]>
Commit | Line | Data |
---|---|---|
800d775e | 1 | /* |
a7ab6ec8 | 2 | * Copyright (c) 2010, Oracle America, Inc. |
cb636bb2 | 3 | * |
a7ab6ec8 UD |
4 | * Redistribution and use in source and binary forms, with or without |
5 | * modification, are permitted provided that the following conditions are | |
6 | * met: | |
cb636bb2 | 7 | * |
a7ab6ec8 UD |
8 | * * Redistributions of source code must retain the above copyright |
9 | * notice, this list of conditions and the following disclaimer. | |
10 | * * Redistributions in binary form must reproduce the above | |
11 | * copyright notice, this list of conditions and the following | |
12 | * disclaimer in the documentation and/or other materials | |
13 | * provided with the distribution. | |
14 | * * Neither the name of the "Oracle America, Inc." nor the names of its | |
15 | * contributors may be used to endorse or promote products derived | |
16 | * from this software without specific prior written permission. | |
800d775e | 17 | * |
a7ab6ec8 UD |
18 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
19 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
20 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | |
21 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE | |
22 | * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, | |
23 | * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
24 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE | |
25 | * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
26 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, | |
27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
28 | * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
29 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
800d775e UD |
30 | */ |
31 | /* | |
32 | * auth_des.c, client-side implementation of DES authentication | |
33 | */ | |
34 | ||
35 | #include <string.h> | |
36 | #include <rpc/des_crypt.h> | |
37 | #include <rpc/types.h> | |
38 | #include <rpc/auth.h> | |
39 | #include <rpc/auth_des.h> | |
40 | #include <rpc/xdr.h> | |
41 | #include <netinet/in.h> /* XXX: just to get htonl() and ntohl() */ | |
42 | #include <sys/socket.h> | |
43 | ||
44 | #define MILLION 1000000L | |
45 | #define RTIME_TIMEOUT 5 /* seconds to wait for sync */ | |
46 | ||
47 | #define AUTH_PRIVATE(auth) (struct ad_private *) auth->ah_private | |
48 | #define ALLOC(object_type) (object_type *) mem_alloc(sizeof(object_type)) | |
49 | #define FREE(ptr, size) mem_free((char *)(ptr), (int) size) | |
50 | #define ATTEMPT(xdr_op) if (!(xdr_op)) return (FALSE) | |
51 | ||
52 | #define debug(msg) /* printf("%s\n", msg) */ | |
53 | ||
800d775e UD |
54 | |
55 | /* | |
56 | * DES authenticator operations vector | |
57 | */ | |
800d775e UD |
58 | static void authdes_nextverf (AUTH *); |
59 | static bool_t authdes_marshal (AUTH *, XDR *); | |
60 | static bool_t authdes_validate (AUTH *, struct opaque_auth *); | |
61 | static bool_t authdes_refresh (AUTH *); | |
