OpenVAS Scanner 23.32.3
openvas-krb5.c File Reference
#include "openvas-krb5.h"
#include <ctype.h>
#include <gssapi/gssapi.h>
#include <gssapi/gssapi_krb5.h>
#include <krb5/krb5.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
Include dependency graph for openvas-krb5.c:

Go to the source code of this file.

Data Structures

struct  OKrb5GSSCredentials
struct  OKrb5GSSContext

Macros

#define GUARD_NULL(var, return_var)
#define GUARD_NOT_NULL(var, return_var)
#define ALLOCATE_AND_CHECK(var, type, n, return_var)
#define SKIP_WS(line, line_len, start, i)
#define IS_STR_EQUAL(line, line_len, start, cmp, cmp_len)
#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH   11
#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID    "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05"
#define gss_mech_spnego   (&spnego_mech_oid_desc)
#define ARRAY_SIZE(a)
#define MAX_LINE_LENGTH   1024
#define CHECK_FPRINTF(result, writer, fmt, ...)
#define CHECK_FPRINT(result, writer, fmt)
#define CHECK_MAJOR_STAT()
#define HEAP_STRING(var, s)

Functions

OKrb5ErrorCode o_krb5_find_kdc (const OKrb5Credential *creds, char **kdc)
static OKrb5ErrorCode o_krb5_write_trimmed (FILE *file, const char *prefix, const char *start, const char *end)
static OKrb5ErrorCode o_krb5_write_realm (FILE *file, const OKrb5Credential *creds, const char *kdc)
OKrb5ErrorCode o_krb5_add_realm (const OKrb5Credential *creds, const char *kdc)
static OKrb5ErrorCode okrb5_gss_authenticate (const OKrb5Credential *creds, struct OKrb5GSSContext *gss_creds)
struct OKrb5GSSContextokrb5_gss_init_context (void)
void okrb5_gss_free_context (struct OKrb5GSSContext *context)
OKrb5ErrorCode o_krb5_gss_prepare_context (const OKrb5Credential *creds, struct OKrb5GSSContext *gss_context)
OKrb5ErrorCode o_krb5_gss_update_context (struct OKrb5GSSContext *gss_context, const struct OKrb5Slice *in_data, struct OKrb5Slice **out_data, bool *more)
OKrb5ErrorCode o_krb5_gss_session_key_context (struct OKrb5GSSContext *gss_context, struct OKrb5Slice **out)
char * okrb5_error_code_to_string (const OKrb5ErrorCode code)

Variables

gss_OID_desc spnego_mech_oid_desc = {6, (void *) "\x2b\x06\x01\x05\x05\x02"}

Macro Definition Documentation

◆ ALLOCATE_AND_CHECK

#define ALLOCATE_AND_CHECK ( var,
type,
n,
return_var )
Value:
do \
{ \
var = (type *) calloc (n, sizeof (type)); \
if (var == NULL) \
{ \
return_var = O_KRB5_NOMEM; \
goto result; \
} \
} \
while (0)
O_KRB5_NOMEM
@ O_KRB5_NOMEM
Definition openvas-krb5.h:29

Definition at line 39 of file openvas-krb5.c.

39#define ALLOCATE_AND_CHECK(var, type, n, return_var) \
40 do \
41 { \
42 var = (type *) calloc (n, sizeof (type)); \
43 if (var == NULL) \
44 { \
45 return_var = O_KRB5_NOMEM; \
46 goto result; \
47 } \
48 } \
49 while (0)

Referenced by o_krb5_find_kdc(), o_krb5_gss_prepare_context(), and okrb5_gss_authenticate().

◆ ARRAY_SIZE

#define ARRAY_SIZE ( a)
Value:
(sizeof (a) / sizeof (a[0]))

Definition at line 80 of file openvas-krb5.c.

Referenced by okrb5_gss_authenticate().

◆ CHECK_FPRINT

#define CHECK_FPRINT ( result,
writer,
fmt )
Value:
do \
{ \
if (fprintf (writer, fmt) < 0) \
{ \
result = O_KRB5_UNABLE_TO_WRITE; \
goto result; \
} \
} \
while (0)
O_KRB5_UNABLE_TO_WRITE
@ O_KRB5_UNABLE_TO_WRITE
Definition openvas-krb5.h:27

Definition at line 187 of file openvas-krb5.c.

187#define CHECK_FPRINT(result, writer, fmt) \
188 do \
189 { \
190 if (fprintf (writer, fmt) < 0) \
191 { \
192 result = O_KRB5_UNABLE_TO_WRITE; \
193 goto result; \
194 } \
195 } \
196 while (0)

Referenced by o_krb5_add_realm(), and o_krb5_write_realm().

◆ CHECK_FPRINTF

#define CHECK_FPRINTF ( result,
writer,
fmt,
... )
Value:
do \
{ \
if (fprintf (writer, fmt, __VA_ARGS__) < 0) \
{ \
result = O_KRB5_UNABLE_TO_WRITE; \
goto result; \
} \
} \
while (0)

Definition at line 176 of file openvas-krb5.c.

