projects / u / mdw / putty / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Change how we handle the Ssh_gss_buf type. Previously, we defined it
[u/mdw/putty] / windows / wingss.c
1 #ifndef NO_GSSAPI
2
3 #include <windows.h>
4 #define SECURITY_WIN32
5 #include <security.h>
6 #include "sshgss.h"
7 #include "misc.h"
8
9 #define NOTHING
10 #define DECL_SSPI_FUNCTION(linkage, rettype, name, params) \
11 typedef rettype (WINAPI *t_##name) params; \
12 linkage t_##name p_##name
13 #define GET_SSPI_FUNCTION(module, name) \
14 p_##name = module ? (t_##name) GetProcAddress(module, #name) : NULL
15
16 DECL_SSPI_FUNCTION(static, SECURITY_STATUS,
17 AcquireCredentialsHandleA,
18 (SEC_CHAR *, SEC_CHAR *, ULONG, PLUID,
19 PVOID, SEC_GET_KEY_FN, PVOID, PCredHandle, PTimeStamp));
20 DECL_SSPI_FUNCTION(static, SECURITY_STATUS,
21 InitializeSecurityContextA,
22 (PCredHandle, PCtxtHandle, SEC_CHAR *, ULONG, ULONG,
23 ULONG, PSecBufferDesc, ULONG, PCtxtHandle,
24 PSecBufferDesc, PULONG, PTimeStamp));
25 DECL_SSPI_FUNCTION(static, SECURITY_STATUS,
26 FreeContextBuffer,
27 (PVOID));
28 DECL_SSPI_FUNCTION(static, SECURITY_STATUS,
29 FreeCredentialsHandle,
30 (PCredHandle));
31 DECL_SSPI_FUNCTION(static, SECURITY_STATUS,
32 DeleteSecurityContext,
33 (PCtxtHandle));
34 DECL_SSPI_FUNCTION(static, SECURITY_STATUS,
35 QueryContextAttributesA,
36 (PCtxtHandle, ULONG, PVOID));
37 DECL_SSPI_FUNCTION(static, SECURITY_STATUS,
38 MakeSignature,
39 (PCtxtHandle, ULONG, PSecBufferDesc, ULONG));
40
41 static HMODULE security_module = NULL;
42
43 typedef struct winSsh_gss_ctx {
44 unsigned long maj_stat;
45 unsigned long min_stat;
46 CredHandle cred_handle;
47 CtxtHandle context;
48 PCtxtHandle context_handle;
49 TimeStamp expiry;
50 } winSsh_gss_ctx;
51
52
53 const Ssh_gss_buf gss_mech_krb5={9,"\x2A\x86\x48\x86\xF7\x12\x01\x02\x02"};
54
55 int ssh_gss_init(void)
56 {
57 if (security_module)
58 return 1; /* already initialised */
59
60 security_module = LoadLibrary("secur32.dll");
61 if (security_module) {
62 GET_SSPI_FUNCTION(security_module, AcquireCredentialsHandleA);
63 GET_SSPI_FUNCTION(security_module, InitializeSecurityContextA);
64 GET_SSPI_FUNCTION(security_module, FreeContextBuffer);
65 GET_SSPI_FUNCTION(security_module, FreeCredentialsHandle);
66 GET_SSPI_FUNCTION(security_module, DeleteSecurityContext);
67 GET_SSPI_FUNCTION(security_module, QueryContextAttributesA);
68 GET_SSPI_FUNCTION(security_module, MakeSignature);
69 return 1;
70 }
71 return 0;
72 }
73
74 Ssh_gss_stat ssh_gss_indicate_mech(Ssh_gss_buf *mech)
75 {
76 *mech = gss_mech_krb5;
77 return SSH_GSS_OK;
78 }
79
80
81 Ssh_gss_stat ssh_gss_import_name(char *host, Ssh_gss_name *srv_name)
82 {
83 char *pStr;
84
85 /* Check hostname */
86 if (host == NULL) return SSH_GSS_FAILURE;
87
88 /* copy it into form host/FQDN */
89 pStr = dupcat("host/", host, NULL);
90
91 *srv_name = (Ssh_gss_name) pStr;
92
93 return SSH_GSS_OK;
94 }
95
96 Ssh_gss_stat ssh_gss_acquire_cred(Ssh_gss_ctx *ctx)
97 {
98 winSsh_gss_ctx *winctx = snew(winSsh_gss_ctx);
99 memset(winctx, 0, sizeof(winSsh_gss_ctx));
100
101 /* prepare our "wrapper" structure */
102 winctx->maj_stat = winctx->min_stat = SEC_E_OK;
103 winctx->context_handle = NULL;
104
105 /* Specifying no principal name here means use the credentials of
106 the current logged-in user */
107
108 winctx->maj_stat = p_AcquireCredentialsHandleA(NULL,
109 "Kerberos",
110 SECPKG_CRED_OUTBOUND,
111 NULL,
112 NULL,
113 NULL,
114 NULL,
115 &winctx->cred_handle,
