| blob | adf54ea3fce3bec1b7c19a5fc76531bdbdf6e68c |
1 /*
2 * kdc/kdc_util.c
3 *
4 * Copyright 1990,1991 by the Massachusetts Institute of Technology.
5 * All Rights Reserved.
6 *
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
11 *
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
25 *
26 *
27 * Utility functions for the KDC implementation.
28 */
35 #include <stdio.h>
36 #include <ctype.h>
37 #include <syslog.h>
40 #include <limits.h>
42 #ifdef USE_RCACHE
45 #endif
47 #ifdef USE_RCACHE
48 /*
49 * initialize the replay cache.
50 */
51 krb5_error_code
53 {
54 krb5_error_code retval;
60 /* rc_lifetime used elsewhere to verify we're not */
61 /* replaying really old data */
67 /* Recover or initialize the replay cache */
70 kdc_rcache,
72 ) {
73 /* Expunge the replay cache */
78 }
79 }
82 }
84 }
85 #endif
87 /*
88 * concatenate first two authdata arrays, returning an allocated replacement.
89 * The replacement should be freed with krb5_free_authdata().
90 */
91 krb5_error_code
94 {
98 /* count up the entries */
102 i++;
105 i++;
113 /* now walk & copy */
118 }
126 }
131 ptr++;
132 i++;
133 }
136 }
138 krb5_boolean
140 {
146 }
148 /*
149 * Returns TRUE if the kerberos principal is the name of a Kerberos ticket
150 * service.
151 */
153 {
156 KRB5_TGS_NAME_SIZE) &&
161 }
163 /*
164 * given authentication data (provides seed for checksum), verify checksum
165 * for source data.
166 */
167 static krb5_error_code
170 {
171 krb5_error_code retval;
172 krb5_boolean valid;
177 /* must be collision proof */
181 /* verify checksum */
183 KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM,
191 }
193 krb5_error_code
197 {
200 krb5_error_code retval;
201 krb5_data scratch1;
207 /* krb5_keyblock * key = NULL;*/
208 /* krb5_kvno kvno = 0;*/
215 }
229 }
231 /* If the "server" principal in the ticket is not something
232 in the local realm, then we must refuse to service the request
233 if the client claims to be from the local realm.
235 If we don't do this, then some other realm's nasty KDC can
236 claim to be authenticating a client from our realm, and we'll
237 give out tickets concurring with it!
239 we set a flag here for checking below.
240 */
254 #ifdef USE_RCACHE
256 kdc_rcache)))
258 #endif
260 /*
261 if ((retval = kdc_get_server_key(apreq->ticket, &key, &kvno)))
262 goto cleanup_auth_context;
263 */
265 /*
266 * XXX This is currently wrong but to fix it will require making a
267 * new keytab for groveling over the kdb.
268 */
269 /*
270 retval = krb5_auth_con_setuseruserkey(kdc_context, auth_context, key);
271 krb5_free_keyblock(kdc_context, key);
272 if (retval)
273 goto cleanup_auth_context;
274 */
280 #ifdef USE_RCACHE
281 /*
282 * I'm not so sure that this is right, but it's better than nothing
283 * at all.
284 *
285 * If we choke in the rd_req because of the replay cache, then attempt
286 * to reinitialize the replay cache because somebody could have deleted
287 * it from underneath us (e.g. a cron job)
288 */
295 kdc_rcache)) ||
300 )
302 }
305 #else
307 #endif
308 }
310 /* "invalid flag" tickets can must be used to validate */
315 }
325 /* Check for a checksum */
329 }
331 /* make sure the client is of proper lineage (see above) */
338 /* someone in a foreign realm claiming to be local */
342 }
343 }
345 /*
346 * Check application checksum vs. tgs request
347 *
348 * We try checksumming the req-body two different ways: first we
349 * try reaching into the raw asn.1 stream (if available), and
350 * checksum that directly; if that fails, then we try encoding
351 * using our local asn.1 library.
352 */
359 }
360 }
362 cleanup_authenticator:
365 cleanup_auth_context:
366 /* We do not want the free of the auth_context to close the rcache */
367 #ifdef USE_RCACHE
369 #endif
372 cleanup:
375 }
377 /* XXX This function should no longer be necessary.
