search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Simplify subkey usage for tgs-req, don't rewrite tgs-rep-sub-key keyuage for arcfour...
[heimdal.git] / lib / krb5 / send_to_kdc.c
blob0efe14eb4f2fb8da9e8a22f1264f14704debc6d1
1 /*
2 * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35 #include "send_to_kdc_plugin.h"
36
37 struct send_to_kdc {
38 krb5_send_to_kdc_func func;
39 void *data;
40 };
41
42 /*
43 * send the data in `req' on the socket `fd' (which is datagram iff udp)
44 * waiting `tmout' for a reply and returning the reply in `rep'.
45 * iff limit read up to this many bytes
46 * returns 0 and data in `rep' if succesful, otherwise -1
47 */
48
49 static int
50 recv_loop (int fd,
51 time_t tmout,
52 int udp,
53 size_t limit,
54 krb5_data *rep)
55 {
56 fd_set fdset;
57 struct timeval timeout;
58 int ret;
59 int nbytes;
60
61 if (fd >= FD_SETSIZE) {
62 return -1;
63 }
64
65 krb5_data_zero(rep);
66 do {
67 FD_ZERO(&fdset);
68 FD_SET(fd, &fdset);
69 timeout.tv_sec = tmout;
70 timeout.tv_usec = 0;
71 ret = select (fd + 1, &fdset, NULL, NULL, &timeout);
72 if (ret < 0) {
73 if (errno == EINTR)
74 continue;
75 return -1;
76 } else if (ret == 0) {
77 return 0;
78 } else {
79 void *tmp;
80
81 if (ioctl (fd, FIONREAD, &nbytes) < 0) {
82 krb5_data_free (rep);
83 return -1;
84 }
85 if(nbytes <= 0)
86 return 0;
87
88 if (limit)
89 nbytes = min(nbytes, limit - rep->length);
90
91 tmp = realloc (rep->data, rep->length + nbytes);
92 if (tmp == NULL) {
93 krb5_data_free (rep);
94 return -1;
95 }
96 rep->data = tmp;
97 ret = recv (fd, (char*)tmp + rep->length, nbytes, 0);
98 if (ret < 0) {
99 krb5_data_free (rep);
100 return -1;
101 }
102 rep->length += ret;
103 }
104 } while(!udp && (limit == 0 || rep->length < limit));
105 return 0;
106 }
107
108 /*
109 * Send kerberos requests and receive a reply on a udp or any other kind
110 * of a datagram socket. See `recv_loop'.
111 */
112
113 static int
114 send_and_recv_udp(int fd,
115 time_t tmout,
116 const krb5_data *req,
117 krb5_data *rep)
118 {
119 if (send (fd, req->data, req->length, 0) < 0)
120 return -1;
121
122 return recv_loop(fd, tmout, 1, 0, rep);
123 }
124
125 /*
126 * `send_and_recv' for a TCP (or any other stream) socket.
127 * Since there are no record limits on a stream socket the protocol here
128 * is to prepend the request with 4 bytes of its length and the reply
129 * is similarly encoded.
130 */
131
132 static int
133 send_and_recv_tcp(int fd,
134 time_t tmout,
135 const krb5_data *req,
136 krb5_data *rep)
137 {
138 unsigned char len[4];
139 unsigned long rep_len;
140 krb5_data len_data;
141
142 _krb5_put_int(len, req->length, 4);
143 if(net_write(fd, len, sizeof(len)) < 0)
144 return -1;
145 if(net_write(fd, req->data, req->length) < 0)
146 return -1;
147 if (recv_loop (fd, tmout, 0, 4, &len_data) < 0)
148 return -1;
149 if (len_data.length != 4) {
150 krb5_data_free (&len_data);
151 return -1;
152 }
153 _krb5_get_int(len_data.data, &rep_len, 4);
154 krb5_data_free (&len_data);
155 if (recv_loop (fd, tmout, 0, rep_len, rep) < 0)
156 return -1;
157 if(rep->length != rep_len) {
158 krb5_data_free (rep);
159 return -1;
160 }
161 return 0;
162 }
163
164 int
165 _krb5_send_and_recv_tcp(int fd,
166 time_t tmout,
167 const krb5_data *req,
168 krb5_data *rep)
169 {
170 return send_and_recv_tcp(fd, tmout, req, rep);
171 }
172
173 /*
174 * `send_and_recv' tailored for the HTTP protocol.