116 &winctx->expiry);
117
118 if (winctx->maj_stat != SEC_E_OK) return SSH_GSS_FAILURE;
119
120 *ctx = (Ssh_gss_ctx) winctx;
121 return SSH_GSS_OK;
122 }
123
124
125 Ssh_gss_stat ssh_gss_init_sec_context(Ssh_gss_ctx *ctx,
126 Ssh_gss_name srv_name,
127 int to_deleg,
128 Ssh_gss_buf *recv_tok,
129 Ssh_gss_buf *send_tok)
130 {
131 winSsh_gss_ctx *winctx = (winSsh_gss_ctx *) *ctx;
132 SecBuffer wsend_tok = {send_tok->length,SECBUFFER_TOKEN,send_tok->value};
133 SecBuffer wrecv_tok = {recv_tok->length,SECBUFFER_TOKEN,recv_tok->value};
134 SecBufferDesc output_desc={SECBUFFER_VERSION,1,&wsend_tok};
135 SecBufferDesc input_desc ={SECBUFFER_VERSION,1,&wrecv_tok};
136 unsigned long flags=ISC_REQ_MUTUAL_AUTH|ISC_REQ_REPLAY_DETECT|
137 ISC_REQ_CONFIDENTIALITY|ISC_REQ_ALLOCATE_MEMORY;
138 unsigned long ret_flags=0;
139
140 /* check if we have to delegate ... */
141 if (to_deleg) flags |= ISC_REQ_DELEGATE;
142 winctx->maj_stat = p_InitializeSecurityContextA(&winctx->cred_handle,
143 winctx->context_handle,
144 (char*) srv_name,
145 flags,
146 0, /* reserved */
147 SECURITY_NATIVE_DREP,
148 &input_desc,
149 0, /* reserved */
150 &winctx->context,
151 &output_desc,
152 &ret_flags,
153 &winctx->expiry);
154
155 /* prepare for the next round */
156 winctx->context_handle = &winctx->context;
157 send_tok->value = wsend_tok.pvBuffer;
158 send_tok->length = wsend_tok.cbBuffer;
159
160 /* check & return our status */
161 if (winctx->maj_stat==SEC_E_OK) return SSH_GSS_S_COMPLETE;
162 if (winctx->maj_stat==SEC_I_CONTINUE_NEEDED) return SSH_GSS_S_CONTINUE_NEEDED;
163
164 return SSH_GSS_FAILURE;
165 }
166
167 Ssh_gss_stat ssh_gss_free_tok(Ssh_gss_buf *send_tok)
168 {
169 /* check input */
170 if (send_tok == NULL) return SSH_GSS_FAILURE;
171
172 /* free Windows buffer */
173 p_FreeContextBuffer(send_tok->value);
174 SSH_GSS_CLEAR_BUF(send_tok);
175
176 return SSH_GSS_OK;
177 }
178
179 Ssh_gss_stat ssh_gss_release_cred(Ssh_gss_ctx *ctx)
180 {
181 winSsh_gss_ctx *winctx= (winSsh_gss_ctx *) *ctx;
182
183 /* check input */
184 if (winctx == NULL) return SSH_GSS_FAILURE;
185
186 /* free Windows data */
187 p_FreeCredentialsHandle(&winctx->cred_handle);
188 p_DeleteSecurityContext(&winctx->context);
189
190 /* delete our "wrapper" structure */
191 sfree(winctx);
192 *ctx = (Ssh_gss_ctx) NULL;
193
194 return SSH_GSS_OK;
195 }
196
197
198 Ssh_gss_stat ssh_gss_release_name(Ssh_gss_name *srv_name)
199 {
200 char *pStr= (char *) *srv_name;
201
202 if (pStr == NULL) return SSH_GSS_FAILURE;
203 sfree(pStr);
204 *srv_name = (Ssh_gss_name) NULL;
205
206 return SSH_GSS_OK;
207 }
208
209 Ssh_gss_stat ssh_gss_display_status(Ssh_gss_ctx ctx, Ssh_gss_buf *buf)
210 {
211 winSsh_gss_ctx *winctx = (winSsh_gss_ctx *) ctx;
212 char *msg;
213
214 if (winctx == NULL) return SSH_GSS_FAILURE;
215
216 /* decode the error code */
217 switch (winctx->maj_stat) {
218 case SEC_E_OK: msg="SSPI status OK"; break;
219 case SEC_E_INVALID_HANDLE: msg="The handle passed to the function"
220 " is invalid.";
221 break;
222 case SEC_E_TARGET_UNKNOWN: msg="The target was not recognized."; break;
223 case SEC_E_LOGON_DENIED: msg="The logon failed."; break;
224 case SEC_E_INTERNAL_ERROR: msg="The Local Security Authority cannot"
225 " be contacted.";
226 break;
227 case SEC_E_NO_CREDENTIALS: msg="No credentials are available in the"
228 " security package.";
229 break;
230 case SEC_E_NO_AUTHENTICATING_AUTHORITY:
231 msg="No authority could be contacted for authentication."
