1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 23 /* 24 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 25 * Use is subject to license terms. 26 */ 27 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 28 /* All Rights Reserved */ 29 /* 30 * Portions of this source code were derived from Berkeley 31 * 4.3 BSD under license from the Regents of the University of 32 * California. 33 */ 34 35 /* 36 * auth_des.c, client-side implementation of DES authentication 37 * 38 */ 39 40 #include "mt.h" 41 #include "rpc_mt.h" 42 #include <rpc/rpc.h> 43 #include <rpc/des_crypt.h> 44 #include <syslog.h> 45 #include <stdlib.h> 46 #include <string.h> 47 #include <synch.h> 48 #undef NIS 49 #include <rpcsvc/nis.h> 50 51 #define USEC_PER_SEC 1000000 52 #define RTIME_TIMEOUT 5 /* seconds to wait for sync */ 53 54 extern bool_t xdr_authdes_cred(XDR *, struct authdes_cred *); 55 extern bool_t xdr_authdes_verf(XDR *, struct authdes_verf *); 56 extern int key_encryptsession_pk(const char *, netobj *, des_block *); 57 58 extern bool_t __rpc_get_time_offset(struct timeval *, nis_server *, char *, 59 char **, char **); 60 static struct auth_ops *authdes_ops(void); 61 static bool_t authdes_refresh(AUTH *, void *); 62 63 /* 64 * This struct is pointed to by the ah_private field of an "AUTH *" 65 */ 66 struct ad_private { 67 char *ad_fullname; /* client's full name */ 68 uint_t ad_fullnamelen; /* length of name, rounded up */ 69 char *ad_servername; /* server's full name */ 70 size_t ad_servernamelen; /* length of name, rounded up */ 71 uint_t ad_window; /* client specified window */ 72 bool_t ad_dosync; /* synchronize? */ 73 char *ad_timehost; /* remote host to sync with */ 74 struct timeval ad_timediff; /* server's time - client's time */ 75 uint_t ad_nickname; /* server's nickname for client */ 76 struct authdes_cred ad_cred; /* storage for credential */ 77 struct authdes_verf ad_verf; /* storage for verifier */ 78 struct timeval ad_timestamp; /* timestamp sent */ 79 des_block ad_xkey; /* encrypted conversation key */ 80 uchar_t ad_pkey[1024]; /* Servers actual public key */ 81 char *ad_netid; /* Timehost netid */ 82 char *ad_uaddr; /* Timehost uaddr */ 83 nis_server *ad_nis_srvr; /* NIS+ server struct */ 84 }; 85 86 extern AUTH *authdes_pk_seccreate(const char *, netobj *, uint_t, const char *, 87 const des_block *, nis_server *); 88 89 /* 90 * documented version of authdes_seccreate 91 */ 92 /* 93 * servername: network name of server 94 * win: time to live 95 * timehost: optional hostname to sync with 96 * ckey: optional conversation key to use 97 */ 98 99 AUTH * 100 authdes_seccreate(const char *servername, const uint_t win, 101 const char *timehost, const des_block *ckey) 102 { 103 uchar_t pkey_data[1024]; 104 netobj pkey; 105 106 if (!getpublickey(servername, (char *)pkey_data)) { 107 syslog(LOG_ERR, 108 "authdes_seccreate: no public key found for %s", 109 servername); 110 111 return (NULL); 112 } 113 114 pkey.n_bytes = (char *)pkey_data; 115 pkey.n_len = (uint_t)strlen((char *)pkey_data) + 1; 116 return (authdes_pk_seccreate(servername, &pkey, win, timehost, 117 ckey, NULL)); 118 } 119 120 /* 121 * Slightly modified version of authdes_seccreate which takes the public key 122 * of the server principal as an argument. This spares us a call to 123 * getpublickey() which in the nameserver context can cause a deadlock. 