xref: /illumos-gate/usr/src/lib/smbsrv/libmlsvc/common/netr_auth.c (revision 2a6e99a0f1f7d22c0396e8b2ce9b9babbd1056cf)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24  * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
25  */
26 
27 /*
28  * NETR challenge/response client functions.
29  *
30  * NT_STATUS_INVALID_PARAMETER
31  * NT_STATUS_NO_TRUST_SAM_ACCOUNT
32  * NT_STATUS_ACCESS_DENIED
33  */
34 
35 #include <stdio.h>
36 #include <stdlib.h>
37 #include <strings.h>
38 #include <unistd.h>
39 #include <ctype.h>
40 #include <security/cryptoki.h>
41 #include <security/pkcs11.h>
42 
43 #include <smbsrv/libsmb.h>
44 #include <smbsrv/libsmbns.h>
45 #include <smbsrv/libmlsvc.h>
46 #include <smbsrv/ndl/netlogon.ndl>
47 #include <smbsrv/smbinfo.h>
48 #include <smbsrv/netrauth.h>
49 
50 #define	NETR_SESSKEY_ZEROBUF_SZ		4
51 /* The DES algorithm uses a 56-bit encryption key. */
52 #define	NETR_DESKEY_LEN			7
53 
54 int netr_setup_authenticator(netr_info_t *, struct netr_authenticator *,
55     struct netr_authenticator *);
56 DWORD netr_validate_chain(netr_info_t *, struct netr_authenticator *);
57 
58 static int netr_server_req_challenge(mlsvc_handle_t *, netr_info_t *);
59 static int netr_server_authenticate2(mlsvc_handle_t *, netr_info_t *);
60 static int netr_gen_password(BYTE *, BYTE *, BYTE *);
61 
62 /*
63  * Shared with netr_logon.c
64  */
65 netr_info_t netr_global_info;
66 
67 /*
68  * netlogon_auth
69  *
70  * This is the core of the NETLOGON authentication protocol.
71  * Do the challenge response authentication.
72  *
73  * Prior to calling this function, an anonymous session to the NETLOGON
74  * pipe on a domain controller(server) should have already been opened.
75  *
76  * Upon a successful NETLOGON credential chain establishment, the
77  * netlogon sequence number will be set to match the kpasswd sequence
78  * number.
79  *
80  */
81 DWORD
82 netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags)
83 {
84 	netr_info_t *netr_info;
85 	int rc;
86 	DWORD leout_rc[2];
87 
88 	netr_info = &netr_global_info;
89 	bzero(netr_info, sizeof (netr_info_t));
90 
91 	netr_info->flags |= flags;
92 
93 	rc = smb_getnetbiosname(netr_info->hostname, NETBIOS_NAME_SZ);
94 	if (rc != 0)
95 		return (NT_STATUS_UNSUCCESSFUL);
96 
97 	/* server is our DC.  Note: normally an FQDN. */
98 	(void) snprintf(netr_info->server, sizeof (netr_info->server),
99 	    "\\\\%s", server);
100 
101 	LE_OUT32(&leout_rc[0], random());
102 	LE_OUT32(&leout_rc[1], random());
103 	(void) memcpy(&netr_info->client_challenge, leout_rc,
104 	    sizeof (struct netr_credential));
105 
106 	if ((rc = netr_server_req_challenge(netr_handle, netr_info)) == 0) {
107 		rc = netr_server_authenticate2(netr_handle, netr_info);
108 		if (rc == 0) {
109 			/*
110 			 * TODO: (later)  When joining a domain using a
111 			 * pre-created machine account, should do:
112 			 * netr_server_password_set(&netr_handle, netr_info);
113 			 * Nexenta issue 11960
114 			 */
115 			smb_update_netlogon_seqnum();
116 			netr_info->flags |= NETR_FLG_VALID;
117 
118 		}
119 	}
120 
121 	return ((rc) ? NT_STATUS_UNSUCCESSFUL : NT_STATUS_SUCCESS);
122 }
123 
124 /*
125  * netr_open
126  *
127  * Open an anonymous session to the NETLOGON pipe on a domain controller
128  * and bind to the NETR RPC interface.
129  *
130  * We store the remote server information, which is used to drive Windows
131  * version specific behavior.