378 * The KDC should take the keytab associated with the realm and pass that to
379 * the krb5_rd_req_decode(). --proven
380 *
381 * It's actually still used by do_tgs_req() for u2u auth, and not too
382 * much else. -- tlyu
383 */
384 krb5_error_code
386 {
387 krb5_error_code retval;
388 krb5_db_entry server;
389 krb5_boolean more;
399 }
410 sname);
412 }
414 }
423 }
427 server_key,
431 errout:
434 }
436 /* This probably wants to be updated if you support last_req stuff */
441 krb5_error_code
443 {
446 }
449 /* XXX! This is a temporary place-holder */
451 krb5_error_code
453 {
455 }
458 #define MAX_REALM_LN 500
461 /*
462 * subrealm - determine if r2 is a subrealm of r1
463 *
464 * SUBREALM takes two realms, r1 and r2, and
465 * determines if r2 is a subrealm of r1.
466 * r2 is a subrealm of r1 if (r1 is a prefix
467 * of r2 AND r1 and r2 begin with a /) or if
468 * (r1 is a suffix of r2 and neither r1 nor r2
469 * begin with a /).
470 *
471 * RETURNS: If r2 is a subrealm, and r1 is a prefix, the number
472 * of characters in the suffix of r2 is returned as a
473 * negative number.
474 *
475 * If r2 is a subrealm, and r1 is a suffix, the number
476 * of characters in the prefix of r2 is returned as a
477 * positive number.
478 *
479 * If r2 is not a subrealm, SUBREALM returns 0.
480 */
481 static int
483 {
492 }
494 /*
495 * add_to_transited Adds the name of the realm which issued the
496 * ticket granting ticket on which the new ticket to
497 * be issued is based (note that this is the same as
498 * the realm of the server listed in the ticket
499 * granting ticket.
500 *
501 * ASSUMPTIONS: This procedure assumes that the transited field from
502 * the existing ticket granting ticket already appears
503 * in compressed form. It will add the new realm while
504 * maintaining that form. As long as each successive
505 * realm is added using this (or a similar) routine, the
506 * transited field will be in compressed form. The
507 * basis step is an empty transited field which is, by
508 * its nature, in its most compressed form.
509 *
510 * ARGUMENTS: krb5_data *tgt_trans Transited field from TGT
511 * krb5_data *new_trans The transited field for the new ticket
512 * krb5_principal tgs Name of ticket granting server
513 * This includes the realm of the KDC
514 * that issued the ticket granting
515 * ticket. This is the realm that is
516 * to be added to the transited field.
517 * krb5_principal client Name of the client
518 * krb5_principal server The name of the requested server.
519 * This may be the an intermediate
520 * ticket granting server.
521 *
522 * The last two argument are needed since they are
523 * implicitly part of the transited field of the new ticket
524 * even though they are not explicitly listed.
525 *
526 * RETURNS: krb5_error_code - Success, or out of memory
527 *
528 * MODIFIES: new_trans: ->length will contain the length of the new
529 * transited field.
530 *
531 * If ->data was not null when this procedure
532 * is called, the memory referenced by ->data
533 * will be deallocated.
534 *
535 * Memory will be allocated for the new transited field
536 * ->data will be updated to point to the newly
537 * allocated memory.
538 *
539 * BUGS: The space allocated for the new transited field is the
540 * maximum that might be needed given the old transited field,
541 * and the realm to be added. This length is calculated
542 * assuming that no compression of the new realm is possible.
543 * This has no adverse consequences other than the allocation
544 * of more space than required.
545 *
546 * This procedure will not yet use the null subfield notation,
547 * and it will get confused if it sees it.
548 *
549 * This procedure does not check for quoted commas in realm
550 * names.
