search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
No empty .Rs/.Re
[netbsd-mini2440.git] / external / bsd / bind / dist / lib / dns / spnego.c
bloba6f8cf51d8085dfc2af00fb904f095ab83d55808
1 /* $NetBSD$ */
2
3 /*
4 * Copyright (C) 2006-2009 Internet Systems Consortium, Inc. ("ISC")
5 *
6 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
11 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
12 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
13 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
14 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
15 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
16 * PERFORMANCE OF THIS SOFTWARE.
17 */
18
19 /* Id: spnego.c,v 1.12 2009/07/21 06:53:09 marka Exp */
20
21 /*! \file
22 * \brief
23 * Portable SPNEGO implementation.
24 *
25 * This is part of a portable implementation of the SPNEGO protocol
26 * (RFCs 2478 and 4178). This implementation uses the RFC 4178 ASN.1
27 * module but is not a full implementation of the RFC 4178 protocol;
28 * at the moment, we only support GSS-TSIG with Kerberos
29 * authentication, so we only need enough of the SPNEGO protocol to
30 * support that.
31 *
32 * The files that make up this portable SPNEGO implementation are:
33 * \li spnego.c (this file)
34 * \li spnego.h (API SPNEGO exports to the rest of lib/dns)
35 * \li spnego.asn1 (SPNEGO ASN.1 module)
36 * \li spnego_asn1.c (routines generated from spngo.asn1)
37 * \li spnego_asn1.pl (perl script to generate spnego_asn1.c)
38 *
39 * Everything but the functions exported in spnego.h is static, to
40 * avoid possible conflicts with other libraries (particularly Heimdal,
41 * since much of this code comes from Heimdal by way of mod_auth_kerb).
42 *
43 * spnego_asn1.c is shipped as part of lib/dns because generating it
44 * requires both Perl and the Heimdal ASN.1 compiler. See
45 * spnego_asn1.pl for further details. We've tried to eliminate all
46 * compiler warnings from the generated code, but you may see a few
47 * when using a compiler version we haven't tested yet.
48 */
49
50 /*
51 * Portions of this code were derived from mod_auth_kerb and Heimdal.
52 * These packages are available from:
53 *
54 * http://modauthkerb.sourceforge.net/
55 * http://www.pdc.kth.se/heimdal/
56 *
57 * and were released under the following licenses:
58 *
59 * ----------------------------------------------------------------
60 *
61 * Copyright (c) 2004 Masarykova universita
62 * (Masaryk University, Brno, Czech Republic)
63 * All rights reserved.
64 *
65 * Redistribution and use in source and binary forms, with or without
66 * modification, are permitted provided that the following conditions are met:
67 *
68 * 1. Redistributions of source code must retain the above copyright notice,
69 * this list of conditions and the following disclaimer.
70 *
71 * 2. Redistributions in binary form must reproduce the above copyright
72 * notice, this list of conditions and the following disclaimer in the
73 * documentation and/or other materials provided with the distribution.
74 *
75 * 3. Neither the name of the University nor the names of its contributors may
76 * be used to endorse or promote products derived from this software
77 * without specific prior written permission.
78 *
79 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
80 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
81 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
82 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
83 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
84 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
85 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
86 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
87 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
88 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
89 * POSSIBILITY OF SUCH DAMAGE.
90 *
91 * ----------------------------------------------------------------
92 *
93 * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
94 * (Royal Institute of Technology, Stockholm, Sweden).
95 * All rights reserved.
96 *
97 * Redistribution and use in source and binary forms, with or without
98 * modification, are permitted provided that the following conditions
99 * are met:
100 *
101 * 1. Redistributions of source code must retain the above copyright
102 * notice, this list of conditions and the following disclaimer.
103 *
104 * 2. Redistributions in binary form must reproduce the above copyright
105 * notice, this list of conditions and the following disclaimer in the
106 * documentation and/or other materials provided with the distribution.
107 *
108 * 3. Neither the name of the Institute nor the names of its contributors
109 * may be used to endorse or promote products derived from this software
110 * without specific prior written permission.
111 *
112 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
113 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
114 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
115 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
116 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
117 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
118 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
119 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
120 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
121 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
122 * SUCH DAMAGE.
123 */
124
125 /*
126 * XXXSRA We should omit this file entirely in Makefile.in via autoconf,
127 * but this will keep it from generating errors until that's written.
128 */
129
130 #ifdef GSSAPI
131
132 /*
133 * XXXSRA Some of the following files are almost certainly unnecessary,
