xref: /titanic_52/usr/src/lib/smbsrv/libmlsvc/common/netr_auth.c (revision f6e214c7418f43af38bd8c3a557e3d0a1d311cfa)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24  */
25 
26 /*
27  * NETR challenge/response client functions.
28  *
29  * NT_STATUS_INVALID_PARAMETER
30  * NT_STATUS_NO_TRUST_SAM_ACCOUNT
31  * NT_STATUS_ACCESS_DENIED
32  */
33 
34 #include <stdio.h>
35 #include <stdlib.h>
36 #include <strings.h>
37 #include <unistd.h>
38 #include <ctype.h>
39 #include <security/cryptoki.h>
40 #include <security/pkcs11.h>
41 
42 #include <smbsrv/libsmb.h>
43 #include <smbsrv/libsmbns.h>
44 #include <smbsrv/libmlsvc.h>
45 #include <smbsrv/ndl/netlogon.ndl>
46 #include <smbsrv/smbinfo.h>
47 #include <smbsrv/netrauth.h>
48 
49 #define	NETR_SESSKEY_ZEROBUF_SZ		4
50 /* The DES algorithm uses a 56-bit encryption key. */
51 #define	NETR_DESKEY_LEN			7
52 
53 int netr_setup_authenticator(netr_info_t *, struct netr_authenticator *,
54     struct netr_authenticator *);
55 DWORD netr_validate_chain(netr_info_t *, struct netr_authenticator *);
56 
57 static int netr_server_req_challenge(mlsvc_handle_t *, netr_info_t *);
58 static int netr_server_authenticate2(mlsvc_handle_t *, netr_info_t *);
59 static int netr_gen_password(BYTE *, BYTE *, BYTE *);
60 
61 /*
62  * Shared with netr_logon.c
63  */
64 netr_info_t netr_global_info;
65 
66 /*
67  * netlogon_auth
68  *
69  * This is the core of the NETLOGON authentication protocol.
70  * Do the challenge response authentication.
71  *
72  * Prior to calling this function, an anonymous session to the NETLOGON
73  * pipe on a domain controller(server) should have already been opened.
74  *
75  * Upon a successful NETLOGON credential chain establishment, the
76  * netlogon sequence number will be set to match the kpasswd sequence
77  * number.
78  *
79  */
80 DWORD
81 netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags)
82 {
83 	netr_info_t *netr_info;
84 	int rc;
85 	DWORD leout_rc[2];
86 
87 	netr_info = &netr_global_info;
88 	bzero(netr_info, sizeof (netr_info_t));
89 
90 	netr_info->flags |= flags;
91 
92 	rc = smb_getnetbiosname(netr_info->hostname, NETBIOS_NAME_SZ);
93 	if (rc != 0)
94 		return (NT_STATUS_UNSUCCESSFUL);
95 
96 	(void) snprintf(netr_info->server, sizeof (netr_info->server),
97 	    "\\\\%s", server);
98 
99 	LE_OUT32(&leout_rc[0], random());
100 	LE_OUT32(&leout_rc[1], random());
101 	(void) memcpy(&netr_info->client_challenge, leout_rc,
102 	    sizeof (struct netr_credential));
103 
104 	if ((rc = netr_server_req_challenge(netr_handle, netr_info)) == 0) {
105 		rc = netr_server_authenticate2(netr_handle, netr_info);
106 		if (rc == 0) {
107 			smb_update_netlogon_seqnum();
108 			netr_info->flags |= NETR_FLG_VALID;
109 
110 		}
111 	}
112 
113 	return ((rc) ? NT_STATUS_UNSUCCESSFUL : NT_STATUS_SUCCESS);
114 }
115 
116 /*
117  * netr_open
118  *
119  * Open an anonymous session to the NETLOGON pipe on a domain controller
120  * and bind to the NETR RPC interface.
121  *
122  * We store the remote server information, which is used to drive Windows
123  * version specific behavior.
124  */
125 int
126 netr_open(char *server, char *domain, mlsvc_handle_t *netr_handle)
127 {
128 	char user[SMB_USERNAME_MAXLEN];
129 
130 	smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
131 
132 	if (ndr_rpc_bind(netr_handle, server, domain, user, "NETR") < 0)
133 		return (-1);
134 
135 	return (0);
136 }
137 
138 /*
139  * netr_close
140  *
141  * Close a NETLOGON pipe and free the RPC context.
