xref: /illumos-gate/usr/src/cmd/gss/gsscred/gsscred_file.c (revision 0ccfe5834c3b867c1b6c273cae02ec8922bc0fd2)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <unistd.h>
30 #include <ctype.h>
31 #include "gsscred.h"
32 
33 /*
34  *  gsscred utility
35  *  Manages mapping between a security principal name and unix uid.
36  *  Implementation file for the file based gsscred utility.
37  */
38 
39 #define	MAX_ENTRY_LEN 1024
40 
41 static const char credFile[] = "/etc/gss/gsscred_db";
42 static const char credFileTmp[] = "/etc/gss/gsscred_db.tmp";
43 static const int expNameTokIdLen = 2;
44 static const int mechOidLenLen = 2;
45 static const int krb5OidTagLen = 1;
46 static const int krb5OidLenLen = 1;
47 static const int nameLen = 4;
48 static const int krb5OidLen = 9;
49 
50 /*
51  * Multiply by two given that the token has already gone through hex string
52  * expansion.
53  */
54 #define	NAME_OFFSET (expNameTokIdLen + mechOidLenLen + krb5OidTagLen + \
55 	krb5OidLenLen + krb5OidLen + nameLen) * 2
56 
57 static int matchEntry(const char *entry, const gss_buffer_t name,
58 		const char *uid, uid_t *uidOut);
59 
60 /*
61  * file_addGssCredEntry
62  *
63  * Adds a new entry to the gsscred table.
64  * Does not check for duplicate entries.
65  */
66 int file_addGssCredEntry(const gss_buffer_t hexName, const char *uid,
67 		const char *comment, char **errDetails)
68 {
69 	FILE *fp;
70 	char tmpBuf[256];
71 
72 	if ((fp = fopen(credFile, "a")) == NULL) {
73 		if (errDetails) {
74 			(void) snprintf(tmpBuf, sizeof (tmpBuf),
75 				gettext("Unable to open gsscred file [%s]"),
76 				credFile);
77 			*errDetails = strdup(tmpBuf);
78 		}
79 		return (0);
80 	}
81 
82 	(void) fprintf(fp,
83 		    "%s\t%s\t%s\n", (char *)hexName->value, uid, comment);
84 	(void) fclose(fp);
85 	return (1);
86 }  /* *******  file_addGssCredEntry ****** */
87 
88 
89 
90 /*
91  * file_getGssCredEntry
92  *
93  * Searches the file for the file matching the name.  Since the name
94  * contains a mechanism identifier, to search for all names for a given
95  * mechanism just supply the mechanism portion in the name buffer.
96  * To search by uid only, supply a non-null value of uid.
97  */
98 int file_getGssCredEntry(const gss_buffer_t name, const char *uid,
99 		char **errDetails)
100 {
101 	FILE *fp;
102 	char entry[MAX_ENTRY_LEN+1];
103 
104 	if ((fp = fopen(credFile, "r")) == NULL) {
105 
106 		if (errDetails) {
107 			(void) snprintf(entry, sizeof (entry),
108 				gettext("Unable to open gsscred file [%s]"),
109 				credFile);
110 			*errDetails = strdup(entry);
111 		}
112 
113 		return (0);
114 	}
115 
116 	/* go through the file in sequential order */
117 	while (fgets(entry, MAX_ENTRY_LEN, fp) != NULL) {
118 		/* is there any search criteria */
119 		if (name == NULL && uid == NULL) {
120 			(void) fprintf(stdout, "%s", entry);
121 			continue;
122 		}
123 
124 		if (matchEntry(entry, name, uid, NULL))
125 			(void) fprintf(stdout, "%s", entry);
126 
127 	}	 /* while */
128 
129 	(void) fclose(fp);
130 	return (1);
131 }  /* file_getGssCredEntry */
132 
133 /*
134  * file_getGssCredUid
135  *
136  * GSS entry point for retrieving user uid information.
