xref: /illumos-gate/usr/src/lib/smbsrv/libmlsvc/common/netr_auth.c (revision 46b592853d0f4f11781b6b0a7533f267c6aee132)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*
27  * NETR challenge/response client functions.
28  *
29  * NT_STATUS_INVALID_PARAMETER
30  * NT_STATUS_NO_TRUST_SAM_ACCOUNT
31  * NT_STATUS_ACCESS_DENIED
32  */
33 
34 #include <stdio.h>
35 #include <stdlib.h>
36 #include <strings.h>
37 #include <unistd.h>
38 #include <ctype.h>
39 #include <security/cryptoki.h>
40 #include <security/pkcs11.h>
41 
42 #include <smbsrv/libsmb.h>
43 #include <smbsrv/libsmbns.h>
44 #include <smbsrv/libmlsvc.h>
45 #include <smbsrv/ndl/netlogon.ndl>
46 #include <smbsrv/ntstatus.h>
47 #include <smbsrv/smbinfo.h>
48 #include <smbsrv/netrauth.h>
49 
50 #define	NETR_SESSKEY_ZEROBUF_SZ		4
51 /* The DES algorithm uses a 56-bit encryption key. */
52 #define	NETR_DESKEY_LEN			7
53 
54 int netr_setup_authenticator(netr_info_t *, struct netr_authenticator *,
55     struct netr_authenticator *);
56 DWORD netr_validate_chain(netr_info_t *, struct netr_authenticator *);
57 
58 static int netr_server_req_challenge(mlsvc_handle_t *, netr_info_t *);
59 static int netr_server_authenticate2(mlsvc_handle_t *, netr_info_t *);
60 static int netr_gen_password(BYTE *, BYTE *, BYTE *);
61 
62 /*
63  * Shared with netr_logon.c
64  */
65 netr_info_t netr_global_info;
66 
67 /*
68  * netlogon_auth
69  *
70  * This is the core of the NETLOGON authentication protocol.
71  * Do the challenge response authentication.
72  *
73  * Prior to calling this function, an anonymous session to the NETLOGON
74  * pipe on a domain controller(server) should have already been opened.
75  *
76  * Upon a successful NETLOGON credential chain establishment, the
77  * netlogon sequence number will be set to match the kpasswd sequence
78  * number.
79  *
80  */
81 DWORD
82 netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags)
83 {
84 	netr_info_t *netr_info;
85 	int rc;
86 	DWORD leout_rc[2];
87 
88 	netr_info = &netr_global_info;
89 	bzero(netr_info, sizeof (netr_info_t));
90 
91 	netr_info->flags |= flags;
92 
93 	rc = smb_getnetbiosname(netr_info->hostname, NETBIOS_NAME_SZ);
94 	if (rc != 0)
95 		return (NT_STATUS_UNSUCCESSFUL);
96 
97 	(void) snprintf(netr_info->server, sizeof (netr_info->server),
98 	    "\\\\%s", server);
99 
100 	LE_OUT32(&leout_rc[0], random());
101 	LE_OUT32(&leout_rc[1], random());
102 	(void) memcpy(&netr_info->client_challenge, leout_rc,
103 	    sizeof (struct netr_credential));
104 
105 	if ((rc = netr_server_req_challenge(netr_handle, netr_info)) == 0) {
106 		rc = netr_server_authenticate2(netr_handle, netr_info);
107 		if (rc == 0) {
108 			smb_update_netlogon_seqnum();
109 			netr_info->flags |= NETR_FLG_VALID;
110 
111 		}
112 	}
113 
114 	return ((rc) ? NT_STATUS_UNSUCCESSFUL : NT_STATUS_SUCCESS);
115 }
116 
117 /*
118  * netr_open
119  *
120  * Open an anonymous session to the NETLOGON pipe on a domain controller
121  * and bind to the NETR RPC interface.
122  *
123  * We store the remote server information, which is used to drive Windows
124  * version specific behavior.
