1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* 27 * NETR challenge/response client functions. 28 * 29 * NT_STATUS_INVALID_PARAMETER 30 * NT_STATUS_NO_TRUST_SAM_ACCOUNT 31 * NT_STATUS_ACCESS_DENIED 32 */ 33 34 #include <stdio.h> 35 #include <stdlib.h> 36 #include <strings.h> 37 #include <unistd.h> 38 #include <ctype.h> 39 #include <security/cryptoki.h> 40 #include <security/pkcs11.h> 41 42 #include <smbsrv/libsmb.h> 43 #include <smbsrv/libsmbns.h> 44 #include <smbsrv/libmlsvc.h> 45 #include <smbsrv/ndl/netlogon.ndl> 46 #include <smbsrv/ntstatus.h> 47 #include <smbsrv/smbinfo.h> 48 #include <smbsrv/netrauth.h> 49 50 #define NETR_SESSKEY_ZEROBUF_SZ 4 51 /* The DES algorithm uses a 56-bit encryption key. */ 52 #define NETR_DESKEY_LEN 7 53 54 int netr_setup_authenticator(netr_info_t *, struct netr_authenticator *, 55 struct netr_authenticator *); 56 DWORD netr_validate_chain(netr_info_t *, struct netr_authenticator *); 57 58 static int netr_server_req_challenge(mlsvc_handle_t *, netr_info_t *); 59 static int netr_server_authenticate2(mlsvc_handle_t *, netr_info_t *); 60 static int netr_gen_password(BYTE *, BYTE *, BYTE *); 61 62 /* 63 * Shared with netr_logon.c 64 */ 65 netr_info_t netr_global_info; 66 67 /* 68 * netlogon_auth 69 * 70 * This is the core of the NETLOGON authentication protocol. 71 * Do the challenge response authentication. 72 * 73 * Prior to calling this function, an anonymous session to the NETLOGON 74 * pipe on a domain controller(server) should have already been opened. 75 * 76 * Upon a successful NETLOGON credential chain establishment, the 77 * netlogon sequence number will be set to match the kpasswd sequence 78 * number. 79 * 80 */ 81 DWORD 82 netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags) 83 { 84 netr_info_t *netr_info; 85 int rc; 86 DWORD leout_rc[2]; 87 88 netr_info = &netr_global_info; 89 bzero(netr_info, sizeof (netr_info_t)); 90 91 netr_info->flags |= flags; 92 93 rc = smb_getnetbiosname(netr_info->hostname, NETBIOS_NAME_SZ); 94 if (rc != 0) 95 return (NT_STATUS_UNSUCCESSFUL); 96 97 (void) snprintf(netr_info->server, sizeof (netr_info->server), 98 "\\\\%s", server); 99 100 LE_OUT32(&leout_rc[0], random()); 101 LE_OUT32(&leout_rc[1], random()); 102 (void) memcpy(&netr_info->client_challenge, leout_rc, 103 sizeof (struct netr_credential)); 104 105 if ((rc = netr_server_req_challenge(netr_handle, netr_info)) == 0) { 106 rc = netr_server_authenticate2(netr_handle, netr_info); 107 if (rc == 0) { 108 smb_update_netlogon_seqnum(); 109 netr_info->flags |= NETR_FLG_VALID; 110 111 } 112 } 113 114 return ((rc) ? NT_STATUS_UNSUCCESSFUL : NT_STATUS_SUCCESS); 115 } 116 117 /* 118 * netr_open 119 * 120 * Open an anonymous session to the NETLOGON pipe on a domain controller 121 * and bind to the NETR RPC interface. 122 * 123 * We store the remote server information, which is used to drive Windows 124 * version specific behavior. 125 */ 126 int 127 netr_open(char *server, char *domain, mlsvc_handle_t *netr_handle) 128 { 129 char user[SMB_USERNAME_MAXLEN]; 130 131 smb_ipc_get_user(user, SMB_USERNAME_MAXLEN); 132 133 if (ndr_rpc_bind(netr_handle, server, domain, user, "NETR") < 0) 134 return (-1); 135 136 return (0); 137 } 138 139 /* 140 * netr_close 141 * 142 * Close a NETLOGON pipe and free the RPC context. 