2 * Copyright (C) 2006-2011 Internet Systems Consortium, Inc. ("ISC")
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
9 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
10 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
11 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
12 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
13 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
14 * PERFORMANCE OF THIS SOFTWARE.
17 /* $Id: spnego.c,v 1.16.10.2 2011-04-04 11:10:57 marka Exp $ */
21 * Portable SPNEGO implementation.
23 * This is part of a portable implementation of the SPNEGO protocol
24 * (RFCs 2478 and 4178). This implementation uses the RFC 4178 ASN.1
25 * module but is not a full implementation of the RFC 4178 protocol;
26 * at the moment, we only support GSS-TSIG with Kerberos
27 * authentication, so we only need enough of the SPNEGO protocol to
30 * The files that make up this portable SPNEGO implementation are:
31 * \li spnego.c (this file)
32 * \li spnego.h (API SPNEGO exports to the rest of lib/dns)
33 * \li spnego.asn1 (SPNEGO ASN.1 module)
34 * \li spnego_asn1.c (routines generated from spngo.asn1)
35 * \li spnego_asn1.pl (perl script to generate spnego_asn1.c)
37 * Everything but the functions exported in spnego.h is static, to
38 * avoid possible conflicts with other libraries (particularly Heimdal,
39 * since much of this code comes from Heimdal by way of mod_auth_kerb).
41 * spnego_asn1.c is shipped as part of lib/dns because generating it
42 * requires both Perl and the Heimdal ASN.1 compiler. See
43 * spnego_asn1.pl for further details. We've tried to eliminate all
44 * compiler warnings from the generated code, but you may see a few
45 * when using a compiler version we haven't tested yet.
49 * Portions of this code were derived from mod_auth_kerb and Heimdal.
50 * These packages are available from:
52 * http://modauthkerb.sourceforge.net/
53 * http://www.pdc.kth.se/heimdal/
55 * and were released under the following licenses:
57 * ----------------------------------------------------------------
59 * Copyright (c) 2004 Masarykova universita
60 * (Masaryk University, Brno, Czech Republic)
61 * All rights reserved.
63 * Redistribution and use in source and binary forms, with or without
64 * modification, are permitted provided that the following conditions are met:
66 * 1. Redistributions of source code must retain the above copyright notice,
67 * this list of conditions and the following disclaimer.
69 * 2. Redistributions in binary form must reproduce the above copyright
70 * notice, this list of conditions and the following disclaimer in the
71 * documentation and/or other materials provided with the distribution.
73 * 3. Neither the name of the University nor the names of its contributors may
74 * be used to endorse or promote products derived from this software
75 * without specific prior written permission.
77 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
78 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
79 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
80 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
81 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
82 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
83 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
84 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
85 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
86 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
87 * POSSIBILITY OF SUCH DAMAGE.
89 * ----------------------------------------------------------------
91 * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
92 * (Royal Institute of Technology, Stockholm, Sweden).
93 * All rights reserved.
95 * Redistribution and use in source and binary forms, with or without
96 * modification, are permitted provided that the following conditions
99 * 1. Redistributions of source code must retain the above copyright
100 * notice, this list of conditions and the following disclaimer.
102 * 2. Redistributions in binary form must reproduce the above copyright
103 * notice, this list of conditions and the following disclaimer in the
104 * documentation and/or other materials provided with the distribution.
106 * 3. Neither the name of the Institute nor the names of its contributors
107 * may be used to endorse or promote products derived from this software
108 * without specific prior written permission.
110 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
111 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
112 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
113 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
114 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
115 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
116 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
117 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
118 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
119 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
124 * XXXSRA We should omit this file entirely in Makefile.in via autoconf,
125 * but this will keep it from generating errors until that's written.
131 * XXXSRA Some of the following files are almost certainly unnecessary,
132 * but using this list (borrowed from gssapictx.c) gets rid of some
133 * whacky compilation errors when building with MSVC and should be
134 * harmless in any case.