176#define CHECK_FPRINTF(result, writer, fmt, ...) \
177 do \
178 { \
179 if (fprintf (writer, fmt, __VA_ARGS__) < 0) \
180 { \
181 result = O_KRB5_UNABLE_TO_WRITE; \
182 goto result; \
183 } \
184 } \
185 while (0)

Referenced by o_krb5_write_realm(), and o_krb5_write_trimmed().

◆ CHECK_MAJOR_STAT

#define CHECK_MAJOR_STAT ( )
Value:
if (maj_stat != GSS_S_COMPLETE) \
{ \
result = O_KRB5_ERROR + maj_stat; \
goto result; \
}
O_KRB5_ERROR
@ O_KRB5_ERROR
Definition openvas-krb5.h:35

Referenced by okrb5_gss_authenticate().

◆ GSS_KRB5_INQ_SSPI_SESSION_KEY_OID

#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID    "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05"

Definition at line 72 of file openvas-krb5.c.

72#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID \
73 "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05"

Referenced by o_krb5_gss_session_key_context().

◆ GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH

#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH   11

Definition at line 70 of file openvas-krb5.c.

Referenced by o_krb5_gss_session_key_context().

◆ gss_mech_spnego

#define gss_mech_spnego   (&spnego_mech_oid_desc)

Definition at line 77 of file openvas-krb5.c.

Referenced by o_krb5_gss_prepare_context(), and okrb5_gss_authenticate().

◆ GUARD_NOT_NULL

#define GUARD_NOT_NULL ( var,
return_var )
Value:
do \
{ \
if (var == NULL) \
{ \
return_var = O_KRB5_EXPECTED_NOT_NULL; \
goto result; \
} \
} \
while (0)
O_KRB5_EXPECTED_NOT_NULL
@ O_KRB5_EXPECTED_NOT_NULL
Definition openvas-krb5.h:26

Definition at line 28 of file openvas-krb5.c.

28#define GUARD_NOT_NULL(var, return_var) \
29 do \
30 { \
31 if (var == NULL) \
32 { \
33 return_var = O_KRB5_EXPECTED_NOT_NULL; \
34 goto result; \
35 } \
36 } \
37 while (0)

◆ GUARD_NULL

#define GUARD_NULL ( var,
return_var )
Value:
do \
{ \
if (var != NULL) \
{ \
return_var = O_KRB5_EXPECTED_NULL; \
goto result; \
} \
} \
while (0)
O_KRB5_EXPECTED_NULL
@ O_KRB5_EXPECTED_NULL
Definition openvas-krb5.h:25

Definition at line 17 of file openvas-krb5.c.

17#define GUARD_NULL(var, return_var) \
18 do \
19 { \
20 if (var != NULL) \
21 { \
22 return_var = O_KRB5_EXPECTED_NULL; \
23 goto result; \
24 } \
25 } \
26 while (0)

Referenced by o_krb5_find_kdc().

◆ HEAP_STRING

#define HEAP_STRING ( var,
s )
Value:
do \
{ \
var = calloc (1, strlen (s) + 1); \
snprintf (var, strlen (s) + 1, s); \
goto result; \
} \
while (0)

Referenced by okrb5_error_code_to_string().

◆ IS_STR_EQUAL

#define IS_STR_EQUAL ( line,
line_len,
start,
cmp,
cmp_len )
Value:
((line_len - start < cmp_len) ? 0 \
: (line_len == 0 && cmp_len == 0) \
? 1 \
: (memcmp (line + start, cmp, cmp_len) == 0))

Definition at line 64 of file openvas-krb5.c.

64#define IS_STR_EQUAL(line, line_len, start, cmp, cmp_len) \
65 ((line_len - start < cmp_len) ? 0 \
66 : (line_len == 0 && cmp_len == 0) \
67 ? 1 \
68 : (memcmp (line + start, cmp, cmp_len) == 0))

Referenced by o_krb5_add_realm(), and o_krb5_find_kdc().

◆ MAX_LINE_LENGTH

#define MAX_LINE_LENGTH   1024

Definition at line 82 of file openvas-krb5.c.

Referenced by o_krb5_add_realm(), and o_krb5_find_kdc().

◆ SKIP_WS

#define SKIP_WS ( line,
line_len,
start,
i )
Value:
do \
{ \
for (i = start; i < line_len; i++) \
{ \
if (line[i] != ' ' && line[i] != '\t') \
{ \
break; \
} \
} \
} \
while (0)

Definition at line 51 of file openvas-krb5.c.

51#define SKIP_WS(line, line_len, start, i) \
52 do \
53 { \
54 for (i = start; i < line_len; i++) \
55 { \
56 if (line[i] != ' ' && line[i] != '\t') \
57 { \
58 break; \
59 } \
60 } \
61 } \
62 while (0)

Referenced by o_krb5_add_realm(), and o_krb5_find_kdc().

Function Documentation

◆ o_krb5_add_realm()

OKrb5ErrorCode o_krb5_add_realm ( const OKrb5Credential * creds,
const char * kdc )

Definition at line 247 of file openvas-krb5.c.

