gss.c 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695
  1. #ifndef NO_GSSAPI
  2. #include <limits.h>
  3. #include "putty.h"
  4. #define SECURITY_WIN32
  5. #include <security.h>
  6. #include "ssh/pgssapi.h"
  7. #include "ssh/gss.h"
  8. #include "ssh/gssc.h"
  9. #include "misc.h"
  10. #define UNIX_EPOCH 11644473600ULL /* Seconds from Windows epoch */
  11. #define CNS_PERSEC 10000000ULL /* # 100ns per second */
  12. /*
  13. * Note, as a special case, 0 relative to the Windows epoch (unspecified) maps
  14. * to 0 relative to the POSIX epoch (unspecified)!
  15. */
  16. #define TIME_WIN_TO_POSIX(ft, t) do { \
  17. ULARGE_INTEGER uli; \
  18. uli.LowPart = (ft).dwLowDateTime; \
  19. uli.HighPart = (ft).dwHighDateTime; \
  20. if (uli.QuadPart != 0) \
  21. uli.QuadPart = uli.QuadPart / CNS_PERSEC - UNIX_EPOCH; \
  22. (t) = (time_t) uli.QuadPart; \
  23. } while (0)
  24. /* Windows code to set up the GSSAPI library list. */
  25. #ifdef _WIN64
  26. #define MIT_KERB_SUFFIX "64"
  27. #else
  28. #define MIT_KERB_SUFFIX "32"
  29. #endif
  30. const int ngsslibs = 3;
  31. const char *const gsslibnames[3] = {
  32. "MIT Kerberos GSSAPI"MIT_KERB_SUFFIX".DLL",
  33. "Microsoft SSPI SECUR32.DLL",
  34. "User-specified GSSAPI DLL",
  35. };
  36. const struct keyvalwhere gsslibkeywords[] = {
  37. { "gssapi32", 0, -1, -1 },
  38. { "sspi", 1, -1, -1 },
  39. { "custom", 2, -1, -1 },
  40. };
  41. DECL_WINDOWS_FUNCTION(static, SECURITY_STATUS,
  42. AcquireCredentialsHandleA,
  43. (SEC_CHAR *, SEC_CHAR *, ULONG, PVOID,
  44. PVOID, SEC_GET_KEY_FN, PVOID, PCredHandle, PTimeStamp));
  45. DECL_WINDOWS_FUNCTION(static, SECURITY_STATUS,
  46. InitializeSecurityContextA,
  47. (PCredHandle, PCtxtHandle, SEC_CHAR *, ULONG, ULONG,
  48. ULONG, PSecBufferDesc, ULONG, PCtxtHandle,
  49. PSecBufferDesc, PULONG, PTimeStamp));
  50. DECL_WINDOWS_FUNCTION(static, SECURITY_STATUS,
  51. FreeContextBuffer,
  52. (PVOID));
  53. DECL_WINDOWS_FUNCTION(static, SECURITY_STATUS,
  54. FreeCredentialsHandle,
  55. (PCredHandle));
  56. DECL_WINDOWS_FUNCTION(static, SECURITY_STATUS,
  57. DeleteSecurityContext,
  58. (PCtxtHandle));
  59. DECL_WINDOWS_FUNCTION(static, SECURITY_STATUS,
  60. QueryContextAttributesA,
  61. (PCtxtHandle, ULONG, PVOID));
  62. DECL_WINDOWS_FUNCTION(static, SECURITY_STATUS,
  63. MakeSignature,
  64. (PCtxtHandle, ULONG, PSecBufferDesc, ULONG));
  65. DECL_WINDOWS_FUNCTION(static, SECURITY_STATUS,
  66. VerifySignature,
  67. (PCtxtHandle, PSecBufferDesc, ULONG, PULONG));
  68. DECL_WINDOWS_FUNCTION(static, DLL_DIRECTORY_COOKIE,
  69. AddDllDirectory,
  70. (PCWSTR));
  71. typedef struct winSsh_gss_ctx {
  72. unsigned long maj_stat;
  73. unsigned long min_stat;
  74. CredHandle cred_handle;
  75. CtxtHandle context;
  76. PCtxtHandle context_handle;
  77. TimeStamp expiry;
  78. } winSsh_gss_ctx;
  79. const Ssh_gss_buf gss_mech_krb5={9,"\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"};
