svc_auth_des.c revision 261046 
1
2/*
3 * Copyright (c) 1988 by Sun Microsystems, Inc.
4 */
5
6/*-
7 * Copyright (c) 2009, Sun Microsystems, Inc.
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions are met:
12 * - Redistributions of source code must retain the above copyright notice,
13 *   this list of conditions and the following disclaimer.
14 * - Redistributions in binary form must reproduce the above copyright notice,
15 *   this list of conditions and the following disclaimer in the documentation
16 *   and/or other materials provided with the distribution.
17 * - Neither the name of Sun Microsystems, Inc. nor the names of its
18 *   contributors may be used to endorse or promote products derived
19 *   from this software without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
25 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31 * POSSIBILITY OF SUCH DAMAGE.
32 */
33
34/*
35 * svcauth_des.c, server-side des authentication
36 *
37 * We insure for the service the following:
38 * (1) The timestamp microseconds do not exceed 1 million.
39 * (2) The timestamp plus the window is less than the current time.
40 * (3) The timestamp is not less than the one previously
41 *     seen in the current session.
42 *
43 * It is up to the server to determine if the window size is
44 * too small .
45 *
46 */
47
48#include "namespace.h"
49#include "reentrant.h"
50#include <string.h>
51#include <stdlib.h>
52#include <stdio.h>
53#include <unistd.h>
54#include <rpc/des_crypt.h>
55#include <sys/param.h>
56#include <netinet/in.h>
57#include <rpc/types.h>
58#include <rpc/xdr.h>
59#include <rpc/auth.h>
60#include <rpc/auth_des.h>
61#include <rpc/svc.h>
62#include <rpc/rpc_msg.h>
63#include <rpc/svc_auth.h>
64#include "libc_private.h"
65
66#if defined(LIBC_SCCS) && !defined(lint)
67static char sccsid[] = 	"@(#)svcauth_des.c	2.3 89/07/11 4.0 RPCSRC; from 1.15 88/02/08 SMI";
68#endif
69#include <sys/cdefs.h>
70__FBSDID("$FreeBSD: stable/10/lib/libc/rpc/svc_auth_des.c 261046 2014-01-22 23:45:27Z mav $");
71
72extern int key_decryptsession_pk(const char *, netobj *, des_block *);
73
74#define debug(msg)	 printf("svcauth_des: %s\n", msg)
75
76#define USEC_PER_SEC ((u_long) 1000000L)
77#define BEFORE(t1, t2) timercmp(t1, t2, <)
78
79/*
80 * LRU cache of conversation keys and some other useful items.
81 */
82#define AUTHDES_CACHESZ 64
83struct cache_entry {
84	des_block key;		/* conversation key */
85	char *rname;		/* client's name */
86	u_int window;		/* credential lifetime window */
87	struct timeval laststamp;	/* detect replays of creds */
88	char *localcred;	/* generic local credential */
89};
90static struct cache_entry *authdes_cache/* [AUTHDES_CACHESZ] */;
91static short *authdes_lru/* [AUTHDES_CACHESZ] */;
92
93static void cache_init();	/* initialize the cache */
94static short cache_spot();	/* find an entry in the cache */
95static void cache_ref(/*short sid*/);	/* note that sid was ref'd */
96
97static void invalidate();	/* invalidate entry in cache */
98
99/*
100 * cache statistics
101 */
102static struct {
103	u_long ncachehits;	/* times cache hit, and is not replay */
104	u_long ncachereplays;	/* times cache hit, and is replay */
105	u_long ncachemisses;	/* times cache missed */
106} svcauthdes_stats;
107
108/*
109 * Service side authenticator for AUTH_DES
110 */
111enum auth_stat
112_svcauth_des(rqst, msg)
113	struct svc_req *rqst;
114	struct rpc_msg *msg;
115{
116
117	long *ixdr;
118	des_block cryptbuf[2];
