1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 24 * Copyright 2012 Nexenta Systems, Inc. All rights reserved. 25 */ 26 27 /* 28 * NETR challenge/response client functions. 29 * 30 * NT_STATUS_INVALID_PARAMETER 31 * NT_STATUS_NO_TRUST_SAM_ACCOUNT 32 * NT_STATUS_ACCESS_DENIED 33 */ 34 35 #include <stdio.h> 36 #include <stdlib.h> 37 #include <strings.h> 38 #include <unistd.h> 39 #include <ctype.h> 40 #include <security/cryptoki.h> 41 #include <security/pkcs11.h> 42 43 #include <smbsrv/libsmb.h> 44 #include <smbsrv/libsmbns.h> 45 #include <smbsrv/libmlsvc.h> 46 #include <smbsrv/ndl/netlogon.ndl> 47 #include <smbsrv/smbinfo.h> 48 #include <smbsrv/netrauth.h> 49 50 #define NETR_SESSKEY_ZEROBUF_SZ 4 51 /* The DES algorithm uses a 56-bit encryption key. */ 52 #define NETR_DESKEY_LEN 7 53 54 int netr_setup_authenticator(netr_info_t *, struct netr_authenticator *, 55 struct netr_authenticator *); 56 DWORD netr_validate_chain(netr_info_t *, struct netr_authenticator *); 57 58 static int netr_server_req_challenge(mlsvc_handle_t *, netr_info_t *); 59 static int netr_server_authenticate2(mlsvc_handle_t *, netr_info_t *); 60 static int netr_gen_password(BYTE *, BYTE *, BYTE *); 61 62 /* 63 * Shared with netr_logon.c 64 */ 65 netr_info_t netr_global_info; 66 67 /* 68 * netlogon_auth 69 * 70 * This is the core of the NETLOGON authentication protocol. 71 * Do the challenge response authentication. 72 * 73 * Prior to calling this function, an anonymous session to the NETLOGON 74 * pipe on a domain controller(server) should have already been opened. 75 * 76 * Upon a successful NETLOGON credential chain establishment, the 77 * netlogon sequence number will be set to match the kpasswd sequence 78 * number. 79 * 80 */ 81 DWORD 82 netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags) 83 { 84 netr_info_t *netr_info; 85 int rc; 86 DWORD leout_rc[2]; 87 88 netr_info = &netr_global_info; 89 bzero(netr_info, sizeof (netr_info_t)); 90 91 netr_info->flags |= flags; 92 93 rc = smb_getnetbiosname(netr_info->hostname, NETBIOS_NAME_SZ); 94 if (rc != 0) 95 return (NT_STATUS_UNSUCCESSFUL); 96 97 (void) snprintf(netr_info->server, sizeof (netr_info->server), 98 "\\\\%s", server); 99 100 LE_OUT32(&leout_rc[0], random()); 101 LE_OUT32(&leout_rc[1], random()); 102 (void) memcpy(&netr_info->client_challenge, leout_rc, 103 sizeof (struct netr_credential)); 104 105 if ((rc = netr_server_req_challenge(netr_handle, netr_info)) == 0) { 106 rc = netr_server_authenticate2(netr_handle, netr_info); 107 if (rc == 0) { 108 /* 109 * TODO: (later) When joining a domain using a 110 * pre-created machine account, should do: 111 * netr_server_password_set(&netr_handle, netr_info); 112 * Nexenta issue 11960 113 */ 114 smb_update_netlogon_seqnum(); 115 netr_info->flags |= NETR_FLG_VALID; 116 117 } 118 } 119 120 return ((rc) ? NT_STATUS_UNSUCCESSFUL : NT_STATUS_SUCCESS); 121 } 122 123 /* 124 * netr_open 125 * 126 * Open an anonymous session to the NETLOGON pipe on a domain controller 127 * and bind to the NETR RPC interface. 128 * 129 * We store the remote server information, which is used to drive Windows 130 * version specific behavior. 