124 */ 125 126 AUTH * 127 authdes_pk_seccreate(const char *servername, netobj *pkey, uint_t window, 128 const char *timehost, const des_block *ckey, nis_server *srvr) 129 { 130 AUTH *auth; 131 struct ad_private *ad; 132 char namebuf[MAXNETNAMELEN+1]; 133 134 /* 135 * Allocate everything now 136 */ 137 auth = malloc(sizeof (AUTH)); 138 if (auth == NULL) { 139 syslog(LOG_ERR, "authdes_pk_seccreate: out of memory"); 140 return (NULL); 141 } 142 ad = malloc(sizeof (struct ad_private)); 143 if (ad == NULL) { 144 syslog(LOG_ERR, "authdes_pk_seccreate: out of memory"); 145 goto failed; 146 } 147 ad->ad_fullname = ad->ad_servername = NULL; /* Sanity reasons */ 148 ad->ad_timehost = NULL; 149 ad->ad_netid = NULL; 150 ad->ad_uaddr = NULL; 151 ad->ad_nis_srvr = NULL; 152 ad->ad_timediff.tv_sec = 0; 153 ad->ad_timediff.tv_usec = 0; 154 (void) memcpy(ad->ad_pkey, pkey->n_bytes, pkey->n_len); 155 if (!getnetname(namebuf)) 156 goto failed; 157 ad->ad_fullnamelen = RNDUP((uint_t)strlen(namebuf)); 158 ad->ad_fullname = malloc(ad->ad_fullnamelen + 1); 159 ad->ad_servernamelen = strlen(servername); 160 ad->ad_servername = malloc(ad->ad_servernamelen + 1); 161 162 if (ad->ad_fullname == NULL || ad->ad_servername == NULL) { 163 syslog(LOG_ERR, "authdes_seccreate: out of memory"); 164 goto failed; 165 } 166 if (timehost != NULL) { 167 ad->ad_timehost = malloc(strlen(timehost) + 1); 168 if (ad->ad_timehost == NULL) { 169 syslog(LOG_ERR, "authdes_seccreate: out of memory"); 170 goto failed; 171 } 172 (void) memcpy(ad->ad_timehost, timehost, strlen(timehost) + 1); 173 ad->ad_dosync = TRUE; 174 } else if (srvr != NULL) { 175 ad->ad_nis_srvr = srvr; /* transient */ 176 ad->ad_dosync = TRUE; 177 } else { 178 ad->ad_dosync = FALSE; 179 } 180 (void) memcpy(ad->ad_fullname, namebuf, ad->ad_fullnamelen + 1); 181 (void) memcpy(ad->ad_servername, servername, ad->ad_servernamelen + 1); 182 ad->ad_window = window; 183 if (ckey == NULL) { 184 if (key_gendes(&auth->ah_key) < 0) { 185 syslog(LOG_ERR, 186 "authdes_seccreate: keyserv(8) is unable to generate session key"); 187 goto failed; 188 } 189 } else 190 auth->ah_key = *ckey; 191 192 /* 193 * Set up auth handle 194 */ 195 auth->ah_cred.oa_flavor = AUTH_DES; 196 auth->ah_verf.oa_flavor = AUTH_DES; 197 auth->ah_ops = authdes_ops(); 198 auth->ah_private = (caddr_t)ad; 199 200 if (!authdes_refresh(auth, NULL)) { 201 goto failed; 202 } 203 ad->ad_nis_srvr = NULL; /* not needed any longer */ 204 return (auth); 205 206 failed: 207 if (auth) 208 free(auth); 209 if (ad) { 210 if (ad->ad_fullname) 211 free(ad->ad_fullname); 212 if (ad->ad_servername) 213 free(ad->ad_servername); 214 if (ad->ad_timehost) 215 free(ad->ad_timehost); 216 if (ad->ad_netid) 217 free(ad->ad_netid); 218 if (ad->ad_uaddr) 219 free(ad->ad_uaddr); 220 free(ad); 221 } 222 return (NULL); 223 } 224 225 /* 226 * Implement the five authentication operations 227 */ 228 229 /* 230 * 1. Next Verifier 231 */ 232 /*ARGSUSED*/ 233 static void 234 authdes_nextverf(AUTH *auth) 235 { 236 /* what the heck am I supposed to do??? */ 237 } 238 239 240 /* 241 * 2. Marshal 242 */ 243 static bool_t 244 authdes_marshal(AUTH *auth, XDR *xdrs) 245 { 246 /* LINTED pointer alignment */ 247 struct ad_private *ad = (struct ad_private *)auth->ah_private; 248 struct authdes_cred *cred = &ad->ad_cred; 249 struct authdes_verf *verf = &ad->ad_verf; 250 des_block cryptbuf[2]; 251 des_block ivec; 252 int status; 253 int len; 254 rpc_inline_t *ixdr; 255 256 /* 257 * Figure out the "time", accounting for any time difference 258 * with the server if necessary. 