119	struct authdes_cred *cred;
120	struct authdes_verf verf;
121	int status;
122	struct cache_entry *entry;
123	short sid = 0;
124	des_block *sessionkey;
125	des_block ivec;
126	u_int window;
127	struct timeval timestamp;
128	u_long namelen;
129	struct area {
130		struct authdes_cred area_cred;
131		char area_netname[MAXNETNAMELEN+1];
132	} *area;
133
134	if (authdes_cache == NULL) {
135		cache_init();
136	}
137
138	area = (struct area *)rqst->rq_clntcred;
139	cred = (struct authdes_cred *)&area->area_cred;
140
141	/*
142	 * Get the credential
143	 */
144	ixdr = (long *)msg->rm_call.cb_cred.oa_base;
145	cred->adc_namekind = IXDR_GET_ENUM(ixdr, enum authdes_namekind);
146	switch (cred->adc_namekind) {
147	case ADN_FULLNAME:
148		namelen = IXDR_GET_U_LONG(ixdr);
149		if (namelen > MAXNETNAMELEN) {
150			return (AUTH_BADCRED);
151		}
152		cred->adc_fullname.name = area->area_netname;
153		bcopy((char *)ixdr, cred->adc_fullname.name,
154			(u_int)namelen);
155		cred->adc_fullname.name[namelen] = 0;
156		ixdr += (RNDUP(namelen) / BYTES_PER_XDR_UNIT);
157		cred->adc_fullname.key.key.high = (u_long)*ixdr++;
158		cred->adc_fullname.key.key.low = (u_long)*ixdr++;
159		cred->adc_fullname.window = (u_long)*ixdr++;
160		break;
161	case ADN_NICKNAME:
162		cred->adc_nickname = (u_long)*ixdr++;
163		break;
164	default:
165		return (AUTH_BADCRED);
166	}
167
168	/*
169	 * Get the verifier
170	 */
171	ixdr = (long *)msg->rm_call.cb_verf.oa_base;
172	verf.adv_xtimestamp.key.high = (u_long)*ixdr++;
173	verf.adv_xtimestamp.key.low =  (u_long)*ixdr++;
174	verf.adv_int_u = (u_long)*ixdr++;
175
176
177	/*
178	 * Get the conversation key
179 	 */
180	if (cred->adc_namekind == ADN_FULLNAME) {
181		netobj pkey;
182		char pkey_data[1024];
183
184		sessionkey = &cred->adc_fullname.key;
185		if (! getpublickey(cred->adc_fullname.name, pkey_data)) {
186			debug("getpublickey");
187			return(AUTH_BADCRED);
188		}
189		pkey.n_bytes = pkey_data;
190		pkey.n_len = strlen(pkey_data) + 1;
191		if (key_decryptsession_pk(cred->adc_fullname.name, &pkey,
192				       sessionkey) < 0) {
193			debug("decryptsessionkey");
194			return (AUTH_BADCRED); /* key not found */
195		}
196	} else { /* ADN_NICKNAME */
197		sid = (short)cred->adc_nickname;
198		if (sid < 0 || sid >= AUTHDES_CACHESZ) {
199			debug("bad nickname");
200			return (AUTH_BADCRED);	/* garbled credential */
201		}
202		sessionkey = &authdes_cache[sid].key;
203	}
204
205
206	/*
207	 * Decrypt the timestamp
208	 */
209	cryptbuf[0] = verf.adv_xtimestamp;
210	if (cred->adc_namekind == ADN_FULLNAME) {
211		cryptbuf[1].key.high = cred->adc_fullname.window;
212		cryptbuf[1].key.low = verf.adv_winverf;
213		ivec.key.high = ivec.key.low = 0;
214		status = cbc_crypt((char *)sessionkey, (char *)cryptbuf,
215			2*sizeof(des_block), DES_DECRYPT | DES_HW,
216			(char *)&ivec);
217	} else {
218		status = ecb_crypt((char *)sessionkey, (char *)cryptbuf,
219			sizeof(des_block), DES_DECRYPT | DES_HW);
220	}
221	if (DES_FAILED(status)) {
222		debug("decryption failure");
223		return (AUTH_FAILED);	/* system error */
224	}
225
226	/*
227	 * XDR the decrypted timestamp
228	 */
229	ixdr = (long *)cryptbuf;
230	timestamp.tv_sec = IXDR_GET_LONG(ixdr);
231	timestamp.tv_usec = IXDR_GET_LONG(ixdr);
232
233	/*
234 	 * Check for valid credentials and verifiers.
235	 * They could be invalid because the key was flushed
236	 * out of the cache, and so a new session should begin.
237	 * Be sure and send AUTH_REJECTED{CRED, VERF} if this is the case.