  80. static void ssh_sspi_bind_fns(struct ssh_gss_library *lib);
  81. static tree234 *libraries_to_never_unload;
  82. static int library_to_never_unload_cmp(void *av, void *bv)
  83. {
  84. uintptr_t a = (uintptr_t)av, b = (uintptr_t)bv;
  85. return a < b ? -1 : a > b ? +1 : 0;
  86. }
  87. static void ensure_library_tree_exists(void)
  88. {
  89. if (!libraries_to_never_unload)
  90. libraries_to_never_unload = newtree234(library_to_never_unload_cmp);
  91. }
  92. static bool library_is_in_never_unload_tree(HMODULE module)
  93. {
  94. ensure_library_tree_exists();
  95. return find234(libraries_to_never_unload, module, NULL);
  96. }
  97. static void add_library_to_never_unload_tree(HMODULE module)
  98. {
  99. ensure_library_tree_exists();
  100. add234(libraries_to_never_unload, module);
  101. }
  102. struct ssh_gss_liblist *ssh_gss_setup(Conf *conf)
  103. {
  104. HMODULE module;
  105. struct ssh_gss_liblist *list = snew(struct ssh_gss_liblist);
  106. static HMODULE kernel32_module;
  107. if (!kernel32_module) {
  108. kernel32_module = load_system32_dll("kernel32.dll");
  109. }
  110. #if !HAVE_ADDDLLDIRECTORY
  111. /* Omit the type-check because older MSVCs don't have this function */
  112. GET_WINDOWS_FUNCTION_NO_TYPECHECK(kernel32_module, AddDllDirectory);
  113. #else
  114. GET_WINDOWS_FUNCTION(kernel32_module, AddDllDirectory);
  115. #endif
  116. list->libraries = snewn(3, struct ssh_gss_library);
  117. list->nlibraries = 0;
  118. /* MIT Kerberos GSSAPI implementation */
  119. module = NULL;
  120. HKEY regkey = open_regkey_ro(HKEY_LOCAL_MACHINE,
  121. "SOFTWARE\\MIT\\Kerberos");
  122. if (regkey) {
  123. char *installdir = get_reg_sz(regkey, "InstallDir");
  124. if (installdir) {
  125. char *bindir = dupcat(installdir, "\\bin");
  126. if (p_AddDllDirectory) {
  127. /* Add MIT Kerberos' path to the DLL search path,
  128. * it loads its own DLLs further down the road */
  129. wchar_t *dllPath = dup_mb_to_wc(DEFAULT_CODEPAGE, bindir);
  130. p_AddDllDirectory(dllPath);
  131. sfree(dllPath);
  132. }
  133. char *dllfile = dupcat(bindir, "\\gssapi"MIT_KERB_SUFFIX".dll");
  134. module = LoadLibraryEx(dllfile, NULL,
  135. LOAD_LIBRARY_SEARCH_SYSTEM32 |
  136. LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR |
  137. LOAD_LIBRARY_SEARCH_USER_DIRS);
  138. /*
  139. * The MIT Kerberos DLL suffers an internal segfault for
  140. * some reason if you unload and reload one within the
  141. * same process. So, make sure that after we load this
  142. * library, we never free it.
  143. *
  144. * Or rather: after we've loaded it once, if any _further_
  145. * load returns the same module handle, we immediately
  146. * free it again (to prevent the Windows API's internal
  147. * reference count growing without bound). But on the
  148. * other hand we never free it in ssh_gss_cleanup.