248{
249 OKrb5ErrorCode result = O_KRB5_SUCCESS;
250 FILE *file = NULL, *tmp = NULL;
251 char line[MAX_LINE_LENGTH] = {0};
252 char tmpfn[MAX_LINE_LENGTH] = {0};
253 int state, i;
254 char *cp = (char *) creds->config_path.data;
255
256 if ((file = fopen (cp, "r")) == NULL)
257 {
258 if ((file = fopen (cp, "w")) == NULL)
259 {
260 result = O_KRB5_CONF_NOT_CREATED;
261 goto result;
262 }
263 CHECK_FPRINT (result, file, "[realms]\n");
264 o_krb5_write_realm (file, creds, kdc);
265 goto result;
266 }
267 snprintf (tmpfn, MAX_LINE_LENGTH, "%s.tmp", cp);
268 if ((tmp = fopen (tmpfn, "w")) == NULL)
269 {
270 result = O_KRB5_TMP_CONF_NOT_CREATED;
271 goto result;
272 }
273 state = 0;
274 while (fgets (line, MAX_LINE_LENGTH, file))
275 {
276 fputs (line, tmp);
277 if (state == 0)
278 {
279 SKIP_WS (line, MAX_LINE_LENGTH, 0, i);
280 if (IS_STR_EQUAL (line, MAX_LINE_LENGTH, i, "[realms]", 8) == 1)
281 {
282 o_krb5_write_realm (file, creds, kdc);
283
284 state = 1;
285 }
286 }
287 }
288
289 if (rename (tmpfn, cp) != 0)
290 {
291 result = O_KRB5_TMP_CONF_NOT_MOVED;
292 }
293
294result:
295 if (tmp != NULL)
296 fclose (tmp);
297 if (file != NULL)
298 fclose (file);
299 return result;
300}
IS_STR_EQUAL
#define IS_STR_EQUAL(line, line_len, start, cmp, cmp_len)
Definition openvas-krb5.c:64
CHECK_FPRINT
#define CHECK_FPRINT(result, writer, fmt)
Definition openvas-krb5.c:187
SKIP_WS
#define SKIP_WS(line, line_len, start, i)
Definition openvas-krb5.c:51
MAX_LINE_LENGTH
#define MAX_LINE_LENGTH
Definition openvas-krb5.c:82
o_krb5_write_realm
static OKrb5ErrorCode o_krb5_write_realm(FILE *file, const OKrb5Credential *creds, const char *kdc)
Definition openvas-krb5.c:215
OKrb5ErrorCode
OKrb5ErrorCode
Definition openvas-krb5.h:17
O_KRB5_SUCCESS
@ O_KRB5_SUCCESS
Definition openvas-krb5.h:18
O_KRB5_CONF_NOT_CREATED
@ O_KRB5_CONF_NOT_CREATED
Definition openvas-krb5.h:21
O_KRB5_TMP_CONF_NOT_MOVED
@ O_KRB5_TMP_CONF_NOT_MOVED
Definition openvas-krb5.h:23
O_KRB5_TMP_CONF_NOT_CREATED
@ O_KRB5_TMP_CONF_NOT_CREATED
Definition openvas-krb5.h:22
OKrb5Credential::config_path
struct OKrb5Slice config_path
Definition openvas-krb5.h:59
OKrb5Slice::data
void * data
Definition openvas-krb5.h:40

References CHECK_FPRINT, OKrb5Credential::config_path, OKrb5Slice::data, IS_STR_EQUAL, MAX_LINE_LENGTH, O_KRB5_CONF_NOT_CREATED, O_KRB5_SUCCESS, O_KRB5_TMP_CONF_NOT_CREATED, O_KRB5_TMP_CONF_NOT_MOVED, o_krb5_write_realm(), and SKIP_WS.

Referenced by build_krb5_credential(), and nasl_okrb5_add_realm().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ o_krb5_find_kdc()

OKrb5ErrorCode o_krb5_find_kdc ( const OKrb5Credential * creds,
char ** kdc )

Definition at line 85 of file openvas-krb5.c.