551 */
555 {
561 }
563 }
565 krb5_error_code
568 krb5_principal server)
569 {
570 krb5_error_code retval;
575 /* The following are for stepping through the transited field */
595 }
596 /* Keep track of start so we can free */
599 /* +1 for null,
600 +1 for extra comma which may be added between
601 +1 for potential space when leading slash in realm */
605 }
613 /* For the purpose of appending, the realm preceding the first */
614 /* realm in the transited field is considered the null realm */
618 /* read field into current */
623 else
625 }
627 otrans++;
629 }
634 }
635 }
645 /* figure out expanded form of current name */
651 }
658 }
660 }
667 }
669 }
673 }
675 /* read field into next */
680 else
682 }
684 otrans++;
686 }
691 }
692 }
698 /* If we still have to insert the new realm */
702 /* Is the next field compressed? If not, and if the new */
703 /* realm is a subrealm of the current realm, compress */
704 /* the new realm, and insert immediately following the */
705 /* current one. Note that we can not do this if the next*/
706 /* field is already compressed since it would mess up */
707 /* what has already been done. In most cases, this is */
708 /* not a problem because the realm to be added will be a */
709 /* subrealm of the next field too, and we will catch */
710 /* it in a future iteration. */
712 /* Note that the second test here is an unsigned comparison,
713 so the first half (or a cast) is also required. */
723 }
727 }
730 }
731 }
733 /* Whether or not the next field is compressed, if the */
734 /* realm to be added is a superrealm of the current realm,*/
735 /* then the current realm can be compressed. First the */
736 /* realm to be added must be compressed relative to the */
737 /* previous realm (if possible), and then the current */
738 /* realm compressed relative to the new realm. Note that */
739 /* if the realm to be added is also a superrealm of the */
740 /* previous realm, it would have been added earlier, and */
741 /* we would not reach this step this time around. */
750 }
753 }
756 }
757 }
763 }
766 }
770 }
773 }
777 }
782 }
785 }
786 }
787 }
793 }
795 }
799 }
807 }
814 }
816 }
821 }
823 }
827 }
830 }
833 fail:
837 }
839 /*
840 * Routines that validate a AS request; checks a lot of things. :-)
841 *
842 * Returns a Kerberos protocol error number, which is _not_ the same
843 * as a com_err error number!
844 */
845 #define AS_INVALID_OPTIONS (KDC_OPT_FORWARDED | KDC_OPT_PROXY |\
846 KDC_OPT_VALIDATE | KDC_OPT_RENEW | KDC_OPT_ENC_TKT_IN_SKEY)
847 int
851 {
854 /*
855 * If an option is set that is only allowed in TGS requests, complain.
856 */
860 }
862 /* The client's password must not be expired, unless the server is
863 a KRB5_KDC_PWCHANGE_SERVICE. */
867 #ifdef KRBCONF_VAGUE_ERRORS
869 #else
871 #endif
872 }
874 /* The client must not be expired */
877 #ifdef KRBCONF_VAGUE_ERRORS
879 #else
881 #endif
882 }
884 /* The server must not be expired */
888 }
890 /*
891 * If the client requires password changing, then only allow the
892 * pwchange service.
893 */
898 }
900 /* Client and server must allow postdating tickets */
907 }
909 /* Client and server must allow forwardable tickets */
915 }
917 /* Client and server must allow renewable tickets */
923 }
925 /* Client and server must allow proxiable tickets */
931 }
933 /* Check to see if client is locked out */
937 }
939 /* Check to see if server is locked out */
943 }
945 /* Check to see if server is allowed to be a service */
949 }
951 /*
952 * Check against local policy
953 */
960 }
962 #define ASN1_ID_CLASS (0xc0)
963 #define ASN1_ID_TYPE (0x20)
964 #define ASN1_ID_TAG (0x1f)
965 #define ASN1_CLASS_UNIV (0)
966 #define ASN1_CLASS_APP (1)
967 #define ASN1_CLASS_CTX (2)
968 #define ASN1_CLASS_PRIV (3)
969 #define asn1_id_constructed(x) (x & ASN1_ID_TYPE)
970 #define asn1_id_primitive(x) (!asn1_id_constructed(x))
971 #define asn1_id_class(x) ((x & ASN1_ID_CLASS) >> 6)
972 #define asn1_id_tag(x) (x & ASN1_ID_TAG)
974 /*
975 * asn1length - return encoded length of value.