142 #include <isc/buffer.h>
144 #include <isc/entropy.h>
147 #include <isc/once.h>
148 #include <isc/random.h>
149 #include <isc/string.h>
150 #include <isc/time.h>
151 #include <isc/util.h>
153 #include <dns/fixedname.h>
154 #include <dns/name.h>
155 #include <dns/rdata.h>
156 #include <dns/rdataclass.h>
157 #include <dns/result.h>
158 #include <dns/types.h>
159 #include <dns/keyvalues.h>
162 #include <dst/gssapi.h>
163 #include <dst/result.h>
165 #include "dst_internal.h"
173 /* Generated from ../../../lib/asn1/asn1_err.et */
175 #ifndef ERROR_TABLE_BASE_asn1
176 /* these may be brought in already via gssapi_krb5.h */
177 typedef enum asn1_error_number {
178 ASN1_BAD_TIMEFORMAT = 1859794432,
179 ASN1_MISSING_FIELD = 1859794433,
180 ASN1_MISPLACED_FIELD = 1859794434,
181 ASN1_TYPE_MISMATCH = 1859794435,
182 ASN1_OVERFLOW = 1859794436,
183 ASN1_OVERRUN = 1859794437,
184 ASN1_BAD_ID = 1859794438,
185 ASN1_BAD_LENGTH = 1859794439,
186 ASN1_BAD_FORMAT = 1859794440,
187 ASN1_PARSE_ERROR = 1859794441
190 #define ERROR_TABLE_BASE_asn1 1859794432
193 #define __asn1_common_definitions__
195 typedef struct octet_string {
200 typedef char *general_string;
202 typedef char *utf8_string;
206 unsigned *components;
212 ASN1_C_UNIV = 0, ASN1_C_APPL = 1,
213 ASN1_C_CONTEXT = 2, ASN1_C_PRIVATE = 3
232 UT_PrintableString = 19,
235 UT_GeneralizedTime = 24,
236 UT_VisibleString = 26,
237 UT_GeneralString = 27
240 #define ASN1_INDEFINITE 0xdce0deed
243 der_get_length(const unsigned char *p, size_t len,
244 size_t * val, size_t * size);
247 der_get_octet_string(const unsigned char *p, size_t len,
248 octet_string * data, size_t * size);
250 der_get_oid(const unsigned char *p, size_t len,
251 oid * data, size_t * size);
253 der_get_tag(const unsigned char *p, size_t len,
254 Der_class * class, Der_type * type,
255 int *tag, size_t * size);
258 der_match_tag(const unsigned char *p, size_t len,
259 Der_class class, Der_type type,
260 int tag, size_t * size);
262 der_match_tag_and_length(const unsigned char *p, size_t len,
263 Der_class class, Der_type type, int tag,
264 size_t * length_ret, size_t * size);
267 decode_oid(const unsigned char *p, size_t len,
268 oid * k, size_t * size);
271 decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size);
274 decode_octet_string(const unsigned char *, size_t, octet_string *, size_t *);
277 der_put_int(unsigned char *p, size_t len, int val, size_t *);
280 der_put_length(unsigned char *p, size_t len, size_t val, size_t *);
283 der_put_octet_string(unsigned char *p, size_t len,
284 const octet_string * data, size_t *);
286 der_put_oid(unsigned char *p, size_t len,
287 const oid * data, size_t * size);
289 der_put_tag(unsigned char *p, size_t len, Der_class class, Der_type type,
292 der_put_length_and_tag(unsigned char *, size_t, size_t,
293 Der_class, Der_type, int, size_t *);
296 encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *);
299 encode_octet_string(unsigned char *p, size_t len,
300 const octet_string * k, size_t *);
302 encode_oid(unsigned char *p, size_t len,
303 const oid * k, size_t *);
306 free_octet_string(octet_string * k);
312 length_len(size_t len);
315 fix_dce(size_t reallen, size_t * len);
318 * Include stuff generated by the ASN.1 compiler.