143 */ 144 int 145 netr_close(mlsvc_handle_t *netr_handle) 146 { 147 ndr_rpc_unbind(netr_handle); 148 return (0); 149 } 150 151 /* 152 * netr_server_req_challenge 153 */ 154 static int 155 netr_server_req_challenge(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 156 { 157 struct netr_ServerReqChallenge arg; 158 int opnum; 159 160 bzero(&arg, sizeof (struct netr_ServerReqChallenge)); 161 opnum = NETR_OPNUM_ServerReqChallenge; 162 163 arg.servername = (unsigned char *)netr_info->server; 164 arg.hostname = (unsigned char *)netr_info->hostname; 165 166 (void) memcpy(&arg.client_challenge, &netr_info->client_challenge, 167 sizeof (struct netr_credential)); 168 169 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 170 return (-1); 171 172 if (arg.status != 0) { 173 ndr_rpc_status(netr_handle, opnum, arg.status); 174 ndr_rpc_release(netr_handle); 175 return (-1); 176 } 177 178 (void) memcpy(&netr_info->server_challenge, &arg.server_challenge, 179 sizeof (struct netr_credential)); 180 181 ndr_rpc_release(netr_handle); 182 return (0); 183 } 184 185 /* 186 * netr_server_authenticate2 187 */ 188 static int 189 netr_server_authenticate2(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 190 { 191 struct netr_ServerAuthenticate2 arg; 192 int opnum; 193 int rc; 194 char account_name[NETBIOS_NAME_SZ * 2]; 195 196 bzero(&arg, sizeof (struct netr_ServerAuthenticate2)); 197 opnum = NETR_OPNUM_ServerAuthenticate2; 198 199 (void) snprintf(account_name, sizeof (account_name), "%s$", 200 netr_info->hostname); 201 202 smb_tracef("server=[%s] account_name=[%s] hostname=[%s]\n", 203 netr_info->server, account_name, netr_info->hostname); 204 205 arg.servername = (unsigned char *)netr_info->server; 206 arg.account_name = (unsigned char *)account_name; 207 arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE; 208 arg.hostname = (unsigned char *)netr_info->hostname; 209 arg.negotiate_flags = NETR_NEGOTIATE_BASE_FLAGS; 210 211 if (ndr_rpc_server_os(netr_handle) == NATIVE_OS_WIN2000) { 212 arg.negotiate_flags |= NETR_NEGOTIATE_STRONGKEY_FLAG; 213 if (netr_gen_skey128(netr_info) != SMBAUTH_SUCCESS) 214 return (-1); 215 } else { 216 if (netr_gen_skey64(netr_info) != SMBAUTH_SUCCESS) 217 return (-1); 218 } 219 220 if (netr_gen_credentials(netr_info->session_key.key, 221 &netr_info->client_challenge, 0, 222 &netr_info->client_credential) != SMBAUTH_SUCCESS) { 223 return (-1); 224 } 225 226 if (netr_gen_credentials(netr_info->session_key.key, 227 &netr_info->server_challenge, 0, 228 &netr_info->server_credential) != SMBAUTH_SUCCESS) { 229 return (-1); 230 } 231 232 (void) memcpy(&arg.client_credential, &netr_info->client_credential, 233 sizeof (struct netr_credential)); 234 235 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 236 return (-1); 237 238 if (arg.status != 0) { 239 ndr_rpc_status(netr_handle, opnum, arg.status); 240 ndr_rpc_release(netr_handle); 241 return (-1); 242 } 243 244 rc = memcmp(&netr_info->server_credential, &arg.server_credential, 245 sizeof (struct netr_credential)); 246 247 ndr_rpc_release(netr_handle); 248 return (rc); 249 } 250 251 /* 252 * netr_gen_skey128 253 * 254 * Generate a 128-bit session key from the client and server challenges. 