kadm5/clnt/chpw.c

2N/A/*
2N/A * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
2N/A * Use is subject to license terms.
2N/A */
2N/A
2N/A
2N/A#include <string.h>
2N/A
2N/A#include "k5-int.h"
2N/A#include <kadm5/admin.h>
2N/A#include <client_internal.h>
2N/A#include "auth_con.h"
2N/A#include <locale.h>
2N/A
2N/A
2N/Akrb5_error_code
2N/Akrb5int_mk_chpw_req(
2N/A    krb5_context context,
2N/A    krb5_auth_context auth_context,
2N/A    krb5_data *ap_req,
2N/A    char *passwd,
2N/A    krb5_data *packet)
2N/A{
2N/A    krb5_error_code ret = 0;
2N/A    krb5_data clearpw;
2N/A    krb5_data cipherpw;
2N/A    krb5_replay_data replay;
2N/A    char *ptr;
2N/A
2N/A    cipherpw.data = NULL;
2N/A
2N/A    if ((ret = krb5_auth_con_setflags(context, auth_context,
2N/A                      KRB5_AUTH_CONTEXT_DO_SEQUENCE)))
2N/A      goto cleanup;
2N/A
2N/A    clearpw.length = strlen(passwd);
2N/A    clearpw.data = passwd;
2N/A
2N/A    if ((ret = krb5_mk_priv(context, auth_context,
2N/A                &clearpw, &cipherpw, &replay)))
2N/A      goto cleanup;
2N/A
2N/A    packet->length = 6 + ap_req->length + cipherpw.length;
2N/A    packet->data = (char *) malloc(packet->length);
2N/A    if (packet->data == NULL)
2N/A    {
2N/A        ret = ENOMEM;
2N/A        goto cleanup;
2N/A    }
2N/A    ptr = packet->data;
2N/A
2N/A    /* length */
2N/A
2N/A    *ptr++ = (packet->length>> 8) & 0xff;
2N/A    *ptr++ = packet->length & 0xff;
2N/A
2N/A    /* version == 0x0001 big-endian
2N/A     * NOTE: when MS and MIT start supporting the latest
2N/A     *  version of the passwd change protocol (v2),
2N/A     *  this value will change to 2.
2N/A     */
2N/A    *ptr++ = 0;
2N/A    *ptr++ = 1;
2N/A
2N/A    /* ap_req length, big-endian */
2N/A
2N/A    *ptr++ = (ap_req->length>>8) & 0xff;
2N/A    *ptr++ = ap_req->length & 0xff;
2N/A
2N/A    /* ap-req data */
2N/A
2N/A    memcpy(ptr, ap_req->data, ap_req->length);
2N/A    ptr += ap_req->length;
2N/A
2N/A    /* krb-priv of password */
2N/A
2N/A    memcpy(ptr, cipherpw.data, cipherpw.length);
2N/A
2N/Acleanup:
2N/A    if(cipherpw.data != NULL)  /* allocated by krb5_mk_priv */
2N/A      free(cipherpw.data);
2N/A
2N/A    return(ret);
2N/A}
2N/A
2N/Akrb5_error_code
2N/Akrb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context, krb5_data *packet, int *result_code, krb5_data *result_data)
2N/A{
2N/A    char *ptr;
2N/A    int plen, vno;
2N/A    krb5_data ap_rep;
2N/A    krb5_ap_rep_enc_part *ap_rep_enc;
2N/A    krb5_error_code ret;
2N/A    krb5_data cipherresult;
2N/A    krb5_data clearresult;
2N/A    krb5_error *krberror;
2N/A    krb5_replay_data replay;
2N/A    krb5_keyblock *tmp;
2N/A    int local_result_code;
2N/A
2N/A    if (packet->length < 4)
2N/A    /* either this, or the server is printing bad messages,
2N/A       or the caller passed in garbage */
2N/A    return(KRB5KRB_AP_ERR_MODIFIED);
2N/A
2N/A    ptr = packet->data;
2N/A
2N/A    /* verify length */
2N/A
2N/A    plen = (*ptr++ & 0xff);
2N/A    plen = (plen<<8) | (*ptr++ & 0xff);
2N/A
2N/A    if (plen != packet->length)
2N/A    {
2N/A        /*
2N/A         * MS KDCs *may* send back a KRB_ERROR.  Although
2N/A         * not 100% correct via RFC3244, it's something
2N/A         * we can workaround here.
