www.project-moonshot.org Git - mech_eap.orig/blob - mech_eap/init_sec_context.c

   1 /*
   2  * Copyright (c) 2011, JANET(UK)
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  *
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  *
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in the
  14  *    documentation and/or other materials provided with the distribution.
  15  *
  16  * 3. Neither the name of JANET(UK) nor the names of its contributors
  17  *    may be used to endorse or promote products derived from this software
  18  *    without specific prior written permission.
  19  *
  20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  21  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  23  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
  24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  30  * SUCH DAMAGE.
  31  */
  32
  33 /*
  34  * Establish a security context on the initiator (client). These functions
  35  * wrap around libeap.
  36  */
  37
  38 #include "gssapiP_eap.h"
  39
  40 static OM_uint32
  41 policyVariableToFlag(enum eapol_bool_var variable)
  42 {
  43     OM_uint32 flag = 0;
  44
  45     switch (variable) {
  46     case EAPOL_eapSuccess:
  47         flag = CTX_FLAG_EAP_SUCCESS;
  48         break;
  49     case EAPOL_eapRestart:
  50         flag = CTX_FLAG_EAP_RESTART;
  51         break;
  52     case EAPOL_eapFail:
  53         flag = CTX_FLAG_EAP_FAIL;
  54         break;
  55     case EAPOL_eapResp:
  56         flag = CTX_FLAG_EAP_RESP;
  57         break;
  58     case EAPOL_eapNoResp:
  59         flag = CTX_FLAG_EAP_NO_RESP;
  60         break;
  61     case EAPOL_eapReq:
  62         flag = CTX_FLAG_EAP_REQ;
  63         break;
  64     case EAPOL_portEnabled:
  65         flag = CTX_FLAG_EAP_PORT_ENABLED;
  66         break;
  67     case EAPOL_altAccept:
  68         flag = CTX_FLAG_EAP_ALT_ACCEPT;
  69         break;
  70     case EAPOL_altReject:
  71         flag = CTX_FLAG_EAP_ALT_REJECT;
  72         break;
  73     }
  74
  75     return flag;
  76 }
  77
  78 static struct eap_peer_config *
  79 peerGetConfig(void *ctx)
  80 {
  81     gss_ctx_id_t gssCtx = (gss_ctx_id_t)ctx;
  82
  83     return &gssCtx->initiatorCtx.eapPeerConfig;
  84 }
  85
  86 static Boolean
  87 peerGetBool(void *data, enum eapol_bool_var variable)
  88 {
  89     gss_ctx_id_t ctx = data;
  90     OM_uint32 flag;
  91
  92     if (ctx == GSS_C_NO_CONTEXT)
  93         return FALSE;
  94
  95     flag = policyVariableToFlag(variable);
  96
  97     return ((ctx->flags & flag) != 0);
  98 }
  99
 100 static void
 101 peerSetBool(void *data, enum eapol_bool_var variable,
 102             Boolean value)
 103 {
 104     gss_ctx_id_t ctx = data;
 105     OM_uint32 flag;
 106
 107     if (ctx == GSS_C_NO_CONTEXT)
 108         return;
 109
 110     flag = policyVariableToFlag(variable);
 111
 112     if (value)
 113         ctx->flags |= flag;
 114     else
 115         ctx->flags &= ~(flag);
 116 }
 117
 118 static unsigned int
 119 peerGetInt(void *data, enum eapol_int_var variable)
 120 {
 121     gss_ctx_id_t ctx = data;
 122
 123     if (ctx == GSS_C_NO_CONTEXT)
 124         return FALSE;
 125
 126     GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx));
 127
 128     switch (variable) {
 129     case EAPOL_idleWhile:
 130         return ctx->initiatorCtx.idleWhile;
 131         break;
 132     }
 133
 134     return 0;
 135 }
 136
 137 static void