259 */ 260 (void) gettimeofday(&ad->ad_timestamp, NULL); 261 ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec; 262 ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec; 263 while (ad->ad_timestamp.tv_usec >= USEC_PER_SEC) { 264 ad->ad_timestamp.tv_usec -= USEC_PER_SEC; 265 ad->ad_timestamp.tv_sec++; 266 } 267 268 /* 269 * XDR the timestamp and possibly some other things, then 270 * encrypt them. 271 */ 272 ixdr = (rpc_inline_t *)cryptbuf; 273 IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_sec); 274 IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_usec); 275 if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { 276 IXDR_PUT_U_INT32(ixdr, ad->ad_window); 277 IXDR_PUT_U_INT32(ixdr, ad->ad_window - 1); 278 ivec.key.high = ivec.key.low = 0; 279 status = cbc_crypt((char *)&auth->ah_key, (char *)cryptbuf, 280 2 * sizeof (des_block), 281 DES_ENCRYPT | DES_HW, (char *)&ivec); 282 } else { 283 status = ecb_crypt((char *)&auth->ah_key, (char *)cryptbuf, 284 sizeof (des_block), 285 DES_ENCRYPT | DES_HW); 286 } 287 if (DES_FAILED(status)) { 288 syslog(LOG_ERR, "authdes_marshal: DES encryption failure"); 289 return (FALSE); 290 } 291 ad->ad_verf.adv_xtimestamp = cryptbuf[0]; 292 if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { 293 ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high; 294 ad->ad_verf.adv_winverf = cryptbuf[1].key.low; 295 } else { 296 ad->ad_cred.adc_nickname = ad->ad_nickname; 297 ad->ad_verf.adv_winverf = 0; 298 } 299 300 /* 301 * Serialize the credential and verifier into opaque 302 * authentication data. 303 */ 304 if (ad->ad_cred.adc_namekind == ADN_FULLNAME) { 305 len = ((1 + 1 + 2 + 1)*BYTES_PER_XDR_UNIT + ad->ad_fullnamelen); 306 } else { 307 len = (1 + 1)*BYTES_PER_XDR_UNIT; 308 } 309 310 if (ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT)) { 311 IXDR_PUT_INT32(ixdr, AUTH_DES); 312 IXDR_PUT_INT32(ixdr, len); 313 } else { 314 if (!xdr_putint32(xdrs, (int *)&auth->ah_cred.oa_flavor)) 315 return (FALSE); 316 if (!xdr_putint32(xdrs, &len)) 317 return (FALSE); 318 } 319 if (!xdr_authdes_cred(xdrs, cred)) 320 return (FALSE); 321 322 len = (2 + 1)*BYTES_PER_XDR_UNIT; 323 if (ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT)) { 324 IXDR_PUT_INT32(ixdr, AUTH_DES); 325 IXDR_PUT_INT32(ixdr, len); 326 } else { 327 if (!xdr_putint32(xdrs, (int *)&auth->ah_verf.oa_flavor)) 328 return (FALSE); 329 if (!xdr_putint32(xdrs, &len)) 330 return (FALSE); 331 } 332 return (xdr_authdes_verf(xdrs, verf)); 333 } 334 335 336 /* 337 * 3. Validate 338 */ 339 static bool_t 340 authdes_validate(AUTH *auth, struct opaque_auth *rverf) 341 { 342 /* LINTED pointer alignment */ 343 struct ad_private *ad = (struct ad_private *)auth->ah_private; 344 struct authdes_verf verf; 345 int status; 346 uint32_t *ixdr; 347 des_block buf; 348 349 if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) 350 return (FALSE); 351 /* LINTED pointer alignment */ 352 ixdr = (uint32_t *)rverf->oa_base; 353 buf.key.high = (uint32_t)*ixdr++; 354 buf.key.low = (uint32_t)*ixdr++; 355 verf.adv_int_u = (uint32_t)*ixdr++; 356 357 /* 358 * Decrypt the timestamp 359 */ 360 status = ecb_crypt((char *)&auth->ah_key, (char *)&buf, 361 sizeof (des_block), DES_DECRYPT | DES_HW); 362 363 if (DES_FAILED(status)) { 364 syslog(LOG_ERR, "authdes_validate: DES decryption failure"); 365 return (FALSE); 366 } 367 368 /* 369 * xdr the decrypted timestamp 370 */ 371 /* LINTED pointer alignment */ 372 ixdr = (uint32_t *)buf.c; 373 verf.adv_timestamp.tv_sec = IXDR_GET_INT32(ixdr) + 1; 374 verf.adv_timestamp.tv_usec = IXDR_GET_INT32(ixdr); 375 376 /* 377 * validate 378 */ 379 if (memcmp(&ad->ad_timestamp, &verf.adv_timestamp, 380 sizeof (struct timeval)) != 0) { 381 syslog(LOG_DEBUG, "authdes_validate: verifier mismatch"); 382 return (FALSE); 383 } 384 385 /* 386 * We have a nickname now, let's use it 387 */ 388 ad->ad_nickname = verf.adv_nickname; 389 ad->ad_cred.adc_namekind = ADN_NICKNAME; 390 return (TRUE); 391 } 392 393 /* 394 * 4. Refresh 395 */ 396 /*ARGSUSED*/ 397 static bool_t 398 authdes_refresh(AUTH *auth, void *dummy) 399 { 400 /* LINTED pointer alignment */ 401 struct ad_private *ad = (struct ad_private *)auth->ah_private; 402 struct authdes_cred *cred = &ad->ad_cred; 403 int ok; 404 netobj pkey; 405 406 if (ad->ad_dosync) { 407 ok = __rpc_get_time_offset(&ad->ad_timediff, ad->ad_nis_srvr, 408 ad->ad_timehost, &(ad->ad_uaddr), 409 &(ad->ad_netid)); 410 if (!ok) { 411 /* 412 * Hope the clocks are synced! 413 */ 414 ad->ad_dosync = 0; 415 syslog(LOG_DEBUG, 416 "authdes_refresh: unable to synchronize clock"); 417 } 418 } 419 ad->ad_xkey = auth->ah_key; 420 pkey.n_bytes = (char *)(ad->ad_pkey); 421 pkey.n_len = (uint_t)strlen((char *)ad->ad_pkey) + 1; 422 if (key_encryptsession_pk(ad->ad_servername, &pkey, &ad->ad_xkey) < 0) { 423 syslog(LOG_INFO, 424 "authdes_refresh: keyserv(8) is unable to encrypt session key"); 425 return (FALSE); 426 } 427 cred->adc_fullname.key = ad->ad_xkey; 428 cred->adc_namekind = ADN_FULLNAME; 429 cred->adc_fullname.name = ad->ad_fullname; 430 return (TRUE); 431 } 432 433 434 /* 435 * 5. Destroy 436 */ 437 static void 438 authdes_destroy(AUTH *auth) 439 { 440 /* LINTED pointer alignment */ 441 struct ad_private *ad = (struct ad_private *)auth->ah_private; 442 443 free(ad->ad_fullname); 444 free(ad->ad_servername); 445 if (ad->ad_timehost) 446 free(ad->ad_timehost); 447 if (ad->ad_netid) 448 free(ad->ad_netid); 449 if (ad->ad_uaddr) 450 free(ad->ad_uaddr); 451 free(ad); 452 free(auth); 453 } 454 455 static struct auth_ops * 456 authdes_ops(void) 457 { 458 static struct auth_ops ops; 459 extern mutex_t ops_lock; 460 461 /* VARIABLES PROTECTED BY ops_lock: ops */ 462 463 (void) mutex_lock(&ops_lock); 464 if (ops.ah_nextverf == NULL) { 465 ops.ah_nextverf = authdes_nextverf; 466 ops.ah_marshal = authdes_marshal; 467 ops.ah_validate = authdes_validate; 468 ops.ah_refresh = authdes_refresh; 469 ops.ah_destroy = authdes_destroy; 470 } 471 (void) mutex_unlock(&ops_lock); 472 return (&ops); 473 } 474