62 | static void authdes_destroy (AUTH *); | |
f8afba91 | 63 | static bool_t synchronize (struct sockaddr *, struct rpc_timeval *) |
dfd2257a | 64 | internal_function; |
800d775e | 65 | |
31d7b14c | 66 | static const struct auth_ops authdes_ops = { |
800d775e UD |
67 | authdes_nextverf, |
68 | authdes_marshal, | |
69 | authdes_validate, | |
70 | authdes_refresh, | |
71 | authdes_destroy | |
72 | }; | |
73 | ||
74 | ||
75 | /* | |
76 | * This struct is pointed to by the ah_private field of an "AUTH *" | |
77 | */ | |
ee586e0e UD |
78 | struct ad_private { |
79 | char *ad_fullname; /* client's full name */ | |
7b57bfe5 UD |
80 | u_int ad_fullnamelen; /* length of name, rounded up */ |
81 | char *ad_servername; /* server's full name */ | |
ee586e0e UD |
82 | u_int ad_servernamelen; /* length of name, rounded up */ |
83 | uint32_t ad_window; /* client specified window */ | |
84 | bool_t ad_dosync; /* synchronize? */ | |
85 | struct sockaddr ad_syncaddr; /* remote host to synch with */ | |
f8afba91 UD |
86 | struct rpc_timeval ad_timediff; /* server's time - client's time */ |
87 | uint32_t ad_nickname; /* server's nickname for client */ | |
ee586e0e UD |
88 | struct authdes_cred ad_cred; /* storage for credential */ |
89 | struct authdes_verf ad_verf; /* storage for verifier */ | |
f8afba91 | 90 | struct rpc_timeval ad_timestamp; /* timestamp sent */ |
ee586e0e | 91 | des_block ad_xkey; /* encrypted conversation key */ |
7b57bfe5 | 92 | u_char ad_pkey[1024]; /* Servers actual public key */ |
ee586e0e | 93 | }; |
800d775e UD |
94 | |
95 | ||
96 | /* | |
97 | * Create the client des authentication object | |
98 | */ | |
99 | AUTH * | |
9a0a462c | 100 | authdes_create (const char *servername, u_int window, |
26a60f90 | 101 | struct sockaddr *syncaddr, des_block *ckey) |
800d775e UD |
102 | /* servername - network name of server */ |
103 | /* window - time to live */ | |
104 | /* syncaddr - optional addr of host to sync with */ | |
105 | /* ckey - optional conversation key to use */ | |
106 | { | |
9cfe5381 | 107 | char pkey_data[1024]; |
800d775e UD |
108 | netobj pkey; |
109 | ||
110 | if (!getpublickey (servername, pkey_data)) | |
f8afba91 | 111 | return NULL; |
800d775e | 112 | |
9cfe5381 RM |
113 | pkey.n_bytes = pkey_data; |
114 | pkey.n_len = strlen (pkey_data) + 1; | |
7b57bfe5 | 115 | return authdes_pk_create (servername, &pkey, window, syncaddr, ckey); |
800d775e | 116 | } |
7b57bfe5 UD |
117 | #ifdef EXPORT_RPC_SYMBOLS |
118 | libc_hidden_def (authdes_create) | |
119 | #else | |
120 | libc_hidden_nolink (authdes_create, GLIBC_2_1) | |
121 | #endif | |
800d775e UD |
122 | |
123 | AUTH * | |
26a60f90 UD |
124 | authdes_pk_create (const char *servername, netobj *pkey, u_int window, |
125 | struct sockaddr *syncaddr, des_block *ckey) | |
800d775e UD |
126 | { |
127 | AUTH *auth; | |
128 | struct ad_private *ad; | |
129 | char namebuf[MAXNETNAMELEN + 1]; | |
130 | ||
131 | /* | |