142  */
143 int
144 netr_close(mlsvc_handle_t *netr_handle)
145 {
146 	ndr_rpc_unbind(netr_handle);
147 	return (0);
148 }
149 
150 /*
151  * netr_server_req_challenge
152  */
153 static int
154 netr_server_req_challenge(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
155 {
156 	struct netr_ServerReqChallenge arg;
157 	int opnum;
158 
159 	bzero(&arg, sizeof (struct netr_ServerReqChallenge));
160 	opnum = NETR_OPNUM_ServerReqChallenge;
161 
162 	arg.servername = (unsigned char *)netr_info->server;
163 	arg.hostname = (unsigned char *)netr_info->hostname;
164 
165 	(void) memcpy(&arg.client_challenge, &netr_info->client_challenge,
166 	    sizeof (struct netr_credential));
167 
168 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
169 		return (-1);
170 
171 	if (arg.status != 0) {
172 		ndr_rpc_status(netr_handle, opnum, arg.status);
173 		ndr_rpc_release(netr_handle);
174 		return (-1);
175 	}
176 
177 	(void) memcpy(&netr_info->server_challenge, &arg.server_challenge,
178 	    sizeof (struct netr_credential));
179 
180 	ndr_rpc_release(netr_handle);
181 	return (0);
182 }
183 
184 /*
185  * netr_server_authenticate2
186  */
187 static int
188 netr_server_authenticate2(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
189 {
190 	struct netr_ServerAuthenticate2 arg;
191 	int opnum;
192 	int rc;
193 	char account_name[NETBIOS_NAME_SZ * 2];
194 
195 	bzero(&arg, sizeof (struct netr_ServerAuthenticate2));
196 	opnum = NETR_OPNUM_ServerAuthenticate2;
197 
198 	(void) snprintf(account_name, sizeof (account_name), "%s$",
199 	    netr_info->hostname);
200 
201 	smb_tracef("server=[%s] account_name=[%s] hostname=[%s]\n",
202 	    netr_info->server, account_name, netr_info->hostname);
203 
204 	arg.servername = (unsigned char *)netr_info->server;
205 	arg.account_name = (unsigned char *)account_name;
206 	arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE;
207 	arg.hostname = (unsigned char *)netr_info->hostname;
208 	arg.negotiate_flags = NETR_NEGOTIATE_BASE_FLAGS;
209 
210 	if (ndr_rpc_server_os(netr_handle) == NATIVE_OS_WIN2000) {
211 		arg.negotiate_flags |= NETR_NEGOTIATE_STRONGKEY_FLAG;
212 		if (netr_gen_skey128(netr_info) != SMBAUTH_SUCCESS)
213 			return (-1);
214 	} else {
215 		if (netr_gen_skey64(netr_info) != SMBAUTH_SUCCESS)
216 			return (-1);
217 	}
218 
219 	if (netr_gen_credentials(netr_info->session_key.key,
220 	    &netr_info->client_challenge, 0,
221 	    &netr_info->client_credential) != SMBAUTH_SUCCESS) {
222 		return (-1);
223 	}
224 
225 	if (netr_gen_credentials(netr_info->session_key.key,
226 	    &netr_info->server_challenge, 0,
227 	    &netr_info->server_credential) != SMBAUTH_SUCCESS) {
228 		return (-1);
229 	}
230 
231 	(void) memcpy(&arg.client_credential, &netr_info->client_credential,
232 	    sizeof (struct netr_credential));
233 
234 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
235 		return (-1);
236 
237 	if (arg.status != 0) {
238 		ndr_rpc_status(netr_handle, opnum, arg.status);
239 		ndr_rpc_release(netr_handle);
240 		return (-1);
241 	}
242 
243 	rc = memcmp(&netr_info->server_credential, &arg.server_credential,
244 	    sizeof (struct netr_credential));
245 
246 	ndr_rpc_release(netr_handle);
247 	return (rc);
248 }
249 
250 /*
251  * netr_gen_skey128
252  *
253  * Generate a 128-bit session key from the client and server challenges.
