1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 24 */ 25 26 /* 27 * NETR challenge/response client functions. 28 * 29 * NT_STATUS_INVALID_PARAMETER 30 * NT_STATUS_NO_TRUST_SAM_ACCOUNT 31 * NT_STATUS_ACCESS_DENIED 32 */ 33 34 #include <stdio.h> 35 #include <stdlib.h> 36 #include <strings.h> 37 #include <unistd.h> 38 #include <ctype.h> 39 #include <security/cryptoki.h> 40 #include <security/pkcs11.h> 41 42 #include <smbsrv/libsmb.h> 43 #include <smbsrv/libsmbns.h> 44 #include <smbsrv/libmlsvc.h> 45 #include <smbsrv/ndl/netlogon.ndl> 46 #include <smbsrv/smbinfo.h> 47 #include <smbsrv/netrauth.h> 48 49 #define NETR_SESSKEY_ZEROBUF_SZ 4 50 /* The DES algorithm uses a 56-bit encryption key. */ 51 #define NETR_DESKEY_LEN 7 52 53 int netr_setup_authenticator(netr_info_t *, struct netr_authenticator *, 54 struct netr_authenticator *); 55 DWORD netr_validate_chain(netr_info_t *, struct netr_authenticator *); 56 57 static int netr_server_req_challenge(mlsvc_handle_t *, netr_info_t *); 58 static int netr_server_authenticate2(mlsvc_handle_t *, netr_info_t *); 59 static int netr_gen_password(BYTE *, BYTE *, BYTE *); 60 61 /* 62 * Shared with netr_logon.c 63 */ 64 netr_info_t netr_global_info; 65 66 /* 67 * netlogon_auth 68 * 69 * This is the core of the NETLOGON authentication protocol. 70 * Do the challenge response authentication. 71 * 72 * Prior to calling this function, an anonymous session to the NETLOGON 73 * pipe on a domain controller(server) should have already been opened. 74 * 75 * Upon a successful NETLOGON credential chain establishment, the 76 * netlogon sequence number will be set to match the kpasswd sequence 77 * number. 78 * 79 */ 80 DWORD 81 netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags) 82 { 83 netr_info_t *netr_info; 84 int rc; 85 DWORD leout_rc[2]; 86 87 netr_info = &netr_global_info; 88 bzero(netr_info, sizeof (netr_info_t)); 89 90 netr_info->flags |= flags; 91 92 rc = smb_getnetbiosname(netr_info->hostname, NETBIOS_NAME_SZ); 93 if (rc != 0) 94 return (NT_STATUS_UNSUCCESSFUL); 95 96 (void) snprintf(netr_info->server, sizeof (netr_info->server), 97 "\\\\%s", server); 98 99 LE_OUT32(&leout_rc[0], random()); 100 LE_OUT32(&leout_rc[1], random()); 101 (void) memcpy(&netr_info->client_challenge, leout_rc, 102 sizeof (struct netr_credential)); 103 104 if ((rc = netr_server_req_challenge(netr_handle, netr_info)) == 0) { 105 rc = netr_server_authenticate2(netr_handle, netr_info); 106 if (rc == 0) { 107 smb_update_netlogon_seqnum(); 108 netr_info->flags |= NETR_FLG_VALID; 109 110 } 111 } 112 113 return ((rc) ? NT_STATUS_UNSUCCESSFUL : NT_STATUS_SUCCESS); 114 } 115 116 /* 117 * netr_open 118 * 119 * Open an anonymous session to the NETLOGON pipe on a domain controller 120 * and bind to the NETR RPC interface. 121 * 122 * We store the remote server information, which is used to drive Windows 123 * version specific behavior. 124 */ 125 int 126 netr_open(char *server, char *domain, mlsvc_handle_t *netr_handle) 127 { 128 char user[SMB_USERNAME_MAXLEN]; 129 130 smb_ipc_get_user(user, SMB_USERNAME_MAXLEN); 131 132 if (ndr_rpc_bind(netr_handle, server, domain, user, "NETR") < 0) 133 return (-1); 134 135 return (0); 136 } 137 138 /* 139 * netr_close 140 * 141 * Close a NETLOGON pipe and free the RPC context. 