321 #include "spnego_asn1.c"
323 static unsigned char gss_krb5_mech_oid_bytes[] = {
324 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x02
327 static gss_OID_desc gss_krb5_mech_oid_desc = {
328 sizeof(gss_krb5_mech_oid_bytes),
329 gss_krb5_mech_oid_bytes
332 static gss_OID GSS_KRB5_MECH = &gss_krb5_mech_oid_desc;
334 static unsigned char gss_mskrb5_mech_oid_bytes[] = {
335 0x2a, 0x86, 0x48, 0x82, 0xf7, 0x12, 0x01, 0x02, 0x02
338 static gss_OID_desc gss_mskrb5_mech_oid_desc = {
339 sizeof(gss_mskrb5_mech_oid_bytes),
340 gss_mskrb5_mech_oid_bytes
343 static gss_OID GSS_MSKRB5_MECH = &gss_mskrb5_mech_oid_desc;
345 static unsigned char gss_spnego_mech_oid_bytes[] = {
346 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02
349 static gss_OID_desc gss_spnego_mech_oid_desc = {
350 sizeof(gss_spnego_mech_oid_bytes),
351 gss_spnego_mech_oid_bytes
354 static gss_OID GSS_SPNEGO_MECH = &gss_spnego_mech_oid_desc;
356 /* spnegokrb5_locl.h */
359 gssapi_spnego_encapsulate(OM_uint32 *,
366 gssapi_spnego_decapsulate(OM_uint32 *,
372 /* mod_auth_kerb.c */
375 cmp_gss_type(gss_buffer_t token, gss_OID oid)
380 if (token->length == 0U)
381 return (GSS_S_DEFECTIVE_TOKEN);
385 return (GSS_S_DEFECTIVE_TOKEN);
388 if ((len & 0x7f) > 4U)
389 return (GSS_S_DEFECTIVE_TOKEN);
393 return (GSS_S_DEFECTIVE_TOKEN);
395 if (((OM_uint32) *p++) != oid->length)
396 return (GSS_S_DEFECTIVE_TOKEN);
398 return (memcmp(p, oid->elements, oid->length));
401 /* accept_sec_context.c */
403 * SPNEGO wrapper for Kerberos5 GSS-API kouril@ics.muni.cz, 2003 (mostly
404 * based on Heimdal code)
408 code_NegTokenArg(OM_uint32 * minor_status,
409 const NegTokenResp * resp,
410 unsigned char **outbuf,
411 size_t * outbuf_size)
415 size_t buf_size, buf_len = 0;
418 buf = malloc(buf_size);
420 *minor_status = ENOMEM;
421 return (GSS_S_FAILURE);
424 ret = encode_NegTokenResp(buf + buf_size - 1,
430 ret = der_put_length_and_tag(buf + buf_size - buf_len - 1,
441 if (ret == ASN1_OVERFLOW) {
445 tmp = realloc(buf, buf_size);
447 *minor_status = ENOMEM;
449 return (GSS_S_FAILURE);
455 return (GSS_S_FAILURE);
458 } while (ret == ASN1_OVERFLOW);
460 *outbuf = malloc(buf_len);
461 if (*outbuf == NULL) {
462 *minor_status = ENOMEM;
464 return (GSS_S_FAILURE);
466 memcpy(*outbuf, buf + buf_size - buf_len, buf_len);
467 *outbuf_size = buf_len;
471 return (GSS_S_COMPLETE);
475 send_reject(OM_uint32 * minor_status,
476 gss_buffer_t output_token)
481 resp.negState = malloc(sizeof(*resp.negState));
482 if (resp.negState == NULL) {
483 *minor_status = ENOMEM;
484 return (GSS_S_FAILURE);
486 *(resp.negState) = reject;
488 resp.supportedMech = NULL;
489 resp.responseToken = NULL;
490 resp.mechListMIC = NULL;
492 ret = code_NegTokenArg(minor_status, &resp,
493 (unsigned char **)&output_token->value,
494 &output_token->length);
495 free_NegTokenResp(&resp);
499 return (GSS_S_BAD_MECH);
503 send_accept(OM_uint32 * minor_status,
504 gss_buffer_t output_token,
505 gss_buffer_t mech_token,
511 memset(&resp, 0, sizeof(resp));
512 resp.negState = malloc(sizeof(*resp.negState));
513 if (resp.negState == NULL) {
514 *minor_status = ENOMEM;
515 return (GSS_S_FAILURE);
517 *(resp.negState) = accept_completed;
519 resp.supportedMech = malloc(sizeof(*resp.supportedMech));
520 if (resp.supportedMech == NULL) {
521 free_NegTokenResp(&resp);
522 *minor_status = ENOMEM;
523 return (GSS_S_FAILURE);
525 ret = der_get_oid(pref->elements,
530 free_NegTokenResp(&resp);
531 *minor_status = ENOMEM;
532 return (GSS_S_FAILURE);
534 if (mech_token != NULL && mech_token->length != 0U) {