132  *
133  * Returns 0 or NT status
134  */
135 DWORD
136 netr_open(char *server, char *domain, mlsvc_handle_t *netr_handle)
137 {
138 	char user[SMB_USERNAME_MAXLEN];
139 	DWORD status;
140 
141 	smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
142 
143 	status = ndr_rpc_bind(netr_handle, server, domain, user, "NETR");
144 
145 	return (status);
146 }
147 
148 /*
149  * netr_close
150  *
151  * Close a NETLOGON pipe and free the RPC context.
152  */
153 int
154 netr_close(mlsvc_handle_t *netr_handle)
155 {
156 	ndr_rpc_unbind(netr_handle);
157 	return (0);
158 }
159 
160 /*
161  * netr_server_req_challenge
162  */
163 static int
164 netr_server_req_challenge(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
165 {
166 	struct netr_ServerReqChallenge arg;
167 	int opnum;
168 
169 	bzero(&arg, sizeof (struct netr_ServerReqChallenge));
170 	opnum = NETR_OPNUM_ServerReqChallenge;
171 
172 	arg.servername = (unsigned char *)netr_info->server;
173 	arg.hostname = (unsigned char *)netr_info->hostname;
174 
175 	(void) memcpy(&arg.client_challenge, &netr_info->client_challenge,
176 	    sizeof (struct netr_credential));
177 
178 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
179 		return (-1);
180 
181 	if (arg.status != 0) {
182 		ndr_rpc_status(netr_handle, opnum, arg.status);
183 		ndr_rpc_release(netr_handle);
184 		return (-1);
185 	}
186 
187 	(void) memcpy(&netr_info->server_challenge, &arg.server_challenge,
188 	    sizeof (struct netr_credential));
189 
190 	ndr_rpc_release(netr_handle);
191 	return (0);
192 }
193 
194 uint32_t netr_server_auth2_flags =
195     NETR_NEGOTIATE_BASE_FLAGS |
196     NETR_NEGOTIATE_STRONGKEY_FLAG;
197 
198 /*
199  * netr_server_authenticate2
200  */
201 static int
202 netr_server_authenticate2(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
203 {
204 	struct netr_ServerAuthenticate2 arg;
205 	/* sizeof netr_info->hostname, + 1 for the '$' */
206 	char account_name[(NETBIOS_NAME_SZ * 2) + 1];
207 	int opnum;
208 	int rc;
209 
210 	bzero(&arg, sizeof (struct netr_ServerAuthenticate2));
211 	opnum = NETR_OPNUM_ServerAuthenticate2;
212 
213 	(void) snprintf(account_name, sizeof (account_name), "%s$",
214 	    netr_info->hostname);
215 
216 	smb_tracef("server=[%s] account_name=[%s] hostname=[%s]\n",
217 	    netr_info->server, account_name, netr_info->hostname);
218 
219 	arg.servername = (unsigned char *)netr_info->server;
220 	arg.account_name = (unsigned char *)account_name;
221 	arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE;
222 	arg.hostname = (unsigned char *)netr_info->hostname;
223 	arg.negotiate_flags = netr_server_auth2_flags;
224 
225 	if (arg.negotiate_flags & NETR_NEGOTIATE_STRONGKEY_FLAG) {
226 		if (netr_gen_skey128(netr_info) != SMBAUTH_SUCCESS)
227 			return (-1);
228 	} else {
229 		if (netr_gen_skey64(netr_info) != SMBAUTH_SUCCESS)
230 			return (-1);
231 	}
232 
233 	if (netr_gen_credentials(netr_info->session_key.key,
234 	    &netr_info->client_challenge, 0,
235 	    &netr_info->client_credential) != SMBAUTH_SUCCESS) {
236 		return (-1);
237 	}
238 
239 	if (netr_gen_credentials(netr_info->session_key.key,
240 	    &netr_info->server_challenge, 0,
241 	    &netr_info->server_credential) != SMBAUTH_SUCCESS) {
242 		return (-1);
243 	}
244 
245 	(void) memcpy(&arg.client_credential, &netr_info->client_credential,
246 	    sizeof (struct netr_credential));
247 
248 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
249 		return (-1);
250 
251 	if (arg.status != 0) {
252 		ndr_rpc_status(netr_handle, opnum, arg.status);
253 		ndr_rpc_release(netr_handle);
254 		return (-1);
255 	}
256 
257 	rc = memcmp(&netr_info->server_credential, &arg.server_credential,
258 	    sizeof (struct netr_credential));
259 
260 	ndr_rpc_release(netr_handle);
261 	return (rc);
262 }
263 
264 /*
265  * netr_gen_skey128
266  *
267  * Generate a 128-bit session key from the client and server challenges.