86{
87 OKrb5ErrorCode result = O_KRB5_REALM_NOT_FOUND;
88 char line[MAX_LINE_LENGTH];
89 int state = 0;
90 size_t last_element;
91 size_t i, j;
92 FILE *file = NULL;
93
94 // we don't know if we should free it or just override it.
95 // aborting instead.
96 GUARD_NULL (*kdc, result);
97 if ((file = fopen ((char *) creds->config_path.data, "r")) == NULL)
98 {
99 result = O_KRB5_CONF_NOT_FOUND;
100 goto result;
101 }
102
103 while (fgets (line, MAX_LINE_LENGTH, file))
104 {
105 line[strcspn (line, "\n")] = 0;
106 last_element = strlen (line) - 1;
107 SKIP_WS (line, last_element, 0, i);
108 if (line[i] == '[' && line[last_element] == ']')
109 {
110 if (state != 0)
111 {
112 result = O_KRB5_REALM_NOT_FOUND;
113 goto result;
114 }
115 if (IS_STR_EQUAL (line, last_element + 1, i, "[realms]", 8) == 1)
116 {
117 state = 1;
118 }
119 }
120 else
121 {
122 if (line[i] == '}' || line[last_element] == '}')
123 {
124 state = 1;
125 }
126 else if (state == 1)
127 {
128 for (j = i; j <= last_element; j++)
129 {
130 if (line[j] != ((char *) creds->realm.data)[j - i])
131 {
132 state = 2;
133 break;
134 }
135 if (j - i >= creds->realm.len)
136 {
137 break;
138 }
139 }
140 if (j - i == creds->realm.len)
141 {
142 state = 3;
143 }
144 }
145 else if (state == 3)
146 {
147 if (IS_STR_EQUAL (line, last_element + 1, i, "kdc", 3))
148 {
149 SKIP_WS (line, last_element, i + 3, i);
150 if (line[i] == '=')
151 {
152 SKIP_WS (line, last_element, i + 1, i);
153 ALLOCATE_AND_CHECK (*kdc, char, (last_element - i) + 1,
154 result);
155 for (j = i; j <= last_element; j++)
156 {
157 (*kdc)[j - i] = line[j];
158 }
159
160 result = O_KRB5_SUCCESS;
161 goto result;
162 }
163 }
164 }
165 }
166 }
167
168result:
169 if (file != NULL)
170 {
171 fclose (file);
172 }
173 return result;
174}
GUARD_NULL
#define GUARD_NULL(var, return_var)
Definition openvas-krb5.c:17
ALLOCATE_AND_CHECK
#define ALLOCATE_AND_CHECK(var, type, n, return_var)
Definition openvas-krb5.c:39
O_KRB5_REALM_NOT_FOUND
@ O_KRB5_REALM_NOT_FOUND
Definition openvas-krb5.h:24
O_KRB5_CONF_NOT_FOUND
@ O_KRB5_CONF_NOT_FOUND
Definition openvas-krb5.h:20
OKrb5Credential::realm
struct OKrb5Slice realm
Definition openvas-krb5.h:60

References ALLOCATE_AND_CHECK, OKrb5Credential::config_path, OKrb5Slice::data, GUARD_NULL, IS_STR_EQUAL, OKrb5Slice::len, MAX_LINE_LENGTH, O_KRB5_CONF_NOT_FOUND, O_KRB5_REALM_NOT_FOUND, O_KRB5_SUCCESS, OKrb5Credential::realm, and SKIP_WS.

Referenced by build_krb5_credential(), and nasl_okrb5_find_kdc().

Here is the caller graph for this function:

◆ o_krb5_gss_prepare_context()

OKrb5ErrorCode o_krb5_gss_prepare_context ( const OKrb5Credential * creds,
struct OKrb5GSSContext * gss_context )

Definition at line 445 of file openvas-krb5.c.

447{
448 char *target_principal_str = NULL;
449 OKrb5ErrorCode result = O_KRB5_SUCCESS;
450
451 gss_name_t gss_target = GSS_C_NO_NAME;
452 OM_uint32 maj_stat;
453 OM_uint32 min_stat;
454 gss_buffer_desc targetbuf = GSS_C_EMPTY_BUFFER;
455 const struct OKrb5Target *target = &creds->target;
456
457 if (gss_context->gss_creds == GSS_C_NO_CREDENTIAL)
458 {
459 if ((result = okrb5_gss_authenticate (creds, gss_context)))
460 {
461 goto result;
462 }
463 }
464
465 if (target->domain.len != 0)
466 {
467 ALLOCATE_AND_CHECK (target_principal_str, char,
468 target->host_name.len + target->domain.len
469 + target->service.len + creds->realm.len + 4,
470 result);
471 sprintf (target_principal_str, "%s/%s/%s@%s",
472 (char *) target->service.data, (char *) target->host_name.data,
473 (char *) target->domain.data, (char *) creds->realm.data);
474 }
475 else
476 {
477 ALLOCATE_AND_CHECK (target_principal_str, char,
478 target->host_name.len + target->service.len
479 + creds->realm.len + 3,
480 result);
481 sprintf (target_principal_str, "%s/%s@%s", (char *) target->service.data,
482 (char *) target->host_name.data, (char *) creds->realm.data);
483 }
484
485 targetbuf = (gss_buffer_desc){
486 .value = target_principal_str,
487 .length = strlen (target_principal_str),
488 };
489
490 maj_stat = gss_import_name (&min_stat, &targetbuf,
491 // might also be GSS_C_NT_HOSTBASED_SERVICE,
492 // but samba uses GSS_C_NT_USER_NAME
493 GSS_C_NT_USER_NAME, &gss_target);
494 if (maj_stat != GSS_S_COMPLETE)
495 {
496 result = O_KRB5_ERROR + maj_stat;
497 goto result;
498 }
499
500 gss_context->gss_target = gss_target;
501 // gss_set_neg_mechs() already specified that we want gss_mech_krb5
502 // and/or gss_mech_iakerb
503 // so we use spnego to do the negotiation
504 gss_context->gss_mech = gss_mech_spnego;
505 gss_context->gss_want_flags = GSS_C_MUTUAL_FLAG | GSS_C_DELEG_POLICY_FLAG
506 | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG
507 | GSS_C_INTEG_FLAG | GSS_C_CONF_FLAG;
508 gss_context->gss_got_flags = 0;
509 gss_context->gss_channel_bindings = GSS_C_NO_CHANNEL_BINDINGS;
510 gss_context->gss_time_req = 0;
511 gss_context->gss_time_rec = 0;
512 gss_context->gss_actual_mech_type = NULL;
513result:
514 if (target_principal_str != NULL)
515 free (target_principal_str);
516
517 return result;
518}
free
void free(void *)
gss_mech_spnego
#define gss_mech_spnego
Definition openvas-krb5.c:77
okrb5_gss_authenticate
static OKrb5ErrorCode okrb5_gss_authenticate(const OKrb5Credential *creds, struct OKrb5GSSContext *gss_creds)
Definition openvas-krb5.c:322
OKrb5Credential::target
struct OKrb5Target target
Definition openvas-krb5.h:65
OKrb5GSSContext::gss_want_flags
OM_uint32 gss_want_flags
Definition openvas-krb5.c:313
OKrb5GSSContext::gss_creds
gss_cred_id_t gss_creds
Definition openvas-krb5.c:309
OKrb5GSSContext::gss_target
gss_name_t gss_target
Definition openvas-krb5.c:311
OKrb5GSSContext::gss_channel_bindings
gss_channel_bindings_t gss_channel_bindings
Definition openvas-krb5.c:315
OKrb5GSSContext::gss_time_req
OM_uint32 gss_time_req
Definition openvas-krb5.c:314
OKrb5GSSContext::gss_got_flags
OM_uint32 gss_got_flags
Definition openvas-krb5.c:317
OKrb5GSSContext::gss_time_rec
OM_uint32 gss_time_rec
Definition openvas-krb5.c:318
OKrb5GSSContext::gss_actual_mech_type
gss_OID gss_actual_mech_type
Definition openvas-krb5.c:316
OKrb5Target::service
struct OKrb5Slice service
Definition openvas-krb5.h:53
OKrb5Target::domain
struct OKrb5Slice domain
Definition openvas-krb5.h:54
OKrb5Target::host_name
struct OKrb5Slice host_name
Definition openvas-krb5.h:52

