Commit Graph

2292 Commits

Author SHA1 Message Date
Nicolas Williams
83625d349e gss: Make initiator inq. ctx. return canon. target
Make gss_inquire_context() on the established context on the initiator
side return the canonical target acceptor name.
2021-12-06 17:39:22 -06:00
Nicolas Williams
5ace5f5a6a gss: Fix dst TGT deleg w/o dns_lookup_realm
Setting `dns_lookup_realm = false` in `[libdefaults]` and setting name
canon rules that force the empty realm causes destination-TGT delegation
to break because the client doesn't know the service's realm.

Because MIT and Heimdal check that the (unauthenticated plaintext)
sname/realm of the Ticket in the KDC reply matches the sname/srealm in
the enc-part of the KDC reply, we know we can trust the realm of the
ticket found in the ccache.  So use that.
2021-12-06 17:39:22 -06:00
Luke Howard
eb293680a8 gss: fix regression in non-8003 checksums
Samba3 sends an AP-REQ, rather than 8003, checksum in a Kerberos inital context
token. This regressed in #835 as we forgot to set the
KRB5_CRYPTO_FLAG_ALLOW_UNKEYED_CHECKSUM flag before processing the AP-REQ
checksum in this path.
2021-12-07 10:41:40 +11:00
Andrew Bartlett
7686028718 Use UTF-8 in KTH copyright notice
Samba is starting to protect against bi-di attacks and the starting point
is to require that input files be fully UTF-8.  In 2021 this is a reasonable
starting point anyway.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2021-11-29 12:50:26 +11:00
Nicolas Williams
5f63215d0d Always perform == or != operation on cmp function result
Although not required to address bad code generation in
some versions of gcc 9 and 10, a coding style that requires
explicit comparison of the result to zero before use is
both clearer and would have avoided the generation of bad
code.

This change converts all use of cmp function usage from

```
    if (strcmp(a, b) || !strcmp(c, d)) ...
```

to

```
    if (strcmp(a, b) != 0 || strcmp(c, d)) == 0
```

for all C library cmp functions and related:

 - strcmp(), strncmp()
 - strcasecmp(), strncasecmp()
 - stricmp(), strnicmp()
 - memcmp()

Change-Id: Ic60c15e1e3a07e4faaf10648eefe3adae2543188
2021-11-24 22:30:44 -05:00
Jeffrey Altman
02200d55ea Address GCC Bug 95189 memcmp wrongly stripped like strcmp
As documented in Russell O'Connor's blog, Heimdal when compiled with
some versions of gcc 9 and 10 would generate incorrect behaviors from
_gssapi_verify_mic_arcfour(), _gssapi_unwrap_arcfour(),
_gssapi_unwrap_iov_arcfour() and _gssapi_unwrap_iov_arcfour().

As a result of the bug, code of the form

   if (memcmp(a, "\x00\x00\x00\x00"))

and

   cmp = memcmp(a, "\x00\x00\x00\x00")

will be compiled as if it were written as

   if (strcmp(a, "\x00\x00\x00\x00"))

and

   cmp = strcmp(a, "\x00\x00\x00\x00")

but not

   if (memcmp(a, "\x00\x00\x00\x00") != 0)

and

   cmp = (memcmp(a, "\x00\x00\x00\x00") != 0)

Bad code is generated whenever one of the parameters to memcmp()
is a constant with at least one NUL in the first four octets and
the return value is used immediated without a boolean comparison.

The gcc bug 95189 has since been fixed.

This change applies a defensive programming technique to avoid
the broken code generation.

Change-Id: I1db2a561735317cb6cac66a0ec9caf5443e65e03
Link: https://r6.ca/blog/20200929T023701Z.html
Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95189
Reported-by: Buck Huppmann (buckh@pobox.com) <buckh@pobox.com>
2021-11-24 22:30:44 -05:00
Jeffrey Altman
8123ffc3f2 _gssapi_unwrap_iov_arcfour remove duplicate code block
ad3acc2aef ("lib/gssapi/krb5:
implement gss_[un]wrap_iov[_length] with arcfour-hmac-md5")
introduced a duplicate block of code.

This change removes the unnecessary code duplication.