  149. */
  150. if (library_is_in_never_unload_tree(module))
  151. FreeLibrary(module);
  152. add_library_to_never_unload_tree(module);
  153. sfree(dllfile);
  154. sfree(bindir);
  155. sfree(installdir);
  156. }
  157. close_regkey(regkey);
  158. }
  159. if (module) {
  160. struct ssh_gss_library *lib =
  161. &list->libraries[list->nlibraries++];
  162. lib->id = 0;
  163. lib->gsslogmsg = "Using GSSAPI from GSSAPI"MIT_KERB_SUFFIX".DLL";
  164. lib->handle = (void *)module;
  165. #define BIND_GSS_FN(name) \
  166. lib->u.gssapi.name = (t_gss_##name) GetProcAddress(module, "gss_" #name)
  167. BIND_GSS_FN(delete_sec_context);
  168. BIND_GSS_FN(display_status);
  169. BIND_GSS_FN(get_mic);
  170. BIND_GSS_FN(verify_mic);
  171. BIND_GSS_FN(import_name);
  172. BIND_GSS_FN(init_sec_context);
  173. BIND_GSS_FN(release_buffer);
  174. BIND_GSS_FN(release_cred);
  175. BIND_GSS_FN(release_name);
  176. BIND_GSS_FN(acquire_cred);
  177. BIND_GSS_FN(inquire_cred_by_mech);
  178. #undef BIND_GSS_FN
  179. ssh_gssapi_bind_fns(lib);
  180. }
  181. /* Microsoft SSPI Implementation */
  182. module = load_system32_dll("secur32.dll");
  183. if (module) {
  184. struct ssh_gss_library *lib =
  185. &list->libraries[list->nlibraries++];
  186. lib->id = 1;
  187. lib->gsslogmsg = "Using SSPI from SECUR32.DLL";
  188. lib->handle = (void *)module;
  189. /* No typecheck because Winelib thinks one PVOID is a PLUID */
  190. GET_WINDOWS_FUNCTION_NO_TYPECHECK(module, AcquireCredentialsHandleA);
  191. GET_WINDOWS_FUNCTION(module, InitializeSecurityContextA);
  192. GET_WINDOWS_FUNCTION(module, FreeContextBuffer);
  193. GET_WINDOWS_FUNCTION(module, FreeCredentialsHandle);
  194. GET_WINDOWS_FUNCTION(module, DeleteSecurityContext);
  195. GET_WINDOWS_FUNCTION(module, QueryContextAttributesA);
  196. GET_WINDOWS_FUNCTION(module, MakeSignature);
  197. GET_WINDOWS_FUNCTION(module, VerifySignature);
  198. ssh_sspi_bind_fns(lib);
  199. }
  200. /*
  201. * Custom GSSAPI DLL.
  202. */
  203. module = NULL;
  204. Filename *customlib = conf_get_filename(conf, CONF_ssh_gss_custom);
  205. if (!filename_is_null(customlib)) {
  206. const wchar_t *path = customlib->wpath;
  207. if (p_AddDllDirectory) {
  208. /* Add the custom directory as well in case it chainloads
  209. * some other DLLs (e.g a non-installed MIT Kerberos
  210. * instance) */
  211. int pathlen = wcslen(path);
  212. while (pathlen > 0 && path[pathlen-1] != L':' &&
  213. path[pathlen-1] != L'\\')
  214. pathlen--;
  215. if (pathlen > 0 && path[pathlen-1] != L'\\')
  216. pathlen--;
  217. if (pathlen > 0) {
  218. wchar_t *dirpath = snewn(pathlen + 1, wchar_t);
  219. memcpy(dirpath, path, pathlen * sizeof(wchar_t));
  220. dirpath[pathlen] = L'\0';
  221. p_AddDllDirectory(dirpath);
  222. sfree(dirpath);
  223. }
  224. }
  225. module = LoadLibraryExW(path, NULL,
  226. LOAD_LIBRARY_SEARCH_SYSTEM32 |
  227. LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR |
  228. LOAD_LIBRARY_SEARCH_USER_DIRS);
  229. }
  230. if (module) {
  231. struct ssh_gss_library *lib =
  232. &list->libraries[list->nlibraries++];
  233. lib->id = 2;
  234. lib->gsslogmsg = dupprintf("Using GSSAPI from user-specified"
  235. " library '%s'", customlib->cpath);
  236. lib->handle = (void *)module;
  237. #define BIND_GSS_FN(name) \
  238. lib->u.gssapi.name = (t_gss_##name) GetProcAddress(module, "gss_" #name)
  239. BIND_GSS_FN(delete_sec_context);
  240. BIND_GSS_FN(display_status);
  241. BIND_GSS_FN(get_mic);
  242. BIND_GSS_FN(verify_mic);
  243. BIND_GSS_FN(import_name);
  244. BIND_GSS_FN(init_sec_context);
  245. BIND_GSS_FN(release_buffer);
  246. BIND_GSS_FN(release_cred);
  247. BIND_GSS_FN(release_name);
  248. BIND_GSS_FN(acquire_cred);
  249. BIND_GSS_FN(inquire_cred_by_mech);
  250. #undef BIND_GSS_FN
  251. ssh_gssapi_bind_fns(lib);
  252. }
  253. return list;
  254. }
  255. void ssh_gss_cleanup(struct ssh_gss_liblist *list)
  256. {
  257. int i;
  258. /*
  259. * LoadLibrary and FreeLibrary are defined to employ reference
  260. * counting in the case where the same library is repeatedly
  261. * loaded, so even in a multiple-sessions-per-process context
  262. * (not that we currently expect ever to have such a thing on
  263. * Windows) it's safe to naively FreeLibrary everything here
  264. * without worrying about destroying it under the feet of
  265. * another SSH instance still using it.
