)buf.length, (char *) buf.value); gss_release_buffer(&min_stat, &buf); } while (message_context); if (mech && min) { message_context = 0; do { maj_stat = gss_display_status(&min_stat, min, GSS_C_MECH_CODE, mech, &message_context, &buf); if (GSS_ERROR(maj_stat)) break; uprintf("%.*s\n", (int)buf.length, (char *) buf.value); gss_release_buffer(&min_stat, &buf); } while (message_context); } } #if 0 static void send_token_to_peer(const gss_buffer_t token) { const uint8_t *p; size_t i; printf("send token:\n"); printf("%d ", (int) token->length); p = (const uint8_t *) token->value; for (i = 0; i < token->length; i++) printf("%02x", *p++); printf("\n"); } static void receive_token_from_peer(gss_buffer_t token) { char line[8192]; char *p; uint8_t *q; int len, val; printf("receive token:\n"); fgets(line, sizeof(line), stdin); if (line[strlen(line) - 1] != '\n') { printf("token truncated\n"); exit(1); } p = line; if (sscanf(line, "%d ", &len) != 1) { printf("bad token\n"); exit(1); } p = strchr(p, ' ') + 1; token->length = len; token->value = malloc(len); q = (uint8_t *) token->value; while (len) { if (sscanf(p, "%02x", &val) != 1) { printf("bad token\n"); exit(1); } *q++ = val; p += 2; len--; } } #endif #if 0 void server(int argc, char** argv) { OM_uint32 maj_stat, min_stat; gss_buffer_desc input_token, output_token; gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT; gss_name_t client_name; gss_OID mech_type; if (argc != 1) usage(); do { receive_token_from_peer(&input_token); maj_stat = gss_accept_sec_context(&min_stat, &context_hdl, GSS_C_NO_CREDENTIAL, &input_token, GSS_C_NO_CHANNEL_BINDINGS, &client_name, &mech_type, &output_token, NULL, NULL, NULL); if (GSS_ERROR(maj_stat)) { report_error(mech_type, maj_stat, min_stat); } if (output_token.length != 0) { send_token_to_peer(&output_token); gss_release_buffer(&min_stat, &output_token); } if (GSS_ERROR(maj_stat)) { if (context_hdl != GSS_C_NO_CONTEXT) gss_delete_sec_context(&min_stat, &context_hdl, GSS_C_NO_BUFFER); break; } } while (maj_stat & GSS_S_CONTINUE_NEEDED); if (client_name) { gss_buffer_desc name_desc; char buf[512]; gss_display_name(&min_stat, client_name, &name_desc, NULL); memcpy(buf, name_desc.value, name_desc.length); buf[name_desc.length] = 0; gss_release_buffer(&min_stat, &name_desc); printf("client name is %s\n", buf); } receive_token_from_peer(&input_token); gss_unwrap(&min_stat, context_hdl, &input_token, &output_token, NULL, NULL); printf("%.*s\n", (int)output_token.length, (char *) output_token.value); gss_release_buffer(&min_stat, &output_token); } #endif /* 1.2.752.43.13.14 */ static gss_OID_desc gss_krb5_set_allowable_enctypes_x_desc = {6, (void *) "\x2a\x85\x70\x2b\x0d\x0e"}; gss_OID GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X = &gss_krb5_set_allowable_enctypes_x_desc; #define ETYPE_DES_CBC_CRC 1 /* * Create an initiator context and acceptor context in the kernel and * use them to exchange signed and sealed messages. */ static int gsstest_1(struct thread *td) { OM_uint32 maj_stat, min_stat; OM_uint32 smaj_stat, smin_stat; int context_established = 0; gss_ctx_id_t client_context = GSS_C_NO_CONTEXT; gss_ctx_id_t server_context = GSS_C_NO_CONTEXT; gss_cred_id_t client_cred = GSS_C_NO_CREDENTIAL; gss_cred_id_t server_cred = GSS_C_NO_CREDENTIAL; gss_name_t name = GSS_C_NO_NAME; gss_name_t received_name = GSS_C_NO_NAME; gss_buffer_desc name_desc; gss_buffer_desc client_token, server_token, message_buf; gss_OID