125  */
126 int
127 netr_open(char *server, char *domain, mlsvc_handle_t *netr_handle)
128 {
129 	char user[SMB_USERNAME_MAXLEN];
130 
131 	smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
132 
133 	if (ndr_rpc_bind(netr_handle, server, domain, user, "NETR") < 0)
134 		return (-1);
135 
136 	return (0);
137 }
138 
139 /*
140  * netr_close
141  *
142  * Close a NETLOGON pipe and free the RPC context.
143  */
144 int
145 netr_close(mlsvc_handle_t *netr_handle)
146 {
147 	ndr_rpc_unbind(netr_handle);
148 	return (0);
149 }
150 
151 /*
152  * netr_server_req_challenge
153  */
154 static int
155 netr_server_req_challenge(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
156 {
157 	struct netr_ServerReqChallenge arg;
158 	int opnum;
159 
160 	bzero(&arg, sizeof (struct netr_ServerReqChallenge));
161 	opnum = NETR_OPNUM_ServerReqChallenge;
162 
163 	arg.servername = (unsigned char *)netr_info->server;
164 	arg.hostname = (unsigned char *)netr_info->hostname;
165 
166 	(void) memcpy(&arg.client_challenge, &netr_info->client_challenge,
167 	    sizeof (struct netr_credential));
168 
169 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
170 		return (-1);
171 
172 	if (arg.status != 0) {
173 		ndr_rpc_status(netr_handle, opnum, arg.status);
174 		ndr_rpc_release(netr_handle);
175 		return (-1);
176 	}
177 
178 	(void) memcpy(&netr_info->server_challenge, &arg.server_challenge,
179 	    sizeof (struct netr_credential));
180 
181 	ndr_rpc_release(netr_handle);
182 	return (0);
183 }
184 
185 /*
186  * netr_server_authenticate2
187  */
188 static int
189 netr_server_authenticate2(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
190 {
191 	struct netr_ServerAuthenticate2 arg;
192 	int opnum;
193 	int rc;
194 	char account_name[NETBIOS_NAME_SZ * 2];
195 
196 	bzero(&arg, sizeof (struct netr_ServerAuthenticate2));
197 	opnum = NETR_OPNUM_ServerAuthenticate2;
198 
199 	(void) snprintf(account_name, sizeof (account_name), "%s$",
200 	    netr_info->hostname);
201 
202 	smb_tracef("server=[%s] account_name=[%s] hostname=[%s]\n",
203 	    netr_info->server, account_name, netr_info->hostname);
204 
205 	arg.servername = (unsigned char *)netr_info->server;
206 	arg.account_name = (unsigned char *)account_name;
207 	arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE;
208 	arg.hostname = (unsigned char *)netr_info->hostname;
209 	arg.negotiate_flags = NETR_NEGOTIATE_BASE_FLAGS;
210 
211 	if (ndr_rpc_server_os(netr_handle) == NATIVE_OS_WIN2000) {
212 		arg.negotiate_flags |= NETR_NEGOTIATE_STRONGKEY_FLAG;
213 		if (netr_gen_skey128(netr_info) != SMBAUTH_SUCCESS)
214 			return (-1);
215 	} else {
216 		if (netr_gen_skey64(netr_info) != SMBAUTH_SUCCESS)
217 			return (-1);
218 	}
219 
220 	if (netr_gen_credentials(netr_info->session_key.key,
221 	    &netr_info->client_challenge, 0,
222 	    &netr_info->client_credential) != SMBAUTH_SUCCESS) {
223 		return (-1);
224 	}
225 
226 	if (netr_gen_credentials(netr_info->session_key.key,
227 	    &netr_info->server_challenge, 0,
228 	    &netr_info->server_credential) != SMBAUTH_SUCCESS) {
229 		return (-1);
230 	}
231 
232 	(void) memcpy(&arg.client_credential, &netr_info->client_credential,
233 	    sizeof (struct netr_credential));
234 
235 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
236 		return (-1);
237 
238 	if (arg.status != 0) {
239 		ndr_rpc_status(netr_handle, opnum, arg.status);
240 		ndr_rpc_release(netr_handle);
241 		return (-1);
242 	}
243 
244 	rc = memcmp(&netr_info->server_credential, &arg.server_credential,
245 	    sizeof (struct netr_credential));
246 
247 	ndr_rpc_release(netr_handle);
248 	return (rc);
249 }
250 
251 /*
252  * netr_gen_skey128
253  *
254  * Generate a 128-bit session key from the client and server challenges.
