1255767Sdes/* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */
2124208Sdes
3124208Sdes/*
4124208Sdes * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
5124208Sdes *
6124208Sdes * Redistribution and use in source and binary forms, with or without
7124208Sdes * modification, are permitted provided that the following conditions
8124208Sdes * are met:
9124208Sdes * 1. Redistributions of source code must retain the above copyright
10124208Sdes *    notice, this list of conditions and the following disclaimer.
11124208Sdes * 2. Redistributions in binary form must reproduce the above copyright
12124208Sdes *    notice, this list of conditions and the following disclaimer in the
13124208Sdes *    documentation and/or other materials provided with the distribution.
14124208Sdes *
15124208Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AS IS'' AND ANY EXPRESS OR
16124208Sdes * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17124208Sdes * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18124208Sdes * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19124208Sdes * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20124208Sdes * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21124208Sdes * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22124208Sdes * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23124208Sdes * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24124208Sdes * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25124208Sdes */
26124208Sdes
27124208Sdes#include "includes.h"
28124208Sdes
29124208Sdes#ifdef GSSAPI
30124208Sdes
31162852Sdes#include <sys/types.h>
32162852Sdes
33162852Sdes#include <stdarg.h>
34162852Sdes
35162852Sdes#include "xmalloc.h"
36162852Sdes#include "key.h"
37162852Sdes#include "hostfile.h"
38124208Sdes#include "auth.h"
39124208Sdes#include "ssh2.h"
40124208Sdes#include "log.h"
41124208Sdes#include "dispatch.h"
42162852Sdes#include "buffer.h"
43124208Sdes#include "servconf.h"
44124208Sdes#include "packet.h"
45162852Sdes#include "ssh-gss.h"
46124208Sdes#include "monitor_wrap.h"
47124208Sdes
48124208Sdesextern ServerOptions options;
49124208Sdes
50124208Sdesstatic void input_gssapi_token(int type, u_int32_t plen, void *ctxt);
51126274Sdesstatic void input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
52124208Sdesstatic void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
53124208Sdesstatic void input_gssapi_errtok(int, u_int32_t, void *);
54124208Sdes
55124208Sdes/*
56124208Sdes * We only support those mechanisms that we know about (ie ones that we know
57157016Sdes * how to check local user kuserok and the like)
58124208Sdes */
59124208Sdesstatic int
60124208Sdesuserauth_gssapi(Authctxt *authctxt)
61124208Sdes{
62137015Sdes	gss_OID_desc goid = {0, NULL};
63124208Sdes	Gssctxt *ctxt = NULL;
64124208Sdes	int mechs;
65124208Sdes	gss_OID_set supported;
66124208Sdes	int present;
67124208Sdes	OM_uint32 ms;
68124208Sdes	u_int len;
69149749Sdes	u_char *doid = NULL;
70124208Sdes
71124208Sdes	if (!authctxt->valid || authctxt->user == NULL)
72124208Sdes		return (0);
73124208Sdes
74124208Sdes	mechs = packet_get_int();
75124208Sdes	if (mechs == 0) {
76124208Sdes		debug("Mechanism negotiation is not supported");
77124208Sdes		return (0);
78124208Sdes	}
79124208Sdes
80124208Sdes	ssh_gssapi_supported_oids(&supported);
81124208Sdes	do {
82124208Sdes		mechs--;
83124208Sdes
84255767Sdes		free(doid);
85124208Sdes
86126274Sdes		present = 0;
87124208Sdes		doid = packet_get_string(&len);
88124208Sdes
89149749Sdes		if (len > 2 && doid[0] == SSH_GSS_OIDTYPE &&
90149749Sdes		    doid[1] == len - 2) {
91137015Sdes			goid.elements = doid + 2;
92137015Sdes			goid.length   = len - 2;
93137015Sdes			gss_test_oid_set_member(&ms, &goid, supported,
94126274Sdes			    &present);
95126274Sdes		} else {
96126274Sdes			logit("Badly formed OID received");
97124208Sdes		}
98124208Sdes	} while (mechs > 0 && !present);
99124208Sdes
100124208Sdes	gss_release_oid_set(&ms, &supported);
101124208Sdes
102124208Sdes	if (!present) {
103255767Sdes		free(doid);
104226046Sdes		authctxt->server_caused_failure = 1;
105124208Sdes		return (0);
106124208Sdes	}
107124208Sdes
108137015Sdes	if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) {
109162852Sdes		if (ctxt != NULL)
110162852Sdes			ssh_gssapi_delete_ctx(&ctxt);
111255767Sdes		free(doid);