mech, actual_mech, mech_type; static gss_OID_desc krb5_desc = {9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"}; #if 0 static gss_OID_desc spnego_desc = {6, (void *)"\x2b\x06\x01\x05\x05\x02"}; static gss_OID_desc ntlm_desc = {10, (void *)"\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a"}; #endif char enctype[sizeof(uint32_t)]; mech = GSS_C_NO_OID; { static char sbuf[512]; memcpy(sbuf, "nfs@", 4); getcredhostname(td->td_ucred, sbuf + 4, sizeof(sbuf) - 4); name_desc.value = sbuf; } name_desc.length = strlen((const char *) name_desc.value); maj_stat = gss_import_name(&min_stat, &name_desc, GSS_C_NT_HOSTBASED_SERVICE, &name); if (GSS_ERROR(maj_stat)) { printf("gss_import_name failed\n"); report_error(mech, maj_stat, min_stat); goto out; } maj_stat = gss_acquire_cred(&min_stat, GSS_C_NO_NAME, 0, GSS_C_NO_OID_SET, GSS_C_INITIATE, &client_cred, NULL, NULL); if (GSS_ERROR(maj_stat)) { printf("gss_acquire_cred (client) failed\n"); report_error(mech, maj_stat, min_stat); goto out; } enctype[0] = (ETYPE_DES_CBC_CRC >> 24) & 0xff; enctype[1] = (ETYPE_DES_CBC_CRC >> 16) & 0xff; enctype[2] = (ETYPE_DES_CBC_CRC >> 8) & 0xff; enctype[3] = ETYPE_DES_CBC_CRC & 0xff; message_buf.length = sizeof(enctype); message_buf.value = enctype; maj_stat = gss_set_cred_option(&min_stat, &client_cred, GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X, &message_buf); if (GSS_ERROR(maj_stat)) { printf("gss_set_cred_option failed\n"); report_error(mech, maj_stat, min_stat); goto out; } server_token.length = 0; server_token.value = NULL; while (!context_established) { client_token.length = 0; client_token.value = NULL; maj_stat = gss_init_sec_context(&min_stat, client_cred, &client_context, name, mech, GSS_C_MUTUAL_FLAG|GSS_C_CONF_FLAG|GSS_C_INTEG_FLAG, 0, GSS_C_NO_CHANNEL_BINDINGS, &server_token, &actual_mech, &client_token, NULL, NULL); if (server_token.length) gss_release_buffer(&smin_stat, &server_token); if (GSS_ERROR(maj_stat)) { printf("gss_init_sec_context failed\n"); report_error(mech, maj_stat, min_stat); goto out; } if (client_token.length != 0) { if (!server_cred) { gss_OID_set_desc oid_set; oid_set.count = 1; oid_set.elements = &krb5_desc; smaj_stat = gss_acquire_cred(&smin_stat, name, 0, &oid_set, GSS_C_ACCEPT, &server_cred, NULL, NULL); if (GSS_ERROR(smaj_stat)) { printf("gss_acquire_cred (server) failed\n"); report_error(mech_type, smaj_stat, smin_stat); goto out; } } smaj_stat = gss_accept_sec_context(&smin_stat, &server_context, server_cred, &client_token, GSS_C_NO_CHANNEL_BINDINGS, &received_name, &mech_type, &server_token, NULL, NULL, NULL); if (GSS_ERROR(smaj_stat)) { printf("gss_accept_sec_context failed\n"); report_error(mech_type, smaj_stat, smin_stat); goto out; } gss_release_buffer(&min_stat, &client_token); } if (GSS_ERROR(maj_stat)) { if (client_context != GSS_C_NO_CONTEXT) gss_delete_sec_context(&min_stat, &client_context, GSS_C_NO_BUFFER); break; } if (maj_stat == GSS_S_COMPLETE) { context_established = 1; } } message_buf.length = strlen("Hello world"); message_buf.value = (void *) "Hello world"; maj_stat = gss_get_mic(&min_stat, client_context, GSS_C_QOP_DEFAULT, &message_buf, &client_token); if (GSS_ERROR(maj_stat)) { printf("gss_get_mic failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } maj_stat = gss_verify_mic(&min_stat, server_context, &message_buf, &client_token, NULL); if (GSS_ERROR(maj_stat)) { printf("gss_verify_mic failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } gss_release_buffer(&min_stat, &client_token); maj_stat = gss_wrap(&min_stat, client_context, TRUE, GSS_C_QOP_DEFAULT, &message_buf, NULL, &client_token); if (GSS_ERROR(maj_stat)) { printf("gss_wrap failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } maj_stat = gss_unwrap(&min_stat, server_context, &client_token, &server_token, NULL, NULL); if (GSS_ERROR(maj_stat)) { printf("gss_unwrap failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } if (message_buf.length != server_token.length || memcmp(message_buf.value, server_token.value, message_buf.length)) printf("unwrap result corrupt\n"); gss_release_buffer(&min_stat, &client_token); gss_release_buffer(&min_stat, &server_token); out: if (client_context) gss_delete_sec_context(&min_stat, &client_context, GSS_C_NO_BUFFER); if (server_context) gss_delete_sec_context(&min_stat, &server_context, GSS_C_NO_BUFFER); if (client_cred) gss_release_cred(&min_stat, &client_cred); if (server_cred) gss_release_cred(&min_stat, &server_cred); if (name) gss_release_name(&min_stat, &name); if (received_name) gss_release_name(&min_stat, &received_name); return (0); } /* * Interoperability with userland. This takes several steps: * * 1. Accept an initiator token from userland, return acceptor * token. Repeat this step until both userland and kernel return * GSS_S_COMPLETE. * * 2. Receive a signed message from userland and verify the * signature. Return a signed reply to userland for it to verify. * * 3. Receive a wrapped message from userland and unwrap it. Return a * wrapped reply to userland. */ static int gsstest_2(struct thread *td, int step, const gss_buffer_t input_token, OM_uint32 *maj_stat_res, OM_uint32 *min_stat_res, gss_buffer_t output_token) { OM_uint32 maj_stat, min_stat; static int context_established = 0; static gss_ctx_id_t server_context = GSS_C_NO_CONTEXT; static gss_cred_id_t server_cred = GSS_C_NO_CREDENTIAL; static gss_name_t name = GSS_C_NO_NAME; gss_buffer_desc name_desc; gss_buffer_desc message_buf; gss_OID mech_type = GSS_C_NO_OID; char enctype[sizeof(uint32_t)]; int error = EINVAL; maj_stat = GSS_S_FAILURE; min_stat = 0; switch (step) { case 1: if (server_context == GSS_C_NO_CONTEXT) { static char sbuf[512]; memcpy(sbuf, "nfs@", 4); getcredhostname(td->td_ucred, sbuf + 4, sizeof(sbuf) - 4); name_desc.value = sbuf; name_desc.length = strlen((const char *) name_desc.value); maj_stat = gss_import_name(&min_stat, &name_desc, GSS_C_NT_HOSTBASED_SERVICE, &name); if (GSS_ERROR(maj_stat)) { printf("gss_import_name failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } maj_stat = gss_acquire_cred(&min_stat, name, 0, GSS_C_NO_OID_SET, GSS_C_ACCEPT, &server_cred, NULL, NULL); if (GSS_ERROR(maj_stat)) { printf("gss_acquire_cred (server) failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } enctype[0] = (ETYPE_DES_CBC_CRC >> 24) & 0xff; enctype[1] = (ETYPE_DES_CBC_CRC >> 16) & 0xff; enctype[2] = (ETYPE_DES_CBC_CRC >> 8) & 0xff; enctype[3] = ETYPE_DES_CBC_CRC & 0xff; message_buf.length = sizeof(enctype); message_buf.value = enctype; maj_stat = gss_set_cred_option(&min_stat, &server_cred, GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X, &message_buf); if (GSS_ERROR(maj_stat)) { printf("gss_set_cred_option failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } } maj_stat = gss_accept_sec_context(&min_stat, &server_context, server_cred, input_token, GSS_C_NO_CHANNEL_BINDINGS, NULL, &mech_type, output_token, NULL, NULL, NULL); if (GSS_ERROR(maj_stat)) { printf("gss_accept_sec_context failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } if (maj_stat == GSS_S_COMPLETE) { context_established = 1; } *maj_stat_res = maj_stat; *min_stat_res = min_stat; break; case 2: message_buf.length = strlen("Hello world"); message_buf.value = (void *) "Hello world"; maj_stat = gss_verify_mic(&min_stat, server_context, &message_buf, input_token, NULL); if (GSS_ERROR(maj_stat)) { printf("gss_verify_mic failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } maj_stat = gss_get_mic(&min_stat, server_context, GSS_C_QOP_DEFAULT, &message_buf, output_token); if (GSS_ERROR(maj_stat)) { printf("gss_get_mic failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } break; case 3: maj_stat = gss_unwrap(&min_stat, server_context, input_token, &message_buf, NULL, NULL); if (GSS_ERROR(maj_stat)) { printf("gss_unwrap failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } gss_release_buffer(&min_stat, &message_buf); message_buf.length = strlen("Hello world"); message_buf.value = (void *) "Hello world"; maj_stat = gss_wrap(&min_stat, server_context, TRUE, GSS_C_QOP_DEFAULT, &message_buf, NULL, output_token); if (GSS_ERROR(maj_stat)) { printf("gss_wrap failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } break; case 4: maj_stat = gss_unwrap(&min_stat, server_context, input_token, &message_buf, NULL, NULL); if (GSS_ERROR(maj_stat)) { printf("gss_unwrap failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } gss_release_buffer(&min_stat, &message_buf); message_buf.length = strlen("Hello world"); message_buf.value = (void *) "Hello world"; maj_stat = gss_wrap(&min_stat, server_context, FALSE, GSS_C_QOP_DEFAULT, &message_buf, NULL, output_token); if (GSS_ERROR(maj_stat)) { printf("gss_wrap failed\n"); report_error(mech_type, maj_stat, min_stat); goto out; } break; case 5: error = 0; goto out; } *maj_stat_res = maj_stat; *min_stat_res = min_stat; return (0); out: *maj_stat_res = maj_stat; *min_stat_res = min_stat; if (server_context) gss_delete_sec_context(&min_stat, &server_context, GSS_C_NO_BUFFER); if (server_cred) gss_release_cred(&min_stat, &server_cred); if (name) gss_release_name(&min_stat, &name); return (error); } /* * Create an RPC client handle for the given (address,prog,vers) * triple using UDP. */ static CLIENT * gsstest_get_rpc(struct sockaddr *sa, rpcprog_t prog, rpcvers_t vers) { struct thread *td = curthread; const char* protofmly; struct sockaddr_storage ss; struct socket *so; CLIENT *rpcb; struct timeval timo; RPCB parms; char *uaddr; enum clnt_stat stat = RPC_SUCCESS; int rpcvers = RPCBVERS4; bool_t do_tcp = FALSE; struct portmap mapping; u_short port = 0; /* * First we need to contact the remote RPCBIND service to find * the right port. */ memcpy(&ss, sa, sa->sa_len); switch (ss.ss_family) { case AF_INET: ((struct sockaddr_in *)&ss)->sin_port = htons(111); protofmly = "inet"; socreate(AF_INET, &so, SOCK_DGRAM, 0, td->td_ucred, td); break; #ifdef INET6 case AF_INET6: ((struct sockaddr_in6 *)&ss)->sin6_port = htons(111); protofmly = "inet6"; socreate(AF_INET6, &so, SOCK_DGRAM, 0, td->td_ucred, td); break; #endif default: /* * Unsupported address family - fail. */ return (NULL); } rpcb = clnt_dg_create(so, (struct sockaddr *)&ss, RPCBPROG, rpcvers, 0, 0); if (!rpcb) return (NULL); try_tcp: parms.r_prog = prog; parms.r_vers = vers; if (do_tcp) parms.r_netid = "tcp"; else parms.r_netid = "udp"; parms.r_addr = ""; parms.r_owner = ""; /* * Use the default timeout. */ timo.tv_sec = 25; timo.tv_usec = 0; again: switch (rpcvers) { case RPCBVERS4: case RPCBVERS: /* * Try RPCBIND 4 then 3. */ uaddr = NULL; stat = CLNT_CALL(rpcb, (rpcprog_t) RPCBPROC_GETADDR, (xdrproc_t) xdr_rpcb, &parms, (xdrproc_t) xdr_wrapstring, &uaddr, timo); if (stat == RPC_PROGVERSMISMATCH) { if (rpcvers == RPCBVERS4) rpcvers = RPCBVERS; else if (rpcvers == RPCBVERS) rpcvers = PMAPVERS; CLNT_CONTROL(rpcb, CLSET_VERS, &rpcvers); goto again; } else if (stat == RPC_SUCCESS) { /* * We have a reply from the remote RPCBIND - turn it * into an appropriate address and make a new client * that can talk to the remote service. * * XXX fixup IPv6 scope ID. */ struct netbuf *a; a = __rpc_uaddr2taddr_af(ss.ss_family, uaddr); xdr_free((xdrproc_t) xdr_wrapstring, &uaddr); if (!a) { CLNT_DESTROY(rpcb); return (NULL); } memcpy(&ss, a->buf, a->len); free(a->buf, M_RPC); free(a, M_RPC); } break; case PMAPVERS: /* * Try portmap. */ mapping.pm_prog = parms.r_prog; mapping.pm_vers = parms.r_vers; mapping.pm_prot = do_tcp ? IPPROTO_TCP : IPPROTO_UDP; mapping.pm_port = 0; stat = CLNT_CALL(rpcb, (rpcprog_t) PMAPPROC_GETPORT, (xdrproc_t) xdr_portmap, &mapping, (xdrproc_t) xdr_u_short, &port, timo); if (stat == RPC_SUCCESS) { switch (ss.ss_family) { case AF_INET: ((struct sockaddr_in *)&ss)->sin_port = htons(port); break; #ifdef INET6 case AF_INET6: ((struct sockaddr_in6 *)&ss)->sin6_port = htons(port); break; #endif } } break; default: panic("invalid rpcvers %d", rpcvers); } /* * We may have a positive response from the portmapper, but * the requested service was not found. Make sure we received * a valid port. */ switch (ss.ss_family) { case AF_INET: port = ((struct sockaddr_in *)&ss)->sin_port; break; #ifdef INET6 case AF_INET6: port = ((struct sockaddr_in6 *)&ss)->sin6_port; break; #endif } if (stat != RPC_SUCCESS || !port) { /* * If we were able to talk to rpcbind or portmap, but the udp * variant wasn't available, ask about tcp. * * XXX - We could also check for a TCP portmapper, but * if the host is running a portmapper at all, we should be able * to hail it over UDP. */ if (stat == RPC_SUCCESS && !do_tcp) { do_tcp = TRUE; goto try_tcp; } /* Otherwise, bad news. */ printf("gsstest_get_rpc: failed to contact remote rpcbind, " "stat = %d, port = %d\n", (int) stat, port); CLNT_DESTROY(rpcb); return (NULL); } if (do_tcp) { /* * Destroy the UDP client we used to speak to rpcbind and * recreate as a TCP client. */ struct netconfig *nconf = NULL; CLNT_DESTROY(rpcb); switch (ss.ss_family) { case AF_INET: nconf = getnetconfigent("tcp"); break; #ifdef INET6 case AF_INET6: nconf = getnetconfigent("tcp6"); break; #endif } rpcb = clnt_reconnect_create(nconf, (struct sockaddr *)&ss, prog, vers, 0, 0); } else { /* * Re-use the client we used to speak to rpcbind. */ CLNT_CONTROL(rpcb, CLSET_SVC_ADDR, &ss); CLNT_CONTROL(rpcb, CLSET_PROG, &prog); CLNT_CONTROL(rpcb, CLSET_VERS, &vers); } return (rpcb); } /* * RPCSEC_GSS client */ static int gsstest_3(struct thread *td) { struct sockaddr_in sin; char service[128]; CLIENT *client; AUTH *auth; rpc_gss_options_ret_t options_ret; enum clnt_stat stat; struct timeval tv; rpc_gss_service_t svc; int i; sin.sin_len = sizeof(sin); sin.sin_family = AF_INET; sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); sin.sin_port = 0; client = gsstest_get_rpc((struct sockaddr *) &sin, 123456, 1); if (!client) { uprintf("Can't connect to service\n"); return(1); } memcpy(service, "host@", 5); getcredhostname(td->td_ucred, service + 5, sizeof(service) - 5); auth = rpc_gss_seccreate(client, curthread->td_ucred, service, "kerberosv5", rpc_gss_svc_privacy, NULL, NULL, &options_ret); if (!auth) { gss_OID oid; uprintf("Can't authorize to service (mech=%s)\n", options_ret.actual_mechanism); oid = GSS_C_NO_OID; rpc_gss_mech_to_oid(options_ret.actual_mechanism, &oid); report_error(oid, options_ret.major_status, options_ret.minor_status); CLNT_DESTROY(client); return (1); } for (svc = rpc_gss_svc_none; svc <= rpc_gss_svc_privacy; svc++) { const char *svc_names[] = { "rpc_gss_svc_default", "rpc_gss_svc_none", "rpc_gss_svc_integrity", "rpc_gss_svc_privacy" }; int num; rpc_gss_set_defaults(auth, svc, NULL); client->cl_auth = auth; tv.tv_sec = 5; tv.tv_usec = 0; for (i = 42; i < 142; i++) { num = i; stat = CLNT_CALL(client, 1, (xdrproc_t) xdr_int, (char *) &num, (xdrproc_t) xdr_int, (char *) &num, tv); if (stat == RPC_SUCCESS) { if (num != i + 100) uprintf("unexpected reply %d\n", num); } else { uprintf("call failed, stat=%d\n", (int) stat); break; } } if (i == 142) uprintf("call succeeded with %s\n", svc_names[svc]); } AUTH_DESTROY(auth); CLNT_RELEASE(client); return (0); } /* * RPCSEC_GSS server */ static rpc_gss_principal_t server_acl = NULL; static bool_t server_new_context(struct svc_req *req, gss_cred_id_t deleg, gss_ctx_id_t gss_context, rpc_gss_lock_t *lock, void **cookie); static void server_program_1(struct svc_req *rqstp, register SVCXPRT *transp); static int gsstest_4(struct thread *td) { SVCPOOL *pool; char principal[128 + 5]; const char **mechs; static rpc_gss_callback_t cb; memcpy(principal, "host@", 5); getcredhostname(td->td_ucred, principal + 5, sizeof(principal) - 5); mechs = rpc_gss_get_mechanisms(); while (*mechs) { if (!rpc_gss_set_svc_name(principal, *mechs, GSS_C_INDEFINITE, 123456, 1)) { rpc_gss_error_t e; rpc_gss_get_error(&e); printf("setting name for %s for %s failed: %d, %d\n", principal, *mechs, e.rpc_gss_error, e.system_error); } mechs++; } cb.program = 123456; cb.version = 1; cb.callback = server_new_context; rpc_gss_set_callback(&cb); pool = svcpool_create("gsstest", NULL); svc_create(pool, server_program_1, 123456, 1, NULL); svc_run(pool); rpc_gss_clear_svc_name(123456, 1); rpc_gss_clear_callback(&cb); svcpool_destroy(pool); return (0); } static void server_program_1(struct svc_req *rqstp, register SVCXPRT *transp) { rpc_gss_rawcred_t *rcred; rpc_gss_ucred_t *ucred; int i, num; if (rqstp->rq_cred.oa_flavor != RPCSEC_GSS) { svcerr_weakauth(rqstp); return; } if (!rpc_gss_getcred(rqstp, &rcred, &ucred, NULL)) { svcerr_systemerr(rqstp); return; } printf("svc=%d, mech=%s, uid=%d, gid=%d, gids={", rcred->service, rcred->mechanism, ucred->uid, ucred->gid); for (i = 0; i < ucred->gidlen; i++) { if (i > 0) printf(","); printf("%d", ucred->gidlist[i]); } printf("}\n"); switch (rqstp->rq_proc) { case 0: if (!svc_getargs(rqstp, (xdrproc_t) xdr_void, 0)) { svcerr_decode(rqstp); goto out; } if (!svc_sendreply(rqstp, (xdrproc_t) xdr_void, 0)) { svcerr_systemerr(rqstp); } goto out; case 1: if (!svc_getargs(rqstp, (xdrproc_t) xdr_int, (char *) &num)) { svcerr_decode(rqstp); goto out; } num += 100; if (!svc_sendreply(rqstp, (xdrproc_t) xdr_int, (char *) &num)) { svcerr_systemerr(rqstp); } goto