search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
This commit was manufactured by cvs2svn to create tag
[heimdal.git] / appl / kx / krb5.c
blob8a0c0762c3592baa9440a46190965331cd5f5a00
1 /*
2 * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "kx.h"
35
36 RCSID("$Id$");
37
38 #ifdef KRB5
39
40 struct krb5_kx_context {
41 krb5_context context;
42 krb5_keyblock *keyblock;
43 krb5_crypto crypto;
44 krb5_principal client;
45 krb5_log_facility *log;
46
47 };
48
49 typedef struct krb5_kx_context krb5_kx_context;
50
51 #define K5DATA(kc) ((krb5_kx_context*)kc->data)
52 #define CONTEXT(kc) (K5DATA(kc)->context)
53
54 /*
55 * Destroy the krb5 context in `c'.
56 */
57
58 static void
59 krb5_destroy (kx_context *kc)
60 {
61 if (K5DATA(kc)->keyblock)
62 krb5_free_keyblock (CONTEXT(kc), K5DATA(kc)->keyblock);
63 if (K5DATA(kc)->crypto)
64 krb5_crypto_destroy (CONTEXT(kc), K5DATA(kc)->crypto);
65 if (K5DATA(kc)->client)
66 krb5_free_principal (CONTEXT(kc), K5DATA(kc)->client);
67 if (CONTEXT(kc))
68 krb5_free_context (CONTEXT(kc));
69 memset (kc->data, 0, sizeof(krb5_kx_context));
70 free (kc->data);
71 }
72
73 /*
74 * Read the authentication information from `s' and return 0 if
75 * succesful, else -1.
76 */
77
78 static int
79 krb5_authenticate (kx_context *kc, int s)
80 {
81 krb5_auth_context auth_context = NULL;
82 krb5_error_code ret;
83 krb5_principal server;
84 const char *host = kc->host;
85
86 ret = krb5_sname_to_principal (CONTEXT(kc),
87 host, "host", KRB5_NT_SRV_HST, &server);
88 if (ret) {
89 krb5_warn (CONTEXT(kc), ret, "krb5_sname_to_principal: %s", host);
90 return 1;
91 }
92
93 ret = krb5_sendauth (CONTEXT(kc),
94 &auth_context,
95 &s,
96 KX_VERSION,
97 NULL,
98 server,
99 AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY,
100 NULL,
101 NULL,
102 NULL,
103 NULL,
104 NULL,
105 NULL);
106 if (ret) {
107 if(ret != KRB5_SENDAUTH_BADRESPONSE)
108 krb5_warn (CONTEXT(kc), ret, "krb5_sendauth: %s", host);
109 return 1;
110 }
111
112 ret = krb5_auth_con_getkey (CONTEXT(kc), auth_context,
113 &K5DATA(kc)->keyblock);
114 if (ret) {
115 krb5_warn (CONTEXT(kc), ret, "krb5_auth_con_getkey: %s", host);
116 krb5_auth_con_free (CONTEXT(kc), auth_context);
117 return 1;
118 }
119
120 ret = krb5_crypto_init (CONTEXT(kc), K5DATA(kc)->keyblock,
121 0, &K5DATA(kc)->crypto);
122 if (ret) {
123 krb5_warn (CONTEXT(kc), ret, "krb5_crypto_init");
124 krb5_auth_con_free (CONTEXT(kc), auth_context);
125 return 1;
126 }
127 return 0;
128 }
129
130 /*
131 * Read an encapsulated krb5 packet from `fd' into `buf' (of size
132 * `len'). Return the number of bytes read or 0 on EOF or -1 on
133 * error.
134 */
135
136 static ssize_t
137 krb5_read (kx_context *kc,
138 int fd, void *buf, size_t len)
139 {
140 size_t data_len, outer_len;
141 krb5_error_code ret;
142 unsigned char tmp[4];
143 krb5_data data;
144 int l;
145
146 l = krb5_net_read (CONTEXT(kc), &fd, tmp, 4);
147 if (l == 0)
148 return l;
149 if (l != 4)
150 return -1;
151 data_len = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3];
152 outer_len = krb5_get_wrapped_length (CONTEXT(kc),
153 K5DATA(kc)->crypto, data_len);
154 if (outer_len > len)
155 return -1;
156 if (krb5_net_read (CONTEXT(kc), &fd, buf, outer_len) != outer_len)
157 return -1;
158
159 ret = krb5_decrypt (CONTEXT(kc), K5DATA(kc)->crypto,
160 KRB5_KU_OTHER_ENCRYPTED,
161 buf, outer_len, &data);
162 if (ret) {
163 krb5_warn (CONTEXT(kc), ret, "krb5_decrypt");
164 return -1;
165 }
166 if (data_len > data.length) {
167 krb5_data_free (&data);
168 return -1;
169 }
170 memmove (buf, data.data, data_len);
171 krb5_data_free (&data);
172 return data_len;
173 }
174
175 /*
176 * Write an encapsulated krb5 packet on `fd' with the data in `buf,
177 * len'. Return len or -1 on error.