Change-Id: I557c590aea51b73dc25d6ce4be4ea84b9dfadd9f
2021-11-24 22:30:44 -05:00
Nicolas Williams
8ed48bc54d gss-token: Fix exit code 2021-11-17 17:27:40 -06:00
Nicolas Williams
2f31063e97 spnego: Minor style cleanup 2021-11-11 22:41:13 -06:00
Nicolas Williams
7a19658c1f spnego: Fix NULL deref
Reported to Heimdal by Michał Kępień <michal@isc.org>.

From the report:

Acknowledgement
---------------

This flaw was found while working on addressing ZDI-CAN-12302: ISC BIND
TKEY Query Heap-based Buffer Overflow Remote Code Execution
Vulnerability, which was reported to ISC by Trend Micro's Zero Day
Initiative.
2021-11-11 22:41:13 -06:00
Robert Crowston
5d462795ce Add stub for gss_acquire_cred_impersonate_name(). 2021-10-19 20:45:40 +11:00
Luke Howard
06e6113960 gss: _gss_spnego_set_sec_context_option return
Fix _gss_spnego_set_sec_context_option() to return GSS_S_UNAVAILABLE if no
context handle is provided, so that mechglue will skip to the next mechanism.
There are no globally settable options on SPNEGO itself.

Fixes: #803
2021-10-11 14:57:09 +11:00
Luke Howard
8fc67658a6 various: squash MSVC uninitialized variable warnings (C4701)
Initialize some variables to silence some false positive MSVC warnings.
2021-09-21 18:59:38 +10:00
Robert Crowston
9b46d6436f Only #include <malloc.h> if it is available.
e.g., OpenBSD does not provide this header.
2021-09-07 12:49:19 +10:00
Luke Howard
fc9f9b322a gss: implement gss_krb5_ccache_name()
Correctly implement gss_krb5_ccache_name() in terms of
gss_set_sec_context_option(GSS_KRB5_CCACHE_NAME_X). The previous implementation
was a NOOP.

Note: global ccache name should really be thread-specific rather than global.

Closes #803.
2021-09-06 13:26:55 +10:00
Luke Howard
774f50b28b gss: move GSS pre-auth helpers to convenience lib
GSS pre-auth helpers do not belong in libgssapi, so move them to a separate
convenience library.
2021-08-27 15:20:07 +10:00
Nicolas Williams
a5378daa6c Revert "gss: Fix leak of output_token in GSS PA"
This reverts commit 041907d517.
2021-08-26 01:06:33 -05:00
Nicolas Williams
041907d517 gss: Fix leak of output_token in GSS PA 2021-08-25 22:53:52 -05:00
Andrew Bartlett
6f21611755 Avoid -Werror=address by skipping pointless _mg_buffer_zero()
We do not need to zero out the local variable output_token
if we do not later call gss_release_buffer() on it.

This aovids a -Werror=address compile failure under the
strict compiler options Samba uses when compiled on Ubuntu
20.04 with gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04)

In file included from ../../source4/heimdal/lib/gssapi/preauth/pa_client.c:34:
../../source4/heimdal/lib/gssapi/preauth/pa_client.c:148:21: error: the address of ‘output_token’ will always evaluate as ‘true’ [-Werror=address]
  148 |     _mg_buffer_zero(&output_token);
      |                     ^
../../source4/heimdal/lib/gssapi/mech/mech_locl.h:72:7: note: in definition of macro ‘_mg_buffer_zero’
   72 |   if (buffer) {   \
      |       ^~~~~~