134 * but using this list (borrowed from gssapictx.c) gets rid of some
135 * whacky compilation errors when building with MSVC and should be
136 * harmless in any case.
137 */
138
139 #include <config.h>
140
141 #include <stdlib.h>
142 #include <errno.h>
143
144 #include <isc/buffer.h>
145 #include <isc/dir.h>
146 #include <isc/entropy.h>
147 #include <isc/lex.h>
148 #include <isc/mem.h>
149 #include <isc/once.h>
150 #include <isc/random.h>
151 #include <isc/string.h>
152 #include <isc/time.h>
153 #include <isc/util.h>
154
155 #include <dns/fixedname.h>
156 #include <dns/name.h>
157 #include <dns/rdata.h>
158 #include <dns/rdataclass.h>
159 #include <dns/result.h>
160 #include <dns/types.h>
161 #include <dns/keyvalues.h>
162 #include <dns/log.h>
163
164 #include <dst/gssapi.h>
165 #include <dst/result.h>
166
167 #include "dst_internal.h"
168
169 /*
170 * The API we export
171 */
172 #include "spnego.h"
173
174 /* asn1_err.h */
175 /* Generated from ../../../lib/asn1/asn1_err.et */
176
177 typedef enum asn1_error_number {
178 ASN1_BAD_TIMEFORMAT = 1859794432,
179 ASN1_MISSING_FIELD = 1859794433,
180 ASN1_MISPLACED_FIELD = 1859794434,
181 ASN1_TYPE_MISMATCH = 1859794435,
182 ASN1_OVERFLOW = 1859794436,
183 ASN1_OVERRUN = 1859794437,
184 ASN1_BAD_ID = 1859794438,
185 ASN1_BAD_LENGTH = 1859794439,
186 ASN1_BAD_FORMAT = 1859794440,
187 ASN1_PARSE_ERROR = 1859794441
188 } asn1_error_number;
189
190 #define ERROR_TABLE_BASE_asn1 1859794432
191
192 #define __asn1_common_definitions__
193
194 typedef struct octet_string {
195 size_t length;
196 void *data;
197 } octet_string;
198
199 typedef char *general_string;
200
201 typedef char *utf8_string;
202
203 typedef struct oid {
204 size_t length;
205 unsigned *components;
206 } oid;
207
208 /* der.h */
209
210 typedef enum {
211 ASN1_C_UNIV = 0, ASN1_C_APPL = 1,
212 ASN1_C_CONTEXT = 2, ASN1_C_PRIVATE = 3
213 } Der_class;
214
215 typedef enum {
216 PRIM = 0, CONS = 1
217 } Der_type;
218
219 /* Universal tags */
220
221 enum {
222 UT_Boolean = 1,
223 UT_Integer = 2,
224 UT_BitString = 3,
225 UT_OctetString = 4,
226 UT_Null = 5,
227 UT_OID = 6,
228 UT_Enumerated = 10,
229 UT_Sequence = 16,
230 UT_Set = 17,
231 UT_PrintableString = 19,
232 UT_IA5String = 22,
233 UT_UTCTime = 23,
234 UT_GeneralizedTime = 24,
235 UT_VisibleString = 26,
236 UT_GeneralString = 27
237 };
238
239 #define ASN1_INDEFINITE 0xdce0deed
240
241 static int
242 der_get_length(const unsigned char *p, size_t len,
243 size_t * val, size_t * size);
244
245 static int
246 der_get_octet_string(const unsigned char *p, size_t len,
247 octet_string * data, size_t * size);
248 static int
249 der_get_oid(const unsigned char *p, size_t len,
250 oid * data, size_t * size);
251 static int
252 der_get_tag(const unsigned char *p, size_t len,
253 Der_class * class, Der_type * type,
254 int *tag, size_t * size);
255
256 static int
257 der_match_tag(const unsigned char *p, size_t len,
258 Der_class class, Der_type type,
259 int tag, size_t * size);
260 static int
261 der_match_tag_and_length(const unsigned char *p, size_t len,
262 Der_class class, Der_type type, int tag,
263 size_t * length_ret, size_t * size);
264
265 static int
266 decode_oid(const unsigned char *p, size_t len,
267 oid * k, size_t * size);
268
269 static int
270 decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size);
271
272 static int
273 decode_octet_string(const unsigned char *, size_t, octet_string *, size_t *);
274
275 static int
276 der_put_int(unsigned char *p, size_t len, int val, size_t *);
277
278 static int
279 der_put_length(unsigned char *p, size_t len, size_t val, size_t *);
280
281 static int
282 der_put_octet_string(unsigned char *p, size_t len,
283 const octet_string * data, size_t *);
284 static int
285 der_put_oid(unsigned char *p, size_t len,
286 const oid * data, size_t * size);
287 static int
288 der_put_tag(unsigned char *p, size_t len, Der_class class, Der_type type,
289 int tag, size_t *);
290 static int
291 der_put_length_and_tag(unsigned char *, size_t, size_t,
292 Der_class, Der_type, int, size_t *);
293
294 static int
295 encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *);
296
297 static int
298 encode_octet_string(unsigned char *p, size_t len,
299 const octet_string * k, size_t *);
300 static int
301 encode_oid(unsigned char *p, size_t len,
302 const oid * k, size_t *);
303
304 static void
305 free_octet_string(octet_string * k);
306
307 static void
308 free_oid (oid * k);
309
310 static size_t
311 length_len(size_t len);
312
313 static int
314 fix_dce(size_t reallen, size_t * len);
315
316 /*
317 * Include stuff generated by the ASN.1 compiler.
318 */
319
320 #include "spnego_asn1.c"
321
322 static unsigned char gss_krb5_mech_oid_bytes[] = {
323 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x02
324 };
325
326 static gss_OID_desc gss_krb5_mech_oid_desc = {
327 sizeof(gss_krb5_mech_oid_bytes),
328 gss_krb5_mech_oid_bytes
329 };
330
331 static gss_OID GSS_KRB5_MECH = &gss_krb5_mech_oid_desc;
332
333 static unsigned char gss_mskrb5_mech_oid_bytes[] = {
334 0x2a, 0x86, 0x48, 0x82, 0xf7, 0x12, 0x01, 0x02, 0x02
335 };
336
337 static gss_OID_desc gss_mskrb5_mech_oid_desc = {
338 sizeof(gss_mskrb5_mech_oid_bytes),
339 gss_mskrb5_mech_oid_bytes
340 };
341
342 static gss_OID GSS_MSKRB5_MECH = &gss_mskrb5_mech_oid_desc;
343
344 static unsigned char gss_spnego_mech_oid_bytes[] = {
345 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02
346 };
347
348 static gss_OID_desc gss_spnego_mech_oid_desc = {
349 sizeof(gss_spnego_mech_oid_bytes),
350 gss_spnego_mech_oid_bytes
351 };
352
353 static gss_OID GSS_SPNEGO_MECH = &gss_spnego_mech_oid_desc;
354
355 /* spnegokrb5_locl.h */
356
357 static OM_uint32
358 gssapi_spnego_encapsulate(OM_uint32 *,