131 */ 132 int 133 netr_open(char *server, char *domain, mlsvc_handle_t *netr_handle) 134 { 135 char user[SMB_USERNAME_MAXLEN]; 136 137 smb_ipc_get_user(user, SMB_USERNAME_MAXLEN); 138 139 if (ndr_rpc_bind(netr_handle, server, domain, user, "NETR") < 0) 140 return (-1); 141 142 return (0); 143 } 144 145 /* 146 * netr_close 147 * 148 * Close a NETLOGON pipe and free the RPC context. 149 */ 150 int 151 netr_close(mlsvc_handle_t *netr_handle) 152 { 153 ndr_rpc_unbind(netr_handle); 154 return (0); 155 } 156 157 /* 158 * netr_server_req_challenge 159 */ 160 static int 161 netr_server_req_challenge(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 162 { 163 struct netr_ServerReqChallenge arg; 164 int opnum; 165 166 bzero(&arg, sizeof (struct netr_ServerReqChallenge)); 167 opnum = NETR_OPNUM_ServerReqChallenge; 168 169 arg.servername = (unsigned char *)netr_info->server; 170 arg.hostname = (unsigned char *)netr_info->hostname; 171 172 (void) memcpy(&arg.client_challenge, &netr_info->client_challenge, 173 sizeof (struct netr_credential)); 174 175 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 176 return (-1); 177 178 if (arg.status != 0) { 179 ndr_rpc_status(netr_handle, opnum, arg.status); 180 ndr_rpc_release(netr_handle); 181 return (-1); 182 } 183 184 (void) memcpy(&netr_info->server_challenge, &arg.server_challenge, 185 sizeof (struct netr_credential)); 186 187 ndr_rpc_release(netr_handle); 188 return (0); 189 } 190 191 /* 192 * netr_server_authenticate2 193 */ 194 static int 195 netr_server_authenticate2(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 196 { 197 struct netr_ServerAuthenticate2 arg; 198 int opnum; 199 int rc; 200 char account_name[NETBIOS_NAME_SZ * 2]; 201 202 bzero(&arg, sizeof (struct netr_ServerAuthenticate2)); 203 opnum = NETR_OPNUM_ServerAuthenticate2; 204 205 (void) snprintf(account_name, sizeof (account_name), "%s$", 206 netr_info->hostname); 207 208 smb_tracef("server=[%s] account_name=[%s] hostname=[%s]\n", 209 netr_info->server, account_name, netr_info->hostname); 210 211 arg.servername = (unsigned char *)netr_info->server; 212 arg.account_name = (unsigned char *)account_name; 213 arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE; 214 arg.hostname = (unsigned char *)netr_info->hostname; 215 arg.negotiate_flags = NETR_NEGOTIATE_BASE_FLAGS; 216 217 if (ndr_rpc_server_os(netr_handle) == NATIVE_OS_WIN2000) { 218 arg.negotiate_flags |= NETR_NEGOTIATE_STRONGKEY_FLAG; 219 if (netr_gen_skey128(netr_info) != SMBAUTH_SUCCESS) 220 return (-1); 221 } else { 222 if (netr_gen_skey64(netr_info) != SMBAUTH_SUCCESS) 223 return (-1); 224 } 225 226 if (netr_gen_credentials(netr_info->session_key.key, 227 &netr_info->client_challenge, 0, 228 &netr_info->client_credential) != SMBAUTH_SUCCESS) { 229 return (-1); 230 } 231 232 if (netr_gen_credentials(netr_info->session_key.key, 233 &netr_info->server_challenge, 0, 234 &netr_info->server_credential) != SMBAUTH_SUCCESS) { 235 return (-1); 236 } 237 238 (void) memcpy(&arg.client_credential, &netr_info->client_credential, 239 sizeof (struct netr_credential)); 240 241 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 242 return (-1); 243 244 if (arg.status != 0) { 245 ndr_rpc_status(netr_handle, opnum, arg.status); 246 ndr_rpc_release(netr_handle); 247 return (-1); 248 } 249 250 rc = memcmp(&netr_info->server_credential, &arg.server_credential, 251 sizeof (struct netr_credential)); 252 253 ndr_rpc_release(netr_handle); 254 return (rc); 255 } 256 257 /* 258 * netr_gen_skey128 259 * 260 * Generate a 128-bit session key from the client and server challenges. 