268  * See "Session-Key Computation" section of MS-NRPC document.
269  */
270 int
271 netr_gen_skey128(netr_info_t *netr_info)
272 {
273 	unsigned char ntlmhash[SMBAUTH_HASH_SZ];
274 	int rc = SMBAUTH_FAILURE;
275 	CK_RV rv;
276 	CK_MECHANISM mechanism;
277 	CK_SESSION_HANDLE hSession;
278 	CK_ULONG diglen = MD_DIGEST_LEN;
279 	unsigned char md5digest[MD_DIGEST_LEN];
280 	unsigned char zerobuf[NETR_SESSKEY_ZEROBUF_SZ];
281 
282 	bzero(ntlmhash, SMBAUTH_HASH_SZ);
283 	/*
284 	 * We should check (netr_info->flags & NETR_FLG_INIT) and use
285 	 * the appropriate password but it isn't working yet.  So we
286 	 * always use the default one for now.
287 	 */
288 	bzero(netr_info->password, sizeof (netr_info->password));
289 	rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD,
290 	    (char *)netr_info->password, sizeof (netr_info->password));
291 
292 	if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') {
293 		return (SMBAUTH_FAILURE);
294 	}
295 
296 	rc = smb_auth_ntlm_hash((char *)netr_info->password, ntlmhash);
297 	if (rc != SMBAUTH_SUCCESS)
298 		return (SMBAUTH_FAILURE);
299 
300 	bzero(zerobuf, NETR_SESSKEY_ZEROBUF_SZ);
301 
302 	mechanism.mechanism = CKM_MD5;
303 	mechanism.pParameter = 0;
304 	mechanism.ulParameterLen = 0;
305 
306 	rv = SUNW_C_GetMechSession(mechanism.mechanism, &hSession);
307 	if (rv != CKR_OK)
308 		return (SMBAUTH_FAILURE);
309 
310 	rv = C_DigestInit(hSession, &mechanism);
311 	if (rv != CKR_OK)
312 		goto cleanup;
313 
314 	rv = C_DigestUpdate(hSession, (CK_BYTE_PTR)zerobuf,
315 	    NETR_SESSKEY_ZEROBUF_SZ);
316 	if (rv != CKR_OK)
317 		goto cleanup;
318 
319 	rv = C_DigestUpdate(hSession,
320 	    (CK_BYTE_PTR)netr_info->client_challenge.data, NETR_CRED_DATA_SZ);
321 	if (rv != CKR_OK)
322 		goto cleanup;
323 
324 	rv = C_DigestUpdate(hSession,
325 	    (CK_BYTE_PTR)netr_info->server_challenge.data, NETR_CRED_DATA_SZ);
326 	if (rv != CKR_OK)
327 		goto cleanup;
328 
329 	rv = C_DigestFinal(hSession, (CK_BYTE_PTR)md5digest, &diglen);
330 	if (rv != CKR_OK)
331 		goto cleanup;
332 
333 	rc = smb_auth_hmac_md5(md5digest, diglen, ntlmhash, SMBAUTH_HASH_SZ,
334 	    netr_info->session_key.key);
335 
336 	netr_info->session_key.len = NETR_SESSKEY128_SZ;
337 cleanup:
338 	(void) C_CloseSession(hSession);
339 	return (rc);
340 
341 }
342 /*
343  * netr_gen_skey64
344  *
345  * Generate a 64-bit session key from the client and server challenges.
346  * See "Session-Key Computation" section of MS-NRPC document.
347  *
348  * The algorithm is a two stage hash. For the first hash, the input is
349  * the combination of the client and server challenges, the key is
350  * the first 7 bytes of the password. The initial password is formed
351  * using the NT password hash on the local hostname in lower case.
352  * The result is stored in a temporary buffer.