132 | * Allocate everything now | |
133 | */ | |
134 | auth = ALLOC (AUTH); | |
135 | ad = ALLOC (struct ad_private); | |
f8afba91 UD |
136 | |
137 | if (auth == NULL || ad == NULL) | |
138 | { | |
139 | debug ("authdes_create: out of memory"); | |
140 | goto failed; | |
141 | } | |
142 | ||
dfd2257a | 143 | memset (ad, 0, sizeof (struct ad_private)); |
800d775e UD |
144 | memcpy (ad->ad_pkey, pkey->n_bytes, pkey->n_len); |
145 | if (!getnetname (namebuf)) | |
146 | goto failed; | |
147 | ad->ad_fullnamelen = RNDUP (strlen (namebuf)); | |
148 | ad->ad_fullname = mem_alloc (ad->ad_fullnamelen + 1); | |
149 | ||
150 | ad->ad_servernamelen = strlen (servername); | |
151 | ad->ad_servername = mem_alloc (ad->ad_servernamelen + 1); | |
152 | ||
f8afba91 | 153 | if (ad->ad_fullname == NULL || ad->ad_servername == NULL) |
800d775e UD |
154 | { |
155 | debug ("authdes_create: out of memory"); | |
156 | goto failed; | |
157 | } | |
158 | ||
159 | /* | |
160 | * Set up private data | |
161 | */ | |
f8afba91 UD |
162 | memcpy (ad->ad_fullname, namebuf, ad->ad_fullnamelen + 1); |
163 | memcpy (ad->ad_servername, servername, ad->ad_servernamelen + 1); | |
9a0a462c | 164 | ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0; |
800d775e UD |
165 | if (syncaddr != NULL) |
166 | { | |
167 | ad->ad_syncaddr = *syncaddr; | |
168 | ad->ad_dosync = TRUE; | |
169 | } | |
170 | else | |
171 | ad->ad_dosync = FALSE; | |
172 | ||
173 | ad->ad_window = window; | |
174 | if (ckey == NULL) | |
175 | { | |
176 | if (key_gendes (&auth->ah_key) < 0) | |
177 | { | |
178 | debug ("authdes_create: unable to gen conversation key"); | |
1eab3551 | 179 | goto failed; |
800d775e UD |
180 | } |
181 | } | |
182 | else | |
183 | auth->ah_key = *ckey; | |
184 | ||
185 | /* | |
186 | * Set up auth handle | |
187 | */ | |
188 | auth->ah_cred.oa_flavor = AUTH_DES; | |
189 | auth->ah_verf.oa_flavor = AUTH_DES; | |
31d7b14c | 190 | auth->ah_ops = (struct auth_ops *) &authdes_ops; |
800d775e UD |
191 | auth->ah_private = (caddr_t) ad; |
192 | ||
193 | if (!authdes_refresh (auth)) | |
194 | goto failed; | |
195 | ||
f8afba91 | 196 | return auth; |
800d775e UD |
197 | |
198 | failed: | |
199 | if (auth != NULL) | |
200 | FREE (auth, sizeof (AUTH)); | |
201 | if (ad != NULL) | |
9a0a462c | 202 | { |
9a0a462c UD |
203 | if (ad->ad_fullname != NULL) |
204 | FREE (ad->ad_fullname, ad->ad_fullnamelen + 1); | |
205 | if (ad->ad_servername != NULL) | |
206 | FREE (ad->ad_servername, ad->ad_servernamelen + 1); | |
dfd2257a | 207 | FREE (ad, sizeof (struct ad_private)); |
9a0a462c | 208 | } |
f8afba91 | 209 | return NULL; |
800d775e | 210 | } |
7b57bfe5 UD |
211 | #ifdef EXPORT_RPC_SYMBOLS |
212 | libc_hidden_def (authdes_pk_create) | |
213 | #else | |
214 | libc_hidden_nolink (authdes_pk_create, GLIBC_2_1) | |
215 | #endif | |
800d775e UD |
216 | |
217 | /* | |
218 | * Implement the five authentication operations | |
219 | */ | |
220 | ||