261 * See "Session-Key Computation" section of MS-NRPC document. 262 */ 263 int 264 netr_gen_skey128(netr_info_t *netr_info) 265 { 266 unsigned char ntlmhash[SMBAUTH_HASH_SZ]; 267 int rc = SMBAUTH_FAILURE; 268 CK_RV rv; 269 CK_MECHANISM mechanism; 270 CK_SESSION_HANDLE hSession; 271 CK_ULONG diglen = MD_DIGEST_LEN; 272 unsigned char md5digest[MD_DIGEST_LEN]; 273 unsigned char zerobuf[NETR_SESSKEY_ZEROBUF_SZ]; 274 275 bzero(ntlmhash, SMBAUTH_HASH_SZ); 276 /* 277 * We should check (netr_info->flags & NETR_FLG_INIT) and use 278 * the appropriate password but it isn't working yet. So we 279 * always use the default one for now. 280 */ 281 bzero(netr_info->password, sizeof (netr_info->password)); 282 rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD, 283 (char *)netr_info->password, sizeof (netr_info->password)); 284 285 if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') { 286 return (SMBAUTH_FAILURE); 287 } 288 289 rc = smb_auth_ntlm_hash((char *)netr_info->password, ntlmhash); 290 if (rc != SMBAUTH_SUCCESS) 291 return (SMBAUTH_FAILURE); 292 293 bzero(zerobuf, NETR_SESSKEY_ZEROBUF_SZ); 294 295 mechanism.mechanism = CKM_MD5; 296 mechanism.pParameter = 0; 297 mechanism.ulParameterLen = 0; 298 299 rv = SUNW_C_GetMechSession(mechanism.mechanism, &hSession); 300 if (rv != CKR_OK) 301 return (SMBAUTH_FAILURE); 302 303 rv = C_DigestInit(hSession, &mechanism); 304 if (rv != CKR_OK) 305 goto cleanup; 306 307 rv = C_DigestUpdate(hSession, (CK_BYTE_PTR)zerobuf, 308 NETR_SESSKEY_ZEROBUF_SZ); 309 if (rv != CKR_OK) 310 goto cleanup; 311 312 rv = C_DigestUpdate(hSession, 313 (CK_BYTE_PTR)netr_info->client_challenge.data, NETR_CRED_DATA_SZ); 314 if (rv != CKR_OK) 315 goto cleanup; 316 317 rv = C_DigestUpdate(hSession, 318 (CK_BYTE_PTR)netr_info->server_challenge.data, NETR_CRED_DATA_SZ); 319 if (rv != CKR_OK) 320 goto cleanup; 321 322 rv = C_DigestFinal(hSession, (CK_BYTE_PTR)md5digest, &diglen); 323 if (rv != CKR_OK) 324 goto cleanup; 325 326 rc = smb_auth_hmac_md5(md5digest, diglen, ntlmhash, SMBAUTH_HASH_SZ, 327 netr_info->session_key.key); 328 329 netr_info->session_key.len = NETR_SESSKEY128_SZ; 330 cleanup: 331 (void) C_CloseSession(hSession); 332 return (rc); 333 334 } 335 /* 336 * netr_gen_skey64 337 * 338 * Generate a 64-bit session key from the client and server challenges. 339 * See "Session-Key Computation" section of MS-NRPC document. 340 * 341 * The algorithm is a two stage hash. For the first hash, the input is 342 * the combination of the client and server challenges, the key is 343 * the first 7 bytes of the password. The initial password is formed 344 * using the NT password hash on the local hostname in lower case. 345 * The result is stored in a temporary buffer. 346 * 347 * input: challenge 348 * key: passwd lower 7 bytes 349 * output: intermediate result 350 * 351 * For the second hash, the input is the result of the first hash and 352 * the key is the last 7 bytes of the password. 353 * 354 * input: result of first hash 355 * key: passwd upper 7 bytes 356 * output: session_key 357 * 358 * The final output should be the session key. 359 * 360 * FYI: smb_auth_DES(output, key, input) 361 * 362 * If any difficulties occur using the cryptographic framework, the 363 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 364 * returned. 