References ALLOCATE_AND_CHECK, OKrb5Slice::data, OKrb5Target::domain, free(), OKrb5GSSContext::gss_actual_mech_type, OKrb5GSSContext::gss_channel_bindings, OKrb5GSSContext::gss_creds, OKrb5GSSContext::gss_got_flags, OKrb5GSSContext::gss_mech, gss_mech_spnego, OKrb5GSSContext::gss_target, OKrb5GSSContext::gss_time_rec, OKrb5GSSContext::gss_time_req, OKrb5GSSContext::gss_want_flags, OKrb5Target::host_name, OKrb5Slice::len, O_KRB5_ERROR, O_KRB5_SUCCESS, okrb5_gss_authenticate(), OKrb5Credential::realm, OKrb5Target::service, and OKrb5Credential::target.

Referenced by nasl_okrb5_gss_prepare_context().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ o_krb5_gss_session_key_context()

OKrb5ErrorCode o_krb5_gss_session_key_context ( struct OKrb5GSSContext * gss_context,
struct OKrb5Slice ** out )

Definition at line 563 of file openvas-krb5.c.

565{
566 OM_uint32 maj_stat;
567 OM_uint32 min_stat;
568 OKrb5ErrorCode result = O_KRB5_SUCCESS;
569 gss_OID_desc gse_sesskey_inq_oid = {
570 GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH,
571 (void *) GSS_KRB5_INQ_SSPI_SESSION_KEY_OID,
572 };
573 gss_buffer_set_t set = GSS_C_NO_BUFFER_SET;
574
575 maj_stat = gss_inquire_sec_context_by_oid (&min_stat, gss_context->gss_ctx,
576 &gse_sesskey_inq_oid, &set);
577 if (maj_stat != GSS_S_COMPLETE)
578 {
579 result = O_KRB5_ERROR + maj_stat;
580 goto result;
581 }
582
583 if ((set == GSS_C_NO_BUFFER_SET) || (set->count == 0)
584 || (set->elements[0].length == 0))
585 {
586 result = O_KRB5_ERROR + GSS_S_BAD_SIG;
587 goto result;
588 }
589
590 *out = calloc (1, sizeof (struct OKrb5Slice));
591 (*out)->data = malloc (set->elements[0].length);
592 memcpy ((*out)->data, set->elements[0].value, set->elements[0].length);
593 (*out)->len = set->elements[0].length;
594 gss_release_buffer_set (&min_stat, &set);
595result:
596 return result;
597}
malloc
void * malloc(YYSIZE_T)
GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH
#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH
Definition openvas-krb5.c:70
GSS_KRB5_INQ_SSPI_SESSION_KEY_OID
#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID
Definition openvas-krb5.c:72
OKrb5GSSContext::gss_ctx
gss_ctx_id_t gss_ctx
Definition openvas-krb5.c:310

References OKrb5GSSContext::gss_ctx, GSS_KRB5_INQ_SSPI_SESSION_KEY_OID, GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH, malloc(), O_KRB5_ERROR, and O_KRB5_SUCCESS.