232 "The domain name of the authenticating party could be wrong,"
233 " the domain could be unreachable, or there might have been"
234 " a trust relationship failure.";
235 break;
236 case SEC_E_INSUFFICIENT_MEMORY:
237 msg="One or more of the SecBufferDesc structures passed as"
238 " an OUT parameter has a buffer that is too small.";
239 break;
240 case SEC_E_INVALID_TOKEN:
241 msg="The error is due to a malformed input token, such as a"
242 " token corrupted in transit, a token"
243 " of incorrect size, or a token passed into the wrong"
244 " security package. Passing a token to"
245 " the wrong package can happen if client and server did not"
246 " negotiate the proper security package.";
247 break;
248 default:
249 msg = "Internal SSPI error";
250 break;
251 }
252
253 buf->value = dupstr(msg);
254 buf->length = strlen(buf->length);
255
256 return SSH_GSS_OK;
257 }
258
259 Ssh_gss_stat ssh_gss_get_mic(Ssh_gss_ctx ctx, Ssh_gss_buf *buf,
260 Ssh_gss_buf *hash)
261 {
262 winSsh_gss_ctx *winctx= (winSsh_gss_ctx *) ctx;
263 SecPkgContext_Sizes ContextSizes;
264 SecBufferDesc InputBufferDescriptor;
265 SecBuffer InputSecurityToken[2];
266
267 if (winctx == NULL) return SSH_GSS_FAILURE;
268
269 winctx->maj_stat = 0;
270
271 memset(&ContextSizes, 0, sizeof(ContextSizes));
272
273 winctx->maj_stat = p_QueryContextAttributesA(&winctx->context,
274 SECPKG_ATTR_SIZES,
275 &ContextSizes);
276
277 if (winctx->maj_stat != SEC_E_OK ||
278 ContextSizes.cbMaxSignature == 0)
279 return winctx->maj_stat;
280
281 InputBufferDescriptor.cBuffers = 2;
282 InputBufferDescriptor.pBuffers = InputSecurityToken;
283 InputBufferDescriptor.ulVersion = SECBUFFER_VERSION;
284 InputSecurityToken[0].BufferType = SECBUFFER_DATA;
285 InputSecurityToken[0].cbBuffer = buf->length;
286 InputSecurityToken[0].pvBuffer = buf->value;
287 InputSecurityToken[1].BufferType = SECBUFFER_TOKEN;
288 InputSecurityToken[1].cbBuffer = ContextSizes.cbMaxSignature;
289 InputSecurityToken[1].pvBuffer = snewn(ContextSizes.cbMaxSignature, char);
290
291 winctx->maj_stat = p_MakeSignature(&winctx->context,
292 0,
293 &InputBufferDescriptor,
294 0);
295
296 if (winctx->maj_stat == SEC_E_OK) {
297 hash->length = InputSecurityToken[1].cbBuffer;
298 hash->value = InputSecurityToken[1].pvBuffer;
299 }
300
301 return winctx->maj_stat;
302 }
303
304 Ssh_gss_stat ssh_gss_free_mic(Ssh_gss_buf *hash)
305 {
306 sfree(hash->value);
307 return SSH_GSS_OK;
308 }
309
310 #else
311
312 /* Dummy function so this source file defines something if NO_GSSAPI
313 is defined. */
314
315 int ssh_gss_init(void)
316 {
317 return 0;
318 }
319
320 #endif
Local modifications for Simon Tatham's `PuTTY' SSH client and terminal emulator