359 unsigned char *,
360 size_t,
361 gss_buffer_t,
362 const gss_OID);
363
364 static OM_uint32
365 gssapi_spnego_decapsulate(OM_uint32 *,
366 gss_buffer_t,
367 unsigned char **,
368 size_t *,
369 const gss_OID);
370
371 /* mod_auth_kerb.c */
372
373 static int
374 cmp_gss_type(gss_buffer_t token, gss_OID oid)
375 {
376 unsigned char *p;
377 size_t len;
378
379 if (token->length == 0)
380 return (GSS_S_DEFECTIVE_TOKEN);
381
382 p = token->value;
383 if (*p++ != 0x60)
384 return (GSS_S_DEFECTIVE_TOKEN);
385 len = *p++;
386 if (len & 0x80) {
387 if ((len & 0x7f) > 4)
388 return (GSS_S_DEFECTIVE_TOKEN);
389 p += len & 0x7f;
390 }
391 if (*p++ != 0x06)
392 return (GSS_S_DEFECTIVE_TOKEN);
393
394 if (((OM_uint32) *p++) != oid->length)
395 return (GSS_S_DEFECTIVE_TOKEN);
396
397 return (memcmp(p, oid->elements, oid->length));
398 }
399
400 /* accept_sec_context.c */
401 /*
402 * SPNEGO wrapper for Kerberos5 GSS-API kouril@ics.muni.cz, 2003 (mostly
403 * based on Heimdal code)
404 */
405
406 static OM_uint32
407 code_NegTokenArg(OM_uint32 * minor_status,
408 const NegTokenResp * resp,
409 unsigned char **outbuf,
410 size_t * outbuf_size)
411 {
412 OM_uint32 ret;
413 u_char *buf;
414 size_t buf_size, buf_len;
415
416 buf_size = 1024;
417 buf = malloc(buf_size);
418 if (buf == NULL) {
419 *minor_status = ENOMEM;
420 return (GSS_S_FAILURE);
421 }
422 do {
423 ret = encode_NegTokenResp(buf + buf_size - 1,
424 buf_size,
425 resp, &buf_len);
426 if (ret == 0) {
427 size_t tmp;
428
429 ret = der_put_length_and_tag(buf + buf_size - buf_len - 1,
430 buf_size - buf_len,
431 buf_len,
432 ASN1_C_CONTEXT,
433 CONS,
434 1,
435 &tmp);
436 if (ret == 0)
437 buf_len += tmp;
438 }
439 if (ret) {
440 if (ret == ASN1_OVERFLOW) {
441 u_char *tmp;
442
443 buf_size *= 2;
444 tmp = realloc(buf, buf_size);
445 if (tmp == NULL) {
446 *minor_status = ENOMEM;
447 free(buf);
448 return (GSS_S_FAILURE);
449 }
450 buf = tmp;
451 } else {
452 *minor_status = ret;
453 free(buf);
454 return (GSS_S_FAILURE);
455 }
456 }
457 } while (ret == ASN1_OVERFLOW);
458
459 *outbuf = malloc(buf_len);
460 if (*outbuf == NULL) {
461 *minor_status = ENOMEM;
462 free(buf);
463 return (GSS_S_FAILURE);
464 }
465 memcpy(*outbuf, buf + buf_size - buf_len, buf_len);
466 *outbuf_size = buf_len;
467
468 free(buf);
469
470 return (GSS_S_COMPLETE);
471 }
472
473 static OM_uint32
474 send_reject(OM_uint32 * minor_status,
475 gss_buffer_t output_token)
476 {
477 NegTokenResp resp;
478 OM_uint32 ret;
479
480 resp.negState = malloc(sizeof(*resp.negState));
481 if (resp.negState == NULL) {
482 *minor_status = ENOMEM;
483 return (GSS_S_FAILURE);
484 }
485 *(resp.negState) = reject;
486
487 resp.supportedMech = NULL;
488 resp.responseToken = NULL;
489 resp.mechListMIC = NULL;
490
491 ret = code_NegTokenArg(minor_status, &resp,
492 (unsigned char **)&output_token->value,
493 &output_token->length);
494 free_NegTokenResp(&resp);
495 if (ret)
496 return (ret);
497
498 return (GSS_S_BAD_MECH);
499 }
500
501 static OM_uint32
502 send_accept(OM_uint32 * minor_status,
503 gss_buffer_t output_token,
504 gss_buffer_t mech_token,
505 const gss_OID pref)
506 {
507 NegTokenResp resp;
508 OM_uint32 ret;
509
510 memset(&resp, 0, sizeof(resp));
511 resp.negState = malloc(sizeof(*resp.negState));
512 if (resp.negState == NULL) {
513 *minor_status = ENOMEM;
514 return (GSS_S_FAILURE);
515 }
516 *(resp.negState) = accept_completed;
517
518 resp.supportedMech = malloc(sizeof(*resp.supportedMech));
519 if (resp.supportedMech == NULL) {
520 free_NegTokenResp(&resp);
521 *minor_status = ENOMEM;
522 return (GSS_S_FAILURE);
523 }
524 ret = der_get_oid(pref->elements,
525 pref->length,
526 resp.supportedMech,
527 NULL);
528 if (ret) {
529 free_NegTokenResp(&resp);
530 *minor_status = ENOMEM;
531 return (GSS_S_FAILURE);
532 }
533 if (mech_token != NULL && mech_token->length != 0) {
534 resp.responseToken = malloc(sizeof(*resp.responseToken));
535 if (resp.responseToken == NULL) {
536 free_NegTokenResp(&resp);
537 *minor_status = ENOMEM;
538 return (GSS_S_FAILURE);
539 }
540 resp.responseToken->length = mech_token->length;
541 resp.responseToken->data = mech_token->value;
542 }
543
544 ret = code_NegTokenArg(minor_status, &resp,
545 (unsigned char **)&output_token->value,
546 &output_token->length);
547 if (resp.responseToken != NULL) {
548 free(resp.responseToken);
549 resp.responseToken = NULL;
550 }
551 free_NegTokenResp(&resp);
552 if (ret)
553 return (ret);
554
555 return (GSS_S_COMPLETE);
556 }
557
558 OM_uint32
559 gss_accept_sec_context_spnego(OM_uint32 *minor_status,
560 gss_ctx_id_t *context_handle,
561 const gss_cred_id_t acceptor_cred_handle,
562 const gss_buffer_t input_token_buffer,
563 const gss_channel_bindings_t input_chan_bindings,
564 gss_name_t *src_name,
565 gss_OID *mech_type,
566 gss_buffer_t output_token,
567 OM_uint32 *ret_flags,
568 OM_uint32 *time_rec,
569 gss_cred_id_t *delegated_cred_handle)
570 {
571 NegTokenInit init_token;
572 OM_uint32 major_status;
573 OM_uint32 minor_status2;
574 gss_buffer_desc ibuf, obuf;
575 gss_buffer_t ot = NULL;
576 gss_OID pref = GSS_KRB5_MECH;
577 unsigned char *buf;
578 size_t buf_size;
579 size_t len, taglen, ni_len;
580 int found = 0;
581 int ret;
582 unsigned i;
583
584 /*
585 * Before doing anything else, see whether this is a SPNEGO
586 * PDU. If not, dispatch to the GSSAPI library and get out.
587 */
588
589 if (cmp_gss_type(input_token_buffer, GSS_SPNEGO_MECH))
590 return (gss_accept_sec_context(minor_status,
591 context_handle,
592 acceptor_cred_handle,
593 input_token_buffer,
594 input_chan_bindings,
595 src_name,
596 mech_type,
597 output_token,
598 ret_flags,
599 time_rec,
600 delegated_cred_handle));
601
602 /*
603 * If we get here, it's SPNEGO.