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2021-08-26 09:31:00 +10:00
Nicolas Williams
75449e1071 gss: Fix build for GSS preauth helpers 2021-08-25 15:41:35 -05:00
Luke Howard
b3511c145c gss: check for NULL before calling dlclose()
Calling dlclose(NULL) on some recent versions of Linux appears to cause the
process to segfault.
2021-08-20 00:07:12 +10:00
Luke Howard
a56c3ad819 krb5: fix prototype in pa_gss_finish()
Fix merge issue that arose after merging another fix from the
lukeh/gss-preauth-apple branch.
2021-08-18 08:17:04 +10:00
Luke Howard
386b8d328a kdc: refactor/improve error handling in GSS pa 2021-08-15 16:07:46 +10:00
Luke Howard
432fe0ad56 krb5: treat KRB5_NT_SRV_HST and KRB5_NT_SRV_INST identically
Update previous commit, mapping KRB5_NT_SRV_HST as well as KRB5_NT_SRV_INST to
GSS_C_NT_HOSTBASED_SERVICE.
2021-08-15 15:04:21 +10:00
Luke Howard
95d553e009 krb5: improve krb5 to GSS name conversion
First attempt to import krb5 names as GSS_KRB5_NT_PRINCIPAL_NAME; if that
fails, choose the most appropriate name form based on Kerberos name type.
2021-08-15 14:48:14 +10:00
Luke Howard
e840681451 krb5: try GSS_KRB5_NT_PRINCIPAL_NAME first for PA
When importing a Kerberos name for GSS pre-auth, first try to import the name
as GSS_KRB5_NT_PRINCIPAL_NAME. If that fails, fall back to GSS_C_NT_USER_NAME.
2021-08-15 09:54:45 +10:00
Luke Howard
f73f08eef1 kdc: ensure GSS-API pre-auth acceptor name is TGS
The target (acceptor) name for GSS-API pre-authentication should be the name of
the TGS, not the server name in the AS-REQ, as it is the KDC which is being
mutually authenticated. If the client is not requesting a TGT, they may differ.
2021-08-15 09:14:58 +10:00
Luke Howard
95339c1068 gss: fix Windows preauth build issues
Fix lib/gssapi NTMakefile for GSS-API pre-authentication dependencies
2021-08-12 18:09:40 +10:00
Luke Howard
3302b38e53 gss: fix Windows preauth build issues
Fix kdc/kuser NTMakefiles for GSS-API pre-authentication dependencies
2021-08-12 17:57:17 +10:00
Luke Howard
49f3f5bd99 kdc: support for GSS-API pre-authentication
Add support for GSS-API pre-authentication to the KDC, using a simplified
variation of draft-perez-krb-wg-gss-preauth-02 that encodes GSS-API context
tokens directly in PADATA, and uses FX-COOKIE for state management.

More information on the protocol and implementation may be found in
lib/gssapi/preauth/README.md.
2021-08-12 17:37:01 +10:00
Luke Howard
3a9e7346cc gss: cast HEIM_ERR_EOF to OM_uint32 before check (2)
In gss_import_cred(): HEIM_ERR_EOF is negative, cast to OM_uint32 before
checking against *minor_status
2021-08-12 09:20:22 +10:00
Luke Howard
3f4d894dd3 gss: cast HEIM_ERR_EOF to OM_uint32 before check
In gss_import_cred(): HEIM_ERR_EOF is negative, cast to OM_uint32 before
checking against *minor_status
2021-08-12 09:18:22 +10:00
Luke Howard
1175fa0435 gss: don't include mech_locl.h in spnego
including mech_locl.h in spnego/context_storage.c is unnecessary and
breaks the build on Windows
2021-08-11 19:12:11 +10:00
Luke Howard
a27a3af0c2 gss: store_spnego_context(): remove redundant overflow check
ctx->negoex_step is now a uint8_t, so it can never be bigger than 0xff. Remove
redundant overflow check.
2021-08-10 20:11:35 +10:00
Luke Howard
43858eaf9b gss: add oid/buffer storage helpers to mechglue
The functions for storing and retrieving GSS OIDs and buffers from
krb5_storage, added in 6554dc69, are generally useful. Move those into private
_gss_mg_XXX() API and update gss_{export,import}_{cred,sec_context} to use them
where appropriate.
2021-08-10 10:16:54 +10:00
Luke Howard
490173b417 gss: free exported context buffer after use in store_negoex_auth_mech()
Code style/consistency: store_negoex_auth_mech() should free the exported
context buffer after use. There is no leak as the buffer was freed at the end
of the function.
2021-08-10 10:16:50 +10:00
Andrew Bartlett
3587b8c08c Allow _gss_string_to_oid() without HAVE_DLOPEN
This function became used outside the protection of
HAVE_DLOPEN (which Samba sets) with:

commit 5966c00701
Author: Luke Howard <lukeh@padl.com>
Date:   Sun Aug 8 10:34:28 2021 +1000

    gss: add gss_mg_name_to_oid internal API

    Add a new function for future internal use, gss_mg_name_to_oid(), which takes
    either a dot-separated OID or a "short" mechanism name (such as
    "sanon-x25519"), and returns a mechanism OID.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2021-08-09 09:58:58 +10:00
Luke Howard
06232dfcce gss: fix import/export of accumulating contexts
gss_{import,export}_sec_context did not work with partially accumulating
contexts, where the initial context token had not been completely accumulated,

Further, in gss_import_sec_context(), ctx->gc_input.value was not allocated to
a buffer sufficiently large to accumulate the target length.
2021-08-08 14:46:49 +10:00
Luke Howard
3b1f9f0a3f gss: error out in test_context if unknown OID
Fix regression in previous commit: exit with an error if test_context is called
with an unknown mechanism type.
2021-08-08 13:45:32 +10:00
Luke Howard
18c18d84b1 gss: merge gss_name_to_oid and gss_mg_name_to_oid
The recently introduced gss_mg_name_to_oid() function supported looking up
dynamically loaded mechanisms by name, but did not support partial matches or
the legacy "Kerberos 5" name as supported by gss_name_to_oid().