Referenced by nasl_okrb5_gss_session_key_context().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ o_krb5_gss_update_context()

OKrb5ErrorCode o_krb5_gss_update_context ( struct OKrb5GSSContext * gss_context,
const struct OKrb5Slice * in_data,
struct OKrb5Slice ** out_data,
bool * more )

Definition at line 521 of file openvas-krb5.c.

524{
525 OM_uint32 maj_stat;
526 OM_uint32 min_stat;
527 OKrb5ErrorCode result = O_KRB5_SUCCESS;
528 gss_buffer_desc in_buf = {
529 .length = in_data->len,
530 .value = in_data->data,
531 };
532 gss_buffer_desc out_buf = GSS_C_EMPTY_BUFFER;
533
534 maj_stat = gss_init_sec_context (
535 &min_stat, gss_context->gss_creds, &gss_context->gss_ctx,
536 gss_context->gss_target, gss_context->gss_mech, gss_context->gss_want_flags,
537 gss_context->gss_time_req, gss_context->gss_channel_bindings, &in_buf,
538 &gss_context->gss_actual_mech_type, &out_buf, &gss_context->gss_got_flags,
539 &gss_context->gss_time_rec);
540 if (maj_stat != GSS_S_COMPLETE && maj_stat != GSS_S_CONTINUE_NEEDED)
541 {
542 result = O_KRB5_ERROR + maj_stat;
543 goto result;
544 }
545 if ((*out_data = malloc (sizeof (struct OKrb5Slice))) == NULL)
546 {
547 result = O_KRB5_NOMEM;
548 gss_release_buffer (&min_stat, &out_buf);
549 goto result;
550 }
551 // transfers ownership of out_buf.value into out_data->data.
552 // This simplifies the code as we don't have to alloc and check if the system
553 // had sufficient memory and don't have to memcpy.
554 (*out_data)->data = out_buf.value;
555 (*out_data)->len = out_buf.length;
556
557 *more = maj_stat == GSS_S_CONTINUE_NEEDED;
558result:
559 return result;
560}

References OKrb5Slice::data, OKrb5GSSContext::gss_actual_mech_type, OKrb5GSSContext::gss_channel_bindings, OKrb5GSSContext::gss_creds, OKrb5GSSContext::gss_ctx, OKrb5GSSContext::gss_got_flags, OKrb5GSSContext::gss_mech, OKrb5GSSContext::gss_target, OKrb5GSSContext::gss_time_rec, OKrb5GSSContext::gss_time_req, OKrb5GSSContext::gss_want_flags, OKrb5Slice::len, malloc(), O_KRB5_ERROR, O_KRB5_NOMEM, and O_KRB5_SUCCESS.

Referenced by nasl_okrb5_gss_update_context().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ o_krb5_write_realm()

OKrb5ErrorCode o_krb5_write_realm ( FILE * file,
const OKrb5Credential * creds,
const char * kdc )
static

Definition at line 215 of file openvas-krb5.c.

216{
217 OKrb5ErrorCode result = O_KRB5_SUCCESS;
218 CHECK_FPRINTF (result, file, "%s = {\n", (char *) creds->realm.data);
219 const char *kdc_delimiter = strchr (kdc, ',');
220 const char *kdc_start = kdc;
221 const char *kdc_first_start = kdc_start;
222 const char *kdc_first_end =
223 kdc_delimiter != NULL ? kdc_delimiter : kdc + strlen (kdc);
224
225 o_krb5_write_trimmed (file, " kdc", kdc_first_start, kdc_first_end);
226 if (kdc_delimiter != NULL)
227 {
228 kdc_start = kdc_delimiter + 1;
229 while ((kdc_delimiter = strchr (kdc_start, ',')) != NULL)
230 {
231 o_krb5_write_trimmed (file, " kdc", kdc_start, kdc_delimiter);
232 kdc_start = kdc_delimiter + 1;
233 }
234
235 o_krb5_write_trimmed (file, " kdc", kdc_start, kdc + strlen (kdc));
236 }
237 o_krb5_write_trimmed (file, " admin_server", kdc_first_start, kdc_first_end);
238 o_krb5_write_trimmed (file, " master_kdc", kdc_first_start, kdc_first_end);
239 CHECK_FPRINT (result, file, "\n}\n");
240
241result:
242 return result;
243}
CHECK_FPRINTF
#define CHECK_FPRINTF(result, writer, fmt,...)
Definition openvas-krb5.c:176
o_krb5_write_trimmed
static OKrb5ErrorCode o_krb5_write_trimmed(FILE *file, const char *prefix, const char *start, const char *end)
Definition openvas-krb5.c:199

References CHECK_FPRINT, CHECK_FPRINTF, OKrb5Slice::data, O_KRB5_SUCCESS, o_krb5_write_trimmed(), and OKrb5Credential::realm.

Referenced by o_krb5_add_realm().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ o_krb5_write_trimmed()

OKrb5ErrorCode o_krb5_write_trimmed ( FILE * file,
const char * prefix,
const char * start,
const char * end )
static

Definition at line 199 of file openvas-krb5.c.