175 */
176
177 static int
178 send_and_recv_http(int fd,
179 time_t tmout,
180 const char *prefix,
181 const krb5_data *req,
182 krb5_data *rep)
183 {
184 char *request;
185 char *str;
186 int ret;
187 int len = base64_encode(req->data, req->length, &str);
188
189 if(len < 0)
190 return -1;
191 asprintf(&request, "GET %s%s HTTP/1.0\r\n\r\n", prefix, str);
192 free(str);
193 if (request == NULL)
194 return -1;
195 ret = net_write (fd, request, strlen(request));
196 free (request);
197 if (ret < 0)
198 return ret;
199 ret = recv_loop(fd, tmout, 0, 0, rep);
200 if(ret)
201 return ret;
202 {
203 unsigned long rep_len;
204 char *s, *p;
205
206 s = realloc(rep->data, rep->length + 1);
207 if (s == NULL) {
208 krb5_data_free (rep);
209 return -1;
210 }
211 s[rep->length] = 0;
212 p = strstr(s, "\r\n\r\n");
213 if(p == NULL) {
214 krb5_data_zero(rep);
215 free(s);
216 return -1;
217 }
218 p += 4;
219 rep->data = s;
220 rep->length -= p - s;
221 if(rep->length < 4) { /* remove length */
222 krb5_data_zero(rep);
223 free(s);
224 return -1;
225 }
226 rep->length -= 4;
227 _krb5_get_int(p, &rep_len, 4);
228 if (rep_len != rep->length) {
229 krb5_data_zero(rep);
230 free(s);
231 return -1;
232 }
233 memmove(rep->data, p + 4, rep->length);
234 }
235 return 0;
236 }
237
238 static int
239 init_port(const char *s, int fallback)
240 {
241 if (s) {
242 int tmp;
243
244 sscanf (s, "%d", &tmp);
245 return htons(tmp);
246 } else
247 return fallback;
248 }
249
250 /*
251 * Return 0 if succesful, otherwise 1
252 */
253
254 static int
255 send_via_proxy (krb5_context context,
256 const krb5_krbhst_info *hi,
257 const krb5_data *send_data,
258 krb5_data *receive)
259 {
260 char *proxy2 = strdup(context->http_proxy);
261 char *proxy = proxy2;
262 char *prefix;
263 char *colon;
264 struct addrinfo hints;
265 struct addrinfo *ai, *a;
266 int ret;
267 int s = -1;
268 char portstr[NI_MAXSERV];
269
270 if (proxy == NULL)
271 return ENOMEM;
272 if (strncmp (proxy, "http://", 7) == 0)
273 proxy += 7;
274
275 colon = strchr(proxy, ':');
276 if(colon != NULL)
277 *colon++ = '\0';
278 memset (&hints, 0, sizeof(hints));
279 hints.ai_family = PF_UNSPEC;
280 hints.ai_socktype = SOCK_STREAM;
281 snprintf (portstr, sizeof(portstr), "%d",
282 ntohs(init_port (colon, htons(80))));
283 ret = getaddrinfo (proxy, portstr, &hints, &ai);
284 free (proxy2);
285 if (ret)
286 return krb5_eai_to_heim_errno(ret, errno);
287
288 for (a = ai; a != NULL; a = a->ai_next) {
289 s = socket (a->ai_family, a->ai_socktype, a->ai_protocol | SOCK_CLOEXEC);
290 if (s < 0)
291 continue;
292 rk_cloexec(s);
293 if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {
294 close (s);
295 continue;
296 }
297 break;
298 }
299 if (a == NULL) {
300 freeaddrinfo (ai);
301 return 1;
302 }
303 freeaddrinfo (ai);
304
305 asprintf(&prefix, "http://%s/", hi->hostname);
306 if(prefix == NULL) {
307 close(s);
308 return 1;
309 }
310 ret = send_and_recv_http(s, context->kdc_timeout,
311 prefix, send_data, receive);
312 close (s);