178 */
179
180 static ssize_t
181 krb5_write(kx_context *kc,
182 int fd, const void *buf, size_t len)
183 {
184 krb5_data data;
185 krb5_error_code ret;
186 unsigned char tmp[4];
187 size_t outlen;
188
189 ret = krb5_encrypt (CONTEXT(kc), K5DATA(kc)->crypto,
190 KRB5_KU_OTHER_ENCRYPTED,
191 (void *)buf, len, &data);
192 if (ret){
193 krb5_warn (CONTEXT(kc), ret, "krb5_write");
194 return -1;
195 }
196
197 outlen = data.length;
198 tmp[0] = (len >> 24) & 0xFF;
199 tmp[1] = (len >> 16) & 0xFF;
200 tmp[2] = (len >> 8) & 0xFF;
201 tmp[3] = (len >> 0) & 0xFF;
202
203 if (krb5_net_write (CONTEXT(kc), &fd, tmp, 4) != 4 ||
204 krb5_net_write (CONTEXT(kc), &fd, data.data, outlen) != outlen) {
205 krb5_data_free (&data);
206 return -1;
207 }
208 krb5_data_free (&data);
209 return len;
210 }
211
212 /*
213 * Copy from the unix socket `from_fd' encrypting to `to_fd'.
214 * Return 0, -1 or len.
215 */
216
217 static int
218 copy_out (kx_context *kc, int from_fd, int to_fd)
219 {
220 char buf[32768];
221 ssize_t len;
222
223 len = read (from_fd, buf, sizeof(buf));
224 if (len == 0)
225 return 0;
226 if (len < 0) {
227 krb5_warn (CONTEXT(kc), errno, "read");
228 return len;
229 }
230 return krb5_write (kc, to_fd, buf, len);
231 }
232
233 /*
234 * Copy from the socket `from_fd' decrypting to `to_fd'.
235 * Return 0, -1 or len.
236 */
237
238 static int
239 copy_in (kx_context *kc, int from_fd, int to_fd)
240 {
241 char buf[33000]; /* XXX */
242
243 ssize_t len;
244
245 len = krb5_read (kc, from_fd, buf, sizeof(buf));
246 if (len == 0)
247 return 0;
248 if (len < 0) {
249 krb5_warn (CONTEXT(kc), errno, "krb5_read");
250 return len;
251 }
252
253 return krb5_net_write (CONTEXT(kc), &to_fd, buf, len);
254 }
255
256 /*
257 * Copy data between `fd1' and `fd2', encrypting in one direction and
258 * decrypting in the other.
259 */
260
261 static int
262 krb5_copy_encrypted (kx_context *kc, int fd1, int fd2)
263 {
264 for (;;) {
265 fd_set fdset;
266 int ret;
267
268 if (fd1 >= FD_SETSIZE || fd2 >= FD_SETSIZE) {
269 krb5_warnx (CONTEXT(kc), "fd too large");
270 return 1;
271 }
272
273 FD_ZERO(&fdset);
274 FD_SET(fd1, &fdset);
275 FD_SET(fd2, &fdset);
276
277 ret = select (max(fd1, fd2)+1, &fdset, NULL, NULL, NULL);
278 if (ret < 0 && errno != EINTR) {
279 krb5_warn (CONTEXT(kc), errno, "select");
280 return 1;
281 }
282 if (FD_ISSET(fd1, &fdset)) {
283 ret = copy_out (kc, fd1, fd2);
284 if (ret <= 0)
285 return ret;
286 }
287 if (FD_ISSET(fd2, &fdset)) {
288 ret = copy_in (kc, fd2, fd1);
289 if (ret <= 0)
290 return ret;
291 }
292 }
293 }
294
295 /*
296 * Return 0 if the user authenticated on `kc' is allowed to login as
297 * `user'.