142 */ 143 int 144 netr_close(mlsvc_handle_t *netr_handle) 145 { 146 ndr_rpc_unbind(netr_handle); 147 return (0); 148 } 149 150 /* 151 * netr_server_req_challenge 152 */ 153 static int 154 netr_server_req_challenge(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 155 { 156 struct netr_ServerReqChallenge arg; 157 int opnum; 158 159 bzero(&arg, sizeof (struct netr_ServerReqChallenge)); 160 opnum = NETR_OPNUM_ServerReqChallenge; 161 162 arg.servername = (unsigned char *)netr_info->server; 163 arg.hostname = (unsigned char *)netr_info->hostname; 164 165 (void) memcpy(&arg.client_challenge, &netr_info->client_challenge, 166 sizeof (struct netr_credential)); 167 168 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 169 return (-1); 170 171 if (arg.status != 0) { 172 ndr_rpc_status(netr_handle, opnum, arg.status); 173 ndr_rpc_release(netr_handle); 174 return (-1); 175 } 176 177 (void) memcpy(&netr_info->server_challenge, &arg.server_challenge, 178 sizeof (struct netr_credential)); 179 180 ndr_rpc_release(netr_handle); 181 return (0); 182 } 183 184 /* 185 * netr_server_authenticate2 186 */ 187 static int 188 netr_server_authenticate2(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 189 { 190 struct netr_ServerAuthenticate2 arg; 191 int opnum; 192 int rc; 193 char account_name[NETBIOS_NAME_SZ * 2]; 194 195 bzero(&arg, sizeof (struct netr_ServerAuthenticate2)); 196 opnum = NETR_OPNUM_ServerAuthenticate2; 197 198 (void) snprintf(account_name, sizeof (account_name), "%s$", 199 netr_info->hostname); 200 201 smb_tracef("server=[%s] account_name=[%s] hostname=[%s]\n", 202 netr_info->server, account_name, netr_info->hostname); 203 204 arg.servername = (unsigned char *)netr_info->server; 205 arg.account_name = (unsigned char *)account_name; 206 arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE; 207 arg.hostname = (unsigned char *)netr_info->hostname; 208 arg.negotiate_flags = NETR_NEGOTIATE_BASE_FLAGS; 209 210 if (ndr_rpc_server_os(netr_handle) == NATIVE_OS_WIN2000) { 211 arg.negotiate_flags |= NETR_NEGOTIATE_STRONGKEY_FLAG; 212 if (netr_gen_skey128(netr_info) != SMBAUTH_SUCCESS) 213 return (-1); 214 } else { 215 if (netr_gen_skey64(netr_info) != SMBAUTH_SUCCESS) 216 return (-1); 217 } 218 219 if (netr_gen_credentials(netr_info->session_key.key, 220 &netr_info->client_challenge, 0, 221 &netr_info->client_credential) != SMBAUTH_SUCCESS) { 222 return (-1); 223 } 224 225 if (netr_gen_credentials(netr_info->session_key.key, 226 &netr_info->server_challenge, 0, 227 &netr_info->server_credential) != SMBAUTH_SUCCESS) { 228 return (-1); 229 } 230 231 (void) memcpy(&arg.client_credential, &netr_info->client_credential, 232 sizeof (struct netr_credential)); 233 234 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 235 return (-1); 236 237 if (arg.status != 0) { 238 ndr_rpc_status(netr_handle, opnum, arg.status); 239 ndr_rpc_release(netr_handle); 240 return (-1); 241 } 242 243 rc = memcmp(&netr_info->server_credential, &arg.server_credential, 244 sizeof (struct netr_credential)); 245 246 ndr_rpc_release(netr_handle); 247 return (rc); 248 } 249 250 /* 251 * netr_gen_skey128 252 * 253 * Generate a 128-bit session key from the client and server challenges. 