/*
* Generate a sequence of random des keys
* using the random block sequence, fixup
* parity and skip weak keys.
*/
int
des_new_random_key(des_cblock *key)
{
int urandom;
again:
urandom = open("/dev/urandom", O_RDONLY);
if (urandom < 0)
des_random_key(key);
else {
if (read(urandom, key,
sizeof(des_cblock)) != sizeof(des_cblock)) {
close(urandom);
des_random_key(key);
} else
close(urandom);
}
/* random key must have odd parity and not be weak */
des_set_odd_parity(key);
if (des_is_weak_key(key))
goto again;
return (0);
}
static long
GetTicket(long *versionP, struct ktc_encryptionKey *session,
int *ticketLenP, char *ticket, char *cell)
{
long code;
/* create random session key, using key for seed to good random */
des_init_random_number_generator(ktc_to_cblock(&serviceKey));
code = des_random_key(ktc_to_cblock(session));
if (code)
return code;
/* now create the actual ticket */
*ticketLenP = 0;
code =
tkt_MakeTicket(ticket, ticketLenP, &serviceKey, RXKST_CLIENT_NAME,
RXKST_CLIENT_INST, cell,
/*start,end */ 0, 0xffffffff, session, /*host */ 0,
RXKST_SERVER_NAME, RXKST_SERVER_NAME);
/* parms were buffer, ticketlen, key to seal ticket with, principal name,
* instance and cell, start time, end time, session key to seal in ticket,
* inet host, server name and server instance */
if (code)
return code;
*versionP = serviceKeyVersion;
return 0;
}
void
des_init_random_number_generator(des_cblock key)
{
struct { /* This must be 64 bits exactly */
afs_int32 process_id;
afs_int32 host_id;
} seed;
struct timeval time; /* this must also be 64 bits exactly */
des_cblock new_key;
is_inited = 1;
/*
* use a host id and process id in generating the seed to ensure
* that different servers have different streams:
*/
#if !defined(AFS_HPUX_ENV) && !defined(AFS_NT40_ENV)
seed.host_id = gethostid();
#endif
seed.process_id = getpid();
/*
* Generate a tempory value that depends on the key, host_id, and
* process_id such that it gives no useful information about the key:
*/
des_set_random_generator_seed(key);
des_set_sequence_number((unsigned char *)&seed);
des_random_key(new_key);
/*
* use it to select a random stream:
*/
des_set_random_generator_seed(new_key);
/*
* use a time stamp to ensure that a server started later does not reuse
* an old stream:
*/
gettimeofday(&time, NULL);
des_set_sequence_number((unsigned char *)&time);
/*
* use the time stamp finally to select the final seed using the
* current random number stream:
*/
des_random_key(new_key);
des_set_random_generator_seed(new_key);
}
static int
fb64_start(struct fb *fbp, int dir, int server __unused)
{
size_t x;
unsigned char *p;
int state;
switch (dir) {
case DIR_DECRYPT:
/*
* This is simply a request to have the other side
* start output (our input). He will negotiate an
* IV so we need not look for it.
*/
state = fbp->state[dir-1];
if (state == FAILED)
state = IN_PROGRESS;
break;
case DIR_ENCRYPT:
state = fbp->state[dir-1];
if (state == FAILED)
state = IN_PROGRESS;
else if ((state & NO_SEND_IV) == 0)
break;
if (!VALIDKEY(fbp->krbdes_key)) {
fbp->need_start = 1;
break;
}
state &= ~NO_SEND_IV;
state |= NO_RECV_IV;
if (encrypt_debug_mode)
printf("Creating new feed\r\n");
/*
* Create a random feed and send it over.