535 resp.responseToken = malloc(sizeof(*resp.responseToken));
536 if (resp.responseToken == NULL) {
537 free_NegTokenResp(&resp);
538 *minor_status = ENOMEM;
539 return (GSS_S_FAILURE);
541 resp.responseToken->length = mech_token->length;
542 resp.responseToken->data = mech_token->value;
545 ret = code_NegTokenArg(minor_status, &resp,
546 (unsigned char **)&output_token->value,
547 &output_token->length);
548 if (resp.responseToken != NULL) {
549 free(resp.responseToken);
550 resp.responseToken = NULL;
552 free_NegTokenResp(&resp);
556 return (GSS_S_COMPLETE);
560 gss_accept_sec_context_spnego(OM_uint32 *minor_status,
561 gss_ctx_id_t *context_handle,
562 const gss_cred_id_t acceptor_cred_handle,
563 const gss_buffer_t input_token_buffer,
564 const gss_channel_bindings_t input_chan_bindings,
565 gss_name_t *src_name,
567 gss_buffer_t output_token,
568 OM_uint32 *ret_flags,
570 gss_cred_id_t *delegated_cred_handle)
572 NegTokenInit init_token;
573 OM_uint32 major_status;
574 OM_uint32 minor_status2;
575 gss_buffer_desc ibuf, obuf;
576 gss_buffer_t ot = NULL;
577 gss_OID pref = GSS_KRB5_MECH;
580 size_t len, taglen, ni_len;
586 * Before doing anything else, see whether this is a SPNEGO
587 * PDU. If not, dispatch to the GSSAPI library and get out.
590 if (cmp_gss_type(input_token_buffer, GSS_SPNEGO_MECH))
591 return (gss_accept_sec_context(minor_status,
593 acceptor_cred_handle,
601 delegated_cred_handle));
604 * If we get here, it's SPNEGO.
607 memset(&init_token, 0, sizeof(init_token));
609 ret = gssapi_spnego_decapsulate(minor_status, input_token_buffer,
610 &buf, &buf_size, GSS_SPNEGO_MECH);
614 ret = der_match_tag_and_length(buf, buf_size, ASN1_C_CONTEXT, CONS,
619 ret = decode_NegTokenInit(buf + taglen, len, &init_token, &ni_len);
621 *minor_status = EINVAL; /* XXX */
622 return (GSS_S_DEFECTIVE_TOKEN);
625 for (i = 0; !found && i < init_token.mechTypes.len; ++i) {
626 unsigned char mechbuf[17];
629 ret = der_put_oid(mechbuf + sizeof(mechbuf) - 1,
631 &init_token.mechTypes.val[i],
634 return (GSS_S_DEFECTIVE_TOKEN);
635 if (mech_len == GSS_KRB5_MECH->length &&
636 memcmp(GSS_KRB5_MECH->elements,
637 mechbuf + sizeof(mechbuf) - mech_len,
642 if (mech_len == GSS_MSKRB5_MECH->length &&
643 memcmp(GSS_MSKRB5_MECH->elements,
644 mechbuf + sizeof(mechbuf) - mech_len,
648 pref = GSS_MSKRB5_MECH;
654 return (send_reject(minor_status, output_token));
656 if (i == 0 && init_token.mechToken != NULL) {
657 ibuf.length = init_token.mechToken->length;
658 ibuf.value = init_token.mechToken->data;
660 major_status = gss_accept_sec_context(minor_status,
662 acceptor_cred_handle,
670 delegated_cred_handle);
671 if (GSS_ERROR(major_status)) {
672 send_reject(&minor_status2, output_token);
673 return (major_status);
677 ret = send_accept(&minor_status2, output_token, ot, pref);
678 if (ot != NULL && ot->length != 0U)
679 gss_release_buffer(&minor_status2, ot);
687 gssapi_verify_mech_header(u_char ** str,
691 size_t len, len_len, mech_len, foo;
696 return (GSS_S_DEFECTIVE_TOKEN);
698 return (GSS_S_DEFECTIVE_TOKEN);
699 e = der_get_length(p, total_len - 1, &len, &len_len);
700 if (e || 1 + len_len + len != total_len)
701 return (GSS_S_DEFECTIVE_TOKEN);
704 return (GSS_S_DEFECTIVE_TOKEN);
705 e = der_get_length(p, total_len - 1 - len_len - 1,
708 return (GSS_S_DEFECTIVE_TOKEN);
710 if (mech_len != mech->length)
711 return (GSS_S_BAD_MECH);
712 if (memcmp(p, mech->elements, mech->length) != 0)
713 return (GSS_S_BAD_MECH);
716 return (GSS_S_COMPLETE);
720 * Remove the GSS-API wrapping from `in_token' giving `buf and buf_size' Does
721 * not copy data, so just free `in_token'.