254  * See "Session-Key Computation" section of MS-NRPC document.
255  */
256 int
257 netr_gen_skey128(netr_info_t *netr_info)
258 {
259 	unsigned char ntlmhash[SMBAUTH_HASH_SZ];
260 	int rc = SMBAUTH_FAILURE;
261 	CK_RV rv;
262 	CK_MECHANISM mechanism;
263 	CK_SESSION_HANDLE hSession;
264 	CK_ULONG diglen = MD_DIGEST_LEN;
265 	unsigned char md5digest[MD_DIGEST_LEN];
266 	unsigned char zerobuf[NETR_SESSKEY_ZEROBUF_SZ];
267 
268 	bzero(ntlmhash, SMBAUTH_HASH_SZ);
269 	/*
270 	 * We should check (netr_info->flags & NETR_FLG_INIT) and use
271 	 * the appropriate password but it isn't working yet.  So we
272 	 * always use the default one for now.
273 	 */
274 	bzero(netr_info->password, sizeof (netr_info->password));
275 	rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD,
276 	    (char *)netr_info->password, sizeof (netr_info->password));
277 
278 	if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') {
279 		return (SMBAUTH_FAILURE);
280 	}
281 
282 	rc = smb_auth_ntlm_hash((char *)netr_info->password, ntlmhash);
283 	if (rc != SMBAUTH_SUCCESS)
284 		return (SMBAUTH_FAILURE);
285 
286 	bzero(zerobuf, NETR_SESSKEY_ZEROBUF_SZ);
287 
288 	mechanism.mechanism = CKM_MD5;
289 	mechanism.pParameter = 0;
290 	mechanism.ulParameterLen = 0;
291 
292 	rv = SUNW_C_GetMechSession(mechanism.mechanism, &hSession);
293 	if (rv != CKR_OK)
294 		return (SMBAUTH_FAILURE);
295 
296 	rv = C_DigestInit(hSession, &mechanism);
297 	if (rv != CKR_OK)
298 		goto cleanup;
299 
300 	rv = C_DigestUpdate(hSession, (CK_BYTE_PTR)zerobuf,
301 	    NETR_SESSKEY_ZEROBUF_SZ);
302 	if (rv != CKR_OK)
303 		goto cleanup;
304 
305 	rv = C_DigestUpdate(hSession,
306 	    (CK_BYTE_PTR)netr_info->client_challenge.data, NETR_CRED_DATA_SZ);
307 	if (rv != CKR_OK)
308 		goto cleanup;
309 
310 	rv = C_DigestUpdate(hSession,
311 	    (CK_BYTE_PTR)netr_info->server_challenge.data, NETR_CRED_DATA_SZ);
312 	if (rv != CKR_OK)
313 		goto cleanup;
314 
315 	rv = C_DigestFinal(hSession, (CK_BYTE_PTR)md5digest, &diglen);
316 	if (rv != CKR_OK)
317 		goto cleanup;
318 
319 	rc = smb_auth_hmac_md5(md5digest, diglen, ntlmhash, SMBAUTH_HASH_SZ,
320 	    netr_info->session_key.key);
321 
322 	netr_info->session_key.len = NETR_SESSKEY128_SZ;
323 cleanup:
324 	(void) C_CloseSession(hSession);
325 	return (rc);
326 
327 }
328 /*
329  * netr_gen_skey64
330  *
331  * Generate a 64-bit session key from the client and server challenges.
332  * See "Session-Key Computation" section of MS-NRPC document.
333  *
334  * The algorithm is a two stage hash. For the first hash, the input is
335  * the combination of the client and server challenges, the key is
336  * the first 7 bytes of the password. The initial password is formed
337  * using the NT password hash on the local hostname in lower case.
338  * The result is stored in a temporary buffer.
339  *
340  *		input:	challenge
341  *		key:	passwd lower 7 bytes
342  *		output:	intermediate result
343  *
344  * For the second hash, the input is the result of the first hash and
345  * the key is the last 7 bytes of the password.
346  *
347  *		input:	result of first hash
348  *		key:	passwd upper 7 bytes
349  *		output:	session_key
350  *
351  * The final output should be the session key.