604 */
605
606 memset(&init_token, 0, sizeof(init_token));
607
608 ret = gssapi_spnego_decapsulate(minor_status, input_token_buffer,
609 &buf, &buf_size, GSS_SPNEGO_MECH);
610 if (ret)
611 return (ret);
612
613 ret = der_match_tag_and_length(buf, buf_size, ASN1_C_CONTEXT, CONS,
614 0, &len, &taglen);
615 if (ret)
616 return (ret);
617
618 ret = decode_NegTokenInit(buf + taglen, len, &init_token, &ni_len);
619 if (ret) {
620 *minor_status = EINVAL; /* XXX */
621 return (GSS_S_DEFECTIVE_TOKEN);
622 }
623
624 for (i = 0; !found && i < init_token.mechTypes.len; ++i) {
625 unsigned char mechbuf[17];
626 size_t mech_len;
627
628 ret = der_put_oid(mechbuf + sizeof(mechbuf) - 1,
629 sizeof(mechbuf),
630 &init_token.mechTypes.val[i],
631 &mech_len);
632 if (ret)
633 return (GSS_S_DEFECTIVE_TOKEN);
634 if (mech_len == GSS_KRB5_MECH->length &&
635 memcmp(GSS_KRB5_MECH->elements,
636 mechbuf + sizeof(mechbuf) - mech_len,
637 mech_len) == 0) {
638 found = 1;
639 break;
640 }
641 if (mech_len == GSS_MSKRB5_MECH->length &&
642 memcmp(GSS_MSKRB5_MECH->elements,
643 mechbuf + sizeof(mechbuf) - mech_len,
644 mech_len) == 0) {
645 found = 1;
646 if (i == 0)
647 pref = GSS_MSKRB5_MECH;
648 break;
649 }
650 }
651
652 if (!found)
653 return (send_reject(minor_status, output_token));
654
655 if (i == 0 && init_token.mechToken != NULL) {
656 ibuf.length = init_token.mechToken->length;
657 ibuf.value = init_token.mechToken->data;
658
659 major_status = gss_accept_sec_context(minor_status,
660 context_handle,
661 acceptor_cred_handle,
662 &ibuf,
663 input_chan_bindings,
664 src_name,
665 mech_type,
666 &obuf,
667 ret_flags,
668 time_rec,
669 delegated_cred_handle);
670 if (GSS_ERROR(major_status)) {
671 send_reject(&minor_status2, output_token);
672 return (major_status);
673 }
674 ot = &obuf;
675 }
676 ret = send_accept(&minor_status2, output_token, ot, pref);
677 if (ot != NULL && ot->length != 0)
678 gss_release_buffer(&minor_status2, ot);
679
680 return (ret);
681 }
682
683 /* decapsulate.c */
684
685 static OM_uint32
686 gssapi_verify_mech_header(u_char ** str,
687 size_t total_len,
688 const gss_OID mech)
689 {
690 size_t len, len_len, mech_len, foo;
691 int e;
692 u_char *p = *str;
693
694 if (total_len < 1)
695 return (GSS_S_DEFECTIVE_TOKEN);
696 if (*p++ != 0x60)
697 return (GSS_S_DEFECTIVE_TOKEN);
698 e = der_get_length(p, total_len - 1, &len, &len_len);
699 if (e || 1 + len_len + len != total_len)
700 return (GSS_S_DEFECTIVE_TOKEN);
701 p += len_len;
702 if (*p++ != 0x06)
703 return (GSS_S_DEFECTIVE_TOKEN);
704 e = der_get_length(p, total_len - 1 - len_len - 1,
705 &mech_len, &foo);
706 if (e)
707 return (GSS_S_DEFECTIVE_TOKEN);
708 p += foo;
709 if (mech_len != mech->length)
710 return (GSS_S_BAD_MECH);
711 if (memcmp(p, mech->elements, mech->length) != 0)
712 return (GSS_S_BAD_MECH);
713 p += mech_len;
714 *str = p;
715 return (GSS_S_COMPLETE);
716 }
717
718 /*
719 * Remove the GSS-API wrapping from `in_token' giving `buf and buf_size' Does
720 * not copy data, so just free `in_token'.
721 */
722
723 static OM_uint32
724 gssapi_spnego_decapsulate(OM_uint32 *minor_status,
725 gss_buffer_t input_token_buffer,
726 unsigned char **buf,
727 size_t *buf_len,
728 const gss_OID mech)
729 {
730 u_char *p;
731 OM_uint32 ret;
732
733 p = input_token_buffer->value;
734 ret = gssapi_verify_mech_header(&p,
735 input_token_buffer->length,
736 mech);
737 if (ret) {
738 *minor_status = ret;
739 return (GSS_S_FAILURE);
740 }
741 *buf_len = input_token_buffer->length -
742 (p - (u_char *) input_token_buffer->value);
743 *buf = p;
744 return (GSS_S_COMPLETE);
745 }
746
747 /* der_free.c */
748
749 static void
750 free_octet_string(octet_string *k)
751 {
752 free(k->data);
753 k->data = NULL;
754 }
755
756 static void
757 free_oid(oid *k)
758 {
759 free(k->components);
760 k->components = NULL;
761 }
762
763 /* der_get.c */
764
765 /*
766 * All decoding functions take a pointer `p' to first position in which to
767 * read, from the left, `len' which means the maximum number of characters we
768 * are able to read, `ret' were the value will be returned and `size' where
769 * the number of used bytes is stored. Either 0 or an error code is returned.
770 */
771
772 static int
773 der_get_unsigned(const unsigned char *p, size_t len,
774 unsigned *ret, size_t *size)
775 {
776 unsigned val = 0;
777 size_t oldlen = len;
778
779 while (len--)
780 val = val * 256 + *p++;
781 *ret = val;
782 if (size)
783 *size = oldlen;
784 return (0);
785 }
786
787 static int
788 der_get_int(const unsigned char *p, size_t len,
789 int *ret, size_t *size)
790 {
791 int val = 0;
792 size_t oldlen = len;
793
794 if (len > 0) {
795 val = (signed char)*p++;
796 while (--len)
797 val = val * 256 + *p++;
798 }
799 *ret = val;
800 if (size)
801 *size = oldlen;
802 return (0);
803 }
804
805 static int
806 der_get_length(const unsigned char *p, size_t len,
807 size_t *val, size_t *size)
808 {
809 size_t v;
810
811 if (len <= 0)
812 return (ASN1_OVERRUN);
813 --len;
814 v = *p++;
815 if (v < 128) {
816 *val = v;
817 if (size)
818 *size = 1;
819 } else {
820 int e;
821 size_t l;
822 unsigned tmp;
823
824 if (v == 0x80) {
825 *val = ASN1_INDEFINITE;
826 if (size)
827 *size = 1;
828 return (0);
829 }
830 v &= 0x7F;
831 if (len < v)
832 return (ASN1_OVERRUN);
833 e = der_get_unsigned(p, v, &tmp, &l);
834 if (e)
835 return (e);
836 *val = tmp;
837 if (size)