725 gssapi_spnego_decapsulate(OM_uint32 *minor_status,
726 gss_buffer_t input_token_buffer,
734 p = input_token_buffer->value;
735 ret = gssapi_verify_mech_header(&p,
736 input_token_buffer->length,
740 return (GSS_S_FAILURE);
742 *buf_len = input_token_buffer->length -
743 (p - (u_char *) input_token_buffer->value);
745 return (GSS_S_COMPLETE);
751 free_octet_string(octet_string *k)
761 k->components = NULL;
767 * All decoding functions take a pointer `p' to first position in which to
768 * read, from the left, `len' which means the maximum number of characters we
769 * are able to read, `ret' were the value will be returned and `size' where
770 * the number of used bytes is stored. Either 0 or an error code is returned.
774 der_get_unsigned(const unsigned char *p, size_t len,
775 unsigned *ret, size_t *size)
781 val = val * 256 + *p++;
789 der_get_int(const unsigned char *p, size_t len,
790 int *ret, size_t *size)
796 val = (signed char)*p++;
798 val = val * 256 + *p++;
807 der_get_length(const unsigned char *p, size_t len,
808 size_t *val, size_t *size)
813 return (ASN1_OVERRUN);
826 *val = ASN1_INDEFINITE;
833 return (ASN1_OVERRUN);
834 e = der_get_unsigned(p, v, &tmp, &l);
845 der_get_octet_string(const unsigned char *p, size_t len,
846 octet_string *data, size_t *size)
849 data->data = malloc(len);
850 if (data->data == NULL && data->length != 0U)
852 memcpy(data->data, p, len);
859 der_get_oid(const unsigned char *p, size_t len,
860 oid *data, size_t *size)
866 return (ASN1_OVERRUN);
868 data->components = malloc(len * sizeof(*data->components));
869 if (data->components == NULL && len != 0U)
871 data->components[0] = (*p) / 40;
872 data->components[1] = (*p) % 40;
875 for (n = 2; len > 0U; ++n) {
880 u = u * 128 + (*p++ % 128);
881 } while (len > 0U && p[-1] & 0x80);
882 data->components[n] = u;
886 return (ASN1_OVERRUN);
895 der_get_tag(const unsigned char *p, size_t len,
896 Der_class *class, Der_type *type,
897 int *tag, size_t *size)
900 return (ASN1_OVERRUN);
901 *class = (Der_class) (((*p) >> 6) & 0x03);
902 *type = (Der_type) (((*p) >> 5) & 0x01);
910 der_match_tag(const unsigned char *p, size_t len,
911 Der_class class, Der_type type,
912 int tag, size_t *size)
920 e = der_get_tag(p, len, &thisclass, &thistype, &thistag, &l);
923 if (class != thisclass || type != thistype)
924 return (ASN1_BAD_ID);
926 return (ASN1_MISPLACED_FIELD);
928 return (ASN1_MISSING_FIELD);
935 der_match_tag_and_length(const unsigned char *p, size_t len,
936 Der_class class, Der_type type, int tag,
937 size_t *length_ret, size_t *size)
942 e = der_match_tag(p, len, class, type, tag, &l);
948 e = der_get_length(p, len, length_ret, &l);
960 decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size)
966 e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_Enumerated, &l);
972 e = der_get_length(p, len, &reallen, &l);
978 e = der_get_int(p, reallen, num, &l);
990 decode_octet_string(const unsigned char *p, size_t len,
991 octet_string *k, size_t *size)
998 e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_OctetString, &l);
1005 e = der_get_length(p, len, &slen, &l);
1012 return (ASN1_OVERRUN);
1014 e = der_get_octet_string(p, slen, k, &l);
1026 decode_oid(const unsigned char *p, size_t len,
1027 oid *k, size_t *size)
1034 e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_OID, &l);
1041 e = der_get_length(p, len, &slen, &l);
1048 return (ASN1_OVERRUN);
1050 e = der_get_oid(p, slen, k, &l);
1062 fix_dce(size_t reallen, size_t *len)
1064 if (reallen == ASN1_INDEFINITE)
1075 len_unsigned(unsigned val)
1087 length_len(size_t len)
1092 return (len_unsigned(len) + 1);
1099 * All encoding functions take a pointer `p' to first position in which to
1100 * write, from the right, `len' which means the maximum number of characters
1101 * we are able to write. The function returns the number of characters
1102 * written in `size' (if non-NULL). The return value is 0 or an error.
