2N/A/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 2N/A * Copyright 2000, 2004, 2007, 2008 by the Massachusetts Institute of Technology. 2N/A * All Rights Reserved. 2N/A * Export of this software from the United States of America may 2N/A * require a specific license from the United States Government. 2N/A * It is the responsibility of any person or organization contemplating 2N/A * export to obtain such a license before exporting. 2N/A * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 2N/A * distribute this software and its documentation for any purpose and 2N/A * without fee is hereby granted, provided that the above copyright 2N/A * notice appear in all copies and that both that copyright notice and 2N/A * this permission notice appear in supporting documentation, and that 2N/A * the name of M.I.T. not be used in advertising or publicity pertaining 2N/A * to distribution of the software without specific, written prior 2N/A * permission. Furthermore if you modify this software you must label 2N/A * your software as modified software and not distribute it in such a 2N/A * fashion that it might be confused with the original M.I.T. software. 2N/A * M.I.T. makes no representations about the suitability of 2N/A * this software for any purpose. It is provided "as is" without express 2N/A * or implied warranty. 2N/A * Copyright 1993 by OpenVision Technologies, Inc. 2N/A * Permission to use, copy, modify, distribute, and sell this software 2N/A * and its documentation for any purpose is hereby granted without fee, 2N/A * provided that the above copyright notice appears in all copies and 2N/A * that both that copyright notice and this permission notice appear in 2N/A * supporting documentation, and that the name of OpenVision not be used 2N/A * in advertising or publicity pertaining to distribution of the software 2N/A * without specific, written prior permission. OpenVision makes no 2N/A * representations about the suitability of this software for any 2N/A * purpose. It is provided "as is" without express or implied warranty. 2N/A * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 2N/A * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 2N/A * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 2N/A * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 2N/A * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 2N/A * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 2N/A * PERFORMANCE OF THIS SOFTWARE. 2N/A * Copyright (C) 1998 by the FundsXpress, INC. 2N/A * All rights reserved. 2N/A * Export of this software from the United States of America may require 2N/A * a specific license from the United States Government. It is the 2N/A * responsibility of any person or organization contemplating export to 2N/A * obtain such a license before exporting. 2N/A * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 2N/A * distribute this software and its documentation for any purpose and 2N/A * without fee is hereby granted, provided that the above copyright 2N/A * notice appear in all copies and that both that copyright notice and 2N/A * this permission notice appear in supporting documentation, and that 2N/A * the name of FundsXpress. not be used in advertising or publicity pertaining 2N/A * to distribution of the software without specific, written prior 2N/A * permission. FundsXpress makes no representations about the suitability of 2N/A * this software for any purpose. It is provided "as is" without express 2N/A * or implied warranty. 2N/A * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 2N/A * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 2N/A * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 2N/A * Copyright (c) 2006-2008, Novell, Inc. 2N/A * All rights reserved. 2N/A * Redistribution and use in source and binary forms, with or without 2N/A * modification, are permitted provided that the following conditions are met: 2N/A * * Redistributions of source code must retain the above copyright notice, 2N/A * this list of conditions and the following disclaimer. 2N/A * * Redistributions in binary form must reproduce the above copyright 2N/A * notice, this list of conditions and the following disclaimer in the 2N/A * documentation and/or other materials provided with the distribution. 2N/A * * The copyright holder's name is not used to endorse or promote products 2N/A * derived from this software without specific prior written permission. 2N/A * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 2N/A * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2N/A * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2N/A * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 2N/A * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 2N/A * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 2N/A * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 2N/A * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 2N/A * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 2N/A * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 2N/A * POSSIBILITY OF SUCH DAMAGE. 2N/A * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. 