  266. */
  267. for (i = 0; i < list->nlibraries; i++) {
  268. if (list->libraries[i].id != 0) {
  269. HMODULE module = (HMODULE)list->libraries[i].handle;
  270. if (!library_is_in_never_unload_tree(module))
  271. FreeLibrary(module);
  272. }
  273. if (list->libraries[i].id == 2) {
  274. /* The 'custom' id involves a dynamically allocated message.
  275. * Note that we must cast away the 'const' to free it. */
  276. sfree((char *)list->libraries[i].gsslogmsg);
  277. }
  278. }
  279. sfree(list->libraries);
  280. sfree(list);
  281. }
  282. static Ssh_gss_stat ssh_sspi_indicate_mech(struct ssh_gss_library *lib,
  283. Ssh_gss_buf *mech)
  284. {
  285. *mech = gss_mech_krb5;
  286. return SSH_GSS_OK;
  287. }
  288. static Ssh_gss_stat ssh_sspi_import_name(struct ssh_gss_library *lib,
  289. char *host, Ssh_gss_name *srv_name)
  290. {
  291. char *pStr;
  292. /* Check hostname */
  293. if (host == NULL) return SSH_GSS_FAILURE;
  294. /* copy it into form host/FQDN */
  295. pStr = dupcat("host/", host);
  296. *srv_name = (Ssh_gss_name) pStr;
  297. return SSH_GSS_OK;
  298. }
  299. static Ssh_gss_stat ssh_sspi_acquire_cred(struct ssh_gss_library *lib,
  300. Ssh_gss_ctx *ctx,
  301. time_t *expiry)
  302. {
  303. winSsh_gss_ctx *winctx = snew(winSsh_gss_ctx);
  304. memset(winctx, 0, sizeof(winSsh_gss_ctx));
  305. /* prepare our "wrapper" structure */
  306. winctx->maj_stat = winctx->min_stat = SEC_E_OK;
  307. winctx->context_handle = NULL;
  308. /* Specifying no principal name here means use the credentials of
  309. the current logged-in user */
  310. winctx->maj_stat = p_AcquireCredentialsHandleA(NULL,
  311. "Kerberos",
  312. SECPKG_CRED_OUTBOUND,
  313. NULL,
  314. NULL,
  315. NULL,
  316. NULL,
  317. &winctx->cred_handle,
  318. NULL);
  319. if (winctx->maj_stat != SEC_E_OK) {
  320. p_FreeCredentialsHandle(&winctx->cred_handle);
  321. sfree(winctx);
  322. return SSH_GSS_FAILURE;
  323. }
  324. /* Windows does not return a valid expiration from AcquireCredentials */
  325. if (expiry)
  326. *expiry = GSS_NO_EXPIRATION;
  327. *ctx = (Ssh_gss_ctx) winctx;
  328. return SSH_GSS_OK;
  329. }
  330. static void localexp_to_exp_lifetime(TimeStamp *localexp,
  331. time_t *expiry, unsigned long *lifetime)
  332. {
  333. FILETIME nowUTC;
  334. FILETIME expUTC;
  335. time_t now;
  336. time_t exp;
  337. time_t delta;
  338. if (!lifetime && !expiry)
  339. return;
  340. GetSystemTimeAsFileTime(&nowUTC);
  341. TIME_WIN_TO_POSIX(nowUTC, now);
  342. if (lifetime)
  343. *lifetime = 0;
  344. if (expiry)
  345. *expiry = GSS_NO_EXPIRATION;
  346. /*
  347. * Type oddity: localexp is a pointer to 'TimeStamp', whereas
  348. * LocalFileTimeToFileTime expects a pointer to FILETIME. However,
  349. * despite having different formal type names from the compiler's
  350. * point of view, these two structures are specified to be
  351. * isomorphic in the MS documentation, so it's legitimate to copy
  352. * between them:
  353. *