137  * We need to go through the entire file to ensure that
138  * the last matching entry is retrieved - this is because
139  * new entries are added to the end, and in case of
140  * duplicates we want to get the latest entry.
141  */
142 int
143 file_getGssCredUid(const gss_buffer_t expName, uid_t *uidOut)
144 {
145 	FILE *fp;
146 	char entry[MAX_ENTRY_LEN+1];
147 	int retVal = 0;
148 
149 	if ((fp = fopen(credFile, "r")) == NULL)
150 		return (0);
151 
152 	/* go through the entire file in sequential order */
153 	while (fgets(entry, MAX_ENTRY_LEN, fp) != NULL) {
154 		if (matchEntry(entry, expName, NULL, uidOut)) {
155 			retVal = 1;
156 		}
157 	} /* while */
158 
159 	(void) fclose(fp);
160 	return (retVal);
161 } /* file_getGssCredUid */
162 
163 
164 
165 /*
166  *
167  * file_deleteGssCredEntry
168  *
169  * removes entries form file that match the delete criteria
170  */
171 int file_deleteGssCredEntry(const gss_buffer_t name, const char *uid,
172 		char **errDetails)
173 {
174 	FILE *fp, *tempFp;
175 	char entry[MAX_ENTRY_LEN+1];
176 	int foundOne = 0;
177 
178 	/* are we deleting everyone? */
179 	if (name == NULL && uid == NULL) {
180 
181 		if ((fp = fopen(credFile, "w")) == NULL) {
182 
183 			if (errDetails) {
184 				(void) snprintf(entry, sizeof (entry),
185 					gettext("Unable to open gsscred"
186 						" file [%s]"),
187 					credFile);
188 				*errDetails = strdup(entry);
189 			}
190 			return (0);
191 		}
192 
193 		(void) fclose(fp);
194 		return (1);
195 	}
196 
197 	/* selective delete - might still be everyone */
198 	if ((fp = fopen(credFile, "r")) == NULL) {
199 
200 		if (errDetails) {
201 			(void) snprintf(entry, sizeof (entry),
202 				gettext("Unable to open gsscred file [%s]"),
203 				credFile);
204 			*errDetails = strdup(entry);
205 		}
206 		return (0);
207 	}
208 
209 	/* also need to open temp file */
210 	if ((tempFp = fopen(credFileTmp, "w")) == NULL) {
211 		if (errDetails) {
212 			(void) snprintf(entry, sizeof (entry),
213 				gettext("Unable to open gsscred temporary"
214 					" file [%s]"),
215 				credFileTmp);
216 			*errDetails = strdup(entry);
217 		}
218 
219 		(void) fclose(fp);
220 		return (0);
221 	}
222 
223 	/* go through all the entries sequentially removing ones that match */
224 	while (fgets(entry, MAX_ENTRY_LEN, fp) != NULL) {
225 
226 		if (!matchEntry(entry, name, uid, NULL))
227 			(void) fputs(entry, tempFp);
228 		else
229 			foundOne = 1;
230 	}
231 	(void) fclose(tempFp);
232 	(void) fclose(fp);
233 
234 	/* now make the tempfile the gsscred file */
235 	(void) rename(credFileTmp, credFile);
236 	(void) unlink(credFileTmp);
237 
238 	if (!foundOne) {
239 		*errDetails = strdup(gettext("No users found"));
240 		return (0);
241 	}
242 	return (1);
243 }  /* file_deleteGssCredEntry */
244 
245 
246 
247 /*
248  *
249  * match entry
250  *
251  * checks if the specified entry matches the supplied criteria
252  * returns 1 if yes, 0 if no
253  * uidOut value can be used to retrieve the uid from the entry
254  * when the uid string is passed in, the uidOut value is not set
255  */
256 static int matchEntry(const char *entry, const gss_buffer_t name,
257 		const char *uid, uid_t *uidOut)
258 {
259 	char fullEntry[MAX_ENTRY_LEN+1], *item, *item_buf, *name_buf;
260 	char dilims[] = "\t \n";
261 	/*
262 	 * item_len is the length of the token in the gsscred_db.
