2 Unix SMB/CIFS implementation.
4 GENSEC socket interface
6 Copyright (C) Andrew Bartlett 2006
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "lib/events/events.h"
25 #include "lib/socket/socket.h"
26 #include "lib/stream/packet.h"
27 #include "auth/gensec/gensec.h"
29 static const struct socket_ops gensec_socket_ops
;
31 struct gensec_socket
{
32 struct gensec_security
*gensec_security
;
33 struct socket_context
*socket
;
34 struct event_context
*ev
;
35 struct packet_context
*packet
;
36 DATA_BLOB read_buffer
; /* SASL packets are turned into liniarlised data here, for reading */
41 void (*recv_handler
)(void *, uint16_t);
44 BOOL wrap
; /* Should we be wrapping on this socket at all? */
47 static NTSTATUS
gensec_socket_init_fn(struct socket_context
*sock
)
50 case SOCKET_TYPE_STREAM
:
53 return NT_STATUS_INVALID_PARAMETER
;
56 sock
->backend_name
= "gensec";
61 /* These functions are for use here only (public because SPNEGO must
62 * use them for recursion) */
63 _PUBLIC_ NTSTATUS
gensec_wrap_packets(struct gensec_security
*gensec_security
,
67 size_t *len_processed
)
69 if (!gensec_security
->ops
->wrap_packets
) {
71 size_t max_input_size
;
72 DATA_BLOB unwrapped
, wrapped
;
73 max_input_size
= gensec_max_input_size(gensec_security
);
74 unwrapped
= data_blob_const(in
->data
, MIN(max_input_size
, (size_t)in
->length
));
76 nt_status
= gensec_wrap(gensec_security
,
78 &unwrapped
, &wrapped
);
79 if (!NT_STATUS_IS_OK(nt_status
)) {
84 *out
= data_blob_talloc(mem_ctx
, NULL
, 4);
86 return NT_STATUS_NO_MEMORY
;
88 RSIVAL(out
->data
, 0, wrapped
.length
);
90 nt_status
= data_blob_append(mem_ctx
, out
, wrapped
.data
, wrapped
.length
);
92 if (!NT_STATUS_IS_OK(nt_status
)) {
95 *len_processed
= unwrapped
.length
;
98 return gensec_security
->ops
->wrap_packets(gensec_security
, mem_ctx
, in
, out
,
102 /* These functions are for use here only (public because SPNEGO must
103 * use them for recursion) */
104 NTSTATUS
gensec_unwrap_packets(struct gensec_security
*gensec_security
,
108 size_t *len_processed
)
110 if (!gensec_security
->ops
->unwrap_packets
) {
114 if (in
->length
< 4) {
115 /* Missing the header we already had! */
116 DEBUG(0, ("Asked to unwrap packet of bogus length! How did we get the short packet?!\n"));
117 return NT_STATUS_INVALID_PARAMETER
;
120 packet_size
= RIVAL(in
->data
, 0);
122 wrapped
= data_blob_const(in
->data
+ 4, packet_size
);
124 if (wrapped
.length
> (in
->length
- 4)) {
125 DEBUG(0, ("Asked to unwrap packed of bogus length %d > %d! How did we get this?!\n",
126 (int)wrapped
.length
, (int)(in
->length
- 4)));
127 return NT_STATUS_INTERNAL_ERROR
;
130 nt_status
= gensec_unwrap(gensec_security
,
133 if (!NT_STATUS_IS_OK(nt_status
)) {
137 *len_processed
= packet_size
+ 4;
140 return gensec_security
->ops
->unwrap_packets(gensec_security
, mem_ctx
, in
, out
,
144 /* These functions are for use here only (public because SPNEGO must
145 * use them for recursion) */
146 NTSTATUS
gensec_packet_full_request(struct gensec_security
*gensec_security
,
147 DATA_BLOB blob
, size_t *size
)
149 if (gensec_security
->ops
->packet_full_request
) {
150 return gensec_security
->ops
->packet_full_request(gensec_security
,
153 if (gensec_security
->ops
->unwrap_packets
) {
158 return STATUS_MORE_ENTRIES
;
160 return packet_full_request_u32(NULL
, blob
, size
);
163 static NTSTATUS
gensec_socket_full_request(void *private, DATA_BLOB blob
, size_t *size
)
165 struct gensec_socket
*gensec_socket
= talloc_get_type(private, struct gensec_socket
);
166 struct gensec_security
*gensec_security
= gensec_socket
->gensec_security
;
167 return gensec_packet_full_request(gensec_security
, blob
, size
);
170 /* Try to figure out how much data is waiting to be read */
171 static NTSTATUS
gensec_socket_pending(struct socket_context
*sock
, size_t *npending
)
173 struct gensec_socket
*gensec_socket
= talloc_get_type(sock
->private_data
, struct gensec_socket
);
174 if (!gensec_socket
->wrap
) {
175 return socket_pending(gensec_socket
->socket
, npending
);
178 if (gensec_socket
->read_buffer
.length
> 0) {
179 *npending
= gensec_socket
->read_buffer
.length
;
183 /* This is a lie. We hope the decrypted data will always be
184 * less than this value, so the application just gets a short
185 * read. Without reading and decrypting it, we can't tell.