298 */
299
300 static int
301 krb5_userok (kx_context *kc, char *user)
302 {
303 krb5_error_code ret;
304 char *tmp;
305
306 ret = krb5_unparse_name (CONTEXT(kc), K5DATA(kc)->client, &tmp);
307 if (ret)
308 krb5_err (CONTEXT(kc), 1, ret, "krb5_unparse_name");
309 kc->user = tmp;
310
311 return !krb5_kuserok (CONTEXT(kc), K5DATA(kc)->client, user);
312 }
313
314 /*
315 * Create an instance of an krb5 context.
316 */
317
318 void
319 krb5_make_context (kx_context *kc)
320 {
321 krb5_kx_context *c;
322 krb5_error_code ret;
323
324 kc->authenticate = krb5_authenticate;
325 kc->userok = krb5_userok;
326 kc->read = krb5_read;
327 kc->write = krb5_write;
328 kc->copy_encrypted = krb5_copy_encrypted;
329 kc->destroy = krb5_destroy;
330 kc->user = NULL;
331 kc->data = malloc(sizeof(krb5_kx_context));
332
333 if (kc->data == NULL) {
334 syslog (LOG_ERR, "failed to malloc %u bytes", sizeof(krb5_kx_context));
335 exit(1);
336 }
337 memset (kc->data, 0, sizeof(krb5_kx_context));
338 c = (krb5_kx_context *)kc->data;
339 ret = krb5_init_context (&c->context);
340 if (ret) {
341 syslog (LOG_ERR, "failed initialise krb5 context");
342 exit(1);
343 }
344 }
345
346 /*
347 * Receive authentication information on `sock' (first four bytes
348 * in `buf').
349 */
350
351 int
352 recv_v5_auth (kx_context *kc, int sock, u_char *buf)
353 {
354 u_int32_t len;
355 krb5_error_code ret;
356 krb5_principal server;
357 krb5_auth_context auth_context = NULL;
358 krb5_ticket *ticket;
359
360 if (memcmp (buf, "\x00\x00\x00\x13", 4) != 0)
361 return 1;
362 len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | (buf[3]);
363 if (net_read(sock, buf, len) != len) {
364 syslog (LOG_ERR, "read: %m");
365 exit (1);
366 }
367 if (len != sizeof(KRB5_SENDAUTH_VERSION)
368 || memcmp (buf, KRB5_SENDAUTH_VERSION, len) != 0) {
369 syslog (LOG_ERR, "bad sendauth version: %.8s", buf);
370 exit (1);
371 }
372
373 krb5_make_context (kc);
374 krb5_openlog(CONTEXT(kc), "kxd", &K5DATA(kc)->log);
375 krb5_set_warn_dest(CONTEXT(kc), K5DATA(kc)->log);
376
377 ret = krb5_sock_to_principal (CONTEXT(kc), sock, "host",
378 KRB5_NT_SRV_HST, &server);
379 if (ret) {
380 syslog (LOG_ERR, "krb5_sock_to_principal: %s",
381 krb5_get_err_text (CONTEXT(kc), ret));
382 exit (1);
383 }
384
385 ret = krb5_recvauth (CONTEXT(kc),
386 &auth_context,
387 &sock,
388 KX_VERSION,
389 server,
390 KRB5_RECVAUTH_IGNORE_VERSION,
391 NULL,
392 &ticket);
393 krb5_free_principal (CONTEXT(kc), server);
394 if (ret) {
395 syslog (LOG_ERR, "krb5_sock_to_principal: %s",
396 krb5_get_err_text (CONTEXT(kc), ret));
397 exit (1);
398 }
399
400 ret = krb5_auth_con_getkey (CONTEXT(kc), auth_context, &K5DATA(kc)->keyblock);
401 if (ret) {
402 syslog (LOG_ERR, "krb5_auth_con_getkey: %s",
403 krb5_get_err_text (CONTEXT(kc), ret));
404 exit (1);
405 }
406
407 ret = krb5_crypto_init (CONTEXT(kc), K5DATA(kc)->keyblock, 0, &K5DATA(kc)->crypto);
408 if (ret) {
409 syslog (LOG_ERR, "krb5_crypto_init: %s",
410 krb5_get_err_text (CONTEXT(kc), ret));
411 exit (1);
412 }
413
414 K5DATA(kc)->client = ticket->client;
415 ticket->client = NULL;
416 krb5_free_ticket (CONTEXT(kc), ticket);
417
418 return 0;
419 }
420
421 #endif /* KRB5 */
Heimdal