201{
202 OKrb5ErrorCode result = O_KRB5_SUCCESS;
203 while (start < end && isspace ((unsigned char) *start))
204 start++;
205 while (end > start && isspace ((unsigned char) *(end - 1)))
206 end--;
207 CHECK_FPRINTF (result, file, "%s = %.*s\n", prefix, (int) (end - start),
208 start);
209
210result:
211 return result;
212}
prefix
static void prefix(int n, int i)
Definition nasl_tree.c:219

References CHECK_FPRINTF, O_KRB5_SUCCESS, and prefix().

Referenced by o_krb5_write_realm().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ okrb5_error_code_to_string()

char * okrb5_error_code_to_string ( const OKrb5ErrorCode code)

Definition at line 600 of file openvas-krb5.c.

601{
602#define HEAP_STRING(var, s) \
603 do \
604 { \
605 var = calloc (1, strlen (s) + 1); \
606 snprintf (var, strlen (s) + 1, s); \
607 goto result; \
608 } \
609 while (0)
610
611 char *result = NULL;
612 switch (code)
613 {
614 case O_KRB5_SUCCESS:
615 HEAP_STRING (result, "success");
616 case O_KRB5_CONF_NOT_FOUND:
617 HEAP_STRING (result, "krb5.conf not found");
618 case O_KRB5_CONF_NOT_CREATED:
619 HEAP_STRING (result, "krb5.conf not created");
620 case O_KRB5_TMP_CONF_NOT_CREATED:
621 HEAP_STRING (result, "tmp krb5.conf not created");
622 case O_KRB5_TMP_CONF_NOT_MOVED:
623 HEAP_STRING (result, "tmp krb5.conf not moved");
624 case O_KRB5_REALM_NOT_FOUND:
625 HEAP_STRING (result, "realm not found");
626 case O_KRB5_EXPECTED_NULL:
627 HEAP_STRING (result, "expected null");
628 case O_KRB5_EXPECTED_NOT_NULL:
629 HEAP_STRING (result, "expected not null");
630 case O_KRB5_UNABLE_TO_WRITE:
631 HEAP_STRING (result, "unable to write");
632 case O_KRB5_NOMEM:
633 HEAP_STRING (result, "no memory");
634 default:
635 if (code >= O_KRB5_ERROR)
636 {
637 int maj_stat = code - O_KRB5_ERROR;
638 OM_uint32 min_stat;
639 gss_buffer_desc msg;
640 OM_uint32 msg_ctx = 0;
641
642 (void) gss_display_status (&min_stat, maj_stat, GSS_C_GSS_CODE,
643 GSS_C_NULL_OID, &msg_ctx, &msg);
644 // Instead of calling gss_release_buffer, we transfer ownership of
645 // msg.value (a heap-allocated string) directly to result.
646 // The caller is responsible for freeing result later, this conforms
647 // to other values as well.
648 //
649 // msg itself is stack-allocated, but msg.value is dynamically
650 // allocated, so we must not call gss_release_buffer on msg after
651 // ownership transfer.
652 result = msg.value;
653 }
654 else
655 {
656 goto result;
657 }
658 }
659result:
660 return result;
661}
code
#define code
HEAP_STRING
#define HEAP_STRING(var, s)

References code, HEAP_STRING, O_KRB5_CONF_NOT_CREATED, O_KRB5_CONF_NOT_FOUND, O_KRB5_ERROR, O_KRB5_EXPECTED_NOT_NULL, O_KRB5_EXPECTED_NULL, O_KRB5_NOMEM, O_KRB5_REALM_NOT_FOUND, O_KRB5_SUCCESS, O_KRB5_TMP_CONF_NOT_CREATED, O_KRB5_TMP_CONF_NOT_MOVED, and O_KRB5_UNABLE_TO_WRITE.

Referenced by nasl_okrb5_error_code_to_string().

Here is the caller graph for this function:

◆ okrb5_gss_authenticate()

OKrb5ErrorCode okrb5_gss_authenticate ( const OKrb5Credential * creds,
struct OKrb5GSSContext * gss_creds )
static

Definition at line 322 of file openvas-krb5.c.