254 * See "Session-Key Computation" section of MS-NRPC document. 255 */ 256 int 257 netr_gen_skey128(netr_info_t *netr_info) 258 { 259 unsigned char ntlmhash[SMBAUTH_HASH_SZ]; 260 int rc = SMBAUTH_FAILURE; 261 CK_RV rv; 262 CK_MECHANISM mechanism; 263 CK_SESSION_HANDLE hSession; 264 CK_ULONG diglen = MD_DIGEST_LEN; 265 unsigned char md5digest[MD_DIGEST_LEN]; 266 unsigned char zerobuf[NETR_SESSKEY_ZEROBUF_SZ]; 267 268 bzero(ntlmhash, SMBAUTH_HASH_SZ); 269 /* 270 * We should check (netr_info->flags & NETR_FLG_INIT) and use 271 * the appropriate password but it isn't working yet. So we 272 * always use the default one for now. 273 */ 274 bzero(netr_info->password, sizeof (netr_info->password)); 275 rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD, 276 (char *)netr_info->password, sizeof (netr_info->password)); 277 278 if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') { 279 return (SMBAUTH_FAILURE); 280 } 281 282 rc = smb_auth_ntlm_hash((char *)netr_info->password, ntlmhash); 283 if (rc != SMBAUTH_SUCCESS) 284 return (SMBAUTH_FAILURE); 285 286 bzero(zerobuf, NETR_SESSKEY_ZEROBUF_SZ); 287 288 mechanism.mechanism = CKM_MD5; 289 mechanism.pParameter = 0; 290 mechanism.ulParameterLen = 0; 291 292 rv = SUNW_C_GetMechSession(mechanism.mechanism, &hSession); 293 if (rv != CKR_OK) 294 return (SMBAUTH_FAILURE); 295 296 rv = C_DigestInit(hSession, &mechanism); 297 if (rv != CKR_OK) 298 goto cleanup; 299 300 rv = C_DigestUpdate(hSession, (CK_BYTE_PTR)zerobuf, 301 NETR_SESSKEY_ZEROBUF_SZ); 302 if (rv != CKR_OK) 303 goto cleanup; 304 305 rv = C_DigestUpdate(hSession, 306 (CK_BYTE_PTR)netr_info->client_challenge.data, NETR_CRED_DATA_SZ); 307 if (rv != CKR_OK) 308 goto cleanup; 309 310 rv = C_DigestUpdate(hSession, 311 (CK_BYTE_PTR)netr_info->server_challenge.data, NETR_CRED_DATA_SZ); 312 if (rv != CKR_OK) 313 goto cleanup; 314 315 rv = C_DigestFinal(hSession, (CK_BYTE_PTR)md5digest, &diglen); 316 if (rv != CKR_OK) 317 goto cleanup; 318 319 rc = smb_auth_hmac_md5(md5digest, diglen, ntlmhash, SMBAUTH_HASH_SZ, 320 netr_info->session_key.key); 321 322 netr_info->session_key.len = NETR_SESSKEY128_SZ; 323 cleanup: 324 (void) C_CloseSession(hSession); 325 return (rc); 326 327 } 328 /* 329 * netr_gen_skey64 330 * 331 * Generate a 64-bit session key from the client and server challenges. 332 * See "Session-Key Computation" section of MS-NRPC document. 333 * 334 * The algorithm is a two stage hash. For the first hash, the input is 335 * the combination of the client and server challenges, the key is 336 * the first 7 bytes of the password. The initial password is formed 337 * using the NT password hash on the local hostname in lower case. 338 * The result is stored in a temporary buffer. 339 * 340 * input: challenge 341 * key: passwd lower 7 bytes 342 * output: intermediate result 343 * 344 * For the second hash, the input is the result of the first hash and 345 * the key is the last 7 bytes of the password. 346 * 347 * input: result of first hash 348 * key: passwd upper 7 bytes 349 * output: session_key 350 * 351 * The final output should be the session key. 352 * 353 * FYI: smb_auth_DES(output, key, input) 354 * 355 * If any difficulties occur using the cryptographic framework, the 356 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 357 * returned. 