  354. * https://msdn.microsoft.com/en-us/library/windows/desktop/aa380511(v=vs.85).aspx
  355. */
  356. {
  357. FILETIME localexp_ft;
  358. enum { vorpal_sword = 1 / (sizeof(*localexp) == sizeof(localexp_ft)) };
  359. memcpy(&localexp_ft, localexp, sizeof(localexp_ft));
  360. if (!LocalFileTimeToFileTime(&localexp_ft, &expUTC))
  361. return;
  362. }
  363. TIME_WIN_TO_POSIX(expUTC, exp);
  364. delta = exp - now;
  365. if (exp == 0 || delta <= 0)
  366. return;
  367. if (expiry)
  368. *expiry = exp;
  369. if (lifetime) {
  370. if (delta <= ULONG_MAX)
  371. *lifetime = (unsigned long)delta;
  372. else
  373. *lifetime = ULONG_MAX;
  374. }
  375. }
  376. static Ssh_gss_stat ssh_sspi_init_sec_context(struct ssh_gss_library *lib,
  377. Ssh_gss_ctx *ctx,
  378. Ssh_gss_name srv_name,
  379. int to_deleg,
  380. Ssh_gss_buf *recv_tok,
  381. Ssh_gss_buf *send_tok,
  382. time_t *expiry,
  383. unsigned long *lifetime)
  384. {
  385. winSsh_gss_ctx *winctx = (winSsh_gss_ctx *) *ctx;
  386. SecBuffer wsend_tok = {send_tok->length,SECBUFFER_TOKEN,send_tok->value};
  387. SecBuffer wrecv_tok = {recv_tok->length,SECBUFFER_TOKEN,recv_tok->value};
  388. SecBufferDesc output_desc = {SECBUFFER_VERSION,1,&wsend_tok};
  389. SecBufferDesc input_desc = {SECBUFFER_VERSION,1,&wrecv_tok};
  390. unsigned long flags=ISC_REQ_MUTUAL_AUTH|ISC_REQ_REPLAY_DETECT|
  391. ISC_REQ_CONFIDENTIALITY|ISC_REQ_ALLOCATE_MEMORY;
  392. ULONG ret_flags=0;
  393. TimeStamp localexp;
  394. /* check if we have to delegate ... */
  395. if (to_deleg) flags |= ISC_REQ_DELEGATE;
  396. winctx->maj_stat = p_InitializeSecurityContextA(&winctx->cred_handle,
  397. winctx->context_handle,
  398. (char*) srv_name,
  399. flags,
  400. 0, /* reserved */
  401. SECURITY_NATIVE_DREP,
  402. &input_desc,
  403. 0, /* reserved */
  404. &winctx->context,
  405. &output_desc,
  406. &ret_flags,
  407. &localexp);
  408. localexp_to_exp_lifetime(&localexp, expiry, lifetime);
  409. /* prepare for the next round */
  410. winctx->context_handle = &winctx->context;
  411. send_tok->value = wsend_tok.pvBuffer;
  412. send_tok->length = wsend_tok.cbBuffer;
  413. /* check & return our status */
  414. if (winctx->maj_stat==SEC_E_OK) return SSH_GSS_S_COMPLETE;
  415. if (winctx->maj_stat==SEC_I_CONTINUE_NEEDED) return SSH_GSS_S_CONTINUE_NEEDED;
  416. return SSH_GSS_FAILURE;
  417. }
  418. static Ssh_gss_stat ssh_sspi_free_tok(struct ssh_gss_library *lib,
  419. Ssh_gss_buf *send_tok)
  420. {
  421. /* check input */
  422. if (send_tok == NULL) return SSH_GSS_FAILURE;
  423. /* free Windows buffer */
  424. p_FreeContextBuffer(send_tok->value);
  425. SSH_GSS_CLEAR_BUF(send_tok);
  426. return SSH_GSS_OK;
  427. }
  428. static Ssh_gss_stat ssh_sspi_release_cred(struct ssh_gss_library *lib,
  429. Ssh_gss_ctx *ctx)
  430. {
  431. winSsh_gss_ctx *winctx = (winSsh_gss_ctx *) *ctx;
  432. /* check input */
  433. if (winctx == NULL) return SSH_GSS_FAILURE;
  434. /* free Windows data */