*/
des_random_key((Block *)fbp->temp_feed);
des_ecb_encrypt((Block *)fbp->temp_feed, (Block *)fbp->temp_feed,
fbp->krbdes_sched, 1);
p = fbp->fb_feed + 3;
*p++ = ENCRYPT_IS;
p++;
*p++ = FB64_IV;
for (x = 0; x < sizeof(Block); ++x) {
if ((*p++ = fbp->temp_feed[x]) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]);
net_write(fbp->fb_feed, p - fbp->fb_feed);
break;
default:
return(FAILED);
}
return(fbp->state[dir-1] = state);
}
static afs_int32
GenericAuth(struct afsconf_dir *adir,
struct rx_securityClass **astr,
afs_int32 *aindex,
rxkad_level enclevel)
{
char tbuffer[256];
struct ktc_encryptionKey key, session;
struct rx_securityClass *tclass;
afs_int32 kvno;
afs_int32 ticketLen;
register afs_int32 code;
/* first, find the right key and kvno to use */
code = afsconf_GetLatestKey(adir, &kvno, &key);
if (code) {
return QuickAuth(astr, aindex);
}
/* next create random session key, using key for seed to good random */
des_init_random_number_generator(ktc_to_cblock(&key));
code = des_random_key(ktc_to_cblock(&session));
if (code) {
return QuickAuth(astr, aindex);
}
/* now create the actual ticket */
ticketLen = sizeof(tbuffer);
memset(tbuffer, '\0', sizeof(tbuffer));
code =
tkt_MakeTicket(tbuffer, &ticketLen, &key, AUTH_SUPERUSER, "", "", 0,
0xffffffff, &session, 0, "afs", "");
/* parms were buffer, ticketlen, key to seal ticket with, principal
* name, instance and cell, start time, end time, session key to seal
* in ticket, inet host, server name and server instance */
if (code) {
return QuickAuth(astr, aindex);
}
/* Next, we have ticket, kvno and session key, authenticate the connection.
* We use a magic # instead of a constant because of basic compilation
* order when compiling the system from scratch (rx/rxkad.h isn't installed
* yet). */
tclass = (struct rx_securityClass *)
rxkad_NewClientSecurityObject(enclevel, &session, kvno, ticketLen,
tbuffer);
*astr = tclass;
*aindex = RX_SECIDX_KAD;
return 0;
}
afs_int32
UDP_GetTicket(int ksoc, struct packet *pkt, afs_int32 kvno,
char *authDomain, char *ticket, int ticketLen, char *auth,
int authLen)
{
afs_int32 code;
struct ktc_encryptionKey tgskey;
char name[MAXKTCNAMELEN];
char inst[MAXKTCNAMELEN];
char cell[MAXKTCREALMLEN];
struct ktc_encryptionKey authSessionKey;
afs_int32 host;
Date start;
Date authEnd;
Date now = time(0);
int celllen;
int import;
char *packet;
int slen;
int byteOrder = pkt->byteOrder;
char sname[MAXKTCNAMELEN];
char sinst[MAXKTCNAMELEN];
afs_int32 time_ws;
unsigned char life;
struct ubik_trans *tt;
afs_int32 to;
struct kaentry caller;
struct kaentry server;
Date reqEnd;
struct ktc_encryptionKey sessionKey;
int newTicketLen;
char newTicket[MAXKTCTICKETLEN];
char cipher[2 * MAXKTCTICKETLEN]; /* put encrypted part of answer here */
int cipherLen;
struct packet ans;
COUNT_REQ(UGetTicket);
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
goto fail;
code =
ka_LookupKvno(tt, KA_TGS_NAME,
((strlen(authDomain) > 0) ? authDomain : lrealm), kvno,
&tgskey);
if (code)
goto abort;
code =
tkt_DecodeTicket(ticket, ticketLen, &tgskey, name, inst, cell,
&authSessionKey, &host, &start, &authEnd);
pkt->name = name;
pkt->inst = inst;
pkt->realm = cell;
if (code) {
code = KERB_ERR_AUTH_EXP; /* was KANOAUTH */
goto abort;
}
save_principal(udptgsPrincipal, name, inst, cell);
code = tkt_CheckTimes(start, authEnd, now);
if (code <= 0) {
if (code == -1) {
code = KERB_ERR_SERVICE_EXP; /* was RXKADEXPIRED */