313 free(prefix);
314 if(ret == 0 && receive->length != 0)
315 return 0;
316 return 1;
317 }
318
319 static krb5_error_code
320 send_via_plugin(krb5_context context,
321 krb5_krbhst_info *hi,
322 time_t timeout,
323 const krb5_data *send_data,
324 krb5_data *receive)
325 {
326 struct krb5_plugin *list = NULL, *e;
327 krb5_error_code ret;
328
329 ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, KRB5_PLUGIN_SEND_TO_KDC, &list);
330 if(ret != 0 || list == NULL)
331 return KRB5_PLUGIN_NO_HANDLE;
332
333 for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) {
334 krb5plugin_send_to_kdc_ftable *service;
335 void *ctx;
336
337 service = _krb5_plugin_get_symbol(e);
338 if (service->minor_version != 0)
339 continue;
340
341 (*service->init)(context, &ctx);
342 ret = (*service->send_to_kdc)(context, ctx, hi,
343 timeout, send_data, receive);
344 (*service->fini)(ctx);
345 if (ret == 0)
346 break;
347 if (ret != KRB5_PLUGIN_NO_HANDLE) {
348 krb5_set_error_message(context, ret,
349 N_("Plugin send_to_kdc failed to "
350 "lookup with error: %d", ""), ret);
351 break;
352 }
353 }
354 _krb5_plugin_free(list);
355 return KRB5_PLUGIN_NO_HANDLE;
356 }
357
358
359 /*
360 * Send the data `send' to one host from `handle` and get back the reply
361 * in `receive'.
362 */
363
364 krb5_error_code KRB5_LIB_FUNCTION
365 krb5_sendto (krb5_context context,
366 const krb5_data *send_data,
367 krb5_krbhst_handle handle,
368 krb5_data *receive)
369 {
370 krb5_error_code ret;
371 int fd;
372 int i;
373
374 krb5_data_zero(receive);
375
376 for (i = 0; i < context->max_retries; ++i) {
377 krb5_krbhst_info *hi;
378
379 while (krb5_krbhst_next(context, handle, &hi) == 0) {
380 struct addrinfo *ai, *a;
381
382 _krb5_debug(context, 2,
383 "trying to communicate with host %s in realm %s",
384 hi->hostname, _krb5_krbhst_get_realm(handle));
385
386 if (context->send_to_kdc) {
387 struct send_to_kdc *s = context->send_to_kdc;
388
389 ret = (*s->func)(context, s->data, hi,
390 context->kdc_timeout, send_data, receive);
391 if (ret == 0 && receive->length != 0)
392 goto out;
393 continue;
394 }
395
396 ret = send_via_plugin(context, hi, context->kdc_timeout,
397 send_data, receive);
398 if (ret == 0 && receive->length != 0)
399 goto out;
400 else if (ret != KRB5_PLUGIN_NO_HANDLE)
401 continue;
402
403 if(hi->proto == KRB5_KRBHST_HTTP && context->http_proxy) {
404 if (send_via_proxy (context, hi, send_data, receive) == 0) {
405 ret = 0;
406 goto out;
407 }
408 continue;
409 }
410
411 ret = krb5_krbhst_get_addrinfo(context, hi, &ai);
412 if (ret)
413 continue;
414
415 for (a = ai; a != NULL; a = a->ai_next) {
416 fd = socket (a->ai_family, a->ai_socktype | SOCK_CLOEXEC, a->ai_protocol);
417 if (fd < 0)
418 continue;
419 rk_cloexec(fd);
420 if (connect (fd, a->ai_addr, a->ai_addrlen) < 0) {
421 close (fd);
422 continue;
423 }
424 switch (hi->proto) {
425 case KRB5_KRBHST_HTTP :
426 ret = send_and_recv_http(fd, context->kdc_timeout,
427 "", send_data, receive);
428 break;