353  *
354  *		input:	challenge
355  *		key:	passwd lower 7 bytes
356  *		output:	intermediate result
357  *
358  * For the second hash, the input is the result of the first hash and
359  * the key is the last 7 bytes of the password.
360  *
361  *		input:	result of first hash
362  *		key:	passwd upper 7 bytes
363  *		output:	session_key
364  *
365  * The final output should be the session key.
366  *
367  *		FYI: smb_auth_DES(output, key, input)
368  *
369  * If any difficulties occur using the cryptographic framework, the
370  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
371  * returned.
372  */
373 int
374 netr_gen_skey64(netr_info_t *netr_info)
375 {
376 	unsigned char md4hash[32];
377 	unsigned char buffer[8];
378 	DWORD data[2];
379 	DWORD *client_challenge;
380 	DWORD *server_challenge;
381 	int rc;
382 	DWORD le_data[2];
383 
384 	client_challenge = (DWORD *)(uintptr_t)&netr_info->client_challenge;
385 	server_challenge = (DWORD *)(uintptr_t)&netr_info->server_challenge;
386 	bzero(md4hash, 32);
387 
388 	/*
389 	 * We should check (netr_info->flags & NETR_FLG_INIT) and use
390 	 * the appropriate password but it isn't working yet.  So we
391 	 * always use the default one for now.
392 	 */
393 	bzero(netr_info->password, sizeof (netr_info->password));
394 	rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD,
395 	    (char *)netr_info->password, sizeof (netr_info->password));
396 
397 	if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') {
398 		return (SMBAUTH_FAILURE);
399 	}
400 
401 	rc = smb_auth_ntlm_hash((char *)netr_info->password, md4hash);
402 
403 	if (rc != SMBAUTH_SUCCESS)
404 		return (SMBAUTH_FAILURE);
405 
406 	data[0] = LE_IN32(&client_challenge[0]) + LE_IN32(&server_challenge[0]);
407 	data[1] = LE_IN32(&client_challenge[1]) + LE_IN32(&server_challenge[1]);
408 	LE_OUT32(&le_data[0], data[0]);
409 	LE_OUT32(&le_data[1], data[1]);
410 	rc = smb_auth_DES(buffer, 8, md4hash, NETR_DESKEY_LEN,
411 	    (unsigned char *)le_data, 8);
412 
413 	if (rc != SMBAUTH_SUCCESS)
414 		return (rc);
415 
416 	netr_info->session_key.len = NETR_SESSKEY64_SZ;
417 	rc = smb_auth_DES(netr_info->session_key.key,
418 	    netr_info->session_key.len, &md4hash[9], NETR_DESKEY_LEN, buffer,
419 	    8);
420 
421 	return (rc);
422 }
423 
424 /*
425  * netr_gen_credentials
426  *
427  * Generate a set of credentials from a challenge and a session key.
428  * The algorithm is a two stage hash. For the first hash, the
429  * timestamp is added to the challenge and the result is stored in a
430  * temporary buffer:
431  *
432  *		input:	challenge (including timestamp)
433  *		key:	session_key
434  *		output:	intermediate result
435  *
436  * For the second hash, the input is the result of the first hash and
437  * a strange partial key is used:
438  *
439  *		input:	result of first hash
440  *		key:	funny partial key
441  *		output:	credentiails
442  *
443  * The final output should be an encrypted set of credentials.
444  *
445  *		FYI: smb_auth_DES(output, key, input)
446  *
447  * If any difficulties occur using the cryptographic framework, the
448  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
449  * returned.
450  */
451 int
452 netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge,
453     DWORD timestamp, netr_cred_t *out_cred)
454 {
455 	unsigned char buffer[8];
456 	DWORD data[2];
457 	DWORD le_data[2];
458 	DWORD *p;
459 	int rc;
460 
461 	p = (DWORD *)(uintptr_t)challenge;
462 	data[0] = LE_IN32(&p[0]) + timestamp;
463 	data[1] = LE_IN32(&p[1]);
464 
465 	LE_OUT32(&le_data[0], data[0]);
466 	LE_OUT32(&le_data[1], data[1]);
467 
468 	if (smb_auth_DES(buffer, 8, session_key, NETR_DESKEY_LEN,
469 	    (unsigned char *)le_data, 8) != SMBAUTH_SUCCESS)
470 		return (SMBAUTH_FAILURE);
471 
472 	rc = smb_auth_DES(out_cred->data, 8, &session_key[NETR_DESKEY_LEN],
473 	    NETR_DESKEY_LEN, buffer, 8);
474 
475 	return (rc);
476 }
477 
478 /*
479  * netr_server_password_set
480  *
481  * Attempt to change the trust account password for this system.
