xref: /illumos-gate/usr/src/lib/smbsrv/libmlsvc/common/netr_auth.c (revision 2bbdd445a21f9d61f4a0ca0faf05d5ceb2bd91f3)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24  * Copyright 2012 Nexenta Systems, Inc.  All rights reserved.
25  */
26 
27 /*
28  * NETR challenge/response client functions.
29  *
30  * NT_STATUS_INVALID_PARAMETER
31  * NT_STATUS_NO_TRUST_SAM_ACCOUNT
32  * NT_STATUS_ACCESS_DENIED
33  */
34 
35 #include <stdio.h>
36 #include <stdlib.h>
37 #include <strings.h>
38 #include <unistd.h>
39 #include <ctype.h>
40 #include <security/cryptoki.h>
41 #include <security/pkcs11.h>
42 
43 #include <smbsrv/libsmb.h>
44 #include <smbsrv/libsmbns.h>
45 #include <smbsrv/libmlsvc.h>
46 #include <smbsrv/ndl/netlogon.ndl>
47 #include <smbsrv/smbinfo.h>
48 #include <smbsrv/netrauth.h>
49 
50 #define	NETR_SESSKEY_ZEROBUF_SZ		4
51 /* The DES algorithm uses a 56-bit encryption key. */
52 #define	NETR_DESKEY_LEN			7
53 
54 int netr_setup_authenticator(netr_info_t *, struct netr_authenticator *,
55     struct netr_authenticator *);
56 DWORD netr_validate_chain(netr_info_t *, struct netr_authenticator *);
57 
58 static int netr_server_req_challenge(mlsvc_handle_t *, netr_info_t *);
59 static int netr_server_authenticate2(mlsvc_handle_t *, netr_info_t *);
60 static int netr_gen_password(BYTE *, BYTE *, BYTE *);
61 
62 /*
63  * Shared with netr_logon.c
64  */
65 netr_info_t netr_global_info;
66 
67 /*
68  * netlogon_auth
69  *
70  * This is the core of the NETLOGON authentication protocol.
71  * Do the challenge response authentication.
72  *
73  * Prior to calling this function, an anonymous session to the NETLOGON
74  * pipe on a domain controller(server) should have already been opened.
75  *
76  * Upon a successful NETLOGON credential chain establishment, the
77  * netlogon sequence number will be set to match the kpasswd sequence
78  * number.
79  *
80  */
81 DWORD
82 netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags)
83 {
84 	netr_info_t *netr_info;
85 	int rc;
86 	DWORD leout_rc[2];
87 
88 	netr_info = &netr_global_info;
89 	bzero(netr_info, sizeof (netr_info_t));
90 
91 	netr_info->flags |= flags;
92 
93 	rc = smb_getnetbiosname(netr_info->hostname, NETBIOS_NAME_SZ);
94 	if (rc != 0)
95 		return (NT_STATUS_UNSUCCESSFUL);
96 
97 	(void) snprintf(netr_info->server, sizeof (netr_info->server),
98 	    "\\\\%s", server);
99 
100 	LE_OUT32(&leout_rc[0], random());
101 	LE_OUT32(&leout_rc[1], random());
102 	(void) memcpy(&netr_info->client_challenge, leout_rc,
103 	    sizeof (struct netr_credential));
104 
105 	if ((rc = netr_server_req_challenge(netr_handle, netr_info)) == 0) {
106 		rc = netr_server_authenticate2(netr_handle, netr_info);
107 		if (rc == 0) {
108 			/*
109 			 * TODO: (later)  When joining a domain using a
110 			 * pre-created machine account, should do:
111 			 * netr_server_password_set(&netr_handle, netr_info);
112 			 * Nexenta issue 11960
113 			 */
114 			smb_update_netlogon_seqnum();
115 			netr_info->flags |= NETR_FLG_VALID;
116 
117 		}
118 	}
119 
120 	return ((rc) ? NT_STATUS_UNSUCCESSFUL : NT_STATUS_SUCCESS);
121 }
122 
123 /*
124  * netr_open
125  *
126  * Open an anonymous session to the NETLOGON pipe on a domain controller
127  * and bind to the NETR RPC interface.