429 case KRB5_KRBHST_TCP :
430 ret = send_and_recv_tcp (fd, context->kdc_timeout,
431 send_data, receive);
432 break;
433 case KRB5_KRBHST_UDP :
434 ret = send_and_recv_udp (fd, context->kdc_timeout,
435 send_data, receive);
436 break;
437 }
438 close (fd);
439 if(ret == 0 && receive->length != 0)
440 goto out;
441 }
442 }
443 krb5_krbhst_reset(context, handle);
444 }
445 krb5_clear_error_message (context);
446 ret = KRB5_KDC_UNREACH;
447 out:
448 _krb5_debug(context, 2,
449 "result of trying to talk to realm %s = %d",
450 _krb5_krbhst_get_realm(handle), ret);
451 return ret;
452 }
453
454 krb5_error_code KRB5_LIB_FUNCTION
455 krb5_sendto_kdc(krb5_context context,
456 const krb5_data *send_data,
457 const krb5_realm *realm,
458 krb5_data *receive)
459 {
460 return krb5_sendto_kdc_flags(context, send_data, realm, receive, 0);
461 }
462
463 krb5_error_code KRB5_LIB_FUNCTION
464 krb5_sendto_kdc_flags(krb5_context context,
465 const krb5_data *send_data,
466 const krb5_realm *realm,
467 krb5_data *receive,
468 int flags)
469 {
470 krb5_error_code ret;
471 krb5_sendto_ctx ctx;
472
473 ret = krb5_sendto_ctx_alloc(context, &ctx);
474 if (ret)
475 return ret;
476 krb5_sendto_ctx_add_flags(ctx, flags);
477 krb5_sendto_ctx_set_func(ctx, _krb5_kdc_retry, NULL);
478
479 ret = krb5_sendto_context(context, ctx, send_data, *realm, receive);
480 krb5_sendto_ctx_free(context, ctx);
481 return ret;
482 }
483
484 krb5_error_code KRB5_LIB_FUNCTION
485 krb5_set_send_to_kdc_func(krb5_context context,
486 krb5_send_to_kdc_func func,
487 void *data)
488 {
489 free(context->send_to_kdc);
490 if (func == NULL) {
491 context->send_to_kdc = NULL;
492 return 0;
493 }
494
495 context->send_to_kdc = malloc(sizeof(*context->send_to_kdc));
496 if (context->send_to_kdc == NULL) {
497 krb5_set_error_message(context, ENOMEM,
498 N_("malloc: out of memory", ""));
499 return ENOMEM;
500 }
501
502 context->send_to_kdc->func = func;
503 context->send_to_kdc->data = data;
504 return 0;
505 }
506
507 krb5_error_code KRB5_LIB_FUNCTION
508 _krb5_copy_send_to_kdc_func(krb5_context context, krb5_context to)
509 {
510 if (context->send_to_kdc)
511 return krb5_set_send_to_kdc_func(to,
512 context->send_to_kdc->func,
513 context->send_to_kdc->data);
514 else
515 return krb5_set_send_to_kdc_func(to, NULL, NULL);
516 }
517
518
519
520 struct krb5_sendto_ctx_data {
521 int flags;
522 int type;
523 krb5_sendto_ctx_func func;
524 void *data;
525 };
526
527 krb5_error_code KRB5_LIB_FUNCTION
528 krb5_sendto_ctx_alloc(krb5_context context, krb5_sendto_ctx *ctx)
529 {
530 *ctx = calloc(1, sizeof(**ctx));
531 if (*ctx == NULL) {
532 krb5_set_error_message(context, ENOMEM,
533 N_("malloc: out of memory", ""));
534 return ENOMEM;
535 }
536 return 0;
537 }
538
539 void KRB5_LIB_FUNCTION
540 krb5_sendto_ctx_add_flags(krb5_sendto_ctx ctx, int flags)
541 {
542 ctx->flags |= flags;
543 }
544
545 int KRB5_LIB_FUNCTION
546 krb5_sendto_ctx_get_flags(krb5_sendto_ctx ctx)
547 {
548 return ctx->flags;
549 }
550