112226046Sdes		authctxt->server_caused_failure = 1;
113124208Sdes		return (0);
114124208Sdes	}
115124208Sdes
116157016Sdes	authctxt->methoddata = (void *)ctxt;
117124208Sdes
118124208Sdes	packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE);
119124208Sdes
120126274Sdes	/* Return the OID that we received */
121124208Sdes	packet_put_string(doid, len);
122124208Sdes
123124208Sdes	packet_send();
124255767Sdes	free(doid);
125124208Sdes
126124208Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token);
127124208Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok);
128124208Sdes	authctxt->postponed = 1;
129124208Sdes
130124208Sdes	return (0);
131124208Sdes}
132124208Sdes
133124208Sdesstatic void
134124208Sdesinput_gssapi_token(int type, u_int32_t plen, void *ctxt)
135124208Sdes{
136124208Sdes	Authctxt *authctxt = ctxt;
137124208Sdes	Gssctxt *gssctxt;
138124208Sdes	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
139124208Sdes	gss_buffer_desc recv_tok;
140126274Sdes	OM_uint32 maj_status, min_status, flags;
141124208Sdes	u_int len;
142124208Sdes
143124208Sdes	if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
144124208Sdes		fatal("No authentication or GSSAPI context");
145124208Sdes
146124208Sdes	gssctxt = authctxt->methoddata;
147124208Sdes	recv_tok.value = packet_get_string(&len);
148124208Sdes	recv_tok.length = len; /* u_int vs. size_t */
149124208Sdes
150124208Sdes	packet_check_eom();
151124208Sdes
152124208Sdes	maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
153126274Sdes	    &send_tok, &flags));
154124208Sdes
155255767Sdes	free(recv_tok.value);
156124208Sdes
157124208Sdes	if (GSS_ERROR(maj_status)) {
158124208Sdes		if (send_tok.length != 0) {
159124208Sdes			packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK);
160124208Sdes			packet_put_string(send_tok.value, send_tok.length);
161124208Sdes			packet_send();
162124208Sdes		}
163124208Sdes		authctxt->postponed = 0;
164124208Sdes		dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
165248619Sdes		userauth_finish(authctxt, 0, "gssapi-with-mic", NULL);
166124208Sdes	} else {
167124208Sdes		if (send_tok.length != 0) {
168124208Sdes			packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
169124208Sdes			packet_put_string(send_tok.value, send_tok.length);
170124208Sdes			packet_send();
171124208Sdes		}
172124208Sdes		if (maj_status == GSS_S_COMPLETE) {
173124208Sdes			dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
174126274Sdes			if (flags & GSS_C_INTEG_FLAG)
175126274Sdes				dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC,
176126274Sdes				    &input_gssapi_mic);
177126274Sdes			else
178126274Sdes				dispatch_set(
179126274Sdes				    SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE,
180126274Sdes				    &input_gssapi_exchange_complete);
181124208Sdes		}
182124208Sdes	}
183124208Sdes
184124208Sdes	gss_release_buffer(&min_status, &send_tok);
185124208Sdes}
186124208Sdes
187124208Sdesstatic void
188124208Sdesinput_gssapi_errtok(int type, u_int32_t plen, void *ctxt)
189124208Sdes{
190124208Sdes	Authctxt *authctxt = ctxt;
191124208Sdes	Gssctxt *gssctxt;
192124208Sdes	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
193124208Sdes	gss_buffer_desc recv_tok;
194124208Sdes	OM_uint32 maj_status;
195124208Sdes	u_int len;
196124208Sdes
197124208Sdes	if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
198124208Sdes		fatal("No authentication or GSSAPI context");
199124208Sdes
200124208Sdes	gssctxt = authctxt->methoddata;
201124208Sdes	recv_tok.value = packet_get_string(&len);
202124208Sdes	recv_tok.length = len;
203124208Sdes
204124208Sdes	packet_check_eom();
205124208Sdes
206124208Sdes	/* Push the error token into GSSAPI to see what it says */
207124208Sdes	maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
208124208Sdes	    &send_tok, NULL));
209124208Sdes
210255767Sdes	free(recv_tok.value);
211124208Sdes
212124208Sdes	/* We can't return anything to the client, even if we wanted to */
213124208Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
214124208Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
215124208Sdes
216124208Sdes	/* The client will have already moved on to the next auth */
217124208Sdes
218124208Sdes	gss_release_buffer(&maj_status, &send_tok);
219124208Sdes}
220124208Sdes
221124208Sdes/*
222124208Sdes * This is called when the client thinks we've completed authentication.