1106 der_put_unsigned(unsigned char *p, size_t len, unsigned val, size_t *size)
1108 unsigned char *base = p;
1111 while (len > 0U && val) {
1117 return (ASN1_OVERFLOW);
1122 } else if (len < 1U)
1123 return (ASN1_OVERFLOW);
1132 der_put_int(unsigned char *p, size_t len, int val, size_t *size)
1134 unsigned char *base = p;
1139 return (ASN1_OVERFLOW);
1146 return (ASN1_OVERFLOW);
1154 return (ASN1_OVERFLOW);
1155 *p-- = ~(val % 256);
1161 return (ASN1_OVERFLOW);
1171 der_put_length(unsigned char *p, size_t len, size_t val, size_t *size)
1174 return (ASN1_OVERFLOW);
1183 e = der_put_unsigned(p, len - 1, val, &l);
1194 der_put_octet_string(unsigned char *p, size_t len,
1195 const octet_string *data, size_t *size)
1197 if (len < data->length)
1198 return (ASN1_OVERFLOW);
1200 len -= data->length;
1201 memcpy(p + 1, data->data, data->length);
1202 *size = data->length;
1207 der_put_oid(unsigned char *p, size_t len,
1208 const oid *data, size_t *size)
1210 unsigned char *base = p;
1213 for (n = data->length - 1; n >= 2; --n) {
1214 unsigned u = data->components[n];
1217 return (ASN1_OVERFLOW);
1223 return (ASN1_OVERFLOW);
1224 *p-- = 128 + u % 128;
1230 return (ASN1_OVERFLOW);
1231 *p-- = 40 * data->components[0] + data->components[1];
1237 der_put_tag(unsigned char *p, size_t len, Der_class class, Der_type type,
1238 int tag, size_t *size)
1241 return (ASN1_OVERFLOW);
1242 *p = (class << 6) | (type << 5) | tag; /* XXX */
1248 der_put_length_and_tag(unsigned char *p, size_t len, size_t len_val,
1249 Der_class class, Der_type type, int tag, size_t *size)
1255 e = der_put_length(p, len, len_val, &l);
1261 e = der_put_tag(p, len, class, type, tag, &l);
1272 encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *size)
1274 unsigned num = *(const unsigned *)data;
1279 e = der_put_int(p, len, num, &l);
1285 e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_Enumerated, &l);
1296 encode_octet_string(unsigned char *p, size_t len,
1297 const octet_string *k, size_t *size)
1303 e = der_put_octet_string(p, len, k, &l);
1309 e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_OctetString, &l);
1320 encode_oid(unsigned char *p, size_t len,
1321 const oid *k, size_t *size)
1327 e = der_put_oid(p, len, k, &l);
1333 e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_OID, &l);
1347 gssapi_encap_length(size_t data_len,
1354 *len = 1 + 1 + mech->length + data_len;
1356 len_len = length_len(*len);
1358 *total_len = 1 + len_len + *len;
1362 gssapi_mech_make_header(u_char *p,
1367 size_t len_len, foo;
1370 len_len = length_len(len);
1371 e = der_put_length(p + len_len - 1, len_len, len, &foo);
1372 if (e || foo != len_len)
1376 *p++ = mech->length;
1377 memcpy(p, mech->elements, mech->length);
1383 * Give it a krb5_data and it will encapsulate with extra GSS-API wrappings.