238	 */
239	{
240		struct timeval current;
241		int nick;
242		int winverf;
243
244		if (cred->adc_namekind == ADN_FULLNAME) {
245			window = IXDR_GET_U_LONG(ixdr);
246			winverf = IXDR_GET_U_LONG(ixdr);
247			if (winverf != window - 1) {
248				debug("window verifier mismatch");
249				return (AUTH_BADCRED);	/* garbled credential */
250			}
251			sid = cache_spot(sessionkey, cred->adc_fullname.name,
252			    &timestamp);
253			if (sid < 0) {
254				debug("replayed credential");
255				return (AUTH_REJECTEDCRED);	/* replay */
256			}
257			nick = 0;
258		} else {	/* ADN_NICKNAME */
259			window = authdes_cache[sid].window;
260			nick = 1;
261		}
262
263		if ((u_long)timestamp.tv_usec >= USEC_PER_SEC) {
264			debug("invalid usecs");
265			/* cached out (bad key), or garbled verifier */
266			return (nick ? AUTH_REJECTEDVERF : AUTH_BADVERF);
267		}
268		if (nick && BEFORE(&timestamp,
269				   &authdes_cache[sid].laststamp)) {
270			debug("timestamp before last seen");
271			return (AUTH_REJECTEDVERF);	/* replay */
272		}
273		(void)gettimeofday(&current, NULL);
274		current.tv_sec -= window;	/* allow for expiration */
275		if (!BEFORE(&current, &timestamp)) {
276			debug("timestamp expired");
277			/* replay, or garbled credential */
278			return (nick ? AUTH_REJECTEDVERF : AUTH_BADCRED);
279		}
280	}
281
282	/*
283	 * Set up the reply verifier
284	 */
285	verf.adv_nickname = (u_long)sid;
286
287	/*
288	 * xdr the timestamp before encrypting
289	 */
290	ixdr = (long *)cryptbuf;
291	IXDR_PUT_LONG(ixdr, timestamp.tv_sec - 1);
292	IXDR_PUT_LONG(ixdr, timestamp.tv_usec);
293
294	/*
295	 * encrypt the timestamp
296	 */
297	status = ecb_crypt((char *)sessionkey, (char *)cryptbuf,
298	    sizeof(des_block), DES_ENCRYPT | DES_HW);
299	if (DES_FAILED(status)) {
300		debug("encryption failure");
301		return (AUTH_FAILED);	/* system error */
302	}
303	verf.adv_xtimestamp = cryptbuf[0];
304
305	/*
306	 * Serialize the reply verifier, and update rqst
307	 */
308	ixdr = (long *)msg->rm_call.cb_verf.oa_base;
309	*ixdr++ = (long)verf.adv_xtimestamp.key.high;
310	*ixdr++ = (long)verf.adv_xtimestamp.key.low;
311	*ixdr++ = (long)verf.adv_int_u;
312
313	rqst->rq_xprt->xp_verf.oa_flavor = AUTH_DES;
314	rqst->rq_xprt->xp_verf.oa_base = msg->rm_call.cb_verf.oa_base;
315	rqst->rq_xprt->xp_verf.oa_length =
316		(char *)ixdr - msg->rm_call.cb_verf.oa_base;
317
318	/*
319	 * We succeeded, commit the data to the cache now and
320	 * finish cooking the credential.
321	 */
322	entry = &authdes_cache[sid];
323	entry->laststamp = timestamp;
324	cache_ref(sid);
325	if (cred->adc_namekind == ADN_FULLNAME) {
326		cred->adc_fullname.window = window;
327		cred->adc_nickname = (u_long)sid;	/* save nickname */
328		if (entry->rname != NULL) {
329			mem_free(entry->rname, strlen(entry->rname) + 1);
330		}
331		entry->rname = (char *)mem_alloc((u_int)strlen(cred->adc_fullname.name)
332					 + 1);
333		if (entry->rname != NULL) {
334			(void) strcpy(entry->rname, cred->adc_fullname.name);
335		} else {
336			debug("out of memory");
337		}
338		entry->key = *sessionkey;
339		entry->window = window;
340		invalidate(entry->localcred); /* mark any cached cred invalid */
341	} else { /* ADN_NICKNAME */
342		/*
343		 * nicknames are cooked into fullnames
344		 */
345		cred->adc_namekind = ADN_FULLNAME;
346		cred->adc_fullname.name = entry->rname;
347		cred->adc_fullname.key = entry->key;
348		cred->adc_fullname.window = entry->window;
349	}
350	return (AUTH_OK);	/* we made it!*/
351}
352
353
354/*
355 * Initialize the cache
356 */
357static void
358cache_init()
359{
360	int i;
361
362	authdes_cache = (struct cache_entry *)
363		mem_alloc(sizeof(struct cache_entry) * AUTHDES_CACHESZ);
364	bzero((char *)authdes_cache,
365		sizeof(struct cache_entry) * AUTHDES_CACHESZ);
366
367	authdes_lru = (short *)mem_alloc(sizeof(short) * AUTHDES_CACHESZ);
368	/*
369	 * Initialize the lru list
370	 */
371	for (i = 0; i < AUTHDES_CACHESZ; i++) {
372		authdes_lru[i] = i;
373	}
374}
375
376
377/*
378 * Find the lru victim
379 */
380static short
381cache_victim()
382{
383	return (authdes_lru[AUTHDES_CACHESZ-1]);
384}
385
386/*
387 * Note that sid was referenced
388 */
389static void
390cache_ref(sid)
391	short sid;
392{
393	int i;
394	short curr;
395	short prev;
396
397	prev = authdes_lru[0];
398	authdes_lru[0] = sid;
399	for (i = 1; prev != sid; i++) {
400		curr = authdes_lru[i];
401		authdes_lru[i] = prev;
402		prev = curr;
403	}
404}
405
406
407/*
408 * Find a spot in the cache for a credential containing
409 * the items given.  Return -1 if a replay is detected, otherwise
410 * return the spot in the cache.