838 *size = l + 1;
839 }
840 return (0);
841 }
842
843 static int
844 der_get_octet_string(const unsigned char *p, size_t len,
845 octet_string *data, size_t *size)
846 {
847 data->length = len;
848 data->data = malloc(len);
849 if (data->data == NULL && data->length != 0)
850 return (ENOMEM);
851 memcpy(data->data, p, len);
852 if (size)
853 *size = len;
854 return (0);
855 }
856
857 static int
858 der_get_oid(const unsigned char *p, size_t len,
859 oid *data, size_t *size)
860 {
861 int n;
862 size_t oldlen = len;
863
864 if (len < 1)
865 return (ASN1_OVERRUN);
866
867 data->components = malloc(len * sizeof(*data->components));
868 if (data->components == NULL && len != 0)
869 return (ENOMEM);
870 data->components[0] = (*p) / 40;
871 data->components[1] = (*p) % 40;
872 --len;
873 ++p;
874 for (n = 2; len > 0; ++n) {
875 unsigned u = 0;
876
877 do {
878 --len;
879 u = u * 128 + (*p++ % 128);
880 } while (len > 0 && p[-1] & 0x80);
881 data->components[n] = u;
882 }
883 if (p[-1] & 0x80) {
884 free_oid(data);
885 return (ASN1_OVERRUN);
886 }
887 data->length = n;
888 if (size)
889 *size = oldlen;
890 return (0);
891 }
892
893 static int
894 der_get_tag(const unsigned char *p, size_t len,
895 Der_class *class, Der_type *type,
896 int *tag, size_t *size)
897 {
898 if (len < 1)
899 return (ASN1_OVERRUN);
900 *class = (Der_class) (((*p) >> 6) & 0x03);
901 *type = (Der_type) (((*p) >> 5) & 0x01);
902 *tag = (*p) & 0x1F;
903 if (size)
904 *size = 1;
905 return (0);
906 }
907
908 static int
909 der_match_tag(const unsigned char *p, size_t len,
910 Der_class class, Der_type type,
911 int tag, size_t *size)
912 {
913 size_t l;
914 Der_class thisclass;
915 Der_type thistype;
916 int thistag;
917 int e;
918
919 e = der_get_tag(p, len, &thisclass, &thistype, &thistag, &l);
920 if (e)
921 return (e);
922 if (class != thisclass || type != thistype)
923 return (ASN1_BAD_ID);
924 if (tag > thistag)
925 return (ASN1_MISPLACED_FIELD);
926 if (tag < thistag)
927 return (ASN1_MISSING_FIELD);
928 if (size)
929 *size = l;
930 return (0);
931 }
932
933 static int
934 der_match_tag_and_length(const unsigned char *p, size_t len,
935 Der_class class, Der_type type, int tag,
936 size_t *length_ret, size_t *size)
937 {
938 size_t l, ret = 0;
939 int e;
940
941 e = der_match_tag(p, len, class, type, tag, &l);
942 if (e)
943 return (e);
944 p += l;
945 len -= l;
946 ret += l;
947 e = der_get_length(p, len, length_ret, &l);
948 if (e)
949 return (e);
950 p += l;
951 len -= l;
952 ret += l;
953 if (size)
954 *size = ret;
955 return (0);
956 }
957
958 static int
959 decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size)
960 {
961 size_t ret = 0;
962 size_t l, reallen;
963 int e;
964
965 e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_Enumerated, &l);
966 if (e)
967 return (e);
968 p += l;
969 len -= l;
970 ret += l;
971 e = der_get_length(p, len, &reallen, &l);
972 if (e)
973 return (e);
974 p += l;
975 len -= l;
976 ret += l;
977 e = der_get_int(p, reallen, num, &l);
978 if (e)
979 return (e);
980 p += l;
981 len -= l;
982 ret += l;
983 if (size)
984 *size = ret;
985 return (0);
986 }
987
988 static int
989 decode_octet_string(const unsigned char *p, size_t len,
990 octet_string *k, size_t *size)
991 {
992 size_t ret = 0;
993 size_t l;
994 int e;
995 size_t slen;
996
997 e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_OctetString, &l);
998 if (e)
999 return (e);
1000 p += l;
1001 len -= l;
1002 ret += l;
1003
1004 e = der_get_length(p, len, &slen, &l);
1005 if (e)
1006 return (e);
1007 p += l;
1008 len -= l;
1009 ret += l;
1010 if (len < slen)
1011 return (ASN1_OVERRUN);
1012
1013 e = der_get_octet_string(p, slen, k, &l);
1014 if (e)
1015 return (e);
1016 p += l;
1017 len -= l;
1018 ret += l;
1019 if (size)
1020 *size = ret;
1021 return (0);
1022 }
1023
1024 static int
1025 decode_oid(const unsigned char *p, size_t len,
1026 oid *k, size_t *size)
1027 {
1028 size_t ret = 0;
1029 size_t l;
1030 int e;
1031 size_t slen;
1032
1033 e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_OID, &l);
1034 if (e)
1035 return (e);
1036 p += l;
1037 len -= l;
1038 ret += l;
1039
1040 e = der_get_length(p, len, &slen, &l);
1041 if (e)
1042 return (e);
1043 p += l;
1044 len -= l;
1045 ret += l;
1046 if (len < slen)
1047 return (ASN1_OVERRUN);
1048
1049 e = der_get_oid(p, slen, k, &l);
1050 if (e)
1051 return (e);
1052 p += l;
1053 len -= l;
1054 ret += l;
1055 if (size)
1056 *size = ret;
1057 return (0);
1058 }
1059
1060 static int
1061 fix_dce(size_t reallen, size_t *len)
1062 {
1063 if (reallen == ASN1_INDEFINITE)
1064 return (1);
1065 if (*len < reallen)
1066 return (-1);
1067 *len = reallen;
1068 return (0);
1069 }
1070
1071 /* der_length.c */
1072
1073 static size_t
1074 len_unsigned(unsigned val)
1075 {
1076 size_t ret = 0;
1077
1078 do {
1079 ++ret;
1080 val /= 256;
1081 } while (val);
1082 return (ret);
1083 }
1084
1085 static size_t
1086 length_len(size_t len)
1087 {
1088 if (len < 128)
1089 return (1);
1090 else
1091 return (len_unsigned(len) + 1);
1092 }
1093
1094
1095 /* der_put.c */
1096
1097 /*
1098 * All encoding functions take a pointer `p' to first position in which to
1099 * write, from the right, `len' which means the maximum number of characters
1100 * we are able to write. The function returns the number of characters
1101 * written in `size' (if non-NULL). The return value is 0 or an error.