2N/A/* Decode, decrypt and store the forwarded creds in the local ccache. */ 2N/A * By the time krb5_rd_cred is called here (after krb5_rd_req has been 2N/A * called in krb5_gss_accept_sec_context), the "keyblock" field of 2N/A * auth_context contains a pointer to the session key, and the 2N/A * "recv_subkey" field might contain a session subkey. Either of 2N/A * these (the "recv_subkey" if it isn't NULL, otherwise the 2N/A * "keyblock") might have been used to encrypt the encrypted part of 2N/A * the KRB_CRED message that contains the forwarded credentials. (The 2N/A * Java Crypto and Security Implementation from the DSTC in Australia 2N/A * always uses the session key. But apparently it never negotiates a 2N/A * subkey, so this code works fine against a JCSI client.) Up to the 2N/A * present, though, GSSAPI clients linked against the MIT code (which 2N/A * is almost all GSSAPI clients) don't encrypt the KRB_CRED message at 2N/A * all -- at this level. So if the first call to krb5_rd_cred fails, 2N/A * we should call it a second time with another auth context freshly 2N/A * created by krb5_auth_con_init. All of its keyblock fields will be 2N/A * NULL, so krb5_rd_cred will assume that the KRB_CRED message is 2N/A * unencrypted. (The MIT code doesn't actually send the KRB_CRED 2N/A * message in the clear -- the "authenticator" whose "checksum" ends up 2N/A * containing the KRB_CRED message does get encrypted.) 2N/A * Solaris Kerberos: if the client is using non-DES enctypes it really 2N/A * ought to send encrypted KRB-CREDs... 2N/A /* Try to krb5_rd_cred() likely unencrypted KRB-CRED */ 2N/A /* generate a delegated credential handle */ 2N/A /* allocate memory for a cred_t... */ 2N/A /* zero it out... */ 2N/A /* copy the client principle into it... */ 2N/A /* cred->name already set */ 2N/A /* If there were errors, there might have been a memory leak 2N/A if ((retval = krb5_cc_close(context, ccache))) 2N/A * Performs third leg of DCE authentication 2N/A /* return a bogus cred handle */ 2N/A /* XXX no support for delegated credentials yet */ 2N/A /* real failure code follows */ 2N/A /* Solaris Kerberos */ 2N/A /* set up returns to be freeable */ 2N/A /* return a bogus cred handle */ 2N/A /* Solaris Kerberos: better acquire cred handling, more below */ 2N/A#
if 0
/************** Begin IFDEF'ed OUT *******************************/ 2N/A /* handle default cred handle */ 2N/A /* make sure the supplied credentials are valid for accept */ 2N/A#
endif /**************** END IFDEF'ed OUT *******************************/ 2N/A /* verify the token's integrity, and leave the token in ap_req. 2N/A figure out which mech oid was used, and save it */ 2N/A * Previous versions of this library used the old mech_id 2N/A * and some broken behavior (wrong IV on checksum 2N/A * encryption). We support the old mech_id for 2N/A * compatibility, and use it to decide when to use the 2N/A /* DCE style not encapsulated */ 2N/A /* decode_req_message = 1; */ /* Solaris Kerberos */ 2N/A * We need to decode the request now so that we can get the 2N/A * service principal in order to try and acquire a cred for it. 2N/A * below in the "handle default cred handle" code block. 2N/A /* decode the AP-REQ into request */ 2N/A /* handle default cred handle */ 2N/A * If there is no princ associated with the cred then treat it the 2N/A * the same as GSS_C_NO_CREDENTIAL. 2N/A /* Note that we try to acquire a cred for the service principal 2N/A * named in the AP-REQ. This allows us to implement option (ii) 2N/A * of the recommended behaviour for GSS_Accept_sec_context() as 2N/A * described in section 1.1.1.3 of RFC2743. 2N/A * This is far more useful that option (i), for which we would 2N/A * acquire a cred for GSS_C_NO_NAME. 2N/A /* copy the princ from the ap-req or we'll lose it when we free 2N/A /* intern the acceptor name */ 2N/A /* Solaris Kerberos */ 2N/A /* Solaris Kerberos */ 2N/A /* Solaris kerberos: RFC2743 indicate this should be returned if we 2N/A * can't aquire a default cred. 2N/A * Solaris Kerberos: RFC2743 indicate GSS_S_NO_CRED should be returned if 2N/A * the supplied cred isn't valid. 2N/A /* make sure the supplied credentials are valid for accept */ 2N/A /* construct the sender_addr */ 2N/A /* XXX is this right? */ 2N/A * Solaris Kerberos comment: verify the AP_REQ message - setup the 2N/A * auth_context and rcache 2N/A /* Solaris Kerberos */ 2N/A /* Solaris Kerberos related to better acquire cred handling */ 2N/A#
if 0
/************** Begin IFDEF'ed OUT *******************************/ 2N/A#
else /* Solaris Kerberos */ 2N/A /* XXX WAF I may need to fix this */ 2N/A /* Solaris Kerberos */ 2N/A "Key version %d is not " 2N/A "available for principal %s"),
2N/A "Service key %s not available"),
2N/A#