255  * See "Session-Key Computation" section of MS-NRPC document.
256  */
257 int
258 netr_gen_skey128(netr_info_t *netr_info)
259 {
260 	unsigned char ntlmhash[SMBAUTH_HASH_SZ];
261 	int rc = SMBAUTH_FAILURE;
262 	CK_RV rv;
263 	CK_MECHANISM mechanism;
264 	CK_SESSION_HANDLE hSession;
265 	CK_ULONG diglen = MD_DIGEST_LEN;
266 	unsigned char md5digest[MD_DIGEST_LEN];
267 	unsigned char zerobuf[NETR_SESSKEY_ZEROBUF_SZ];
268 
269 	bzero(ntlmhash, SMBAUTH_HASH_SZ);
270 	/*
271 	 * We should check (netr_info->flags & NETR_FLG_INIT) and use
272 	 * the appropriate password but it isn't working yet.  So we
273 	 * always use the default one for now.
274 	 */
275 	bzero(netr_info->password, sizeof (netr_info->password));
276 	rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD,
277 	    (char *)netr_info->password, sizeof (netr_info->password));
278 
279 	if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') {
280 		return (SMBAUTH_FAILURE);
281 	}
282 
283 	rc = smb_auth_ntlm_hash((char *)netr_info->password, ntlmhash);
284 	if (rc != SMBAUTH_SUCCESS)
285 		return (SMBAUTH_FAILURE);
286 
287 	bzero(zerobuf, NETR_SESSKEY_ZEROBUF_SZ);
288 
289 	mechanism.mechanism = CKM_MD5;
290 	mechanism.pParameter = 0;
291 	mechanism.ulParameterLen = 0;
292 
293 	rv = SUNW_C_GetMechSession(mechanism.mechanism, &hSession);
294 	if (rv != CKR_OK)
295 		return (SMBAUTH_FAILURE);
296 
297 	rv = C_DigestInit(hSession, &mechanism);
298 	if (rv != CKR_OK)
299 		goto cleanup;
300 
301 	rv = C_DigestUpdate(hSession, (CK_BYTE_PTR)zerobuf,
302 	    NETR_SESSKEY_ZEROBUF_SZ);
303 	if (rv != CKR_OK)
304 		goto cleanup;
305 
306 	rv = C_DigestUpdate(hSession,
307 	    (CK_BYTE_PTR)netr_info->client_challenge.data, NETR_CRED_DATA_SZ);
308 	if (rv != CKR_OK)
309 		goto cleanup;
310 
311 	rv = C_DigestUpdate(hSession,
312 	    (CK_BYTE_PTR)netr_info->server_challenge.data, NETR_CRED_DATA_SZ);
313 	if (rv != CKR_OK)
314 		goto cleanup;
315 
316 	rv = C_DigestFinal(hSession, (CK_BYTE_PTR)md5digest, &diglen);
317 	if (rv != CKR_OK)
318 		goto cleanup;
319 
320 	rc = smb_auth_hmac_md5(md5digest, diglen, ntlmhash, SMBAUTH_HASH_SZ,
321 	    netr_info->session_key.key);
322 
323 	netr_info->session_key.len = NETR_SESSKEY128_SZ;
324 cleanup:
325 	(void) C_CloseSession(hSession);
326 	return (rc);
327 
328 }
329 /*
330  * netr_gen_skey64
331  *
332  * Generate a 64-bit session key from the client and server challenges.
333  * See "Session-Key Computation" section of MS-NRPC document.
334  *
335  * The algorithm is a two stage hash. For the first hash, the input is
336  * the combination of the client and server challenges, the key is
337  * the first 7 bytes of the password. The initial password is formed
338  * using the NT password hash on the local hostname in lower case.
339  * The result is stored in a temporary buffer.
340  *
341  *		input:	challenge
342  *		key:	passwd lower 7 bytes
343  *		output:	intermediate result
344  *
345  * For the second hash, the input is the result of the first hash and
346  * the key is the last 7 bytes of the password.