482  *
483  * Note that this call may legitimately fail if the registry on the
484  * domain controller has been setup to deny attempts to change the
485  * trust account password. In this case we should just continue to
486  * use the original password.
487  *
488  * Possible status values:
489  *	NT_STATUS_ACCESS_DENIED
490  */
491 int
492 netr_server_password_set(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
493 {
494 	struct netr_PasswordSet  arg;
495 	int opnum;
496 	BYTE new_password[NETR_OWF_PASSWORD_SZ];
497 	char account_name[NETBIOS_NAME_SZ * 2];
498 
499 	bzero(&arg, sizeof (struct netr_PasswordSet));
500 	opnum = NETR_OPNUM_ServerPasswordSet;
501 
502 	(void) snprintf(account_name, sizeof (account_name), "%s$",
503 	    netr_info->hostname);
504 
505 	arg.servername = (unsigned char *)netr_info->server;
506 	arg.account_name = (unsigned char *)account_name;
507 	arg.sec_chan_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE;
508 	arg.hostname = (unsigned char *)netr_info->hostname;
509 
510 	/*
511 	 * Set up the client side authenticator.
512 	 */
513 	if (netr_setup_authenticator(netr_info, &arg.auth, 0) !=
514 	    SMBAUTH_SUCCESS) {
515 		return (-1);
516 	}
517 
518 	/*
519 	 * Generate a new password from the old password.
520 	 */
521 	if (netr_gen_password(netr_info->session_key.key,
522 	    netr_info->password, new_password) == SMBAUTH_FAILURE) {
523 		return (-1);
524 	}
525 
526 	(void) memcpy(&arg.owf_password, &new_password,
527 	    NETR_OWF_PASSWORD_SZ);
528 
529 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
530 		return (-1);
531 
532 	if (arg.status != 0) {
533 		ndr_rpc_status(netr_handle, opnum, arg.status);
534 		ndr_rpc_release(netr_handle);
535 		return (-1);
536 	}
537 
538 	/*
539 	 * Check the returned credentials.  The server returns the new
540 	 * client credential rather than the new server credentiali,
541 	 * as documented elsewhere.
542 	 *
543 	 * Generate the new seed for the credential chain.  Increment
544 	 * the timestamp and add it to the client challenge.  Then we
545 	 * need to copy the challenge to the credential field in
546 	 * preparation for the next cycle.
547 	 */
548 	if (netr_validate_chain(netr_info, &arg.auth) == 0) {
549 		/*
550 		 * Save the new password.
551 		 */
552 		(void) memcpy(netr_info->password, new_password,
553 		    NETR_OWF_PASSWORD_SZ);
554 	}
555 
556 	ndr_rpc_release(netr_handle);
557 	return (0);
558 }
559 
560 /*
561  * netr_gen_password
562  *
563  * Generate a new pasword from the old password  and the session key.
564  * The algorithm is a two stage hash. The session key is used in the
565  * first hash but only part of the session key is used in the second
566  * hash.
567  *
568  * If any difficulties occur using the cryptographic framework, the
569  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
570  * returned.
571  */
572 static int
573 netr_gen_password(BYTE *session_key, BYTE *old_password, BYTE *new_password)
574 {
575 	int rv;
576 
577 	rv = smb_auth_DES(new_password, 8, session_key, NETR_DESKEY_LEN,
578 	    old_password, 8);
579 	if (rv != SMBAUTH_SUCCESS)
580 		return (rv);
581 
582 	rv = smb_auth_DES(&new_password[8], 8, &session_key[NETR_DESKEY_LEN],
583 	    NETR_DESKEY_LEN, &old_password[8], 8);
584 	return (rv);
585 }
586 
587 /*
588  * Todo: need netr_server_password_set2()
589  * used by "unsecure join". (NX 11960)
590  */
591