255 * See "Session-Key Computation" section of MS-NRPC document. 256 */ 257 int 258 netr_gen_skey128(netr_info_t *netr_info) 259 { 260 unsigned char ntlmhash[SMBAUTH_HASH_SZ]; 261 int rc = SMBAUTH_FAILURE; 262 CK_RV rv; 263 CK_MECHANISM mechanism; 264 CK_SESSION_HANDLE hSession; 265 CK_ULONG diglen = MD_DIGEST_LEN; 266 unsigned char md5digest[MD_DIGEST_LEN]; 267 unsigned char zerobuf[NETR_SESSKEY_ZEROBUF_SZ]; 268 269 bzero(ntlmhash, SMBAUTH_HASH_SZ); 270 /* 271 * We should check (netr_info->flags & NETR_FLG_INIT) and use 272 * the appropriate password but it isn't working yet. So we 273 * always use the default one for now. 274 */ 275 bzero(netr_info->password, sizeof (netr_info->password)); 276 rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD, 277 (char *)netr_info->password, sizeof (netr_info->password)); 278 279 if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') { 280 return (SMBAUTH_FAILURE); 281 } 282 283 rc = smb_auth_ntlm_hash((char *)netr_info->password, ntlmhash); 284 if (rc != SMBAUTH_SUCCESS) 285 return (SMBAUTH_FAILURE); 286 287 bzero(zerobuf, NETR_SESSKEY_ZEROBUF_SZ); 288 289 mechanism.mechanism = CKM_MD5; 290 mechanism.pParameter = 0; 291 mechanism.ulParameterLen = 0; 292 293 rv = SUNW_C_GetMechSession(mechanism.mechanism, &hSession); 294 if (rv != CKR_OK) 295 return (SMBAUTH_FAILURE); 296 297 rv = C_DigestInit(hSession, &mechanism); 298 if (rv != CKR_OK) 299 goto cleanup; 300 301 rv = C_DigestUpdate(hSession, (CK_BYTE_PTR)zerobuf, 302 NETR_SESSKEY_ZEROBUF_SZ); 303 if (rv != CKR_OK) 304 goto cleanup; 305 306 rv = C_DigestUpdate(hSession, 307 (CK_BYTE_PTR)netr_info->client_challenge.data, NETR_CRED_DATA_SZ); 308 if (rv != CKR_OK) 309 goto cleanup; 310 311 rv = C_DigestUpdate(hSession, 312 (CK_BYTE_PTR)netr_info->server_challenge.data, NETR_CRED_DATA_SZ); 313 if (rv != CKR_OK) 314 goto cleanup; 315 316 rv = C_DigestFinal(hSession, (CK_BYTE_PTR)md5digest, &diglen); 317 if (rv != CKR_OK) 318 goto cleanup; 319 320 rc = smb_auth_hmac_md5(md5digest, diglen, ntlmhash, SMBAUTH_HASH_SZ, 321 netr_info->session_key.key); 322 323 netr_info->session_key.len = NETR_SESSKEY128_SZ; 324 cleanup: 325 (void) C_CloseSession(hSession); 326 return (rc); 327 328 } 329 /* 330 * netr_gen_skey64 331 * 332 * Generate a 64-bit session key from the client and server challenges. 333 * See "Session-Key Computation" section of MS-NRPC document. 334 * 335 * The algorithm is a two stage hash. For the first hash, the input is 336 * the combination of the client and server challenges, the key is 337 * the first 7 bytes of the password. The initial password is formed 338 * using the NT password hash on the local hostname in lower case. 339 * The result is stored in a temporary buffer. 340 * 341 * input: challenge 342 * key: passwd lower 7 bytes 343 * output: intermediate result 344 * 345 * For the second hash, the input is the result of the first hash and 346 * the key is the last 7 bytes of the password. 347 * 348 * input: result of first hash 349 * key: passwd upper 7 bytes 350 * output: session_key 351 * 352 * The final output should be the session key. 353 * 354 * FYI: smb_auth_DES(output, key, input) 355 * 356 * If any difficulties occur using the cryptographic framework, the 357 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 358 * returned. 