352  *
353  *		FYI: smb_auth_DES(output, key, input)
354  *
355  * If any difficulties occur using the cryptographic framework, the
356  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
357  * returned.
358  */
359 int
360 netr_gen_skey64(netr_info_t *netr_info)
361 {
362 	unsigned char md4hash[32];
363 	unsigned char buffer[8];
364 	DWORD data[2];
365 	DWORD *client_challenge;
366 	DWORD *server_challenge;
367 	int rc;
368 	DWORD le_data[2];
369 
370 	client_challenge = (DWORD *)(uintptr_t)&netr_info->client_challenge;
371 	server_challenge = (DWORD *)(uintptr_t)&netr_info->server_challenge;
372 	bzero(md4hash, 32);
373 
374 	/*
375 	 * We should check (netr_info->flags & NETR_FLG_INIT) and use
376 	 * the appropriate password but it isn't working yet.  So we
377 	 * always use the default one for now.
378 	 */
379 	bzero(netr_info->password, sizeof (netr_info->password));
380 	rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD,
381 	    (char *)netr_info->password, sizeof (netr_info->password));
382 
383 	if ((rc != SMBD_SMF_OK) || *netr_info->password == '\0') {
384 		return (SMBAUTH_FAILURE);
385 	}
386 
387 	rc = smb_auth_ntlm_hash((char *)netr_info->password, md4hash);
388 
389 	if (rc != SMBAUTH_SUCCESS)
390 		return (SMBAUTH_FAILURE);
391 
392 	data[0] = LE_IN32(&client_challenge[0]) + LE_IN32(&server_challenge[0]);
393 	data[1] = LE_IN32(&client_challenge[1]) + LE_IN32(&server_challenge[1]);
394 	LE_OUT32(&le_data[0], data[0]);
395 	LE_OUT32(&le_data[1], data[1]);
396 	rc = smb_auth_DES(buffer, 8, md4hash, NETR_DESKEY_LEN,
397 	    (unsigned char *)le_data, 8);
398 
399 	if (rc != SMBAUTH_SUCCESS)
400 		return (rc);
401 
402 	netr_info->session_key.len = NETR_SESSKEY64_SZ;
403 	rc = smb_auth_DES(netr_info->session_key.key,
404 	    netr_info->session_key.len, &md4hash[9], NETR_DESKEY_LEN, buffer,
405 	    8);
406 
407 	return (rc);
408 }
409 
410 /*
411  * netr_gen_credentials
412  *
413  * Generate a set of credentials from a challenge and a session key.
414  * The algorithm is a two stage hash. For the first hash, the
415  * timestamp is added to the challenge and the result is stored in a
416  * temporary buffer:
417  *
418  *		input:	challenge (including timestamp)
419  *		key:	session_key
420  *		output:	intermediate result
421  *
422  * For the second hash, the input is the result of the first hash and
423  * a strange partial key is used:
424  *
425  *		input:	result of first hash
426  *		key:	funny partial key
427  *		output:	credentiails
428  *
429  * The final output should be an encrypted set of credentials.
430  *
431  *		FYI: smb_auth_DES(output, key, input)
432  *
433  * If any difficulties occur using the cryptographic framework, the
434  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
435  * returned.
436  */
437 int
438 netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge,
439     DWORD timestamp, netr_cred_t *out_cred)
440 {
441 	unsigned char buffer[8];
442 	DWORD data[2];
443 	DWORD le_data[2];
444 	DWORD *p;
445 	int rc;
446 
447 	p = (DWORD *)(uintptr_t)challenge;
448 	data[0] = LE_IN32(&p[0]) + timestamp;
449 	data[1] = LE_IN32(&p[1]);
450 
451 	LE_OUT32(&le_data[0], data[0]);
452 	LE_OUT32(&le_data[1], data[1]);
453 
454 	if (smb_auth_DES(buffer, 8, session_key, NETR_DESKEY_LEN,
455 	    (unsigned char *)le_data, 8) != SMBAUTH_SUCCESS)
456 		return (SMBAUTH_FAILURE);
457 
458 	rc = smb_auth_DES(out_cred->data, 8, &session_key[NETR_DESKEY_LEN],
459 	    NETR_DESKEY_LEN, buffer, 8);
460 
461 	return (rc);
462 }
463 
464 /*
465  * netr_server_password_set
466  *
467  * Attempt to change the trust account password for this system.