186 * If the SASL mech does compression, then we just need to
187 * manually trigger read events */
188 return socket_pending(gensec_socket
->socket
, npending
);
191 /* Note if an error occours, so we can return it up the stack */
192 static void gensec_socket_error_handler(void *private, NTSTATUS status
)
194 struct gensec_socket
*gensec_socket
= talloc_get_type(private, struct gensec_socket
);
195 if (NT_STATUS_EQUAL(status
, NT_STATUS_END_OF_FILE
)) {
196 gensec_socket
->eof
= True
;
198 gensec_socket
->error
= status
;
202 static void gensec_socket_trigger_read(struct event_context
*ev
,
203 struct timed_event
*te
,
204 struct timeval t
, void *private)
206 struct gensec_socket
*gensec_socket
= talloc_get_type(private, struct gensec_socket
);
208 gensec_socket
->in_extra_read
++;
209 gensec_socket
->recv_handler(gensec_socket
->recv_private
, EVENT_FD_READ
);
210 gensec_socket
->in_extra_read
--;
212 /* It may well be that, having run the recv handler, we still
213 * have even more data waiting for us!
215 if (gensec_socket
->read_buffer
.length
&& gensec_socket
->recv_handler
) {
216 /* Schedule this funcion to run again */
217 event_add_timed(gensec_socket
->ev
, gensec_socket
, timeval_zero(),
218 gensec_socket_trigger_read
, gensec_socket
);
222 /* These two routines could be changed to use a circular buffer of
223 * some kind, or linked lists, or ... */
224 static NTSTATUS
gensec_socket_recv(struct socket_context
*sock
, void *buf
,
225 size_t wantlen
, size_t *nread
)
227 struct gensec_socket
*gensec_socket
= talloc_get_type(sock
->private_data
, struct gensec_socket
);
229 if (!gensec_socket
->wrap
) {
230 return socket_recv(gensec_socket
->socket
, buf
, wantlen
, nread
);
233 gensec_socket
->error
= NT_STATUS_OK
;
235 if (gensec_socket
->read_buffer
.length
== 0) {
236 /* Process any data on the socket, into the read buffer. At
237 * this point, the socket is not available for read any
239 packet_recv(gensec_socket
->packet
);
241 if (gensec_socket
->eof
) {
246 if (!NT_STATUS_IS_OK(gensec_socket
->error
)) {
247 return gensec_socket
->error
;
250 if (gensec_socket
->read_buffer
.length
== 0) {
251 /* Clearly we don't have the entire SASL packet yet,
252 * so it has not been written into the buffer */
254 return STATUS_MORE_ENTRIES
;
259 *nread
= MIN(wantlen
, gensec_socket
->read_buffer
.length
);
260 memcpy(buf
, gensec_socket
->read_buffer
.data
, *nread
);
262 if (gensec_socket
->read_buffer
.length
> *nread
) {
263 memmove(gensec_socket
->read_buffer
.data
,
264 gensec_socket
->read_buffer
.data
+ *nread
,
265 gensec_socket
->read_buffer
.length
- *nread
);
268 gensec_socket
->read_buffer
.length
-= *nread
;
269 gensec_socket
->read_buffer
.data
= talloc_realloc(gensec_socket
,
270 gensec_socket
->read_buffer
.data
,
272 gensec_socket
->read_buffer
.length
);
274 if (gensec_socket
->read_buffer
.length
&&
275 gensec_socket
->in_extra_read
== 0 &&
276 gensec_socket
->recv_handler
) {
277 /* Manually call a read event, to get this moving
278 * again (as the socket should be dry, so the normal
279 * event handler won't trigger) */
280 event_add_timed(gensec_socket
->ev
, gensec_socket
, timeval_zero(),
281 gensec_socket_trigger_read
, gensec_socket
);
287 /* Completed SASL packet callback. When we have a 'whole' SASL
288 * packet, decrypt it, and add it to the read buffer