358 */ 359 int 360 netr_gen_skey64(netr_info_t *netr_info) 361 { 362 unsigned char md4hash[32]; 363 unsigned char buffer[8]; 364 DWORD data[2]; 365 DWORD *client_challenge; 366 DWORD *server_challenge; 367 int rc; 368 DWORD le_data[2]; 369 370 client_challenge = (DWORD *)(uintptr_t)&netr_info->client_challenge; 371 server_challenge = (DWORD *)(uintptr_t)&netr_info->server_challenge; 372 bzero(md4hash, 32); 373 374 /* 375 * We should check (netr_info->flags & NETR_FLG_INIT) and use 376 * the appropriate password but it isn't working yet. So we 377 * always use the default one for now. 378 */ 379 bzero(netr_info->password, sizeof (netr_info->password)); 380 rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD, 381 (char *)netr_info->password, sizeof (netr_info->password)); 382 383 if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') { 384 return (SMBAUTH_FAILURE); 385 } 386 387 rc = smb_auth_ntlm_hash((char *)netr_info->password, md4hash); 388 389 if (rc != SMBAUTH_SUCCESS) 390 return (SMBAUTH_FAILURE); 391 392 data[0] = LE_IN32(&client_challenge[0]) + LE_IN32(&server_challenge[0]); 393 data[1] = LE_IN32(&client_challenge[1]) + LE_IN32(&server_challenge[1]); 394 LE_OUT32(&le_data[0], data[0]); 395 LE_OUT32(&le_data[1], data[1]); 396 rc = smb_auth_DES(buffer, 8, md4hash, NETR_DESKEY_LEN, 397 (unsigned char *)le_data, 8); 398 399 if (rc != SMBAUTH_SUCCESS) 400 return (rc); 401 402 netr_info->session_key.len = NETR_SESSKEY64_SZ; 403 rc = smb_auth_DES(netr_info->session_key.key, 404 netr_info->session_key.len, &md4hash[9], NETR_DESKEY_LEN, buffer, 405 8); 406 407 return (rc); 408 } 409 410 /* 411 * netr_gen_credentials 412 * 413 * Generate a set of credentials from a challenge and a session key. 414 * The algorithm is a two stage hash. For the first hash, the 415 * timestamp is added to the challenge and the result is stored in a 416 * temporary buffer: 417 * 418 * input: challenge (including timestamp) 419 * key: session_key 420 * output: intermediate result 421 * 422 * For the second hash, the input is the result of the first hash and 423 * a strange partial key is used: 424 * 425 * input: result of first hash 426 * key: funny partial key 427 * output: credentiails 428 * 429 * The final output should be an encrypted set of credentials. 430 * 431 * FYI: smb_auth_DES(output, key, input) 432 * 433 * If any difficulties occur using the cryptographic framework, the 434 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 435 * returned. 436 */ 437 int 438 netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge, 439 DWORD timestamp, netr_cred_t *out_cred) 440 { 441 unsigned char buffer[8]; 442 DWORD data[2]; 443 DWORD le_data[2]; 444 DWORD *p; 445 int rc; 446 447 p = (DWORD *)(uintptr_t)challenge; 448 data[0] = LE_IN32(&p[0]) + timestamp; 449 data[1] = LE_IN32(&p[1]); 450 451 LE_OUT32(&le_data[0], data[0]); 452 LE_OUT32(&le_data[1], data[1]); 453 454 if (smb_auth_DES(buffer, 8, session_key, NETR_DESKEY_LEN, 455 (unsigned char *)le_data, 8) != SMBAUTH_SUCCESS) 456 return (SMBAUTH_FAILURE); 457 458 rc = smb_auth_DES(out_cred->data, 8, &session_key[NETR_DESKEY_LEN], 459 NETR_DESKEY_LEN, buffer, 8); 460 461 return (rc); 462 } 463 464 /* 465 * netr_server_password_set 466 * 467 * Attempt to change the trust account password for this system. 