976 *
977 * passed a pointer into the asn.1 stream, which is updated
978 * to point right after the length bits.
979 *
980 * returns -1 on failure.
981 */
982 static int
984 {
994 }
997 }
999 /* indefinite length, figure out by hand */
1001 p++;
1003 /* compute value length. */
1006 }
1008 /* check for termination */
1010 p++;
1012 }
1013 }
1015 }
1019 }
1021 }
1023 /*
1024 * fetch_asn1_field - return raw asn.1 stream of subfield.
1025 *
1026 * this routine is passed a context-dependent tag number and "level" and returns
1027 * the size and length of the corresponding level subfield.
1028 *
1029 * levels and are numbered starting from 1.
1030 *
1031 * returns 0 on success, -1 otherwise.
1032 */
1033 int
1036 {
1046 /* we assume that the first identifier/length will tell us
1047 how long the entire stream is. */
1048 astream++;
1052 }
1054 /* search down the stream, checking identifiers. we process identifiers
1055 until we hit the "level" we want, and then process that level for our
1056 subfield, always making sure we don't go off the end of the stream. */
1060 }
1063 levels++;
1065 }
1068 /* in our context-dependent class, is this the one we're looking for ? */
1070 /* return length and data */
1071 astream++;
1075 }
1076 /* if the field length is indefinite, we will have to subtract two
1077 (terminating octets) from the length returned since we don't want
1078 to pass any info from the "wrapper" back. asn1length will always return
1079 the *total* length of the field, not just what's contained in it */
1082 }
1086 /* we've seen this class before, something must be wrong */
1090 }
1091 }
1092 }
1093 /* if we're not on our level yet, process this value. otherwise skip over it */
1094 astream++;
1097 }
1100 }
1101 }
1103 }
1105 /*
1106 * Routines that validate a TGS request; checks a lot of things. :-)
1107 *
1108 * Returns a Kerberos protocol error number, which is _not_ the same
1109 * as a com_err error number!
1110 */
1111 #define TGS_OPTIONS_HANDLED (KDC_OPT_FORWARDABLE | KDC_OPT_FORWARDED | \
1112 KDC_OPT_PROXIABLE | KDC_OPT_PROXY | \
1113 KDC_OPT_ALLOW_POSTDATE | KDC_OPT_POSTDATED | \
1114 KDC_OPT_RENEWABLE | KDC_OPT_RENEWABLE_OK | \
1115 KDC_OPT_ENC_TKT_IN_SKEY | KDC_OPT_RENEW | \
1116 KDC_OPT_VALIDATE)
1118 #define NO_TGT_OPTION (KDC_OPT_FORWARDED | KDC_OPT_PROXY | KDC_OPT_RENEW | \
1119 KDC_OPT_VALIDATE)
1121 int
1125 {
1129 /*
1130 * If an illegal option is set, ignore it.
1131 */
1134 /* Check to see if server has expired */
1138 }
1140 /*
1141 * Verify that the server principal in authdat->ticket is correct
1142 * (either the ticket granting service or the service that was
1143 * originally requested)
1144 */
1149 }
1151 /*
1152 * OK, we need to validate the krbtgt service in the ticket.
1153 *
1154 * The krbtgt service is of the form:
1155 * krbtgt/realm-A@realm-B
1156 *
1157 * Realm A is the "server realm"; the realm of the
1158 * server of the requested ticket must match this realm.
1159 * Of course, it should be a realm serviced by this KDC.
1160 *
1161 * Realm B is the "client realm"; this is what should be
1162 * added to the transited field. (which is done elsewhere)
1163 */
1165 /* Make sure there are two components... */
1169 }
1170 /* ...that the first component is krbtgt... */
1174 }
1175 /* ...and that the second component matches the server realm... */
1184 }
1185 /* XXX add check that second component must match locally
1186 * supported realm?