324{
325#define CHECK_MAJOR_STAT() \
326 if (maj_stat != GSS_S_COMPLETE) \
327 { \
328 result = O_KRB5_ERROR + maj_stat; \
329 goto result; \
330 }
331 char *user_principal;
332 const struct OKrb5User *user = &creds->user;
333 size_t user_principal_len = user->user.len + creds->realm.len + 1;
334 size_t user_principal_cap = user_principal_len + 1;
335
336 OKrb5ErrorCode result = O_KRB5_SUCCESS;
337 ALLOCATE_AND_CHECK (user_principal, char, user_principal_cap, result);
338 snprintf (user_principal, user_principal_cap, "%s@%s",
339 (char *) user->user.data, (char *) creds->realm.data);
340
341 gss_name_t gss_username = GSS_C_NO_NAME;
342 OM_uint32 maj_stat;
343 OM_uint32 min_stat;
344 // OM_uint32 dummy_min_stat;
345 gss_buffer_desc userbuf = {
346 .value = user_principal,
347 .length = user_principal_len,
348 };
349 gss_buffer_desc pwbuf = {
350 .value = user->password.data,
351 .length = user->password.len,
352 };
353 gss_OID_desc elements[] = {
354 *gss_mech_krb5,
355#ifdef __USE_IAKERB
356 *gss_mech_iakerb,
357#endif /* __USE_IAKERB */
358 *gss_mech_spnego,
359 };
360 gss_OID_set_desc creds_mechs = {
361 .elements = elements,
362 .count = ARRAY_SIZE (elements),
363 };
364 gss_OID_set_desc spnego_mechs = {
365 .elements = elements,
366 .count = ARRAY_SIZE (elements) - 1, /* without gss_mech_spnego */
367 };
368 gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
369
370 maj_stat =
371 gss_import_name (&min_stat, &userbuf, GSS_C_NT_USER_NAME, &gss_username);
372 CHECK_MAJOR_STAT ();
373
374 maj_stat = gss_acquire_cred_with_password (&min_stat, gss_username, &pwbuf, 0,
375 &creds_mechs, GSS_C_INITIATE,
376 &cred, NULL, NULL);
377
378 (void) gss_release_name (&min_stat, &gss_username);
379 CHECK_MAJOR_STAT ();
380
381 // let spnego only use the desired mechs
382 maj_stat = gss_set_neg_mechs (&min_stat, cred, &spnego_mechs);
383 CHECK_MAJOR_STAT ();
384 gss_creds->gss_creds = cred;
385result:
386 if (user_principal != NULL)
387 free (user_principal);
388 return result;
389}
CHECK_MAJOR_STAT
#define CHECK_MAJOR_STAT()
ARRAY_SIZE
#define ARRAY_SIZE(a)
Definition openvas-krb5.c:80
OKrb5Credential::user
struct OKrb5User user
Definition openvas-krb5.h:64
OKrb5User::user
struct OKrb5Slice user
Definition openvas-krb5.h:46

References ALLOCATE_AND_CHECK, ARRAY_SIZE, CHECK_MAJOR_STAT, OKrb5Slice::data, free(), OKrb5GSSContext::gss_creds, gss_mech_spnego, OKrb5Slice::len, O_KRB5_SUCCESS, OKrb5Credential::realm, OKrb5Credential::user, and OKrb5User::user.

Referenced by o_krb5_gss_prepare_context().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ okrb5_gss_free_context()

void okrb5_gss_free_context ( struct OKrb5GSSContext * context)

Definition at line 405 of file openvas-krb5.c.

406{
407 OM_uint32 min_stat;
408 if (context != NULL)
409 {
410 if (context->gss_creds != GSS_C_NO_CREDENTIAL)
411 {
412 gss_release_cred (&min_stat, &context->gss_creds);
413 }
414 if (context->gss_ctx != GSS_C_NO_CONTEXT)
415 {
416 gss_delete_sec_context (&min_stat, &context->gss_ctx, GSS_C_NO_BUFFER);
417 }
418 if (context->gss_target != GSS_C_NO_NAME)
419 {
420 gss_release_name (&min_stat, &context->gss_target);
421 }
422 if (context->gss_mech != NULL)
423 {
424 gss_release_oid (&min_stat, &context->gss_mech);
425 }
426 if (context->gss_channel_bindings != GSS_C_NO_CHANNEL_BINDINGS)
427 {
428 gss_release_buffer (
429 NULL, &context->gss_channel_bindings->initiator_address);
430 gss_release_buffer (&min_stat,
431 &context->gss_channel_bindings->acceptor_address);
432 gss_release_buffer (&min_stat,
433 &context->gss_channel_bindings->application_data);
434 free (context->gss_channel_bindings);
435 }
436 if (context->gss_actual_mech_type != NULL)
437 {
438 gss_release_oid (&min_stat, &context->gss_actual_mech_type);
439 }
440 free (context);
441 }
442}

References free(), OKrb5GSSContext::gss_actual_mech_type, OKrb5GSSContext::gss_channel_bindings, OKrb5GSSContext::gss_creds, OKrb5GSSContext::gss_ctx, OKrb5GSSContext::gss_mech, and OKrb5GSSContext::gss_target.

Referenced by nasl_okrb5_clean().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ okrb5_gss_init_context()

struct OKrb5GSSContext * okrb5_gss_init_context ( void )

Definition at line 392 of file openvas-krb5.c.

393{
394 struct OKrb5GSSContext *context = calloc (1, sizeof (struct OKrb5GSSContext));
395 if (context == NULL)
396 {
397 return NULL;
398 }
399 context->gss_creds = GSS_C_NO_CREDENTIAL;
400 context->gss_ctx = GSS_C_NO_CONTEXT;
401 return context;
402}

References OKrb5GSSContext::gss_creds, and OKrb5GSSContext::gss_ctx.

Referenced by nasl_okrb5_gss_init(), and nasl_okrb5_gss_prepare_context().

Here is the caller graph for this function:

Variable Documentation

◆ spnego_mech_oid_desc

gss_OID_desc spnego_mech_oid_desc = {6, (void *) "\x2b\x06\x01\x05\x05\x02"}

Definition at line 76 of file openvas-krb5.c.

76{6, (void *) "\x2b\x06\x01\x05\x05\x02"};