128  *
129  * We store the remote server information, which is used to drive Windows
130  * version specific behavior.
131  */
132 int
133 netr_open(char *server, char *domain, mlsvc_handle_t *netr_handle)
134 {
135 	char user[SMB_USERNAME_MAXLEN];
136 
137 	smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
138 
139 	if (ndr_rpc_bind(netr_handle, server, domain, user, "NETR") < 0)
140 		return (-1);
141 
142 	return (0);
143 }
144 
145 /*
146  * netr_close
147  *
148  * Close a NETLOGON pipe and free the RPC context.
149  */
150 int
151 netr_close(mlsvc_handle_t *netr_handle)
152 {
153 	ndr_rpc_unbind(netr_handle);
154 	return (0);
155 }
156 
157 /*
158  * netr_server_req_challenge
159  */
160 static int
161 netr_server_req_challenge(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
162 {
163 	struct netr_ServerReqChallenge arg;
164 	int opnum;
165 
166 	bzero(&arg, sizeof (struct netr_ServerReqChallenge));
167 	opnum = NETR_OPNUM_ServerReqChallenge;
168 
169 	arg.servername = (unsigned char *)netr_info->server;
170 	arg.hostname = (unsigned char *)netr_info->hostname;
171 
172 	(void) memcpy(&arg.client_challenge, &netr_info->client_challenge,
173 	    sizeof (struct netr_credential));
174 
175 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
176 		return (-1);
177 
178 	if (arg.status != 0) {
179 		ndr_rpc_status(netr_handle, opnum, arg.status);
180 		ndr_rpc_release(netr_handle);
181 		return (-1);
182 	}
183 
184 	(void) memcpy(&netr_info->server_challenge, &arg.server_challenge,
185 	    sizeof (struct netr_credential));
186 
187 	ndr_rpc_release(netr_handle);
188 	return (0);
189 }
190 
191 /*
192  * netr_server_authenticate2
193  */
194 static int
195 netr_server_authenticate2(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
196 {
197 	struct netr_ServerAuthenticate2 arg;
198 	int opnum;
199 	int rc;
200 	char account_name[NETBIOS_NAME_SZ * 2];
201 
202 	bzero(&arg, sizeof (struct netr_ServerAuthenticate2));
203 	opnum = NETR_OPNUM_ServerAuthenticate2;
204 
205 	(void) snprintf(account_name, sizeof (account_name), "%s$",
206 	    netr_info->hostname);
207 
208 	smb_tracef("server=[%s] account_name=[%s] hostname=[%s]\n",
209 	    netr_info->server, account_name, netr_info->hostname);
210 
211 	arg.servername = (unsigned char *)netr_info->server;
212 	arg.account_name = (unsigned char *)account_name;
213 	arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE;
214 	arg.hostname = (unsigned char *)netr_info->hostname;
215 	arg.negotiate_flags = NETR_NEGOTIATE_BASE_FLAGS;
216 
217 	if (ndr_rpc_server_os(netr_handle) == NATIVE_OS_WIN2000) {
218 		arg.negotiate_flags |= NETR_NEGOTIATE_STRONGKEY_FLAG;
219 		if (netr_gen_skey128(netr_info) != SMBAUTH_SUCCESS)
220 			return (-1);
221 	} else {
222 		if (netr_gen_skey64(netr_info) != SMBAUTH_SUCCESS)
223 			return (-1);
224 	}
225 
226 	if (netr_gen_credentials(netr_info->session_key.key,
227 	    &netr_info->client_challenge, 0,
228 	    &netr_info->client_credential) != SMBAUTH_SUCCESS) {
229 		return (-1);
230 	}
231 
232 	if (netr_gen_credentials(netr_info->session_key.key,
233 	    &netr_info->server_challenge, 0,
234 	    &netr_info->server_credential) != SMBAUTH_SUCCESS) {
235 		return (-1);
236 	}
237 
238 	(void) memcpy(&arg.client_credential, &netr_info->client_credential,
239 	    sizeof (struct netr_credential));
240 
241 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
242 		return (-1);
243 
244 	if (arg.status != 0) {
245 		ndr_rpc_status(netr_handle, opnum, arg.status);
246 		ndr_rpc_release(netr_handle);
247 		return (-1);
248 	}
249 
250 	rc = memcmp(&netr_info->server_credential, &arg.server_credential,
251 	    sizeof (struct netr_credential));
252 
253 	ndr_rpc_release(netr_handle);
254 	return (rc);
255 }
256 
257 /*
258  * netr_gen_skey128
259  *
260  * Generate a 128-bit session key from the client and server challenges.
