string_t *
bits_encode(const bits_t *in)
{
string_t *ret;
size_t len;
char *out;
u_int32_t *tmp;
if (!in)
return NULL;
/* compute the total size of the input stream */
len = BITS2BYTES(in->length) + sizeof(*tmp);
tmp = emalloc(len);
out = emalloc(len * 2);
/* stuff the length up front */
*tmp = htonl(in->length);
(void)memcpy(tmp + 1, in->text, len - sizeof(*tmp));
if ((len = __b64_ntop((void *)tmp, len, out, len * 2)) == (size_t)-1) {
free(out);
free(tmp);
return NULL;
}
ret = string_new(out, len);
free(tmp);
free(out);
return ret;
}
char *
host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
{
struct ssh_hmac_ctx *ctx;
u_char salt[256], result[256];
char uu_salt[512], uu_result[512];
static char encoded[1024];
u_int i, len;
len = ssh_digest_bytes(SSH_DIGEST_SHA1);
if (name_from_hostfile == NULL) {
/* Create new salt */
for (i = 0; i < len; i++)
salt[i] = arc4random();
} else {
/* Extract salt from known host entry */
if (extract_salt(name_from_hostfile, src_len, salt,
sizeof(salt)) == -1)
return (NULL);
}
if ((ctx = ssh_hmac_start(SSH_DIGEST_SHA1)) == NULL ||
ssh_hmac_init(ctx, salt, len) < 0 ||
ssh_hmac_update(ctx, host, strlen(host)) < 0 ||
ssh_hmac_final(ctx, result, sizeof(result)))
fatal("%s: ssh_hmac failed", __func__);
ssh_hmac_free(ctx);
if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 ||
__b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1)
fatal("%s: __b64_ntop failed", __func__);
snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,
HASH_DELIM, uu_result);
return (encoded);
}
char *
host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
{
const EVP_MD *md = EVP_sha1();
HMAC_CTX mac_ctx;
u_char salt[256], result[256];
char uu_salt[512], uu_result[512];
static char encoded[1024];
u_int i, len;
len = EVP_MD_size(md);
if (name_from_hostfile == NULL) {
/* Create new salt */
for (i = 0; i < len; i++)
salt[i] = arc4random();
} else {
/* Extract salt from known host entry */
if (extract_salt(name_from_hostfile, src_len, salt,
sizeof(salt)) == -1)
return (NULL);
}
HMAC_Init(&mac_ctx, salt, len, md);
HMAC_Update(&mac_ctx, __UNCONST(host), strlen(host));
HMAC_Final(&mac_ctx, result, NULL);
HMAC_cleanup(&mac_ctx);
if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 ||
__b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1)
fatal("host_hash: __b64_ntop failed");
snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,
HASH_DELIM, uu_result);
return (encoded);
}
static int
rdata_base64_to_string(buffer_type *output, rdata_atom_type rdata,
rr_type* ATTR_UNUSED(rr))
{
int length;
size_t size = rdata_atom_size(rdata);
if(size == 0)
return 1;
buffer_reserve(output, size * 2 + 1);
length = __b64_ntop(rdata_atom_data(rdata), size,
(char *) buffer_current(output), size * 2);
if (length > 0) {
buffer_skip(output, length);
}
return length != -1;
}
static int
lka_credentials(const char *tablename, const char *label, char *dst, size_t sz)
{
struct table *table;
union lookup lk;
char *buf;
int buflen, r;
table = table_find(tablename, NULL);
if (table == NULL) {
log_warnx("warn: credentials table %s missing", tablename);
return (LKA_TEMPFAIL);
}
dst[0] = '\0';
switch(table_lookup(table, label, K_CREDENTIALS, &lk)) {
case -1:
log_warnx("warn: credentials lookup fail for %s:%s",
tablename, label);
return (LKA_TEMPFAIL);
case 0:
log_warnx("warn: credentials not found for %s:%s",
tablename, label);
return (LKA_PERMFAIL);
default:
if ((buflen = asprintf(&buf, "%c%s%c%s", '\0',
lk.creds.username, '\0', lk.creds.password)) == -1) {
log_warn("warn");
return (LKA_TEMPFAIL);
}
r = __b64_ntop((unsigned char *)buf, buflen, dst, sz);
free(buf);
if (r == -1) {
log_warnx("warn: credentials parse error for %s:%s",
tablename, label);
return (LKA_TEMPFAIL);
}
return (LKA_OK);
}
}
static int
lka_encode_credentials(char *dst, size_t size,
struct map_credentials *map_credentials)
{
char *buf;
int buflen;
if ((buflen = asprintf(&buf, "%c%s%c%s", '\0', map_credentials->username,
'\0', map_credentials->password)) == -1)
fatal(NULL);
if (__b64_ntop((unsigned char *)buf, buflen, dst, size) == -1) {
free(buf);
return 0;
}
free(buf);
return 1;
}
int
base64_encode(unsigned char const *src, size_t srclen,
char *dest, size_t destsize)
{
return __b64_ntop(src, srclen, dest, destsize);
}
/*
* Encode binary 'src' of length 'srclength', writing base64-encoded text
* to 'target' of size 'targsize'. Will always nul-terminate 'target'.
* Returns the number of bytes stored in 'target' or -1 on error (inc.
* 'targsize' too small).