1102 */
1103
1104 static int
1105 der_put_unsigned(unsigned char *p, size_t len, unsigned val, size_t *size)
1106 {
1107 unsigned char *base = p;
1108
1109 if (val) {
1110 while (len > 0 && val) {
1111 *p-- = val % 256;
1112 val /= 256;
1113 --len;
1114 }
1115 if (val != 0)
1116 return (ASN1_OVERFLOW);
1117 else {
1118 *size = base - p;
1119 return (0);
1120 }
1121 } else if (len < 1)
1122 return (ASN1_OVERFLOW);
1123 else {
1124 *p = 0;
1125 *size = 1;
1126 return (0);
1127 }
1128 }
1129
1130 static int
1131 der_put_int(unsigned char *p, size_t len, int val, size_t *size)
1132 {
1133 unsigned char *base = p;
1134
1135 if (val >= 0) {
1136 do {
1137 if (len < 1)
1138 return (ASN1_OVERFLOW);
1139 *p-- = val % 256;
1140 len--;
1141 val /= 256;
1142 } while (val);
1143 if (p[1] >= 128) {
1144 if (len < 1)
1145 return (ASN1_OVERFLOW);
1146 *p-- = 0;
1147 len--;
1148 }
1149 } else {
1150 val = ~val;
1151 do {
1152 if (len < 1)
1153 return (ASN1_OVERFLOW);
1154 *p-- = ~(val % 256);
1155 len--;
1156 val /= 256;
1157 } while (val);
1158 if (p[1] < 128) {
1159 if (len < 1)
1160 return (ASN1_OVERFLOW);
1161 *p-- = 0xff;
1162 len--;
1163 }
1164 }
1165 *size = base - p;
1166 return (0);
1167 }
1168
1169 static int
1170 der_put_length(unsigned char *p, size_t len, size_t val, size_t *size)
1171 {
1172 if (len < 1)
1173 return (ASN1_OVERFLOW);
1174 if (val < 128) {
1175 *p = val;
1176 *size = 1;
1177 return (0);
1178 } else {
1179 size_t l;
1180 int e;
1181
1182 e = der_put_unsigned(p, len - 1, val, &l);
1183 if (e)
1184 return (e);
1185 p -= l;
1186 *p = 0x80 | l;
1187 *size = l + 1;
1188 return (0);
1189 }
1190 }
1191
1192 static int
1193 der_put_octet_string(unsigned char *p, size_t len,
1194 const octet_string *data, size_t *size)
1195 {
1196 if (len < data->length)
1197 return (ASN1_OVERFLOW);
1198 p -= data->length;
1199 len -= data->length;
1200 memcpy(p + 1, data->data, data->length);
1201 *size = data->length;
1202 return (0);
1203 }
1204
1205 static int
1206 der_put_oid(unsigned char *p, size_t len,
1207 const oid *data, size_t *size)
1208 {
1209 unsigned char *base = p;
1210 int n;
1211
1212 for (n = data->length - 1; n >= 2; --n) {
1213 unsigned u = data->components[n];
1214
1215 if (len < 1)
1216 return (ASN1_OVERFLOW);
1217 *p-- = u % 128;
1218 u /= 128;
1219 --len;
1220 while (u > 0) {
1221 if (len < 1)
1222 return (ASN1_OVERFLOW);
1223 *p-- = 128 + u % 128;
1224 u /= 128;
1225 --len;
1226 }
1227 }
1228 if (len < 1)
1229 return (ASN1_OVERFLOW);
1230 *p-- = 40 * data->components[0] + data->components[1];
1231 *size = base - p;
1232 return (0);
1233 }
1234
1235 static int
1236 der_put_tag(unsigned char *p, size_t len, Der_class class, Der_type type,
1237 int tag, size_t *size)
1238 {
1239 if (len < 1)
1240 return (ASN1_OVERFLOW);
1241 *p = (class << 6) | (type << 5) | tag; /* XXX */
1242 *size = 1;
1243 return (0);
1244 }
1245
1246 static int
1247 der_put_length_and_tag(unsigned char *p, size_t len, size_t len_val,
1248 Der_class class, Der_type type, int tag, size_t *size)
1249 {
1250 size_t ret = 0;
1251 size_t l;
1252 int e;
1253
1254 e = der_put_length(p, len, len_val, &l);
1255 if (e)
1256 return (e);
1257 p -= l;
1258 len -= l;
1259 ret += l;
1260 e = der_put_tag(p, len, class, type, tag, &l);
1261 if (e)
1262 return (e);
1263 p -= l;
1264 len -= l;
1265 ret += l;
1266 *size = ret;
1267 return (0);
1268 }
1269
1270 static int
1271 encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *size)
1272 {
1273 unsigned num = *(const unsigned *)data;
1274 size_t ret = 0;
1275 size_t l;
1276 int e;
1277
1278 e = der_put_int(p, len, num, &l);
1279 if (e)
1280 return (e);
1281 p -= l;
1282 len -= l;
1283 ret += l;
1284 e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_Enumerated, &l);
1285 if (e)
1286 return (e);
1287 p -= l;
1288 len -= l;
1289 ret += l;
1290 *size = ret;
1291 return (0);
1292 }
1293
1294 static int
1295 encode_octet_string(unsigned char *p, size_t len,
1296 const octet_string *k, size_t *size)
1297 {
1298 size_t ret = 0;
1299 size_t l;
1300 int e;
1301
1302 e = der_put_octet_string(p, len, k, &l);
1303 if (e)
1304 return (e);
1305 p -= l;
1306 len -= l;
1307 ret += l;
1308 e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_OctetString, &l);
1309 if (e)
1310 return (e);
1311 p -= l;
1312 len -= l;
1313 ret += l;
1314 *size = ret;
1315 return (0);
1316 }
1317
1318 static int
1319 encode_oid(unsigned char *p, size_t len,
1320 const oid *k, size_t *size)
1321 {
1322 size_t ret = 0;
1323 size_t l;
1324 int e;
1325
1326 e = der_put_oid(p, len, k, &l);
1327 if (e)
1328 return (e);
1329 p -= l;
1330 len -= l;
1331 ret += l;
1332 e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_OID, &l);
1333 if (e)
1334 return (e);
1335 p -= l;
1336 len -= l;
1337 ret += l;
1338 *size = ret;
1339 return (0);
1340 }
1341
1342
1343 /* encapsulate.c */
1344
1345 static void
1346 gssapi_encap_length(size_t data_len,
1347 size_t *len,
1348 size_t *total_len,
1349 const gss_OID mech)
1350 {
1351 size_t len_len;
1352
1353 *len = 1 + 1 + mech->length + data_len;
1354
1355 len_len = length_len(*len);
1356
1357 *total_len = 1 + len_len + *len;
1358 }
1359
1360 static u_char *
1361 gssapi_mech_make_header(u_char *p,
1362 size_t len,
1363 const gss_OID mech)
1364 {
1365 int e;
1366 size_t len_len, foo;
1367
1368 *p++ = 0x60;
1369 len_len = length_len(len);
1370 e = der_put_length(p + len_len - 1, len_len, len, &foo);
1371 if (e || foo != len_len)
1372 return (NULL);
1373 p += len_len;
1374 *p++ = 0x06;
1375 *p++ = mech->length;
1376 memcpy(p, mech->elements, mech->length);
1377 p += mech->length;
1378 return (p);
1379 }
1380
1381 /*
1382 * Give it a krb5_data and it will encapsulate with extra GSS-API wrappings.