359 */ 360 int 361 netr_gen_skey64(netr_info_t *netr_info) 362 { 363 unsigned char md4hash[32]; 364 unsigned char buffer[8]; 365 DWORD data[2]; 366 DWORD *client_challenge; 367 DWORD *server_challenge; 368 int rc; 369 DWORD le_data[2]; 370 371 client_challenge = (DWORD *)(uintptr_t)&netr_info->client_challenge; 372 server_challenge = (DWORD *)(uintptr_t)&netr_info->server_challenge; 373 bzero(md4hash, 32); 374 375 /* 376 * We should check (netr_info->flags & NETR_FLG_INIT) and use 377 * the appropriate password but it isn't working yet. So we 378 * always use the default one for now. 379 */ 380 bzero(netr_info->password, sizeof (netr_info->password)); 381 rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD, 382 (char *)netr_info->password, sizeof (netr_info->password)); 383 384 if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') { 385 return (SMBAUTH_FAILURE); 386 } 387 388 rc = smb_auth_ntlm_hash((char *)netr_info->password, md4hash); 389 390 if (rc != SMBAUTH_SUCCESS) 391 return (SMBAUTH_FAILURE); 392 393 data[0] = LE_IN32(&client_challenge[0]) + LE_IN32(&server_challenge[0]); 394 data[1] = LE_IN32(&client_challenge[1]) + LE_IN32(&server_challenge[1]); 395 LE_OUT32(&le_data[0], data[0]); 396 LE_OUT32(&le_data[1], data[1]); 397 rc = smb_auth_DES(buffer, 8, md4hash, NETR_DESKEY_LEN, 398 (unsigned char *)le_data, 8); 399 400 if (rc != SMBAUTH_SUCCESS) 401 return (rc); 402 403 netr_info->session_key.len = NETR_SESSKEY64_SZ; 404 rc = smb_auth_DES(netr_info->session_key.key, 405 netr_info->session_key.len, &md4hash[9], NETR_DESKEY_LEN, buffer, 406 8); 407 408 return (rc); 409 } 410 411 /* 412 * netr_gen_credentials 413 * 414 * Generate a set of credentials from a challenge and a session key. 415 * The algorithm is a two stage hash. For the first hash, the 416 * timestamp is added to the challenge and the result is stored in a 417 * temporary buffer: 418 * 419 * input: challenge (including timestamp) 420 * key: session_key 421 * output: intermediate result 422 * 423 * For the second hash, the input is the result of the first hash and 424 * a strange partial key is used: 425 * 426 * input: result of first hash 427 * key: funny partial key 428 * output: credentiails 429 * 430 * The final output should be an encrypted set of credentials. 431 * 432 * FYI: smb_auth_DES(output, key, input) 433 * 434 * If any difficulties occur using the cryptographic framework, the 435 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 436 * returned. 437 */ 438 int 439 netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge, 440 DWORD timestamp, netr_cred_t *out_cred) 441 { 442 unsigned char buffer[8]; 443 DWORD data[2]; 444 DWORD le_data[2]; 445 DWORD *p; 446 int rc; 447 448 p = (DWORD *)(uintptr_t)challenge; 449 data[0] = LE_IN32(&p[0]) + timestamp; 450 data[1] = LE_IN32(&p[1]); 451 452 LE_OUT32(&le_data[0], data[0]); 453 LE_OUT32(&le_data[1], data[1]); 454 455 if (smb_auth_DES(buffer, 8, session_key, NETR_DESKEY_LEN, 456 (unsigned char *)le_data, 8) != SMBAUTH_SUCCESS) 457 return (SMBAUTH_FAILURE); 458 459 rc = smb_auth_DES(out_cred->data, 8, &session_key[NETR_DESKEY_LEN], 460 NETR_DESKEY_LEN, buffer, 8); 461 462 return (rc); 463 } 464 465 /* 466 * netr_server_password_set 467 * 468 * Attempt to change the trust account password for this system. 