551 void KRB5_LIB_FUNCTION
552 krb5_sendto_ctx_set_type(krb5_sendto_ctx ctx, int type)
553 {
554 ctx->type = type;
555 }
556
557
558 void KRB5_LIB_FUNCTION
559 krb5_sendto_ctx_set_func(krb5_sendto_ctx ctx,
560 krb5_sendto_ctx_func func,
561 void *data)
562 {
563 ctx->func = func;
564 ctx->data = data;
565 }
566
567 void KRB5_LIB_FUNCTION
568 krb5_sendto_ctx_free(krb5_context context, krb5_sendto_ctx ctx)
569 {
570 memset(ctx, 0, sizeof(*ctx));
571 free(ctx);
572 }
573
574 krb5_error_code KRB5_LIB_FUNCTION
575 krb5_sendto_context(krb5_context context,
576 krb5_sendto_ctx ctx,
577 const krb5_data *send_data,
578 const krb5_realm realm,
579 krb5_data *receive)
580 {
581 krb5_error_code ret;
582 krb5_krbhst_handle handle = NULL;
583 int type, freectx = 0;
584 int action;
585
586 krb5_data_zero(receive);
587
588 if (ctx == NULL) {
589 freectx = 1;
590 ret = krb5_sendto_ctx_alloc(context, &ctx);
591 if (ret)
592 return ret;
593 }
594
595 type = ctx->type;
596 if (type == 0) {
597 if ((ctx->flags & KRB5_KRBHST_FLAGS_MASTER) || context->use_admin_kdc)
598 type = KRB5_KRBHST_ADMIN;
599 else
600 type = KRB5_KRBHST_KDC;
601 }
602
603 if (send_data->length > context->large_msg_size)
604 ctx->flags |= KRB5_KRBHST_FLAGS_LARGE_MSG;
605
606 /* loop until we get back a appropriate response */
607
608 do {
609 action = KRB5_SENDTO_DONE;
610
611 krb5_data_free(receive);
612
613 if (handle == NULL) {
614 ret = krb5_krbhst_init_flags(context, realm, type,
615 ctx->flags, &handle);
616 if (ret) {
617 if (freectx)
618 krb5_sendto_ctx_free(context, ctx);
619 return ret;
620 }
621 }
622
623 ret = krb5_sendto(context, send_data, handle, receive);
624 if (ret)
625 break;
626 if (ctx->func) {
627 ret = (*ctx->func)(context, ctx, ctx->data, receive, &action);
628 if (ret)
629 break;
630 }
631 if (action != KRB5_SENDTO_CONTINUE) {
632 krb5_krbhst_free(context, handle);
633 handle = NULL;
634 }
635 } while (action != KRB5_SENDTO_DONE);
636 if (handle)
637 krb5_krbhst_free(context, handle);
638 if (ret == KRB5_KDC_UNREACH)
639 krb5_set_error_message(context, ret,
640 N_("unable to reach any KDC in realm %s", ""),
641 realm);
642 if (ret)
643 krb5_data_free(receive);
644 if (freectx)
645 krb5_sendto_ctx_free(context, ctx);
646 return ret;
647 }
648
649 krb5_error_code
650 _krb5_kdc_retry(krb5_context context, krb5_sendto_ctx ctx, void *data,
651 const krb5_data *reply, int *action)
652 {
653 krb5_error_code ret;
654 KRB_ERROR error;
655
656 if(krb5_rd_error(context, reply, &error))
657 return 0;
658
659 ret = krb5_error_from_rd_error(context, &error, NULL);
660 krb5_free_error_contents(context, &error);
661
662 switch(ret) {
663 case KRB5KRB_ERR_RESPONSE_TOO_BIG: {
664 if (krb5_sendto_ctx_get_flags(ctx) & KRB5_KRBHST_FLAGS_LARGE_MSG)
665 break;
666 krb5_sendto_ctx_add_flags(ctx, KRB5_KRBHST_FLAGS_LARGE_MSG);
667 *action = KRB5_SENDTO_RESTART;
668 break;
669 }
670 case KRB5KDC_ERR_SVC_UNAVAILABLE:
671 *action = KRB5_SENDTO_CONTINUE;
672 break;
673 }
674 return 0;
675 }
Heimdal