1383 */
1384
1385 static OM_uint32
1386 gssapi_spnego_encapsulate(OM_uint32 * minor_status,
1387 unsigned char *buf,
1388 size_t buf_size,
1389 gss_buffer_t output_token,
1390 const gss_OID mech)
1391 {
1392 size_t len, outer_len;
1393 u_char *p;
1394
1395 gssapi_encap_length(buf_size, &len, &outer_len, mech);
1396
1397 output_token->length = outer_len;
1398 output_token->value = malloc(outer_len);
1399 if (output_token->value == NULL) {
1400 *minor_status = ENOMEM;
1401 return (GSS_S_FAILURE);
1402 }
1403 p = gssapi_mech_make_header(output_token->value, len, mech);
1404 if (p == NULL) {
1405 if (output_token->length != 0)
1406 gss_release_buffer(minor_status, output_token);
1407 return (GSS_S_FAILURE);
1408 }
1409 memcpy(p, buf, buf_size);
1410 return (GSS_S_COMPLETE);
1411 }
1412
1413 /* init_sec_context.c */
1414 /*
1415 * SPNEGO wrapper for Kerberos5 GSS-API kouril@ics.muni.cz, 2003 (mostly
1416 * based on Heimdal code)
1417 */
1418
1419 static int
1420 add_mech(MechTypeList * mech_list, gss_OID mech)
1421 {
1422 MechType *tmp;
1423 int ret;
1424
1425 tmp = realloc(mech_list->val, (mech_list->len + 1) * sizeof(*tmp));
1426 if (tmp == NULL)
1427 return (ENOMEM);
1428 mech_list->val = tmp;
1429
1430 ret = der_get_oid(mech->elements, mech->length,
1431 &mech_list->val[mech_list->len], NULL);
1432 if (ret)
1433 return (ret);
1434
1435 mech_list->len++;
1436 return (0);
1437 }
1438
1439 /*
1440 * return the length of the mechanism in token or -1
1441 * (which implies that the token was bad - GSS_S_DEFECTIVE_TOKEN
1442 */
1443
1444 static ssize_t
1445 gssapi_krb5_get_mech(const u_char *ptr,
1446 size_t total_len,
1447 const u_char **mech_ret)
1448 {
1449 size_t len, len_len, mech_len, foo;
1450 const u_char *p = ptr;
1451 int e;
1452
1453 if (total_len < 1)
1454 return (-1);
1455 if (*p++ != 0x60)
1456 return (-1);
1457 e = der_get_length (p, total_len - 1, &len, &len_len);
1458 if (e || 1 + len_len + len != total_len)
1459 return (-1);
1460 p += len_len;
1461 if (*p++ != 0x06)
1462 return (-1);
1463 e = der_get_length (p, total_len - 1 - len_len - 1,
1464 &mech_len, &foo);
1465 if (e)
1466 return (-1);
1467 p += foo;
1468 *mech_ret = p;
1469 return (mech_len);
1470 }
1471
1472 static OM_uint32
1473 spnego_initial(OM_uint32 *minor_status,
1474 const gss_cred_id_t initiator_cred_handle,
1475 gss_ctx_id_t *context_handle,
1476 const gss_name_t target_name,
1477 const gss_OID mech_type,
1478 OM_uint32 req_flags,
1479 OM_uint32 time_req,
1480 const gss_channel_bindings_t input_chan_bindings,
1481 const gss_buffer_t input_token,
1482 gss_OID *actual_mech_type,
1483 gss_buffer_t output_token,
1484 OM_uint32 *ret_flags,
1485 OM_uint32 *time_rec)
1486 {
1487 NegTokenInit token_init;
1488 OM_uint32 major_status, minor_status2;
1489 gss_buffer_desc krb5_output_token = GSS_C_EMPTY_BUFFER;
1490 unsigned char *buf = NULL;
1491 size_t buf_size;
1492 size_t len;
1493 int ret;
1494
1495 (void)mech_type;
1496
1497 memset(&token_init, 0, sizeof(token_init));
1498
1499 ret = add_mech(&token_init.mechTypes, GSS_KRB5_MECH);
1500 if (ret) {
1501 *minor_status = ret;
1502 ret = GSS_S_FAILURE;
1503 goto end;
1504 }
1505
1506 major_status = gss_init_sec_context(minor_status,
1507 initiator_cred_handle,
1508 context_handle,
1509 target_name,
1510 GSS_KRB5_MECH,
1511 req_flags,
1512 time_req,
1513 input_chan_bindings,
1514 input_token,
1515 actual_mech_type,
1516 &krb5_output_token,
1517 ret_flags,
1518 time_rec);
1519 if (GSS_ERROR(major_status)) {
1520 ret = major_status;
1521 goto end;
1522 }
1523 if (krb5_output_token.length > 0) {
1524 token_init.mechToken = malloc(sizeof(*token_init.mechToken));
1525 if (token_init.mechToken == NULL) {
1526 *minor_status = ENOMEM;
1527 ret = GSS_S_FAILURE;
1528 goto end;
1529 }
1530 token_init.mechToken->data = krb5_output_token.value;
1531 token_init.mechToken->length = krb5_output_token.length;
1532 }
1533 /*
1534 * The MS implementation of SPNEGO seems to not like the mechListMIC
1535 * field, so we omit it (it's optional anyway)
1536 */
1537
1538 buf_size = 1024;
1539 buf = malloc(buf_size);
1540
1541 do {
1542 ret = encode_NegTokenInit(buf + buf_size - 1,
1543 buf_size,
1544 &token_init, &len);
1545 if (ret == 0) {
1546 size_t tmp;
1547
1548 ret = der_put_length_and_tag(buf + buf_size - len - 1,
1549 buf_size - len,
1550 len,
1551 ASN1_C_CONTEXT,
1552 CONS,
1553 0,
1554 &tmp);
1555 if (ret == 0)
1556 len += tmp;
1557 }
1558 if (ret) {
1559 if (ret == ASN1_OVERFLOW) {
1560 u_char *tmp;
1561
1562 buf_size *= 2;
1563 tmp = realloc(buf, buf_size);
1564 if (tmp == NULL) {
1565 *minor_status = ENOMEM;
1566 ret = GSS_S_FAILURE;
1567 goto end;
1568 }
1569 buf = tmp;
1570 } else {
1571 *minor_status = ret;
1572 ret = GSS_S_FAILURE;
1573 goto end;
1574 }
1575 }
1576 } while (ret == ASN1_OVERFLOW);
1577
1578 ret = gssapi_spnego_encapsulate(minor_status,
1579 buf + buf_size - len, len,
1580 output_token, GSS_SPNEGO_MECH);
1581 if (ret == GSS_S_COMPLETE)
1582 ret = major_status;
1583
1584 end:
1585 if (token_init.mechToken != NULL) {
1586 free(token_init.mechToken);
1587 token_init.mechToken = NULL;
1588 }
1589 free_NegTokenInit(&token_init);
1590 if (krb5_output_token.length != 0)
1591 gss_release_buffer(&minor_status2, &krb5_output_token);
1592 if (buf)
1593 free(buf);
1594
1595 return (ret);
1596 }
1597
1598 static OM_uint32
1599 spnego_reply(OM_uint32 *minor_status,
1600 const gss_cred_id_t initiator_cred_handle,
1601 gss_ctx_id_t *context_handle,
1602 const gss_name_t target_name,
1603 const gss_OID mech_type,
1604 OM_uint32 req_flags,
1605 OM_uint32 time_req,
1606 const gss_channel_bindings_t input_chan_bindings,
1607 const gss_buffer_t input_token,
1608 gss_OID *actual_mech_type,
1609 gss_buffer_t output_token,
1610 OM_uint32 *ret_flags,
1611 OM_uint32 *time_rec)
1612 {
1613 OM_uint32 ret;
1614 NegTokenResp resp;
1615 unsigned char *buf;
1616 size_t buf_size;
1617 u_char oidbuf[17];
1618 size_t oidlen;
1619 gss_buffer_desc sub_token;
1620 ssize_t mech_len;
1621 const u_char *p;
1622 size_t len, taglen;
1623
1624 (void)mech_type;
1625
1626 output_token->length = 0;
1627 output_token->value = NULL;
1628
1629 /*
1630 * SPNEGO doesn't include gss wrapping on SubsequentContextToken
1631 * like the Kerberos 5 mech does. But lets check for it anyway.