468 * 469 * Note that this call may legitimately fail if the registry on the 470 * domain controller has been setup to deny attempts to change the 471 * trust account password. In this case we should just continue to 472 * use the original password. 473 * 474 * Possible status values: 475 * NT_STATUS_ACCESS_DENIED 476 */ 477 int 478 netr_server_password_set(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 479 { 480 struct netr_PasswordSet arg; 481 int opnum; 482 BYTE new_password[NETR_OWF_PASSWORD_SZ]; 483 char account_name[NETBIOS_NAME_SZ * 2]; 484 485 bzero(&arg, sizeof (struct netr_PasswordSet)); 486 opnum = NETR_OPNUM_ServerPasswordSet; 487 488 (void) snprintf(account_name, sizeof (account_name), "%s$", 489 netr_info->hostname); 490 491 arg.servername = (unsigned char *)netr_info->server; 492 arg.account_name = (unsigned char *)account_name; 493 arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE; 494 arg.hostname = (unsigned char *)netr_info->hostname; 495 496 /* 497 * Set up the client side authenticator. 498 */ 499 if (netr_setup_authenticator(netr_info, &arg.auth, 0) != 500 SMBAUTH_SUCCESS) { 501 return (-1); 502 } 503 504 /* 505 * Generate a new password from the old password. 506 */ 507 if (netr_gen_password(netr_info->session_key.key, 508 netr_info->password, new_password) == SMBAUTH_FAILURE) { 509 return (-1); 510 } 511 512 (void) memcpy(&arg.uas_new_password, &new_password, 513 NETR_OWF_PASSWORD_SZ); 514 515 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 516 return (-1); 517 518 if (arg.status != 0) { 519 ndr_rpc_status(netr_handle, opnum, arg.status); 520 ndr_rpc_release(netr_handle); 521 return (-1); 522 } 523 524 /* 525 * Check the returned credentials. The server returns the new 526 * client credential rather than the new server credentiali, 527 * as documented elsewhere. 528 * 529 * Generate the new seed for the credential chain. Increment 530 * the timestamp and add it to the client challenge. Then we 531 * need to copy the challenge to the credential field in 532 * preparation for the next cycle. 533 */ 534 if (netr_validate_chain(netr_info, &arg.auth) == 0) { 535 /* 536 * Save the new password. 537 */ 538 (void) memcpy(netr_info->password, new_password, 539 NETR_OWF_PASSWORD_SZ); 540 } 541 542 ndr_rpc_release(netr_handle); 543 return (0); 544 } 545 546 /* 547 * netr_gen_password 548 * 549 * Generate a new pasword from the old password and the session key. 550 * The algorithm is a two stage hash. The session key is used in the 551 * first hash but only part of the session key is used in the second 552 * hash. 553 * 554 * If any difficulties occur using the cryptographic framework, the 555 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 556 * returned. 557 */ 558 static int 559 netr_gen_password(BYTE *session_key, BYTE *old_password, BYTE *new_password) 560 { 561 int rv; 562 563 rv = smb_auth_DES(new_password, 8, session_key, NETR_DESKEY_LEN, 564 old_password, 8); 565 if (rv != SMBAUTH_SUCCESS) 566 return (rv); 567 568 rv = smb_auth_DES(&new_password[8], 8, &session_key[NETR_DESKEY_LEN], 569 NETR_DESKEY_LEN, &old_password[8], 8); 570 return (rv); 571 } 572