261  * See "Session-Key Computation" section of MS-NRPC document.
262  */
263 int
264 netr_gen_skey128(netr_info_t *netr_info)
265 {
266 	unsigned char ntlmhash[SMBAUTH_HASH_SZ];
267 	int rc = SMBAUTH_FAILURE;
268 	CK_RV rv;
269 	CK_MECHANISM mechanism;
270 	CK_SESSION_HANDLE hSession;
271 	CK_ULONG diglen = MD_DIGEST_LEN;
272 	unsigned char md5digest[MD_DIGEST_LEN];
273 	unsigned char zerobuf[NETR_SESSKEY_ZEROBUF_SZ];
274 
275 	bzero(ntlmhash, SMBAUTH_HASH_SZ);
276 	/*
277 	 * We should check (netr_info->flags & NETR_FLG_INIT) and use
278 	 * the appropriate password but it isn't working yet.  So we
279 	 * always use the default one for now.
280 	 */
281 	bzero(netr_info->password, sizeof (netr_info->password));
282 	rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD,
283 	    (char *)netr_info->password, sizeof (netr_info->password));
284 
285 	if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') {
286 		return (SMBAUTH_FAILURE);
287 	}
288 
289 	rc = smb_auth_ntlm_hash((char *)netr_info->password, ntlmhash);
290 	if (rc != SMBAUTH_SUCCESS)
291 		return (SMBAUTH_FAILURE);
292 
293 	bzero(zerobuf, NETR_SESSKEY_ZEROBUF_SZ);
294 
295 	mechanism.mechanism = CKM_MD5;
296 	mechanism.pParameter = 0;
297 	mechanism.ulParameterLen = 0;
298 
299 	rv = SUNW_C_GetMechSession(mechanism.mechanism, &hSession);
300 	if (rv != CKR_OK)
301 		return (SMBAUTH_FAILURE);
302 
303 	rv = C_DigestInit(hSession, &mechanism);
304 	if (rv != CKR_OK)
305 		goto cleanup;
306 
307 	rv = C_DigestUpdate(hSession, (CK_BYTE_PTR)zerobuf,
308 	    NETR_SESSKEY_ZEROBUF_SZ);
309 	if (rv != CKR_OK)
310 		goto cleanup;
311 
312 	rv = C_DigestUpdate(hSession,
313 	    (CK_BYTE_PTR)netr_info->client_challenge.data, NETR_CRED_DATA_SZ);
314 	if (rv != CKR_OK)
315 		goto cleanup;
316 
317 	rv = C_DigestUpdate(hSession,
318 	    (CK_BYTE_PTR)netr_info->server_challenge.data, NETR_CRED_DATA_SZ);
319 	if (rv != CKR_OK)
320 		goto cleanup;
321 
322 	rv = C_DigestFinal(hSession, (CK_BYTE_PTR)md5digest, &diglen);
323 	if (rv != CKR_OK)
324 		goto cleanup;
325 
326 	rc = smb_auth_hmac_md5(md5digest, diglen, ntlmhash, SMBAUTH_HASH_SZ,
327 	    netr_info->session_key.key);
328 
329 	netr_info->session_key.len = NETR_SESSKEY128_SZ;
330 cleanup:
331 	(void) C_CloseSession(hSession);
332 	return (rc);
333 
334 }
335 /*
336  * netr_gen_skey64
337  *
338  * Generate a 64-bit session key from the client and server challenges.
339  * See "Session-Key Computation" section of MS-NRPC document.
340  *
341  * The algorithm is a two stage hash. For the first hash, the input is
342  * the combination of the client and server challenges, the key is
343  * the first 7 bytes of the password. The initial password is formed
344  * using the NT password hash on the local hostname in lower case.
345  * The result is stored in a temporary buffer.