469 * 470 * Note that this call may legitimately fail if the registry on the 471 * domain controller has been setup to deny attempts to change the 472 * trust account password. In this case we should just continue to 473 * use the original password. 474 * 475 * Possible status values: 476 * NT_STATUS_ACCESS_DENIED 477 */ 478 int 479 netr_server_password_set(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 480 { 481 struct netr_PasswordSet arg; 482 int opnum; 483 BYTE new_password[NETR_OWF_PASSWORD_SZ]; 484 char account_name[NETBIOS_NAME_SZ * 2]; 485 486 bzero(&arg, sizeof (struct netr_PasswordSet)); 487 opnum = NETR_OPNUM_ServerPasswordSet; 488 489 (void) snprintf(account_name, sizeof (account_name), "%s$", 490 netr_info->hostname); 491 492 arg.servername = (unsigned char *)netr_info->server; 493 arg.account_name = (unsigned char *)account_name; 494 arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE; 495 arg.hostname = (unsigned char *)netr_info->hostname; 496 497 /* 498 * Set up the client side authenticator. 499 */ 500 if (netr_setup_authenticator(netr_info, &arg.auth, 0) != 501 SMBAUTH_SUCCESS) { 502 return (-1); 503 } 504 505 /* 506 * Generate a new password from the old password. 507 */ 508 if (netr_gen_password(netr_info->session_key.key, 509 netr_info->password, new_password) == SMBAUTH_FAILURE) { 510 return (-1); 511 } 512 513 (void) memcpy(&arg.uas_new_password, &new_password, 514 NETR_OWF_PASSWORD_SZ); 515 516 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 517 return (-1); 518 519 if (arg.status != 0) { 520 ndr_rpc_status(netr_handle, opnum, arg.status); 521 ndr_rpc_release(netr_handle); 522 return (-1); 523 } 524 525 /* 526 * Check the returned credentials. The server returns the new 527 * client credential rather than the new server credentiali, 528 * as documented elsewhere. 529 * 530 * Generate the new seed for the credential chain. Increment 531 * the timestamp and add it to the client challenge. Then we 532 * need to copy the challenge to the credential field in 533 * preparation for the next cycle. 534 */ 535 if (netr_validate_chain(netr_info, &arg.auth) == 0) { 536 /* 537 * Save the new password. 538 */ 539 (void) memcpy(netr_info->password, new_password, 540 NETR_OWF_PASSWORD_SZ); 541 } 542 543 ndr_rpc_release(netr_handle); 544 return (0); 545 } 546 547 /* 548 * netr_gen_password 549 * 550 * Generate a new pasword from the old password and the session key. 551 * The algorithm is a two stage hash. The session key is used in the 552 * first hash but only part of the session key is used in the second 553 * hash. 554 * 555 * If any difficulties occur using the cryptographic framework, the 556 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 557 * returned. 558 */ 559 static int 560 netr_gen_password(BYTE *session_key, BYTE *old_password, BYTE *new_password) 561 { 562 int rv; 563 564 rv = smb_auth_DES(new_password, 8, session_key, NETR_DESKEY_LEN, 565 old_password, 8); 566 if (rv != SMBAUTH_SUCCESS) 567 return (rv); 568 569 rv = smb_auth_DES(&new_password[8], 8, &session_key[NETR_DESKEY_LEN], 570 NETR_DESKEY_LEN, &old_password[8], 8); 571 return (rv); 572 } 573