263 	 * name_len is the length of the token passed to this function.
264 	 */
265 	int item_len, name_len;
266 	/*
267 	 * This is the hex encoding of the beginning of all exported name
268 	 * tokens for the Kerberos V mechanism.  We need this to detect old,
269 	 * incorrectly exported name tokens; see below.
270 	 */
271 	char *krb5_ntok_prefix = "0401000B06092A864886F712010202";
272 	/*
273 	 * This is the hex encoded GSS_C_NT_USER_NAME OID, needed for the same
274 	 * reason as krb5_ntok_prefix.
275 	 */
276 	char *gss_u_name = "2A864886F71201020101";
277 
278 	if (entry == NULL || isspace(*entry))
279 		return (0);
280 
281 	/* save the entry since strtok will chop it up */
282 	(void) strcpy(fullEntry, entry);
283 
284 	if ((item = strtok(fullEntry, dilims)) == NULL)
285 		return (0);
286 
287 	/* do we need to search the name */
288 	if (name != NULL) {
289 
290 		item_len = strlen(item);
291 		name_len = name->length;
292 		name_buf = name->value;
293 
294 		/* we can match the prefix of the string */
295 		if (item_len < name_len)
296 			return (0);
297 
298 		if (strncmp(item, name->value, name_len) != 0) {
299 
300 			/*
301 			 * The following section is needed in order to detect
302 			 * two existing errant formats in the gsscred db.
303 			 *
304 			 * 1. Exported names that have a trailing null byte
305 			 * ("00" in two hex characters) with the name length
306 			 * incremented to account for the extra null byte.
307 			 *
308 			 * 2. Exported names that have the name type length
309 			 * and name type OID prepended to the exported name.
310 			 *
311 			 */
312 			if (strncmp(name->value, krb5_ntok_prefix,
313 			    strlen(krb5_ntok_prefix)) != 0)
314 				return (0);
315 
316 			if (strncmp(item, krb5_ntok_prefix,
317 			    strlen(krb5_ntok_prefix)) != 0)
318 				return (0);
319 
320 			if ((item_buf = strstr(item, gss_u_name)) == NULL)
321 				return (0);
322 
323 			item_buf += strlen(gss_u_name);
324 
325 			name_buf += NAME_OFFSET;
326 
327 			if ((strlen(item_buf) != strlen(name_buf)) &&
328 			    (strncmp(item_buf + (strlen(item_buf) - 2), "00", 2)
329 			    != 0))
330 				return (0);
331 
332 			/*
333 			 * Here we compare the end of name_len, given
334 			 * that item_len could have two extra "00"
335 			 * representing the null byte.
336 			 */
337 			if (strncmp(item_buf, name_buf, name_len - NAME_OFFSET)
338 			    != 0)
339 				return (0);
340 		} else
341 			/*
342 			 * We only strncmp() so we could check for old,
343 			 * broken exported name tokens for the krb5 mech.
344 			 * For any other exported name tokens we want exact
345 			 * matches only.
346 			 */
347 			if (item_len != name_len)
348 				return (0);
349 
350 		/* do we need to check the uid - if not then we found it */
351 		if (uid == NULL) {
352 			/* do we ned to parse out the uid ? */
353 			if (uidOut) {
354 				if ((item = strtok(NULL, dilims)) == NULL)
355 					return (0);
356 				*uidOut = atol(item);
357 			}
358 			return (1);
359 		}
360 
361 		/* continue with checking the uid */
362 	}
363 
364 	if (uid == NULL)
365 		return (1);
366 
367 	/* get the next token from the string - the uid */
368 	if ((item = strtok(NULL, dilims)) == NULL)
369 		return (0);
370 
371 	if (strcmp(item, uid) == 0)
372 		return (1);
373 
374 	return (0);
375 }  /* *******  matchEntry ****** */
376