221 | ||
222 | /* | |
223 | * 1. Next Verifier | |
224 | */ | |
225 | /*ARGSUSED */ | |
226 | static void | |
f8afba91 | 227 | authdes_nextverf (AUTH *auth) |
800d775e UD |
228 | { |
229 | /* what the heck am I supposed to do??? */ | |
230 | } | |
231 | ||
232 | ||
233 | ||
234 | /* | |
235 | * 2. Marshal | |
236 | */ | |
237 | static bool_t | |
f8afba91 | 238 | authdes_marshal (AUTH *auth, XDR *xdrs) |
800d775e UD |
239 | { |
240 | struct ad_private *ad = AUTH_PRIVATE (auth); | |
241 | struct authdes_cred *cred = &ad->ad_cred; | |
242 | struct authdes_verf *verf = &ad->ad_verf; | |
243 | des_block cryptbuf[2]; | |
244 | des_block ivec; | |
245 | int status; | |
9cfe5381 | 246 | int len; |
f8afba91 UD |
247 | register int32_t *ixdr; |
248 | struct timeval tval; | |
800d775e UD |
249 | |
250 | /* | |
251 | * Figure out the "time", accounting for any time difference | |
252 | * with the server if necessary. | |
253 | */ | |
f8afba91 UD |
254 | __gettimeofday (&tval, (struct timezone *) NULL); |
255 | ad->ad_timestamp.tv_sec = tval.tv_sec + ad->ad_timediff.tv_sec; | |
256 | ad->ad_timestamp.tv_usec = tval.tv_usec + ad->ad_timediff.tv_usec; | |
800d775e UD |
257 | if (ad->ad_timestamp.tv_usec >= MILLION) |
258 | { | |
259 | ad->ad_timestamp.tv_usec -= MILLION; | |
260 | ad->ad_timestamp.tv_sec += 1; | |
261 | } | |
262 | ||
263 | /* | |
264 | * XDR the timestamp and possibly some other things, then | |
265 | * encrypt them. | |
ee586e0e | 266 | * XXX We have a real Year 2038 problem here. |
800d775e | 267 | */ |
f8afba91 UD |
268 | ixdr = (int32_t *) cryptbuf; |
269 | IXDR_PUT_INT32 (ixdr, ad->ad_timestamp.tv_sec); | |
270 | IXDR_PUT_INT32 (ixdr, ad->ad_timestamp.tv_usec); | |
800d775e UD |
271 | if (ad->ad_cred.adc_namekind == ADN_FULLNAME) |
272 | { | |
ee586e0e UD |
273 | IXDR_PUT_U_INT32 (ixdr, ad->ad_window); |
274 | IXDR_PUT_U_INT32 (ixdr, ad->ad_window - 1); | |
800d775e UD |
275 | ivec.key.high = ivec.key.low = 0; |
276 | status = cbc_crypt ((char *) &auth->ah_key, (char *) cryptbuf, | |
277 | 2 * sizeof (des_block), DES_ENCRYPT | DES_HW, (char *) &ivec); | |
278 | } | |
279 | else | |
f8afba91 UD |
280 | status = ecb_crypt ((char *) &auth->ah_key, (char *) cryptbuf, |
281 | sizeof (des_block), DES_ENCRYPT | DES_HW); | |
282 | ||
800d775e UD |
283 | if (DES_FAILED (status)) |
284 | { | |
285 | debug ("authdes_marshal: DES encryption failure"); | |
f8afba91 | 286 | return FALSE; |
800d775e UD |
287 | } |
288 | ad->ad_verf.adv_xtimestamp = cryptbuf[0]; | |
289 | if (ad->ad_cred.adc_namekind == ADN_FULLNAME) | |
290 | { | |
291 | ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high; | |
292 | ad->ad_verf.adv_winverf = cryptbuf[1].key.low; | |
293 | } | |
294 | else | |
295 | { | |
296 | ad->ad_cred.adc_nickname = ad->ad_nickname; | |
297 | ad->ad_verf.adv_winverf = 0; | |
298 | } | |
299 | ||
300 | /* | |
301 | * Serialize the credential and verifier into opaque | |
302 | * authentication data. | |