2N/A         */
2N/A        if (krb5_is_krb_error(packet)) {
2N/A
2N/A            if ((ret = krb5_rd_error(context, packet, &krberror)))
2N/A            return(ret);
2N/A
2N/A            if (krberror->e_data.data  == NULL) {
2N/A                ret = ERROR_TABLE_BASE_krb5 + (krb5_error_code) krberror->error;
2N/A                krb5_free_error(context, krberror);
2N/A                return (ret);
2N/A            }
2N/A        }
2N/A        else
2N/A        {
2N/A            return(KRB5KRB_AP_ERR_MODIFIED);
2N/A        }
2N/A    }
2N/A
2N/A
2N/A    /* verify version number */
2N/A
2N/A    vno = (*ptr++ & 0xff);
2N/A    vno = (vno<<8) | (*ptr++ & 0xff);
2N/A
2N/A    /*
2N/A     * when the servers update to v2 of the protocol,
2N/A     * "2" will be a valid version number here
2N/A     */
2N/A    if (vno != 1 && vno != 2)
2N/A        return (KRB5KDC_ERR_BAD_PVNO);
2N/A
2N/A    /* read, check ap-rep length */
2N/A
2N/A    ap_rep.length = (*ptr++ & 0xff);
2N/A    ap_rep.length = (ap_rep.length<<8) | (*ptr++ & 0xff);
2N/A
2N/A    if (ptr + ap_rep.length >= packet->data + packet->length)
2N/A    return(KRB5KRB_AP_ERR_MODIFIED);
2N/A
2N/A    if (ap_rep.length) {
2N/A    /* verify ap_rep */
2N/A    ap_rep.data = ptr;
2N/A    ptr += ap_rep.length;
2N/A
2N/A    /*
2N/A     * Save send_subkey to later smash recv_subkey.
2N/A     */
2N/A    ret = krb5_auth_con_getsendsubkey(context, auth_context, &tmp);
2N/A    if (ret)
2N/A        return ret;
2N/A
2N/A    ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc);
2N/A    if (ret) {
2N/A        krb5_free_keyblock(context, tmp);
2N/A        return(ret);
2N/A    }
2N/A
2N/A    krb5_free_ap_rep_enc_part(context, ap_rep_enc);
2N/A
2N/A    /* extract and decrypt the result */
2N/A
2N/A    cipherresult.data = ptr;
2N/A    cipherresult.length = (packet->data + packet->length) - ptr;
2N/A
2N/A    /*
2N/A     * Smash recv_subkey to be send_subkey, per spec.
2N/A     */
2N/A    ret = krb5_auth_con_setrecvsubkey(context, auth_context, tmp);
2N/A    krb5_free_keyblock(context, tmp);
2N/A    if (ret)
2N/A        return ret;
2N/A
2N/A    ret = krb5_rd_priv(context, auth_context, &cipherresult, &clearresult,
2N/A               &replay);
2N/A
2N/A    if (ret)
2N/A        return(ret);
2N/A    } else {
2N/A    cipherresult.data = ptr;
2N/A    cipherresult.length = (packet->data + packet->length) - ptr;
2N/A
2N/A    if ((ret = krb5_rd_error(context, &cipherresult, &krberror)))
2N/A        return(ret);
2N/A
2N/A    clearresult = krberror->e_data;
2N/A    }
2N/A
2N/A    if (clearresult.length < 2) {
2N/A    ret = KRB5KRB_AP_ERR_MODIFIED;
2N/A    goto cleanup;
2N/A    }
2N/A
2N/A    ptr = clearresult.data;
2N/A
2N/A    local_result_code = (*ptr++ & 0xff);
2N/A    local_result_code = (local_result_code<<8) | (*ptr++ & 0xff);
2N/A
2N/A    if (result_code)
2N/A        *result_code = local_result_code;
2N/A
2N/A    /*
2N/A     * Make sure the result code is in range for this
2N/A     * protocol.
2N/A     */
2N/A    if ((local_result_code < KRB5_KPASSWD_SUCCESS) ||
2N/A     (local_result_code > KRB5_KPASSWD_ETYPE_NOSUPP)) {
2N/A    ret = KRB5KRB_AP_ERR_MODIFIED;
2N/A    goto cleanup;
2N/A    }
2N/A
2N/A    /* all success replies should be authenticated/encrypted */
2N/A
2N/A    if ((ap_rep.length == 0) && (local_result_code == KRB5_KPASSWD_SUCCESS)) {
2N/A    ret = KRB5KRB_AP_ERR_MODIFIED;
2N/A    goto cleanup;
2N/A    }
2N/A
2N/A    result_data->length = (clearresult.data + clearresult.length) - ptr;
2N/A
2N/A    if (result_data->length) {
2N/A    result_data->data = (char *) malloc(result_data->length);
2N/A    if (result_data->data == NULL) {
2N/A        ret = ENOMEM;
2N/A        goto cleanup;
2N/A    }
2N/A    memcpy(result_data->data, ptr, result_data->length);
2N/A    } else {
2N/A    result_data->data = NULL;
2N/A    }
2N/A
2N/A    ret = 0;
2N/A
2N/Acleanup:
2N/A    if (ap_rep.length) {
2N/A    krb5_xfree(clearresult.data);
2N/A    } else {
2N/A    krb5_free_error(context, krberror);
2N/A    }
2N/A
2N/A    return(ret);
2N/A}