  435. p_FreeCredentialsHandle(&winctx->cred_handle);
  436. p_DeleteSecurityContext(&winctx->context);
  437. /* delete our "wrapper" structure */
  438. sfree(winctx);
  439. *ctx = (Ssh_gss_ctx) NULL;
  440. return SSH_GSS_OK;
  441. }
  442. static Ssh_gss_stat ssh_sspi_release_name(struct ssh_gss_library *lib,
  443. Ssh_gss_name *srv_name)
  444. {
  445. char *pStr = (char *) *srv_name;
  446. if (pStr == NULL) return SSH_GSS_FAILURE;
  447. sfree(pStr);
  448. *srv_name = (Ssh_gss_name) NULL;
  449. return SSH_GSS_OK;
  450. }
  451. static Ssh_gss_stat ssh_sspi_display_status(struct ssh_gss_library *lib,
  452. Ssh_gss_ctx ctx, Ssh_gss_buf *buf)
  453. {
  454. winSsh_gss_ctx *winctx = (winSsh_gss_ctx *) ctx;
  455. const char *msg;
  456. if (winctx == NULL) return SSH_GSS_FAILURE;
  457. /* decode the error code */
  458. switch (winctx->maj_stat) {
  459. case SEC_E_OK: msg="SSPI status OK"; break;
  460. case SEC_E_INVALID_HANDLE: msg="The handle passed to the function"
  461. " is invalid.";
  462. break;
  463. case SEC_E_TARGET_UNKNOWN: msg="The target was not recognized."; break;
  464. case SEC_E_LOGON_DENIED: msg="The logon failed."; break;
  465. case SEC_E_INTERNAL_ERROR: msg="The Local Security Authority cannot"
  466. " be contacted.";
  467. break;
  468. case SEC_E_NO_CREDENTIALS: msg="No credentials are available in the"
  469. " security package.";
  470. break;
  471. case SEC_E_NO_AUTHENTICATING_AUTHORITY:
  472. msg="No authority could be contacted for authentication."
  473. "The domain name of the authenticating party could be wrong,"
  474. " the domain could be unreachable, or there might have been"
  475. " a trust relationship failure.";
  476. break;
  477. case SEC_E_INSUFFICIENT_MEMORY:
  478. msg="One or more of the SecBufferDesc structures passed as"
  479. " an OUT parameter has a buffer that is too small.";
  480. break;
  481. case SEC_E_INVALID_TOKEN:
  482. msg="The error is due to a malformed input token, such as a"
  483. " token corrupted in transit, a token"
  484. " of incorrect size, or a token passed into the wrong"
  485. " security package. Passing a token to"
  486. " the wrong package can happen if client and server did not"
  487. " negotiate the proper security package.";
  488. break;
  489. default:
  490. msg = "Internal SSPI error";
  491. break;
  492. }
  493. buf->value = dupstr(msg);
  494. buf->length = strlen(buf->value);
  495. return SSH_GSS_OK;
  496. }
  497. static Ssh_gss_stat ssh_sspi_get_mic(struct ssh_gss_library *lib,
  498. Ssh_gss_ctx ctx, Ssh_gss_buf *buf,
  499. Ssh_gss_buf *hash)
  500. {
  501. winSsh_gss_ctx *winctx = (winSsh_gss_ctx *) ctx;
  502. SecPkgContext_Sizes ContextSizes;
  503. SecBufferDesc InputBufferDescriptor;
  504. SecBuffer InputSecurityToken[2];
  505. if (winctx == NULL) return SSH_GSS_FAILURE;
  506. winctx->maj_stat = 0;
  507. memset(&ContextSizes, 0, sizeof(ContextSizes));
  508. winctx->maj_stat = p_QueryContextAttributesA(&winctx->context,