endif /**************** END IFDEF'ed OUT *******************************/ 2N/A /* Solaris Kerberos */ 2N/A /* make sure the necessary parts of the authdat are present */ 2N/A /* missing checksum counts as "inappropriate type" */ 2N/A /* Samba does not send 0x8003 GSS-API checksums */ 2N/A /* stash this now, for later. */ 2N/A /* verify that the checksum is correct */ 2N/A The checksum may be either exactly 24 bytes, in which case 2N/A no options are specified, or greater than 24 bytes, in which case 2N/A one or more options are specified. Currently, the only valid 2N/A option is KRB5_GSS_FOR_CREDS_OPTION ( = 1 ). 2N/A "Be liberal in what you accept, and 2N/A conservative in what you send" 2N/A This code will let this acceptor interoperate with an initiator 2N/A using little-endian or big-endian integer encoding. 2N/A /* at this point, bigend is set according to the initiator's 2N/A The following section of code attempts to implement the 2N/A optional channel binding facility as described in RFC2743. 2N/A Since this facility is optional channel binding may or may 2N/A not have been provided by either the client or the server. 2N/A If the server has specified input_chan_bindings equal to 2N/A GSS_C_NO_CHANNEL_BINDINGS then we skip the check. If 2N/A the server does provide channel bindings then we compute 2N/A a checksum and compare against those provided by the 2N/A /* Always read the clients bindings - eventhough we might ignore them */ 2N/A /* Solaris Kerberos begin */ 2N/A /* Solaris Kerberos end */ 2N/A /* Solaris Kerberos */ 2N/A#
if 0
/************** Begin IFDEF'ed OUT *******************************/ 2N/A#
endif /**************** END IFDEF'ed OUT *******************************/ 2N/A there's a delegation, we'll set 2N/A /* decode_req_message = 0; */ /* Solaris Kerberos */ 2N/A /* if the checksum length > 24, there are options to process */ 2N/A /* have to use ptr2, since option.data is wrong type and 2N/A macro uses ptr as both lvalue and rvalue */ 2N/A /* store the delegated credential */ 2N/A /* ignore any additional trailing data, for now */ 2N/A "initial context token with delegation, %d extra bytes\n",
2N/A "initial context token, delegation flag but too small\n");
2N/A /* no deleg flag, length might still be too big */ 2N/A "initial context token, %d extra bytes\n",
2N/A /* only DCE_STYLE clients are allowed to send raw AP-REQs */ 2N/A /* create the ctx struct and start filling it in */ 2N/A /* Intern the ctx pointer so that delete_sec_context works */ 2N/A /* XXX move this into gss_name_t */ 2N/A /* Now owned by ctx->there */ 2N/A /* use the session key if the subkey isn't present */ 2N/A /* this isn't a very good error, but it's not clear to me this 2N/A can actually happen */ 2N/A /* DCE_STYLE implies acceptor_subkey */ 2N/A * Now, we always fabricate a delegated credentials handle 2N/A * containing the service ticket to ourselves, which can be 2N/A * used for S4U2Proxy. 2N/A /* DCE_STYLE implies mutual authentication */ 2N/A /* at this point, the entire context structure is filled in, 2N/A so it can be released. */ 2N/A /* generate an AP_REP if necessary */ 2N/A * Do not generate a subkey per RFC 4537 unless we are upgrading to CFX, 2N/A * because pre-CFX tokens do not indicate which key to use. (Note that 2N/A * DCE_STYLE implies that we will use a subkey.) 2N/A /* Get the new acceptor subkey. With the code above, there 2N/A should always be one if we make it to this point. */ 2N/A /* the reply token hasn't been sent yet, but that's ok. */ 2N/A /* in order to force acceptor subkey to be used, don't set PROT_READY */ 2N/A /* Raw AP-REP is returned */ 2N/A /* Only last leg should set return arguments */ 2N/A /* set the return arguments */ 2N/A * Regardless of src_name, get name for error msg if neeeded. 2N/A /* Solaris Kerberos */ 2N/A#
if 0
/************** Begin IFDEF'ed OUT *******************************/ 2N/A#
endif /**************** END IFDEF'ed OUT *******************************/ 2N/A /* Solaris Kerberos */ 2N/A * gss_accept_sec_context() can map_error_oid() the correct 2N/A /* The ctx structure has the handle of the auth_context */ 2N/A /* Solaris Kerberos */ 2N/A /* from here on is the real "fail" code */ 2N/A if (
deleg_cred) {
/* free memory associated with the deleg credential */ 2N/A#
if 0
/************** Begin IFDEF'ed OUT *******************************/ 2N/A * If decode_req_message is set, then we need to decode the ap_req 2N/A * message to determine whether or not to send a response token. 2N/A * We need to do this because for some errors we won't be able to 2N/A * decode the authenticator to read out the gss_flags field. 2N/A#
else /* Solaris Kerberos */ 2N/A#
endif /**************** END IFDEF'ed OUT *******************************/ 2N/A * The client is expecting a response, so we can send an 2N/A#
if 0
/************** Begin IFDEF'ed OUT *******************************/ 2N/A * Solaris Kerberos: We need to remap error conditions for buggy 2N/A * Windows clients if the MS_INTEROP env var has been set. 2N/A * SUNW17PACresync / Solaris Kerberos 2N/A * Set e-data to Windows constant. 2N/A * (verified by MSFT) 2N/A * This facilitates the Windows CIFS client clock skew 2N/A#
endif /**************** END IFDEF'ed OUT *******************************/ 2N/A /* Solaris Kerberos */ 2N/A * Enhance the error message. 2N/A "Decrypt integrity check failed " 2N/A "for client '%s' and server '%s'"),
2N/A * krb5_gss_acquire_cred() does not take a context arg 2N/A * (and does a save_error_info() itself) so re-calling 2N/A * save_error_info() here is trouble. 2N/A#
endif /* LEAN_CLIENT */ 2N/A * Context handle must be unspecified. Actually, it must be 2N/A * non-established, but currently, accept_sec_context never returns 2N/A * a non-established context handle. 2N/A * Solaris kerberos: the original Solaris code returned 2N/A * GSS_S_NO_CONTEXT for this error. This conflicts somewhat with 2N/A * RFC2743 which states GSS_S_NO_CONTEXT should be returned only 2N/A * for sucessor calls following GSS_S_CONTINUE_NEEDED status 2N/A * returns. Note the MIT code doesn't return GSS_S_NO_CONTEXT at