goto abort;
}
code = KERB_ERR_AUTH_EXP; /* was KANOAUTH */
goto abort;
}
celllen = strlen(cell);
import = 0;
if ((strlen(authDomain) > 0) && (strcmp(authDomain, lrealm) != 0))
import = 1;
if (import && (celllen == 0)) {
code = KERB_ERR_PKT_VER; /* was KABADTICKET */
goto abort;
}
if (celllen == 0) {
strncpy(cell, lrealm, MAXKTCREALMLEN - 1);
cell[MAXKTCREALMLEN - 1] = 0;
};
if (!krb4_cross && strcmp(lrealm, cell) != 0) {
code = KERB_ERR_PRINCIPAL_UNKNOWN;
goto abort;
}
if (krb_udp_debug) {
printf("UGetTicket: got ticket from '%s'.'%s'@'%s'\n", name, inst,
cell);
}
code = check_auth(pkt, auth, authLen, &authSessionKey, name, inst, cell);
if (code)
goto abort;
/* authenticator and all is OK so read actual request */
packet = pkt->rest;
getint(time_ws);
life = *(unsigned char *)packet++;
getstr(sname);
getstr(sinst);
start = now;
reqEnd = life_to_time(start, life);
if (krb_udp_debug) {
printf("UGetTicket: request for server '%s'.'%s'\n", sname, sinst);
}
save_principal(udptgsServerPrincipal, sname, sinst, 0);
if (import) {
strcpy(caller.userID.name, name);
strcpy(caller.userID.instance, inst);
caller.max_ticket_lifetime = htonl(MAXKTCTICKETLIFETIME);
} else {
code = FindBlock(tt, name, inst, &to, &caller);
if (code)
goto abort;
if (to == 0) {
ka_PrintUserID("GetTicket: User ", name, inst, " unknown.\n");
code = KERB_ERR_PRINCIPAL_UNKNOWN; /* KANOENT */
goto abort;
}
if (ntohl(caller.flags) & KAFNOTGS) {
code = KERB_ERR_AUTH_EXP; /* was KABADUSER */
goto abort;
}
}
code = FindBlock(tt, sname, sinst, &to, &server); /* get server's entry */
if (code)
goto abort;
if (to == 0) { /* entry not found */
ka_PrintUserID("GetTicket: Server ", sname, sinst, " unknown.\n");
code = KERB_ERR_PRINCIPAL_UNKNOWN; /* KANOENT */
goto abort;
}
code = ubik_EndTrans(tt);
if (code)
goto fail;
if (ntohl(server.flags) & KAFNOSEAL)
return KABADSERVER;
code = des_random_key(ktc_to_cblock(&sessionKey));
if (code) {
code = KERB_ERR_NULL_KEY; /* was KANOKEYS */
goto fail;
}
reqEnd =
umin(umin(reqEnd, authEnd),
umin(start + ntohl(caller.max_ticket_lifetime),
start + ntohl(server.max_ticket_lifetime)));
code =
tkt_MakeTicket(newTicket, &newTicketLen, &server.key,
caller.userID.name, caller.userID.instance, cell,
start, reqEnd, &sessionKey,
htonl(pkt->from.sin_addr.s_addr), server.userID.name,
server.userID.instance);
if (code)
goto fail;
cipherLen = sizeof(cipher);
code =
create_cipher(cipher, &cipherLen, &sessionKey, sname, sinst, start,
reqEnd, ntohl(server.key_version), newTicket,
newTicketLen, &authSessionKey);
if (code)
goto fail;
code =
create_reply(&ans, name, inst, start, reqEnd, 0, cipher, cipherLen);
if (code)
goto fail;
code =
sendto(ksoc, ans.data, ans.len, 0, (struct sockaddr *)&pkt->from,
sizeof(pkt->from));
if (code != ans.len) {
perror("calling sendto");
code = -1;
goto fail;
}
if (cipherLen != 0) {
KALOG(name, inst, sname, sinst, NULL, host, LOG_GETTICKET);
}
osi_audit(UDPGetTicketEvent, 0, AUD_STR, name, AUD_STR, inst, AUD_STR,
cell, AUD_STR, sname, AUD_STR, sinst, AUD_END);
return 0;
abort:
ubik_AbortTrans(tt);
fail:
osi_audit(UDPGetTicketEvent, code, AUD_STR, name, AUD_STR, inst, AUD_STR,
NULL, AUD_STR, NULL, AUD_STR, NULL, AUD_END);
return code;
}
afs_int32
UDP_Authenticate(int ksoc, struct sockaddr_in *client, char *name,
char *inst, Date startTime, Date endTime, char *sname,
char *sinst)
{
struct ubik_trans *tt;
afs_int32 to; /* offset of block */
struct kaentry tentry;