1387 gssapi_spnego_encapsulate(OM_uint32 * minor_status,
1390 gss_buffer_t output_token,
1393 size_t len, outer_len;
1396 gssapi_encap_length(buf_size, &len, &outer_len, mech);
1398 output_token->length = outer_len;
1399 output_token->value = malloc(outer_len);
1400 if (output_token->value == NULL) {
1401 *minor_status = ENOMEM;
1402 return (GSS_S_FAILURE);
1404 p = gssapi_mech_make_header(output_token->value, len, mech);
1406 if (output_token->length != 0U)
1407 gss_release_buffer(minor_status, output_token);
1408 return (GSS_S_FAILURE);
1410 memcpy(p, buf, buf_size);
1411 return (GSS_S_COMPLETE);
1414 /* init_sec_context.c */
1416 * SPNEGO wrapper for Kerberos5 GSS-API kouril@ics.muni.cz, 2003 (mostly
1417 * based on Heimdal code)
1421 add_mech(MechTypeList * mech_list, gss_OID mech)
1426 tmp = realloc(mech_list->val, (mech_list->len + 1) * sizeof(*tmp));
1429 mech_list->val = tmp;
1431 ret = der_get_oid(mech->elements, mech->length,
1432 &mech_list->val[mech_list->len], NULL);
1441 * return the length of the mechanism in token or -1
1442 * (which implies that the token was bad - GSS_S_DEFECTIVE_TOKEN
1446 gssapi_krb5_get_mech(const u_char *ptr,
1448 const u_char **mech_ret)
1450 size_t len, len_len, mech_len, foo;
1451 const u_char *p = ptr;
1458 e = der_get_length (p, total_len - 1, &len, &len_len);
1459 if (e || 1 + len_len + len != total_len)
1464 e = der_get_length (p, total_len - 1 - len_len - 1,
1474 spnego_initial(OM_uint32 *minor_status,
1475 const gss_cred_id_t initiator_cred_handle,
1476 gss_ctx_id_t *context_handle,
1477 const gss_name_t target_name,
1478 const gss_OID mech_type,
1479 OM_uint32 req_flags,
1481 const gss_channel_bindings_t input_chan_bindings,
1482 const gss_buffer_t input_token,
1483 gss_OID *actual_mech_type,
1484 gss_buffer_t output_token,
1485 OM_uint32 *ret_flags,
1486 OM_uint32 *time_rec)
1488 NegTokenInit token_init;
1489 OM_uint32 major_status, minor_status2;
1490 gss_buffer_desc krb5_output_token = GSS_C_EMPTY_BUFFER;
1491 unsigned char *buf = NULL;
1498 memset(&token_init, 0, sizeof(token_init));
1500 ret = add_mech(&token_init.mechTypes, GSS_KRB5_MECH);
1502 *minor_status = ret;
1503 ret = GSS_S_FAILURE;
1507 major_status = gss_init_sec_context(minor_status,
1508 initiator_cred_handle,
1514 input_chan_bindings,
1520 if (GSS_ERROR(major_status)) {
1524 if (krb5_output_token.length > 0U) {
1525 token_init.mechToken = malloc(sizeof(*token_init.mechToken));
1526 if (token_init.mechToken == NULL) {
1527 *minor_status = ENOMEM;
1528 ret = GSS_S_FAILURE;
1531 token_init.mechToken->data = krb5_output_token.value;
1532 token_init.mechToken->length = krb5_output_token.length;
1535 * The MS implementation of SPNEGO seems to not like the mechListMIC
1536 * field, so we omit it (it's optional anyway)
1540 buf = malloc(buf_size);
1543 ret = encode_NegTokenInit(buf + buf_size - 1,
1549 ret = der_put_length_and_tag(buf + buf_size - len - 1,
1560 if (ret == ASN1_OVERFLOW) {
1564 tmp = realloc(buf, buf_size);
1566 *minor_status = ENOMEM;
1567 ret = GSS_S_FAILURE;
1572 *minor_status = ret;
1573 ret = GSS_S_FAILURE;
1577 } while (ret == ASN1_OVERFLOW);
1579 ret = gssapi_spnego_encapsulate(minor_status,
1580 buf + buf_size - len, len,
1581 output_token, GSS_SPNEGO_MECH);
1582 if (ret == GSS_S_COMPLETE)
1586 if (token_init.mechToken != NULL) {
1587 free(token_init.mechToken);
1588 token_init.mechToken = NULL;
1590 free_NegTokenInit(&token_init);
1591 if (krb5_output_token.length != 0U)
1592 gss_release_buffer(&minor_status2, &krb5_output_token);
1600 spnego_reply(OM_uint32 *minor_status,
1601 const gss_cred_id_t initiator_cred_handle,
1602 gss_ctx_id_t *context_handle,
1603 const gss_name_t target_name,
1604 const gss_OID mech_type,
1605 OM_uint32 req_flags,
1607 const gss_channel_bindings_t input_chan_bindings,
1608 const gss_buffer_t input_token,
1609 gss_OID *actual_mech_type,
1610 gss_buffer_t output_token,
1611 OM_uint32 *ret_flags,
1612 OM_uint32 *time_rec)
1620 gss_buffer_desc sub_token;
1627 output_token->length = 0;
1628 output_token->value = NULL;
1631 * SPNEGO doesn't include gss wrapping on SubsequentContextToken
1632 * like the Kerberos 5 mech does. But lets check for it anyway.