out; default: svcerr_noproc(rqstp); goto out; } out: svc_freereq(rqstp); return; } static void print_principal(rpc_gss_principal_t principal) { int i, len, n; uint8_t *p; len = principal->len; p = (uint8_t *) principal->name; while (len > 0) { n = len; if (n > 16) n = 16; for (i = 0; i < n; i++) printf("%02x ", p[i]); for (; i < 16; i++) printf(" "); printf("|"); for (i = 0; i < n; i++) printf("%c", isprint(p[i]) ? p[i] : '.'); printf("|\n"); len -= n; p += n; } } static bool_t server_new_context(__unused struct svc_req *req, gss_cred_id_t deleg, __unused gss_ctx_id_t gss_context, rpc_gss_lock_t *lock, __unused void **cookie) { rpc_gss_rawcred_t *rcred = lock->raw_cred; OM_uint32 junk; printf("new security context version=%d, mech=%s, qop=%s:\n", rcred->version, rcred->mechanism, rcred->qop); print_principal(rcred->client_principal); if (server_acl) { if (rcred->client_principal->len != server_acl->len || memcmp(rcred->client_principal->name, server_acl->name, server_acl->len)) { return (FALSE); } } gss_release_cred(&junk, &deleg); return (TRUE); } /* * Hook up a syscall for gssapi testing. */ struct gsstest_args { int a_op; void *a_args; void *a_res; }; struct gsstest_2_args { int step; /* test step number */ gss_buffer_desc input_token; /* token from userland */ gss_buffer_desc output_token; /* buffer to receive reply token */ }; struct gsstest_2_res { OM_uint32 maj_stat; /* maj_stat from kernel */ OM_uint32 min_stat; /* min_stat from kernel */ gss_buffer_desc output_token; /* reply token (using space from gsstest_2_args.output) */ }; static int gsstest(struct thread *td, struct gsstest_args *uap) { int error; switch (uap->a_op) { case 1: return (gsstest_1(td)); case 2: { struct gsstest_2_args args; struct gsstest_2_res res; gss_buffer_desc input_token, output_token; OM_uint32 junk; error = copyin(uap->a_args, &args, sizeof(args)); if (error) return (error); input_token.length = args.input_token.length; input_token.value = malloc(input_token.length, M_GSSAPI, M_WAITOK); error = copyin(args.input_token.value, input_token.value, input_token.length); if (error) { gss_release_buffer(&junk, &input_token); return (error); } output_token.length = 0; output_token.value = NULL; gsstest_2(td, args.step, &input_token, &res.maj_stat, &res.min_stat, &output_token); gss_release_buffer(&junk, &input_token); if (output_token.length > args.output_token.length) { gss_release_buffer(&junk, &output_token); return (EOVERFLOW); } res.output_token.length = output_token.length; res.output_token.value = args.output_token.value; error = copyout(output_token.value, res.output_token.value, output_token.length); gss_release_buffer(&junk, &output_token); if (error) return (error); return (copyout(&res, uap->a_res, sizeof(res))); break; } case 3: return (gsstest_3(td)); case 4: return (gsstest_4(td)); } return (EINVAL); } /* * The `sysent' for the new syscall */ static struct sysent gsstest_sysent = { 3, /* sy_narg */ (sy_call_t *) gsstest /* sy_call */ }; /* * The offset in sysent where the syscall is allocated. */ static int gsstest_offset = NO_SYSCALL; /* * The function called at load/unload. */ static int gsstest_load(struct module *module, int cmd, void *arg) { int error = 0; switch (cmd) { case MOD_LOAD : break; case MOD_UNLOAD : break; default : error = EOPNOTSUPP; break; } return error; } SYSCALL_MODULE(gsstest_syscall, &gsstest_offset, &gsstest_sysent, gsstest_load, NULL);