afs_int32 tgskvno; /* key version of service key */
struct ktc_encryptionKey tgskey; /* service key for encrypting ticket */
int tgt;
Date now = time(0);
afs_int32 code;
char ticket[MAXKTCTICKETLEN]; /* our copy of the ticket */
int ticketLen;
struct ktc_encryptionKey sessionKey; /* we have to invent a session key */
char cipher[2 * MAXKTCTICKETLEN]; /* put encrypted part of answer here */
int cipherLen;
struct packet ans;
COUNT_REQ(UAuthenticate);
if (!name_instance_legal(name, inst))
return KERB_ERR_NAME_EXP; /* KABADNAME */
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
return code;
code = FindBlock(tt, name, inst, &to, &tentry);
if (code)
goto abort;
if (to) { /* if user exists check other stuff */
afs_int32 sto;
struct kaentry sentry;
save_principal(udpAuthPrincipal, name, inst, 0);
tgt = ((strcmp(sname, KA_TGS_NAME) == 0)
&& (strcmp(sinst, lrealm) == 0));
if ((ntohl(tentry.user_expiration) < now)
|| (tgt && (ntohl(tentry.flags) & KAFNOTGS))) {
code = KERB_ERR_NAME_EXP; /* KABADUSER */
goto abort;
}
code = FindBlock(tt, KA_TGS_NAME, lrealm, &sto, &sentry);
if (code)
goto abort;
if (sto == 0) {
code = KANOENT;
goto abort;
}
if ((ntohl(sentry.user_expiration) < now)) {
code = KERB_ERR_NAME_EXP; /* XXX Could use another error code XXX */
goto abort;
}
if (abs(startTime - now) > KTC_TIME_UNCERTAINTY) {
code = KERB_ERR_SERVICE_EXP; /* was KABADREQUEST */
goto abort;
}
if (tentry.misc_auth_bytes) {
unsigned char misc_auth_bytes[4];
afs_uint32 temp; /* unsigned for safety */
afs_uint32 pwexpires;
memcpy(&temp, tentry.misc_auth_bytes, sizeof(afs_uint32));
temp = ntohl(temp);
unpack_long(temp, misc_auth_bytes);
pwexpires = misc_auth_bytes[0];
if (pwexpires) {
pwexpires =
ntohl(tentry.change_password_time) +
24 * 60 * 60 * pwexpires;
if (pwexpires < now) {
code = KERB_ERR_AUTH_EXP; /* was KAPWEXPIRED */
goto abort;
}
}
}
/* make the ticket */
code = des_random_key(ktc_to_cblock(&sessionKey));
if (code) {
code = KERB_ERR_NULL_KEY; /* was KANOKEYS */
goto abort;
}
endTime =
umin(endTime, startTime + ntohl(tentry.max_ticket_lifetime));
if ((code = ka_LookupKey(tt, sname, sinst, &tgskvno, &tgskey))
|| (code =
tkt_MakeTicket(ticket, &ticketLen, &tgskey, name, inst,
lrealm, startTime, endTime, &sessionKey,
htonl(client->sin_addr.s_addr), sname, sinst)))
goto abort;
cipherLen = sizeof(cipher);
code =
create_cipher(cipher, &cipherLen, &sessionKey, sname, sinst,
startTime, endTime, tgskvno, ticket, ticketLen,
&tentry.key);
if (code)
goto abort;
} else { /* no such user */
cipherLen = 0;
tentry.key_version = 0;
}
code = ubik_EndTrans(tt);
if (code)
goto fail;
code =
create_reply(&ans, name, inst, startTime, endTime,
ntohl(tentry.key_version), cipher, cipherLen);
if (code)
goto fail;
if (krb_udp_debug) {
printf("Sending %d bytes ending in: ", ans.len);
ka_PrintBytes(ans.data + ans.len - 8, 8);
printf("\n");
}
code =
sendto(ksoc, ans.data, ans.len, 0, (struct sockaddr *)client,
sizeof(*client));
if (code != ans.len) {
perror("calling sendto");
code = -1;
goto fail;
}
KALOG(name, inst, sname, sinst, NULL, client->sin_addr.s_addr,
LOG_AUTHENTICATE);
if (cipherLen != 0) {
KALOG(name, inst, sname, sinst, NULL, client->sin_addr.s_addr,
LOG_TGTREQUEST);
}
osi_audit(UDPAuthenticateEvent, 0, AUD_STR, name, AUD_STR, inst, AUD_END);
return 0;
abort:
COUNT_ABO;
ubik_AbortTrans(tt);
fail:
osi_audit(UDPAuthenticateEvent, code, AUD_STR, name, AUD_STR, inst,
AUD_END);
return code;
}