1187 */
1189 /* Server must allow TGS based issuances */
1193 }
1194 }
1196 /* TGS must be forwardable to get forwarded or forwardable ticket */
1203 }
1205 /* TGS must be proxiable to get proxiable ticket */
1211 }
1213 /* TGS must allow postdating to get postdated ticket */
1219 }
1221 /* can only validate invalid tix */
1226 }
1228 /* can only renew renewable tix */
1234 }
1236 /* can not proxy ticket granting tickets */
1241 KRB5_TGS_NAME_SIZE))) {
1244 }
1246 /* Server must allow forwardable tickets */
1251 }
1253 /* Server must allow renewable tickets */
1258 }
1260 /* Server must allow proxiable tickets */
1265 }
1267 /* Server must allow postdated tickets */
1272 }
1274 /* Server must allow DUP SKEY requests */
1279 }
1281 /* Server must not be locked out */
1285 }
1287 /* Server must be allowed to be a service */
1291 }
1293 /* Check the hot list */
1297 }
1299 /* Check the start time vs. the KDC time */
1304 }
1305 }
1307 /*
1308 * Check the renew_till time. The endtime was already
1309 * been checked in the initial authentication check.
1310 */
1315 }
1317 /*
1318 * Checks for ENC_TKT_IN_SKEY:
1319 *
1320 * (1) Make sure the second ticket exists
1321 * (2) Make sure it is a ticket granting ticket
1322 */
1328 }
1330 tgs_server)) {
1333 }
1334 st_idx++;
1335 }
1337 /* Check for hardware preauthentication */
1342 }
1344 /* Check for any kind of preauthentication */
1349 }
1351 /*
1352 * Check local policy
1353 */
1360 }
1362 /*
1363 * This function returns 1 if the dbentry has a key for a specified
1364 * keytype, and 0 if not.
1365 */
1366 int
1368 krb5_enctype enctype)
1369 {
1370 krb5_error_code retval;
1377 else
1379 }
1381 /*
1382 * This function returns 1 if the entity referenced by this
1383 * structure can support the a particular encryption system, and 0 if
1384 * not.
1385 *
1386 * XXX eventually this information should be looked up in the
1387 * database. Since it isn't, we use some hueristics and attribute
1388 * options bits for now.
1389 */
1390 int
1392 krb5_enctype enctype)
1393 {
1394 /*
1395 * If it's DES_CBC_MD5, there's a bit in the attribute mask which
1396 * checks to see if we support it.
1397 *
1398 * In theory everything's supposed to support DES_CBC_MD5, but
1399 * that's not the reality....
1400 */
1402 /*
1403 * We are assuming that all entries can support MD5; this information
1404 * need not be kept in the database.
1405 */
1411 /*
1412 * XXX we assume everything can understand DES_CBC_CRC
1413 */
1417 /*
1418 * If we have a key for the encryption system, we assume it's
1419 * supported.
1420 */
1422 }
1424 /*
1425 * This function returns the keytype which should be selected for the
1426 * session key. It is based on the ordered list which the user
1427 * requested, and what the KDC and the application server can support.
1428 */
1429 krb5_enctype
1432 {
1444 }
1446 }
1448 /*
1449 * This function returns salt information for a particular client_key
1450 */
1451 krb5_error_code
1454 {
1455 krb5_error_code retval;
1468 /* send an empty (V4) salt */
1477 /* send the same salt as with onlyrealm - but with no type info,
1478 we just hope they figure it out on the other end. */
1479 /* fall through to onlyrealm: */
1493 }
1495 }
1497 /*
1498 * Limit strings to a "reasonable" length to prevent crowding out of
1499 * other useful information in the log entry
1500 */
1501 #define NAME_LENGTH_LIMIT 128
1504 {
1519 }
1521 /*
1522 * L10_2 = log10(2**x), rounded up; log10(2) ~= 0.301.
1523 */
1524 #define L10_2(x) ((int)(((x * 301) + 999) / 1000))
1526 /*
1527 * Max length of sprintf("%ld") for an int of type T; includes leading
1528 * minus sign and terminating NUL.
1529 */
1530 #define D_LEN(t) (L10_2(sizeof(t) * CHAR_BIT) + 2)
1532 void
1534 {
1543 }
1551 }
1553 /*
1554 * We broke out of the loop. Try to truncate the list.
1555 */
1563 }
1564 }
1566 }
1569 }
1571 void
1573 {
1580 }
1587 }
1595 }
1598 }