*/
int
uuencode(const u_char *src, u_int srclength,
char *target, size_t targsize)
{
return __b64_ntop(src, srclength, target, targsize);
}
char *
ssh_gssapi_client_mechanisms(const char *host) {
gss_OID_set supported;
OM_uint32 min_status;
Buffer buf;
int i = 0;
char *mechs;
char *encoded;
int enclen;
char digest[EVP_MAX_MD_SIZE];
char deroid[2];
const EVP_MD *evp_md = EVP_md5();
EVP_MD_CTX md;
int oidpos=0;
gss_indicate_mechs(&min_status,&supported);
if (datafellows & SSH_BUG_GSSAPI_BER) {
gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping)
*((supported->count*2)+1));
} else {
gss_enc2oid=xmalloc(sizeof(ssh_gss_kex_mapping)
*(supported->count+1));
}
buffer_init(&buf);
for (i=0;i<supported->count;i++) {
gss_enc2oid[oidpos].encoded=NULL;
if (supported->elements[i].length<128 &&
ssh_gssapi_check_mechanism(&(supported->elements[i]),host)) {
/* Earlier versions of this code interpreted the
* spec incorrectly with regard to OID encoding. They
* also mis-encoded the krb5 OID. The following
* _temporary_ code interfaces with these broken
* servers */
if (datafellows & SSH_BUG_GSSAPI_BER) {
char *bodge=NULL;
gss_OID_desc krb5oid={9, "\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"};
gss_OID_desc gsioid={9, "\x2B\x06\x01\x04\x01\x9B\x50\x01\x01"};
if (supported->elements[i].length==krb5oid.length &&
memcmp(supported->elements[i].elements,
krb5oid.elements, krb5oid.length)==0) {
bodge="Se3H81ismmOC3OE+FwYCiQ==";
}
if (supported->elements[i].length==gsioid.length &&
memcmp(supported->elements[i].elements,
gsioid.elements, gsioid.length)==0) {
bodge="N3+k7/4wGxHyuP8Yxi4RhA==";
}
if (bodge) {
if (oidpos!=0) {
buffer_put_char(&buf,',');
}
buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1);
buffer_append(&buf, bodge, strlen(bodge));
gss_enc2oid[oidpos].oid=&(supported->elements[i]);
gss_enc2oid[oidpos].encoded=bodge;
oidpos++;
}
}
/* Add the required DER encoding octets and MD5 hash */
deroid[0]=0x06; /* Object Identifier */
deroid[1]=supported->elements[i].length;
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md,deroid,2);
EVP_DigestUpdate(&md,
supported->elements[i].elements,
supported->elements[i].length);
EVP_DigestFinal(&md, digest, NULL);
/* Base64 encode it */
encoded=xmalloc(EVP_MD_size(evp_md)*2);
enclen=__b64_ntop(digest, EVP_MD_size(evp_md),
encoded,EVP_MD_size(evp_md)*2);
if (oidpos!=0) {
buffer_put_char(&buf,',');
}
buffer_append(&buf, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1);
buffer_append(&buf, encoded, enclen);
debug("Mechanism encoded as %s",encoded);
gss_enc2oid[oidpos].oid=&(supported->elements[i]);
gss_enc2oid[oidpos].encoded=encoded;
oidpos++;
}
}
gss_enc2oid[oidpos].oid=NULL;
gss_enc2oid[oidpos].encoded=NULL;
buffer_put_char(&buf,'\0');
mechs=xmalloc(buffer_len(&buf));
buffer_get(&buf,mechs,buffer_len(&buf));
buffer_free(&buf);
if (strlen(mechs)==0)
return(NULL);
else
return(mechs);
}
char *
ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
const char *host, const char *client) {
Buffer buf;
size_t i;
int oidpos, enclen;
char *mechs, *encoded;
u_char digest[EVP_MAX_MD_SIZE];
char deroid[2];
const EVP_MD *evp_md = EVP_md5();
EVP_MD_CTX md;
if (gss_enc2oid != NULL) {
for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
free(gss_enc2oid[i].encoded);
free(gss_enc2oid);
}
gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
(gss_supported->count + 1));
buffer_init(&buf);
oidpos = 0;
for (i = 0; i < gss_supported->count; i++) {
if (gss_supported->elements[i].length < 128 &&
(*check)(NULL, &(gss_supported->elements[i]), host, client)) {
deroid[0] = SSH_GSS_OIDTYPE;
deroid[1] = gss_supported->elements[i].length;
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md, deroid, 2);
EVP_DigestUpdate(&md,
gss_supported->elements[i].elements,
gss_supported->elements[i].length);
EVP_DigestFinal(&md, digest, NULL);
encoded = xmalloc(EVP_MD_size(evp_md) * 2);
enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
encoded, EVP_MD_size(evp_md) * 2);
if (oidpos != 0)
buffer_put_char(&buf, ',');
buffer_append(&buf, KEX_GSS_GEX_SHA1_ID,
sizeof(KEX_GSS_GEX_SHA1_ID) - 1);
buffer_append(&buf, encoded, enclen);
buffer_put_char(&buf, ',');
buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID,
sizeof(KEX_GSS_GRP1_SHA1_ID) - 1);
buffer_append(&buf, encoded, enclen);
buffer_put_char(&buf, ',');
buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID,
sizeof(KEX_GSS_GRP14_SHA1_ID) - 1);
buffer_append(&buf, encoded, enclen);
gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
gss_enc2oid[oidpos].encoded = encoded;
oidpos++;
}
}
gss_enc2oid[oidpos].oid = NULL;
gss_enc2oid[oidpos].encoded = NULL;
buffer_put_char(&buf, '\0');
mechs = xmalloc(buffer_len(&buf));
buffer_get(&buf, mechs, buffer_len(&buf));
buffer_free(&buf);
if (strlen(mechs) == 0) {
free(mechs);
mechs = NULL;
}
return (mechs);
}