  509. SECPKG_ATTR_SIZES,
  510. &ContextSizes);
  511. if (winctx->maj_stat != SEC_E_OK ||
  512. ContextSizes.cbMaxSignature == 0)
  513. return winctx->maj_stat;
  514. InputBufferDescriptor.cBuffers = 2;
  515. InputBufferDescriptor.pBuffers = InputSecurityToken;
  516. InputBufferDescriptor.ulVersion = SECBUFFER_VERSION;
  517. InputSecurityToken[0].BufferType = SECBUFFER_DATA;
  518. InputSecurityToken[0].cbBuffer = buf->length;
  519. InputSecurityToken[0].pvBuffer = buf->value;
  520. InputSecurityToken[1].BufferType = SECBUFFER_TOKEN;
  521. InputSecurityToken[1].cbBuffer = ContextSizes.cbMaxSignature;
  522. InputSecurityToken[1].pvBuffer = snewn(ContextSizes.cbMaxSignature, char);
  523. winctx->maj_stat = p_MakeSignature(&winctx->context,
  524. 0,
  525. &InputBufferDescriptor,
  526. 0);
  527. if (winctx->maj_stat == SEC_E_OK) {
  528. hash->length = InputSecurityToken[1].cbBuffer;
  529. hash->value = InputSecurityToken[1].pvBuffer;
  530. }
  531. return winctx->maj_stat;
  532. }
  533. static Ssh_gss_stat ssh_sspi_verify_mic(struct ssh_gss_library *lib,
  534. Ssh_gss_ctx ctx,
  535. Ssh_gss_buf *buf,
  536. Ssh_gss_buf *mic)
  537. {
  538. winSsh_gss_ctx *winctx = (winSsh_gss_ctx *) ctx;
  539. SecBufferDesc InputBufferDescriptor;
  540. SecBuffer InputSecurityToken[2];
  541. ULONG qop;
  542. if (winctx == NULL) return SSH_GSS_FAILURE;
  543. winctx->maj_stat = 0;
  544. InputBufferDescriptor.cBuffers = 2;
  545. InputBufferDescriptor.pBuffers = InputSecurityToken;
  546. InputBufferDescriptor.ulVersion = SECBUFFER_VERSION;
  547. InputSecurityToken[0].BufferType = SECBUFFER_DATA;
  548. InputSecurityToken[0].cbBuffer = buf->length;
  549. InputSecurityToken[0].pvBuffer = buf->value;
  550. InputSecurityToken[1].BufferType = SECBUFFER_TOKEN;
  551. InputSecurityToken[1].cbBuffer = mic->length;
  552. InputSecurityToken[1].pvBuffer = mic->value;
  553. winctx->maj_stat = p_VerifySignature(&winctx->context,
  554. &InputBufferDescriptor,
  555. 0, &qop);
  556. return winctx->maj_stat;
  557. }
  558. static Ssh_gss_stat ssh_sspi_free_mic(struct ssh_gss_library *lib,
  559. Ssh_gss_buf *hash)
  560. {
  561. sfree(hash->value);
  562. return SSH_GSS_OK;
  563. }
  564. static void ssh_sspi_bind_fns(struct ssh_gss_library *lib)
  565. {
  566. lib->indicate_mech = ssh_sspi_indicate_mech;
  567. lib->import_name = ssh_sspi_import_name;
  568. lib->release_name = ssh_sspi_release_name;
  569. lib->init_sec_context = ssh_sspi_init_sec_context;
  570. lib->free_tok = ssh_sspi_free_tok;
  571. lib->acquire_cred = ssh_sspi_acquire_cred;
  572. lib->release_cred = ssh_sspi_release_cred;
  573. lib->get_mic = ssh_sspi_get_mic;
  574. lib->verify_mic = ssh_sspi_verify_mic;
  575. lib->free_mic = ssh_sspi_free_mic;
  576. lib->display_status = ssh_sspi_display_status;
  577. }
  578. #else
  579. /* Dummy function so this source file defines something if NO_GSSAPI
  580. is defined. */
  581. void ssh_gss_init(void)
  582. {
  583. }
  584. #endif