290 * This function (and anything under it) MUST NOT call the event system
292 static NTSTATUS
gensec_socket_unwrap(void *private, DATA_BLOB blob
)
294 struct gensec_socket
*gensec_socket
= talloc_get_type(private, struct gensec_socket
);
300 mem_ctx
= talloc_new(gensec_socket
);
302 return NT_STATUS_NO_MEMORY
;
304 nt_status
= gensec_unwrap_packets(gensec_socket
->gensec_security
,
308 if (!NT_STATUS_IS_OK(nt_status
)) {
309 talloc_free(mem_ctx
);
313 if (packet_size
!= blob
.length
) {
314 DEBUG(0, ("gensec_socket_unwrap: Did not consume entire packet!\n"));
315 return NT_STATUS_INTERNAL_ERROR
;
318 /* We could change this into a linked list, and have
319 * gensec_socket_recv() and gensec_socket_pending() walk the
322 nt_status
= data_blob_append(gensec_socket
, &gensec_socket
->read_buffer
,
323 unwrapped
.data
, unwrapped
.length
);
324 talloc_free(mem_ctx
);
328 /* when the data is sent, we know we have not been interrupted */
329 static void send_callback(void *private)
331 struct gensec_socket
*gensec_socket
= talloc_get_type(private, struct gensec_socket
);
332 gensec_socket
->interrupted
= False
;
336 send data, but only as much as we allow in one packet.
338 If this returns STATUS_MORE_ENTRIES, the caller must retry with
339 exactly the same data, or a NULL blob.
341 static NTSTATUS
gensec_socket_send(struct socket_context
*sock
,
342 const DATA_BLOB
*blob
, size_t *sendlen
)
345 struct gensec_socket
*gensec_socket
= talloc_get_type(sock
->private_data
, struct gensec_socket
);
349 if (!gensec_socket
->wrap
) {
350 return socket_send(gensec_socket
->socket
, blob
, sendlen
);
355 /* We have have been interupted, so the caller should be
356 * giving us the same data again. */
357 if (gensec_socket
->interrupted
) {
358 packet_queue_run(gensec_socket
->packet
);
360 if (!NT_STATUS_IS_OK(gensec_socket
->error
)) {
361 return gensec_socket
->error
;
362 } else if (gensec_socket
->interrupted
) {
363 return STATUS_MORE_ENTRIES
;
365 *sendlen
= gensec_socket
->orig_send_len
;
366 gensec_socket
->orig_send_len
= 0;
371 mem_ctx
= talloc_new(gensec_socket
);
373 return NT_STATUS_NO_MEMORY
;
376 nt_status
= gensec_wrap_packets(gensec_socket
->gensec_security
,
379 &gensec_socket
->orig_send_len
);
380 if (!NT_STATUS_IS_OK(nt_status
)) {
381 talloc_free(mem_ctx
);
385 gensec_socket
->interrupted
= True
;
386 gensec_socket
->error
= NT_STATUS_OK
;
388 nt_status
= packet_send_callback(gensec_socket
->packet
,
390 send_callback
, gensec_socket
);
392 talloc_free(mem_ctx
);
394 packet_queue_run(gensec_socket
->packet
);
396 if (!NT_STATUS_IS_OK(gensec_socket
->error
)) {
397 return gensec_socket
->error
;
398 } else if (gensec_socket
->interrupted
) {
399 return STATUS_MORE_ENTRIES
;
401 *sendlen
= gensec_socket
->orig_send_len
;
402 gensec_socket
->orig_send_len
= 0;
407 /* Turn a normal socket into a potentially GENSEC wrapped socket */
409 NTSTATUS
gensec_socket_init(struct gensec_security
*gensec_security
,
410 struct socket_context
*current_socket
,
411 struct event_context
*ev
,
412 void (*recv_handler
)(void *, uint16_t),
414 struct socket_context
**new_socket
)
416 struct gensec_socket
*gensec_socket
;
417 struct socket_context
*new_sock
;
420 nt_status
= socket_create_with_ops(current_socket
, &gensec_socket_ops
, &new_sock
,
421 SOCKET_TYPE_STREAM
, current_socket
->flags
| SOCKET_FLAG_ENCRYPT
);
422 if (!NT_STATUS_IS_OK(nt_status