346  *
347  *		input:	challenge
348  *		key:	passwd lower 7 bytes
349  *		output:	intermediate result
350  *
351  * For the second hash, the input is the result of the first hash and
352  * the key is the last 7 bytes of the password.
353  *
354  *		input:	result of first hash
355  *		key:	passwd upper 7 bytes
356  *		output:	session_key
357  *
358  * The final output should be the session key.
359  *
360  *		FYI: smb_auth_DES(output, key, input)
361  *
362  * If any difficulties occur using the cryptographic framework, the
363  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
364  * returned.
365  */
366 int
367 netr_gen_skey64(netr_info_t *netr_info)
368 {
369 	unsigned char md4hash[32];
370 	unsigned char buffer[8];
371 	DWORD data[2];
372 	DWORD *client_challenge;
373 	DWORD *server_challenge;
374 	int rc;
375 	DWORD le_data[2];
376 
377 	client_challenge = (DWORD *)(uintptr_t)&netr_info->client_challenge;
378 	server_challenge = (DWORD *)(uintptr_t)&netr_info->server_challenge;
379 	bzero(md4hash, 32);
380 
381 	/*
382 	 * We should check (netr_info->flags & NETR_FLG_INIT) and use
383 	 * the appropriate password but it isn't working yet.  So we
384 	 * always use the default one for now.
385 	 */
386 	bzero(netr_info->password, sizeof (netr_info->password));
387 	rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD,
388 	    (char *)netr_info->password, sizeof (netr_info->password));
389 
390 	if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') {
391 		return (SMBAUTH_FAILURE);
392 	}
393 
394 	rc = smb_auth_ntlm_hash((char *)netr_info->password, md4hash);
395 
396 	if (rc != SMBAUTH_SUCCESS)
397 		return (SMBAUTH_FAILURE);
398 
399 	data[0] = LE_IN32(&client_challenge[0]) + LE_IN32(&server_challenge[0]);
400 	data[1] = LE_IN32(&client_challenge[1]) + LE_IN32(&server_challenge[1]);
401 	LE_OUT32(&le_data[0], data[0]);
402 	LE_OUT32(&le_data[1], data[1]);
403 	rc = smb_auth_DES(buffer, 8, md4hash, NETR_DESKEY_LEN,
404 	    (unsigned char *)le_data, 8);
405 
406 	if (rc != SMBAUTH_SUCCESS)
407 		return (rc);
408 
409 	netr_info->session_key.len = NETR_SESSKEY64_SZ;
410 	rc = smb_auth_DES(netr_info->session_key.key,
411 	    netr_info->session_key.len, &md4hash[9], NETR_DESKEY_LEN, buffer,
412 	    8);
413 
414 	return (rc);
415 }
416 
417 /*
418  * netr_gen_credentials
419  *
420  * Generate a set of credentials from a challenge and a session key.
421  * The algorithm is a two stage hash. For the first hash, the
422  * timestamp is added to the challenge and the result is stored in a
423  * temporary buffer:
424  *
425  *		input:	challenge (including timestamp)
426  *		key:	session_key
427  *		output:	intermediate result
428  *
429  * For the second hash, the input is the result of the first hash and
430  * a strange partial key is used:
431  *
432  *		input:	result of first hash
433  *		key:	funny partial key
434  *		output:	credentiails
435  *
436  * The final output should be an encrypted set of credentials.
437  *
438  *		FYI: smb_auth_DES(output, key, input)
439  *
440  * If any difficulties occur using the cryptographic framework, the
441  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
442  * returned.
443  */
444 int
445 netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge,
446     DWORD timestamp, netr_cred_t *out_cred)
447 {
448 	unsigned char buffer[8];
449 	DWORD data[2];
450 	DWORD le_data[2];
451 	DWORD *p;
452 	int rc;
453 
454 	p = (DWORD *)(uintptr_t)challenge;
455 	data[0] = LE_IN32(&p[0]) + timestamp;
456 	data[1] = LE_IN32(&p[1]);
457 
458 	LE_OUT32(&le_data[0], data[0]);
459 	LE_OUT32(&le_data[1], data[1]);
460 
461 	if (smb_auth_DES(buffer, 8, session_key, NETR_DESKEY_LEN,
462 	    (unsigned char *)le_data, 8) != SMBAUTH_SUCCESS)
463 		return (SMBAUTH_FAILURE);
464 
465 	rc = smb_auth_DES(out_cred->data, 8, &session_key[NETR_DESKEY_LEN],
466 	    NETR_DESKEY_LEN, buffer, 8);
467 
468 	return (rc);
469 }
470 
471 /*
472  * netr_server_password_set
473  *
474  * Attempt to change the trust account password for this system.