365 */ 366 int 367 netr_gen_skey64(netr_info_t *netr_info) 368 { 369 unsigned char md4hash[32]; 370 unsigned char buffer[8]; 371 DWORD data[2]; 372 DWORD *client_challenge; 373 DWORD *server_challenge; 374 int rc; 375 DWORD le_data[2]; 376 377 client_challenge = (DWORD *)(uintptr_t)&netr_info->client_challenge; 378 server_challenge = (DWORD *)(uintptr_t)&netr_info->server_challenge; 379 bzero(md4hash, 32); 380 381 /* 382 * We should check (netr_info->flags & NETR_FLG_INIT) and use 383 * the appropriate password but it isn't working yet. So we 384 * always use the default one for now. 385 */ 386 bzero(netr_info->password, sizeof (netr_info->password)); 387 rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD, 388 (char *)netr_info->password, sizeof (netr_info->password)); 389 390 if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') { 391 return (SMBAUTH_FAILURE); 392 } 393 394 rc = smb_auth_ntlm_hash((char *)netr_info->password, md4hash); 395 396 if (rc != SMBAUTH_SUCCESS) 397 return (SMBAUTH_FAILURE); 398 399 data[0] = LE_IN32(&client_challenge[0]) + LE_IN32(&server_challenge[0]); 400 data[1] = LE_IN32(&client_challenge[1]) + LE_IN32(&server_challenge[1]); 401 LE_OUT32(&le_data[0], data[0]); 402 LE_OUT32(&le_data[1], data[1]); 403 rc = smb_auth_DES(buffer, 8, md4hash, NETR_DESKEY_LEN, 404 (unsigned char *)le_data, 8); 405 406 if (rc != SMBAUTH_SUCCESS) 407 return (rc); 408 409 netr_info->session_key.len = NETR_SESSKEY64_SZ; 410 rc = smb_auth_DES(netr_info->session_key.key, 411 netr_info->session_key.len, &md4hash[9], NETR_DESKEY_LEN, buffer, 412 8); 413 414 return (rc); 415 } 416 417 /* 418 * netr_gen_credentials 419 * 420 * Generate a set of credentials from a challenge and a session key. 421 * The algorithm is a two stage hash. For the first hash, the 422 * timestamp is added to the challenge and the result is stored in a 423 * temporary buffer: 424 * 425 * input: challenge (including timestamp) 426 * key: session_key 427 * output: intermediate result 428 * 429 * For the second hash, the input is the result of the first hash and 430 * a strange partial key is used: 431 * 432 * input: result of first hash 433 * key: funny partial key 434 * output: credentiails 435 * 436 * The final output should be an encrypted set of credentials. 437 * 438 * FYI: smb_auth_DES(output, key, input) 439 * 440 * If any difficulties occur using the cryptographic framework, the 441 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 442 * returned. 443 */ 444 int 445 netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge, 446 DWORD timestamp, netr_cred_t *out_cred) 447 { 448 unsigned char buffer[8]; 449 DWORD data[2]; 450 DWORD le_data[2]; 451 DWORD *p; 452 int rc; 453 454 p = (DWORD *)(uintptr_t)challenge; 455 data[0] = LE_IN32(&p[0]) + timestamp; 456 data[1] = LE_IN32(&p[1]); 457 458 LE_OUT32(&le_data[0], data[0]); 459 LE_OUT32(&le_data[1], data[1]); 460 461 if (smb_auth_DES(buffer, 8, session_key, NETR_DESKEY_LEN, 462 (unsigned char *)le_data, 8) != SMBAUTH_SUCCESS) 463 return (SMBAUTH_FAILURE); 464 465 rc = smb_auth_DES(out_cred->data, 8, &session_key[NETR_DESKEY_LEN], 466 NETR_DESKEY_LEN, buffer, 8); 467 468 return (rc); 469 } 470 471 /* 472 * netr_server_password_set 473 * 474 * Attempt to change the trust account password for this system. 