)) {
427 new_sock
->state
= current_socket
->state
;
429 gensec_socket
= talloc(new_sock
, struct gensec_socket
);
430 if (gensec_socket
== NULL
) {
432 return NT_STATUS_NO_MEMORY
;
435 new_sock
->private_data
= gensec_socket
;
436 gensec_socket
->socket
= current_socket
;
438 if (talloc_reference(gensec_socket
, current_socket
) == NULL
) {
440 return NT_STATUS_NO_MEMORY
;
443 /* Nothing to do here, if we are not actually wrapping on this socket */
444 if (!gensec_have_feature(gensec_security
, GENSEC_FEATURE_SEAL
) &&
445 !gensec_have_feature(gensec_security
, GENSEC_FEATURE_SIGN
)) {
447 gensec_socket
->wrap
= False
;
448 *new_socket
= new_sock
;
452 gensec_socket
->gensec_security
= gensec_security
;
454 gensec_socket
->wrap
= True
;
455 gensec_socket
->eof
= False
;
456 gensec_socket
->error
= NT_STATUS_OK
;
457 gensec_socket
->interrupted
= False
;
458 gensec_socket
->in_extra_read
= 0;
460 gensec_socket
->read_buffer
= data_blob(NULL
, 0);
462 gensec_socket
->recv_handler
= recv_handler
;
463 gensec_socket
->recv_private
= recv_private
;
464 gensec_socket
->ev
= ev
;
466 gensec_socket
->packet
= packet_init(gensec_socket
);
467 if (gensec_socket
->packet
== NULL
) {
469 return NT_STATUS_NO_MEMORY
;
472 packet_set_private(gensec_socket
->packet
, gensec_socket
);
473 packet_set_socket(gensec_socket
->packet
, gensec_socket
->socket
);
474 packet_set_callback(gensec_socket
->packet
, gensec_socket_unwrap
);
475 packet_set_full_request(gensec_socket
->packet
, gensec_socket_full_request
);
476 packet_set_error_handler(gensec_socket
->packet
, gensec_socket_error_handler
);
477 packet_set_serialise(gensec_socket
->packet
);
479 /* TODO: full-request that knows about maximum packet size */
481 *new_socket
= new_sock
;
486 static NTSTATUS
gensec_socket_set_option(struct socket_context
*sock
, const char *option
, const char *val
)
488 set_socket_options(socket_get_fd(sock
), option
);
492 static char *gensec_socket_get_peer_name(struct socket_context
*sock
, TALLOC_CTX
*mem_ctx
)
494 struct gensec_socket
*gensec
= talloc_get_type(sock
->private_data
, struct gensec_socket
);
495 return socket_get_peer_name(gensec
->socket
, mem_ctx
);
498 static struct socket_address
*gensec_socket_get_peer_addr(struct socket_context
*sock
, TALLOC_CTX
*mem_ctx
)
500 struct gensec_socket
*gensec
= talloc_get_type(sock
->private_data
, struct gensec_socket
);
501 return socket_get_peer_addr(gensec
->socket
, mem_ctx
);
504 static struct socket_address
*gensec_socket_get_my_addr(struct socket_context
*sock
, TALLOC_CTX
*mem_ctx
)
506 struct gensec_socket
*gensec
= talloc_get_type(sock
->private_data
, struct gensec_socket
);
507 return socket_get_my_addr(gensec
->socket
, mem_ctx
);
510 static int gensec_socket_get_fd(struct socket_context
*sock
)
512 struct gensec_socket
*gensec
= talloc_get_type(sock
->private_data
, struct gensec_socket
);
513 return socket_get_fd(gensec
->socket
);
516 static const struct socket_ops gensec_socket_ops
= {
518 .fn_init
= gensec_socket_init_fn
,
519 .fn_recv
= gensec_socket_recv
,
520 .fn_send
= gensec_socket_send
,
521 .fn_pending
= gensec_socket_pending
,
523 .fn_set_option
= gensec_socket_set_option
,
525 .fn_get_peer_name
= gensec_socket_get_peer_name
,
526 .fn_get_peer_addr
= gensec_socket_get_peer_addr
,
527 .fn_get_my_addr
= gensec_socket_get_my_addr
,
528 .fn_get_fd
= gensec_socket_get_fd