468  *
469  * Note that this call may legitimately fail if the registry on the
470  * domain controller has been setup to deny attempts to change the
471  * trust account password. In this case we should just continue to
472  * use the original password.
473  *
474  * Possible status values:
475  *	NT_STATUS_ACCESS_DENIED
476  */
477 int
478 netr_server_password_set(mlsvc_handle_t *netr_handle, netr_info_t *netr_info)
479 {
480 	struct netr_PasswordSet  arg;
481 	int opnum;
482 	BYTE new_password[NETR_OWF_PASSWORD_SZ];
483 	char account_name[NETBIOS_NAME_SZ * 2];
484 
485 	bzero(&arg, sizeof (struct netr_PasswordSet));
486 	opnum = NETR_OPNUM_ServerPasswordSet;
487 
488 	(void) snprintf(account_name, sizeof (account_name), "%s$",
489 	    netr_info->hostname);
490 
491 	arg.servername = (unsigned char *)netr_info->server;
492 	arg.account_name = (unsigned char *)account_name;
493 	arg.account_type = NETR_WKSTA_TRUST_ACCOUNT_TYPE;
494 	arg.hostname = (unsigned char *)netr_info->hostname;
495 
496 	/*
497 	 * Set up the client side authenticator.
498 	 */
499 	if (netr_setup_authenticator(netr_info, &arg.auth, 0) !=
500 	    SMBAUTH_SUCCESS) {
501 		return (-1);
502 	}
503 
504 	/*
505 	 * Generate a new password from the old password.
506 	 */
507 	if (netr_gen_password(netr_info->session_key.key,
508 	    netr_info->password, new_password) == SMBAUTH_FAILURE) {
509 		return (-1);
510 	}
511 
512 	(void) memcpy(&arg.uas_new_password, &new_password,
513 	    NETR_OWF_PASSWORD_SZ);
514 
515 	if (ndr_rpc_call(netr_handle, opnum, &arg) != 0)
516 		return (-1);
517 
518 	if (arg.status != 0) {
519 		ndr_rpc_status(netr_handle, opnum, arg.status);
520 		ndr_rpc_release(netr_handle);
521 		return (-1);
522 	}
523 
524 	/*
525 	 * Check the returned credentials.  The server returns the new
526 	 * client credential rather than the new server credentiali,
527 	 * as documented elsewhere.
528 	 *
529 	 * Generate the new seed for the credential chain.  Increment
530 	 * the timestamp and add it to the client challenge.  Then we
531 	 * need to copy the challenge to the credential field in
532 	 * preparation for the next cycle.
533 	 */
534 	if (netr_validate_chain(netr_info, &arg.auth) == 0) {
535 		/*
536 		 * Save the new password.
537 		 */
538 		(void) memcpy(netr_info->password, new_password,
539 		    NETR_OWF_PASSWORD_SZ);
540 	}
541 
542 	ndr_rpc_release(netr_handle);
543 	return (0);
544 }
545 
546 /*
547  * netr_gen_password
548  *
549  * Generate a new pasword from the old password  and the session key.
550  * The algorithm is a two stage hash. The session key is used in the
551  * first hash but only part of the session key is used in the second
552  * hash.
553  *
554  * If any difficulties occur using the cryptographic framework, the
555  * function returns SMBAUTH_FAILURE.  Otherwise SMBAUTH_SUCCESS is
556  * returned.
557  */
558 static int
559 netr_gen_password(BYTE *session_key, BYTE *old_password, BYTE *new_password)
560 {
561 	int rv;
562 
563 	rv = smb_auth_DES(new_password, 8, session_key, NETR_DESKEY_LEN,
564 	    old_password, 8);
565 	if (rv != SMBAUTH_SUCCESS)
566 		return (rv);
567 
568 	rv = smb_auth_DES(&new_password[8], 8, &session_key[NETR_DESKEY_LEN],
569 	    NETR_DESKEY_LEN, &old_password[8], 8);
570 	return (rv);
571 }
572