Consolidate these into a single function, and also add support for dynamically
loaded mechanisms to gss_oid_to_name().

API behavior difference: the Kerberos mechanism is now referred to by "krb5"
rather tha "Kerberos 5", although for legacy compatibility gss_name_to_oid()
will recognize the old name. However, gss_oid_to_name() will return "krb5". The
anticipated impact is minimal as these are not standard GSS-APIs and do not
appear to have any public usage outside Heimdal.
2021-08-08 11:37:09 +10:00
Luke Howard
5966c00701 gss: add gss_mg_name_to_oid internal API
Add a new function for future internal use, gss_mg_name_to_oid(), which takes
either a dot-separated OID or a "short" mechanism name (such as
"sanon-x25519"), and returns a mechanism OID.
2021-08-08 10:34:28 +10:00
Luke Howard
6554dc69b0 gss: allow partial accept context export in SPNEGO
Support for exporting partially established acceptor context tokens. With this,
an acceptor can send the initiator an encrypted state cookie containing the
exported context token.

(The concrete mechanism, of course, must either require a single round trip or
support partial context export itself. Kerberos and GSS EAP would work, but
Kerberos with GSS_C_DCE_STYLE would not, as currently implemented.)

Partial context export is not permitted for initiators.
2021-08-07 18:56:33 +10:00
Roland C. Dowdeswell
fe426f7a28 fix type s/MUTAL/MUTUAL/ in gssapi/krb5 2021-08-07 18:54:56 +10:00
Roland C. Dowdeswell
3a6229f64a gss_accept_sec_context: support reassembling split tokens.
Microsoft will sometimes split GSS tokens when they exceed a certain
size in some protocols.  This is specified in

	[MS-SPNG]: Simple and Protected GSS-API Negotiation
	Mechanism (SPNEGO) Extension

https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-SPNG/%5bMS-SPNG%5d.pdf

sections 3.1.5.4 to 3.1.5.9.

We extend gss_accept_sec_context() to recognise partial tokens and
to accumulate the fragments until an entire token is available to
be processed.  If the entire token is not yet available,
GSS_S_CONTINUE_NEEDED is returned with a zero length output token.
This is specified in RFC2744 page 25-26 to indicate that no reply
need be sent.

We include updates to the test framework to test split tokens when
using SPNEGO.
2021-08-07 18:54:56 +10:00
Roland C. Dowdeswell
80f3194a76 gssapi/krb5/{export,import}_sec_context: make smaller tokens. 2021-08-07 18:54:56 +10:00
Roland C. Dowdeswell
a2cfd2a25c gssapi/krb5/{export,import}_sec_context: fix for init_sec_ctx
When using these functions with gss_init_sec_context(), we noticed
that some things were missing and some needed to be made optional.
ctx->order may be NULL, ctx->ac->authenticator needs to be filled
out, and ctx->state needs be stored.

Note: SPNEGO still needs a little more work.
2021-08-07 18:54:56 +10:00
Roland C. Dowdeswell
6ccb21827b gss-token: initialise input buffer to empty 2021-08-07 08:40:20 +10:00
Luke Howard
8330e45444 gss: set GSS_C_CHANNEL_BOUND_FLAG for SAnon
SAnon includes channel bindings as part of the key derivation function, so they
cannot be ignored. Always set GSS_C_CHANNEL_BOUND_FLAG in the SAnon acceptor.
2021-08-06 13:21:36 +10:00
Isaac Boukris
d83321fdf3 Add channel-bindings tests 2021-08-06 13:15:19 +10:00
Isaac Boukris
a4527a28a3 Implement KERB_AP_OPTIONS_CBT (server side)
if the client asserted knowledge of channel-bindings by
passing KERB_AP_OPTIONS_CBT, and the server passed bindings,
require the bindings to match.
2021-08-06 13:15:19 +10:00