347  *
348  *		input:	result of first hash
349  *		key:	passwd upper 7 bytes
350  *		output:	session_key
351  *
352  * The final output should be the session key.
353  *
354  *		FYI: smb_auth_DES(output, key, input)
355  *
356  * If any difficulties occur using the cryptographic framework, the
357  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
358  * returned.
359  */
360 int
361 netr_gen_skey64(netr_info_t *netr_info)
362 {
363 	unsigned char md4hash[32];
364 	unsigned char buffer[8];
365 	DWORD data[2];
366 	DWORD *client_challenge;
367 	DWORD *server_challenge;
368 	int rc;
369 	DWORD le_data[2];
370 
371 	client_challenge = (DWORD *)(uintptr_t)&netr_info->client_challenge;
372 	server_challenge = (DWORD *)(uintptr_t)&netr_info->server_challenge;
373 	bzero(md4hash, 32);
374 
375 	/*
376 	 * We should check (netr_info->flags & NETR_FLG_INIT) and use
377 	 * the appropriate password but it isn't working yet.  So we
378 	 * always use the default one for now.
379 	 */
380 	bzero(netr_info->password, sizeof (netr_info->password));
381 	rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD,
382 	    (char *)netr_info->password, sizeof (netr_info->password));
383 
384 	if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') {
385 		return (SMBAUTH_FAILURE);
386 	}
387 
388 	rc = smb_auth_ntlm_hash((char *)netr_info->password, md4hash);
389 
390 	if (rc != SMBAUTH_SUCCESS)
391 		return (SMBAUTH_FAILURE);
392 
393 	data[0] = LE_IN32(&client_challenge[0]) + LE_IN32(&server_challenge[0]);
394 	data[1] = LE_IN32(&client_challenge[1]) + LE_IN32(&server_challenge[1]);
395 	LE_OUT32(&le_data[0], data[0]);
396 	LE_OUT32(&le_data[1], data[1]);
397 	rc = smb_auth_DES(buffer, 8, md4hash, NETR_DESKEY_LEN,
398 	    (unsigned char *)le_data, 8);
399 
400 	if (rc != SMBAUTH_SUCCESS)
401 		return (rc);
402 
403 	netr_info->session_key.len = NETR_SESSKEY64_SZ;
404 	rc = smb_auth_DES(netr_info->session_key.key,
405 	    netr_info->session_key.len, &md4hash[9], NETR_DESKEY_LEN, buffer,
406 	    8);
407 
408 	return (rc);
409 }
410 
411 /*
412  * netr_gen_credentials
413  *
414  * Generate a set of credentials from a challenge and a session key.
415  * The algorithm is a two stage hash. For the first hash, the
416  * timestamp is added to the challenge and the result is stored in a
417  * temporary buffer:
418  *
419  *		input:	challenge (including timestamp)
420  *		key:	session_key
421  *		output:	intermediate result
422  *
423  * For the second hash, the input is the result of the first hash and
424  * a strange partial key is used:
425  *
426  *		input:	result of first hash
427  *		key:	funny partial key
428  *		output:	credentiails
429  *
430  * The final output should be an encrypted set of credentials.
431  *
432  *		FYI: smb_auth_DES(output, key, input)
433  *
434  * If any difficulties occur using the cryptographic framework, the
435  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
436  * returned.
437  */
438 int
439 netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge,
440     DWORD timestamp, netr_cred_t *out_cred)
441 {
442 	unsigned char buffer[8];
443 	DWORD data[2];
444 	DWORD le_data[2];
445 	DWORD *p;
446 	int rc;
447 
448 	p = (DWORD *)(uintptr_t)challenge;
449 	data[0] = LE_IN32(&p[0]) + timestamp;
450 	data[1] = LE_IN32(&p[1]);
451 
452 	LE_OUT32(&le_data[0], data[0]);
453 	LE_OUT32(&le_data[1], data[1]);
454 
455 	if (smb_auth_DES(buffer, 8, session_key, NETR_DESKEY_LEN,
456 	    (unsigned char *)le_data, 8) != SMBAUTH_SUCCESS)
457 		return (SMBAUTH_FAILURE);
458 
459 	rc = smb_auth_DES(out_cred->data, 8, &session_key[NETR_DESKEY_LEN],
460 	    NETR_DESKEY_LEN, buffer, 8);
461 
462 	return (rc);
463 }
464 
465 /*
466  * netr_server_password_set
467  *
468  * Attempt to change the trust account password for this system.