475 * 476 * Note that this call may legitimately fail if the registry on the 477 * domain controller has been setup to deny attempts to change the 478 * trust account password. In this case we should just continue to 479 * use the original password. 480 * 481 * Possible status values: 482 * NT_STATUS_ACCESS_DENIED 483 */ 484 int 485 netr_server_password_set(mlsvc_handle_t *netr_handle, netr_info_t *netr_info) 486 { 487 struct netr_PasswordSet arg; 488 int opnum; 489 BYTE new_password[NETR_OWF_PASSWORD_SZ]; 490 char account_name[NETBIOS_NAME_SZ * 2]; 491 492 bzero(&arg, sizeof (struct netr_PasswordSet)); 493 opnum = NETR_OPNUM_ServerPasswordSet; 494 495 (void) snprintf(account_name, sizeof (account_name), "%s$", 496 netr_info->hostname); 497 498 arg.servername = (unsigned char *)netr_info->server; 499 arg.account_name = (unsigned char *)account_name; 500 arg.sec_chan_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE; 501 arg.hostname = (unsigned char *)netr_info->hostname; 502 503 /* 504 * Set up the client side authenticator. 505 */ 506 if (netr_setup_authenticator(netr_info, &arg.auth, 0) != 507 SMBAUTH_SUCCESS) { 508 return (-1); 509 } 510 511 /* 512 * Generate a new password from the old password. 513 */ 514 if (netr_gen_password(netr_info->session_key.key, 515 netr_info->password, new_password) == SMBAUTH_FAILURE) { 516 return (-1); 517 } 518 519 (void) memcpy(&arg.owf_password, &new_password, 520 NETR_OWF_PASSWORD_SZ); 521 522 if (ndr_rpc_call(netr_handle, opnum, &arg) != 0) 523 return (-1); 524 525 if (arg.status != 0) { 526 ndr_rpc_status(netr_handle, opnum, arg.status); 527 ndr_rpc_release(netr_handle); 528 return (-1); 529 } 530 531 /* 532 * Check the returned credentials. The server returns the new 533 * client credential rather than the new server credentiali, 534 * as documented elsewhere. 535 * 536 * Generate the new seed for the credential chain. Increment 537 * the timestamp and add it to the client challenge. Then we 538 * need to copy the challenge to the credential field in 539 * preparation for the next cycle. 540 */ 541 if (netr_validate_chain(netr_info, &arg.auth) == 0) { 542 /* 543 * Save the new password. 544 */ 545 (void) memcpy(netr_info->password, new_password, 546 NETR_OWF_PASSWORD_SZ); 547 } 548 549 ndr_rpc_release(netr_handle); 550 return (0); 551 } 552 553 /* 554 * netr_gen_password 555 * 556 * Generate a new pasword from the old password and the session key. 557 * The algorithm is a two stage hash. The session key is used in the 558 * first hash but only part of the session key is used in the second 559 * hash. 560 * 561 * If any difficulties occur using the cryptographic framework, the 562 * function returns SMBAUTH_FAILURE. Otherwise SMBAUTH_SUCCESS is 563 * returned. 564 */ 565 static int 566 netr_gen_password(BYTE *session_key, BYTE *old_password, BYTE *new_password) 567 { 568 int rv; 569 570 rv = smb_auth_DES(new_password, 8, session_key, NETR_DESKEY_LEN, 571 old_password, 8); 572 if (rv != SMBAUTH_SUCCESS) 573 return (rv); 574 575 rv = smb_auth_DES(&new_password[8], 8, &session_key[NETR_DESKEY_LEN], 576 NETR_DESKEY_LEN, &old_password[8], 8); 577 return (rv); 578 } 579 580 /* 581 * Todo: need netr_server_password_set2() 582 * used by "unsecure join". (NX 11960) 583 */ 584