303 | */ | |
304 | if (ad->ad_cred.adc_namekind == ADN_FULLNAME) | |
f8afba91 | 305 | len = ((1 + 1 + 2 + 1) * BYTES_PER_XDR_UNIT + ad->ad_fullnamelen); |
800d775e | 306 | else |
f8afba91 | 307 | len = (1 + 1) * BYTES_PER_XDR_UNIT; |
800d775e UD |
308 | |
309 | if ((ixdr = xdr_inline (xdrs, 2 * BYTES_PER_XDR_UNIT)) != NULL) | |
310 | { | |
ee586e0e UD |
311 | IXDR_PUT_INT32 (ixdr, AUTH_DES); |
312 | IXDR_PUT_U_INT32 (ixdr, len); | |
800d775e UD |
313 | } |
314 | else | |
315 | { | |
ee586e0e UD |
316 | ATTEMPT (xdr_putint32 (xdrs, &auth->ah_cred.oa_flavor)); |
317 | ATTEMPT (xdr_putint32 (xdrs, &len)); | |
800d775e | 318 | } |
7b57bfe5 | 319 | ATTEMPT (xdr_authdes_cred (xdrs, cred)); |
800d775e UD |
320 | |
321 | len = (2 + 1) * BYTES_PER_XDR_UNIT; | |
322 | if ((ixdr = xdr_inline (xdrs, 2 * BYTES_PER_XDR_UNIT)) != NULL) | |
323 | { | |
ee586e0e UD |
324 | IXDR_PUT_INT32 (ixdr, AUTH_DES); |
325 | IXDR_PUT_U_INT32 (ixdr, len); | |
800d775e UD |
326 | } |
327 | else | |
328 | { | |
ee586e0e UD |
329 | ATTEMPT (xdr_putint32 (xdrs, &auth->ah_verf.oa_flavor)); |
330 | ATTEMPT (xdr_putint32 (xdrs, &len)); | |
800d775e | 331 | } |
7b57bfe5 | 332 | ATTEMPT (xdr_authdes_verf (xdrs, verf)); |
f8afba91 | 333 | |
ee586e0e | 334 | return TRUE; |
800d775e UD |
335 | } |
336 | ||
337 | ||
338 | /* | |
339 | * 3. Validate | |
340 | */ | |
341 | static bool_t | |
ee586e0e | 342 | authdes_validate (AUTH *auth, struct opaque_auth *rverf) |
800d775e UD |
343 | { |
344 | struct ad_private *ad = AUTH_PRIVATE (auth); | |
345 | struct authdes_verf verf; | |
346 | int status; | |
f8afba91 | 347 | register uint32_t *ixdr; |
800d775e UD |
348 | |
349 | if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) | |
f8afba91 | 350 | return FALSE; |
800d775e | 351 | |
f8afba91 UD |
352 | ixdr = (uint32_t *) rverf->oa_base; |
353 | verf.adv_xtimestamp.key.high = *ixdr++; | |
354 | verf.adv_xtimestamp.key.low = *ixdr++; | |
355 | verf.adv_int_u = *ixdr++; /* nickname not XDR'd ! */ | |
800d775e UD |
356 | |
357 | /* | |
358 | * Decrypt the timestamp | |
359 | */ | |
360 | status = ecb_crypt ((char *) &auth->ah_key, (char *) &verf.adv_xtimestamp, | |
361 | sizeof (des_block), DES_DECRYPT | DES_HW); | |
362 | ||
363 | if (DES_FAILED (status)) | |
364 | { | |
365 | debug ("authdes_validate: DES decryption failure"); | |
ee586e0e | 366 | return FALSE; |
800d775e UD |
367 | } |
368 | ||
369 | /* | |
370 | * xdr the decrypted timestamp | |
371 | */ | |
f8afba91 UD |
372 | ixdr = (uint32_t *) verf.adv_xtimestamp.c; |
373 | verf.adv_timestamp.tv_sec = IXDR_GET_U_INT32 (ixdr) + 1; | |
374 | verf.adv_timestamp.tv_usec = IXDR_GET_U_INT32 (ixdr); | |
800d775e UD |
375 | |
376 | /* | |
377 | * validate | |
378 | */ | |
50304ef0 | 379 | if (memcmp ((char *) &ad->ad_timestamp, (char *) &verf.adv_timestamp, |
f8afba91 | 380 | sizeof (struct rpc_timeval)) != 0) |
800d775e UD |
381 | { |
382 | debug ("authdes_validate: verifier mismatch\n"); | |