411 */
412static short
413cache_spot(key, name, timestamp)
414	des_block *key;
415	char *name;
416	struct timeval *timestamp;
417{
418	struct cache_entry *cp;
419	int i;
420	u_long hi;
421
422	hi = key->key.high;
423	for (cp = authdes_cache, i = 0; i < AUTHDES_CACHESZ; i++, cp++) {
424		if (cp->key.key.high == hi &&
425		    cp->key.key.low == key->key.low &&
426		    cp->rname != NULL &&
427		    bcmp(cp->rname, name, strlen(name) + 1) == 0) {
428			if (BEFORE(timestamp, &cp->laststamp)) {
429				svcauthdes_stats.ncachereplays++;
430				return (-1); /* replay */
431			}
432			svcauthdes_stats.ncachehits++;
433			return (i);	/* refresh */
434		}
435	}
436	svcauthdes_stats.ncachemisses++;
437	return (cache_victim());	/* new credential */
438}
439
440
441#if (defined(sun) || defined(vax) || defined(__FreeBSD__))
442/*
443 * Local credential handling stuff.
444 * NOTE: bsd unix dependent.
445 * Other operating systems should put something else here.
446 */
447#define UNKNOWN 	-2	/* grouplen, if cached cred is unknown user */
448#define INVALID		-1 	/* grouplen, if cache entry is invalid */
449
450struct bsdcred {
451	uid_t uid;		/* cached uid */
452	gid_t gid;		/* cached gid */
453	int grouplen;	/* length of cached groups */
454	gid_t groups[NGRPS];	/* cached groups */
455};
456
457/*
458 * Map a des credential into a unix cred.
459 * We cache the credential here so the application does
460 * not have to make an rpc call every time to interpret
461 * the credential.
462 */
463int
464authdes_getucred(adc, uid, gid, grouplen, groups)
465	struct authdes_cred *adc;
466	uid_t *uid;
467	gid_t *gid;
468	int *grouplen;
469	gid_t *groups;
470{
471	unsigned sid;
472	int i;
473	uid_t i_uid;
474	gid_t i_gid;
475	int i_grouplen;
476	struct bsdcred *cred;
477
478	sid = adc->adc_nickname;
479	if (sid >= AUTHDES_CACHESZ) {
480		debug("invalid nickname");
481		return (0);
482	}
483	cred = (struct bsdcred *)authdes_cache[sid].localcred;
484	if (cred == NULL) {
485		cred = (struct bsdcred *)mem_alloc(sizeof(struct bsdcred));
486		authdes_cache[sid].localcred = (char *)cred;
487		cred->grouplen = INVALID;
488	}
489	if (cred->grouplen == INVALID) {
490		/*
491		 * not in cache: lookup
492		 */
493		if (!netname2user(adc->adc_fullname.name, &i_uid, &i_gid,
494			&i_grouplen, groups))
495		{
496			debug("unknown netname");
497			cred->grouplen = UNKNOWN;	/* mark as lookup up, but not found */
498			return (0);
499		}
500		debug("missed ucred cache");
501		*uid = cred->uid = i_uid;
502		*gid = cred->gid = i_gid;
503		*grouplen = cred->grouplen = i_grouplen;
504		for (i = i_grouplen - 1; i >= 0; i--) {
505			cred->groups[i] = groups[i]; /* int to short */
506		}
507		return (1);
508	} else if (cred->grouplen == UNKNOWN) {
509		/*
510		 * Already lookup up, but no match found
511		 */
512		return (0);
513	}
514
515	/*
516	 * cached credentials
517	 */
518	*uid = cred->uid;
519	*gid = cred->gid;
520	*grouplen = cred->grouplen;
521	for (i = cred->grouplen - 1; i >= 0; i--) {
522		groups[i] = cred->groups[i];	/* short to int */
523	}
524	return (1);
525}
526
527static void
528invalidate(cred)
529	char *cred;
530{
531	if (cred == NULL) {
532		return;
533	}
534	((struct bsdcred *)cred)->grouplen = INVALID;
535}
536#endif
537
538