1632 */
1633
1634 mech_len = gssapi_krb5_get_mech(input_token->value,
1635 input_token->length,
1636 &p);
1637
1638 if (mech_len < 0) {
1639 buf = input_token->value;
1640 buf_size = input_token->length;
1641 } else if ((size_t)mech_len == GSS_KRB5_MECH->length &&
1642 memcmp(GSS_KRB5_MECH->elements, p, mech_len) == 0)
1643 return (gss_init_sec_context(minor_status,
1644 initiator_cred_handle,
1645 context_handle,
1646 target_name,
1647 GSS_KRB5_MECH,
1648 req_flags,
1649 time_req,
1650 input_chan_bindings,
1651 input_token,
1652 actual_mech_type,
1653 output_token,
1654 ret_flags,
1655 time_rec));
1656 else if ((size_t)mech_len == GSS_SPNEGO_MECH->length &&
1657 memcmp(GSS_SPNEGO_MECH->elements, p, mech_len) == 0) {
1658 ret = gssapi_spnego_decapsulate(minor_status,
1659 input_token,
1660 &buf,
1661 &buf_size,
1662 GSS_SPNEGO_MECH);
1663 if (ret)
1664 return (ret);
1665 } else
1666 return (GSS_S_BAD_MECH);
1667
1668 ret = der_match_tag_and_length(buf, buf_size,
1669 ASN1_C_CONTEXT, CONS, 1, &len, &taglen);
1670 if (ret)
1671 return (ret);
1672
1673 if(len > buf_size - taglen)
1674 return (ASN1_OVERRUN);
1675
1676 ret = decode_NegTokenResp(buf + taglen, len, &resp, NULL);
1677 if (ret) {
1678 *minor_status = ENOMEM;
1679 return (GSS_S_FAILURE);
1680 }
1681
1682 if (resp.negState == NULL ||
1683 *(resp.negState) == reject ||
1684 resp.supportedMech == NULL) {
1685 free_NegTokenResp(&resp);
1686 return (GSS_S_BAD_MECH);
1687 }
1688
1689 ret = der_put_oid(oidbuf + sizeof(oidbuf) - 1,
1690 sizeof(oidbuf),
1691 resp.supportedMech,
1692 &oidlen);
1693 if (ret || oidlen != GSS_KRB5_MECH->length ||
1694 memcmp(oidbuf + sizeof(oidbuf) - oidlen,
1695 GSS_KRB5_MECH->elements,
1696 oidlen) != 0) {
1697 free_NegTokenResp(&resp);
1698 return GSS_S_BAD_MECH;
1699 }
1700
1701 if (resp.responseToken != NULL) {
1702 sub_token.length = resp.responseToken->length;
1703 sub_token.value = resp.responseToken->data;
1704 } else {
1705 sub_token.length = 0;
1706 sub_token.value = NULL;
1707 }
1708
1709 ret = gss_init_sec_context(minor_status,
1710 initiator_cred_handle,
1711 context_handle,
1712 target_name,
1713 GSS_KRB5_MECH,
1714 req_flags,
1715 time_req,
1716 input_chan_bindings,
1717 &sub_token,
1718 actual_mech_type,
1719 output_token,
1720 ret_flags,
1721 time_rec);
1722 if (ret) {
1723 free_NegTokenResp(&resp);
1724 return (ret);
1725 }
1726
1727 /*
1728 * XXXSRA I don't think this limited implementation ever needs
1729 * to check the MIC -- our preferred mechanism (Kerberos)
1730 * authenticates its own messages and is the only mechanism
1731 * we'll accept, so if the mechanism negotiation completes
1732 * successfully, we don't need the MIC. See RFC 4178.
1733 */
1734
1735 free_NegTokenResp(&resp);
1736 return (ret);
1737 }
1738
1739
1740
1741 OM_uint32
1742 gss_init_sec_context_spnego(OM_uint32 *minor_status,
1743 const gss_cred_id_t initiator_cred_handle,
1744 gss_ctx_id_t *context_handle,
1745 const gss_name_t target_name,
1746 const gss_OID mech_type,
1747 OM_uint32 req_flags,
1748 OM_uint32 time_req,
1749 const gss_channel_bindings_t input_chan_bindings,
1750 const gss_buffer_t input_token,
1751 gss_OID *actual_mech_type,
1752 gss_buffer_t output_token,
1753 OM_uint32 *ret_flags,
1754 OM_uint32 *time_rec)
1755 {
1756 /* Dirty trick to suppress compiler warnings */
1757
1758 /* Figure out whether we're starting over or processing a reply */
1759
1760 if (input_token == GSS_C_NO_BUFFER || input_token->length == 0)
1761 return (spnego_initial(minor_status,
1762 initiator_cred_handle,
1763 context_handle,
1764 target_name,
1765 mech_type,
1766 req_flags,
1767 time_req,
1768 input_chan_bindings,
1769 input_token,
1770 actual_mech_type,
1771 output_token,
1772 ret_flags,
1773 time_rec));
1774 else
1775 return (spnego_reply(minor_status,
1776 initiator_cred_handle,
1777 context_handle,
1778 target_name,
1779 mech_type,
1780 req_flags,
1781 time_req,
1782 input_chan_bindings,
1783 input_token,
1784 actual_mech_type,
1785 output_token,
1786 ret_flags,
1787 time_rec));
1788 }
1789
1790 #endif /* GSSAPI */
NetBSD on the FriendlyARM MINI2440