ee586e0e | 383 | return FALSE; |
800d775e UD |
384 | } |
385 | ||
386 | /* | |
387 | * We have a nickname now, let's use it | |
388 | */ | |
389 | ad->ad_nickname = verf.adv_nickname; | |
390 | ad->ad_cred.adc_namekind = ADN_NICKNAME; | |
ee586e0e | 391 | return TRUE; |
800d775e UD |
392 | } |
393 | ||
394 | /* | |
395 | * 4. Refresh | |
396 | */ | |
397 | static bool_t | |
ee586e0e | 398 | authdes_refresh (AUTH *auth) |
800d775e UD |
399 | { |
400 | netobj pkey; | |
401 | struct ad_private *ad = AUTH_PRIVATE (auth); | |
402 | struct authdes_cred *cred = &ad->ad_cred; | |
403 | ||
f8afba91 | 404 | if (ad->ad_dosync && !synchronize (&ad->ad_syncaddr, &ad->ad_timediff)) |
800d775e UD |
405 | { |
406 | /* | |
407 | * Hope the clocks are synced! | |
408 | */ | |
409 | ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0; | |
410 | debug ("authdes_refresh: unable to synchronize with server"); | |
411 | } | |
412 | ad->ad_xkey = auth->ah_key; | |
413 | pkey.n_bytes = (char *) (ad->ad_pkey); | |
414 | pkey.n_len = strlen ((char *) ad->ad_pkey) + 1; | |
415 | if (key_encryptsession_pk (ad->ad_servername, &pkey, &ad->ad_xkey) < 0) | |
416 | { | |
417 | debug ("authdes_create: unable to encrypt conversation key"); | |
ee586e0e | 418 | return FALSE; |
800d775e UD |
419 | } |
420 | cred->adc_fullname.key = ad->ad_xkey; | |
421 | cred->adc_namekind = ADN_FULLNAME; | |
422 | cred->adc_fullname.name = ad->ad_fullname; | |
ee586e0e | 423 | return TRUE; |
800d775e UD |
424 | } |
425 | ||
426 | /* | |
427 | * 5. Destroy | |
428 | */ | |
429 | static void | |
ee586e0e | 430 | authdes_destroy (AUTH *auth) |
800d775e UD |
431 | { |
432 | struct ad_private *ad = AUTH_PRIVATE (auth); | |
433 | ||
434 | FREE (ad->ad_fullname, ad->ad_fullnamelen + 1); | |
435 | FREE (ad->ad_servername, ad->ad_servernamelen + 1); | |
436 | FREE (ad, sizeof (struct ad_private)); | |
437 | FREE (auth, sizeof (AUTH)); | |
438 | } | |
439 | ||
440 | /* | |
441 | * Synchronize with the server at the given address, that is, | |
442 | * adjust timep to reflect the delta between our clocks | |
443 | */ | |
444 | static bool_t | |
dfd2257a | 445 | internal_function |
f8afba91 | 446 | synchronize (struct sockaddr *syncaddr, struct rpc_timeval *timep) |
800d775e UD |
447 | { |
448 | struct timeval mytime; | |
f8afba91 | 449 | struct rpc_timeval timeout; |
800d775e UD |
450 | |
451 | timeout.tv_sec = RTIME_TIMEOUT; | |
452 | timeout.tv_usec = 0; | |
453 | if (rtime ((struct sockaddr_in *) syncaddr, timep, &timeout) < 0) | |
ee586e0e | 454 | return FALSE; |
800d775e | 455 | |
50304ef0 | 456 | __gettimeofday (&mytime, (struct timezone *) NULL); |
800d775e UD |
457 | timep->tv_sec -= mytime.tv_sec; |
458 | if (mytime.tv_usec > timep->tv_usec) | |
459 | { | |
460 | timep->tv_sec -= 1; | |
461 | timep->tv_usec += MILLION; | |
462 | } | |
463 | timep->tv_usec -= mytime.tv_usec; | |
ee586e0e | 464 | return TRUE; |
800d775e | 465 | } |