1635 mech_len = gssapi_krb5_get_mech(input_token->value,
1636 input_token->length,
1640 buf = input_token->value;
1641 buf_size = input_token->length;
1642 } else if ((size_t)mech_len == GSS_KRB5_MECH->length &&
1643 memcmp(GSS_KRB5_MECH->elements, p, mech_len) == 0)
1644 return (gss_init_sec_context(minor_status,
1645 initiator_cred_handle,
1651 input_chan_bindings,
1657 else if ((size_t)mech_len == GSS_SPNEGO_MECH->length &&
1658 memcmp(GSS_SPNEGO_MECH->elements, p, mech_len) == 0) {
1659 ret = gssapi_spnego_decapsulate(minor_status,
1667 return (GSS_S_BAD_MECH);
1669 ret = der_match_tag_and_length(buf, buf_size,
1670 ASN1_C_CONTEXT, CONS, 1, &len, &taglen);
1674 if(len > buf_size - taglen)
1675 return (ASN1_OVERRUN);
1677 ret = decode_NegTokenResp(buf + taglen, len, &resp, NULL);
1679 *minor_status = ENOMEM;
1680 return (GSS_S_FAILURE);
1683 if (resp.negState == NULL ||
1684 *(resp.negState) == reject ||
1685 resp.supportedMech == NULL) {
1686 free_NegTokenResp(&resp);
1687 return (GSS_S_BAD_MECH);
1690 ret = der_put_oid(oidbuf + sizeof(oidbuf) - 1,
1694 if (ret || oidlen != GSS_KRB5_MECH->length ||
1695 memcmp(oidbuf + sizeof(oidbuf) - oidlen,
1696 GSS_KRB5_MECH->elements,
1698 free_NegTokenResp(&resp);
1699 return GSS_S_BAD_MECH;
1702 if (resp.responseToken != NULL) {
1703 sub_token.length = resp.responseToken->length;
1704 sub_token.value = resp.responseToken->data;
1706 sub_token.length = 0;
1707 sub_token.value = NULL;
1710 ret = gss_init_sec_context(minor_status,
1711 initiator_cred_handle,
1717 input_chan_bindings,
1724 free_NegTokenResp(&resp);
1729 * XXXSRA I don't think this limited implementation ever needs
1730 * to check the MIC -- our preferred mechanism (Kerberos)
1731 * authenticates its own messages and is the only mechanism
1732 * we'll accept, so if the mechanism negotiation completes
1733 * successfully, we don't need the MIC. See RFC 4178.
1736 free_NegTokenResp(&resp);
1743 gss_init_sec_context_spnego(OM_uint32 *minor_status,
1744 const gss_cred_id_t initiator_cred_handle,
1745 gss_ctx_id_t *context_handle,
1746 const gss_name_t target_name,
1747 const gss_OID mech_type,
1748 OM_uint32 req_flags,
1750 const gss_channel_bindings_t input_chan_bindings,
1751 const gss_buffer_t input_token,
1752 gss_OID *actual_mech_type,
1753 gss_buffer_t output_token,
1754 OM_uint32 *ret_flags,
1755 OM_uint32 *time_rec)
1757 /* Dirty trick to suppress compiler warnings */
1759 /* Figure out whether we're starting over or processing a reply */
1761 if (input_token == GSS_C_NO_BUFFER || input_token->length == 0U)
1762 return (spnego_initial(minor_status,
1763 initiator_cred_handle,
1769 input_chan_bindings,
1776 return (spnego_reply(minor_status,
1777 initiator_cred_handle,
1783 input_chan_bindings,