469  *
470  * Note that this call may legitimately fail if the registry on the
471  * domain controller has been setup to deny attempts to change the
472  * trust account password. In this case we should just continue to
473  * use the original password.
474  *
475  * Possible status values:
476  *	NT_STATUS_ACCESS_DENIED
477  */
478 int
479 netr_server_password_set(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
480 {
481 	struct netr_PasswordSet  arg;
482 	int opnum;
483 	BYTE new_password[NETR_OWF_PASSWORD_SZ];
484 	char account_name[NETBIOS_NAME_SZ * 2];
485 
486 	bzero(&arg, sizeof (struct netr_PasswordSet));
487 	opnum = NETR_OPNUM_ServerPasswordSet;
488 
489 	(void) snprintf(account_name, sizeof (account_name), "%s$",
490 	    netr_info->hostname);
491 
492 	arg.servername = (unsigned char *)netr_info->server;
493 	arg.account_name = (unsigned char *)account_name;
494 	arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE;
495 	arg.hostname = (unsigned char *)netr_info->hostname;
496 
497 	/*
498 	 * Set up the client side authenticator.
499 	 */
500 	if (netr_setup_authenticator(netr_info, &arg.auth, 0) !=
501 	    SMBAUTH_SUCCESS) {
502 		return (-1);
503 	}
504 
505 	/*
506 	 * Generate a new password from the old password.
507 	 */
508 	if (netr_gen_password(netr_info->session_key.key,
509 	    netr_info->password, new_password) == SMBAUTH_FAILURE) {
510 		return (-1);
511 	}
512 
513 	(void) memcpy(&arg.uas_new_password, &new_password,
514 	    NETR_OWF_PASSWORD_SZ);
515 
516 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
517 		return (-1);
518 
519 	if (arg.status != 0) {
520 		ndr_rpc_status(netr_handle, opnum, arg.status);
521 		ndr_rpc_release(netr_handle);
522 		return (-1);
523 	}
524 
525 	/*
526 	 * Check the returned credentials.  The server returns the new
527 	 * client credential rather than the new server credentiali,
528 	 * as documented elsewhere.
529 	 *
530 	 * Generate the new seed for the credential chain.  Increment
531 	 * the timestamp and add it to the client challenge.  Then we
532 	 * need to copy the challenge to the credential field in
533 	 * preparation for the next cycle.
534 	 */
535 	if (netr_validate_chain(netr_info, &arg.auth) == 0) {
536 		/*
537 		 * Save the new password.
538 		 */
539 		(void) memcpy(netr_info->password, new_password,
540 		    NETR_OWF_PASSWORD_SZ);
541 	}
542 
543 	ndr_rpc_release(netr_handle);
544 	return (0);
545 }
546 
547 /*
548  * netr_gen_password
549  *
550  * Generate a new pasword from the old password  and the session key.
551  * The algorithm is a two stage hash. The session key is used in the
552  * first hash but only part of the session key is used in the second
553  * hash.
554  *
555  * If any difficulties occur using the cryptographic framework, the
556  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
557  * returned.
558  */
559 static int
560 netr_gen_password(BYTE *session_key, BYTE *old_password, BYTE *new_password)
561 {
562 	int rv;
563 
564 	rv = smb_auth_DES(new_password, 8, session_key, NETR_DESKEY_LEN,
565 	    old_password, 8);
566 	if (rv != SMBAUTH_SUCCESS)
567 		return (rv);
568 
569 	rv = smb_auth_DES(&new_password[8], 8, &session_key[NETR_DESKEY_LEN],
570 	    NETR_DESKEY_LEN, &old_password[8], 8);
571 	return (rv);
572 }
573