475  *
476  * Note that this call may legitimately fail if the registry on the
477  * domain controller has been setup to deny attempts to change the
478  * trust account password. In this case we should just continue to
479  * use the original password.
480  *
481  * Possible status values:
482  *	NT_STATUS_ACCESS_DENIED
483  */
484 int
485 netr_server_password_set(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
486 {
487 	struct netr_PasswordSet  arg;
488 	int opnum;
489 	BYTE new_password[NETR_OWF_PASSWORD_SZ];
490 	char account_name[NETBIOS_NAME_SZ * 2];
491 
492 	bzero(&arg, sizeof (struct netr_PasswordSet));
493 	opnum = NETR_OPNUM_ServerPasswordSet;
494 
495 	(void) snprintf(account_name, sizeof (account_name), "%s$",
496 	    netr_info->hostname);
497 
498 	arg.servername = (unsigned char *)netr_info->server;
499 	arg.account_name = (unsigned char *)account_name;
500 	arg.sec_chan_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE;
501 	arg.hostname = (unsigned char *)netr_info->hostname;
502 
503 	/*
504 	 * Set up the client side authenticator.
505 	 */
506 	if (netr_setup_authenticator(netr_info, &arg.auth, 0) !=
507 	    SMBAUTH_SUCCESS) {
508 		return (-1);
509 	}
510 
511 	/*
512 	 * Generate a new password from the old password.
513 	 */
514 	if (netr_gen_password(netr_info->session_key.key,
515 	    netr_info->password, new_password) == SMBAUTH_FAILURE) {
516 		return (-1);
517 	}
518 
519 	(void) memcpy(&arg.owf_password, &new_password,
520 	    NETR_OWF_PASSWORD_SZ);
521 
522 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
523 		return (-1);
524 
525 	if (arg.status != 0) {
526 		ndr_rpc_status(netr_handle, opnum, arg.status);
527 		ndr_rpc_release(netr_handle);
528 		return (-1);
529 	}
530 
531 	/*
532 	 * Check the returned credentials.  The server returns the new
533 	 * client credential rather than the new server credentiali,
534 	 * as documented elsewhere.
535 	 *
536 	 * Generate the new seed for the credential chain.  Increment
537 	 * the timestamp and add it to the client challenge.  Then we
538 	 * need to copy the challenge to the credential field in
539 	 * preparation for the next cycle.
540 	 */
541 	if (netr_validate_chain(netr_info, &arg.auth) == 0) {
542 		/*
543 		 * Save the new password.
544 		 */
545 		(void) memcpy(netr_info->password, new_password,
546 		    NETR_OWF_PASSWORD_SZ);
547 	}
548 
549 	ndr_rpc_release(netr_handle);
550 	return (0);
551 }
552 
553 /*
554  * netr_gen_password
555  *
556  * Generate a new pasword from the old password  and the session key.
557  * The algorithm is a two stage hash. The session key is used in the
558  * first hash but only part of the session key is used in the second
559  * hash.
560  *
561  * If any difficulties occur using the cryptographic framework, the
562  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
563  * returned.
564  */
565 static int
566 netr_gen_password(BYTE *session_key, BYTE *old_password, BYTE *new_password)
567 {
568 	int rv;
569 
570 	rv = smb_auth_DES(new_password, 8, session_key, NETR_DESKEY_LEN,
571 	    old_password, 8);
572 	if (rv != SMBAUTH_SUCCESS)
573 		return (rv);
574 
575 	rv = smb_auth_DES(&new_password[8], 8, &session_key[NETR_DESKEY_LEN],
576 	    NETR_DESKEY_LEN, &old_password[8], 8);
577 	return (rv);
578 }
579 
580 /*
581  * Todo: need netr_server_password_set2()
582  * used by "unsecure join". (NX 11960)
583  */
584