223124208Sdes * It should only be enabled in the dispatch handler by the function above,
224124208Sdes * which only enables it once the GSSAPI exchange is complete.
225124208Sdes */
226124208Sdes
227124208Sdesstatic void
228124208Sdesinput_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
229124208Sdes{
230124208Sdes	Authctxt *authctxt = ctxt;
231124208Sdes	int authenticated;
232124208Sdes
233124208Sdes	if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
234124208Sdes		fatal("No authentication or GSSAPI context");
235124208Sdes
236124208Sdes	/*
237126274Sdes	 * We don't need to check the status, because we're only enabled in
238126274Sdes	 * the dispatcher once the exchange is complete
239124208Sdes	 */
240124208Sdes
241124208Sdes	packet_check_eom();
242124208Sdes
243124208Sdes	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
244124208Sdes
245124208Sdes	authctxt->postponed = 0;
246124208Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
247124208Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
248126274Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL);
249124208Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
250248619Sdes	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
251124208Sdes}
252124208Sdes
253126274Sdesstatic void
254126274Sdesinput_gssapi_mic(int type, u_int32_t plen, void *ctxt)
255126274Sdes{
256126274Sdes	Authctxt *authctxt = ctxt;
257126274Sdes	Gssctxt *gssctxt;
258126274Sdes	int authenticated = 0;
259126274Sdes	Buffer b;
260126274Sdes	gss_buffer_desc mic, gssbuf;
261126274Sdes	u_int len;
262126274Sdes
263126274Sdes	if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
264126274Sdes		fatal("No authentication or GSSAPI context");
265126274Sdes
266126274Sdes	gssctxt = authctxt->methoddata;
267126274Sdes
268126274Sdes	mic.value = packet_get_string(&len);
269126274Sdes	mic.length = len;
270126274Sdes
271126274Sdes	ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
272126274Sdes	    "gssapi-with-mic");
273126274Sdes
274126274Sdes	gssbuf.value = buffer_ptr(&b);
275126274Sdes	gssbuf.length = buffer_len(&b);
276126274Sdes
277126274Sdes	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
278126274Sdes		authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
279126274Sdes	else
280126274Sdes		logit("GSSAPI MIC check failed");
281126274Sdes
282126274Sdes	buffer_free(&b);
283255767Sdes	free(mic.value);
284126274Sdes
285126274Sdes	authctxt->postponed = 0;
286126274Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
287126274Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
288126274Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL);
289126274Sdes	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
290248619Sdes	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
291126274Sdes}
292126274Sdes
293124208SdesAuthmethod method_gssapi = {
294126274Sdes	"gssapi-with-mic",
295124208Sdes	userauth_gssapi,
296124208Sdes	&options.gss_authentication
297124208Sdes};
298124208Sdes
299124208Sdes#endif /* GSSAPI */
300