 138 peerSetInt(void *data, enum eapol_int_var variable,
 139            unsigned int value)
 140 {
 141     gss_ctx_id_t ctx = data;
 142
 143     if (ctx == GSS_C_NO_CONTEXT)
 144         return;
 145
 146     GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx));
 147
 148     switch (variable) {
 149     case EAPOL_idleWhile:
 150         ctx->initiatorCtx.idleWhile = value;
 151         break;
 152     }
 153 }
 154
 155 static struct wpabuf *
 156 peerGetEapReqData(void *ctx)
 157 {
 158     gss_ctx_id_t gssCtx = (gss_ctx_id_t)ctx;
 159
 160     return &gssCtx->initiatorCtx.reqData;
 161 }
 162
 163 static void
 164 peerSetConfigBlob(void *ctx GSSEAP_UNUSED,
 165                   struct wpa_config_blob *blob GSSEAP_UNUSED)
 166 {
 167 }
 168
 169 static const struct wpa_config_blob *
 170 peerGetConfigBlob(void *ctx GSSEAP_UNUSED,
 171                   const char *name GSSEAP_UNUSED)
 172 {
 173     return NULL;
 174 }
 175
 176 static void
 177 peerNotifyPending(void *ctx GSSEAP_UNUSED)
 178 {
 179 }
 180
 181 static struct eapol_callbacks gssEapPolicyCallbacks = {
 182     peerGetConfig,
 183     peerGetBool,
 184     peerSetBool,
 185     peerGetInt,
 186     peerSetInt,
 187     peerGetEapReqData,
 188     peerSetConfigBlob,
 189     peerGetConfigBlob,
 190     peerNotifyPending,
 191 };
 192
 193 #ifdef GSSEAP_DEBUG
 194 extern int wpa_debug_level;
 195 #endif
 196
 197 static OM_uint32
 198 peerConfigInit(OM_uint32 *minor, gss_ctx_id_t ctx)
 199 {
 200     OM_uint32 major;
 201     krb5_context krbContext;
 202     struct eap_peer_config *eapPeerConfig = &ctx->initiatorCtx.eapPeerConfig;
 203     gss_buffer_desc identity = GSS_C_EMPTY_BUFFER;
 204     gss_buffer_desc realm = GSS_C_EMPTY_BUFFER;
 205     gss_cred_id_t cred = ctx->cred;
 206
 207     eapPeerConfig->identity = NULL;
 208     eapPeerConfig->identity_len = 0;
 209     eapPeerConfig->anonymous_identity = NULL;
 210     eapPeerConfig->anonymous_identity_len = 0;
 211     eapPeerConfig->password = NULL;
 212     eapPeerConfig->password_len = 0;
 213
 214     GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
 215
 216     GSSEAP_KRB_INIT(&krbContext);
 217
 218     eapPeerConfig->fragment_size = 1024;
 219 #ifdef GSSEAP_DEBUG
 220     wpa_debug_level = 0;
 221 #endif
 222
 223     GSSEAP_ASSERT(cred->name != GSS_C_NO_NAME);
 224
 225     if ((cred->name->flags & (NAME_FLAG_NAI | NAME_FLAG_SERVICE)) == 0) {
 226         *minor = GSSEAP_BAD_INITIATOR_NAME;
 227         return GSS_S_BAD_NAME;
 228     }
 229
 230     /* identity */
 231     major = gssEapDisplayName(minor, cred->name, &identity, NULL);
 232     if (GSS_ERROR(major))
 233         return major;
 234
 235     eapPeerConfig->identity = (unsigned char *)identity.value;
 236     eapPeerConfig->identity_len = identity.length;
 237
 238     krbPrincRealmToGssBuffer(cred->name->krbPrincipal, &realm);
 239
 240     /* anonymous_identity */
 241     eapPeerConfig->anonymous_identity = GSSEAP_MALLOC(realm.length + 2);
 242     if (eapPeerConfig->anonymous_identity == NULL) {
 243         *minor = ENOMEM;
 244         return GSS_S_FAILURE;
 245     }
 246
 247     eapPeerConfig->anonymous_identity[0] = '@';
 248     memcpy(eapPeerConfig->anonymous_identity + 1, realm.value, realm.length);
 249     eapPeerConfig->anonymous_identity[1 + realm.length] = '\0';
 250     eapPeerConfig->anonymous_identity_len = 1 + realm.length;
 251
 252     /* password */
 253     eapPeerConfig->password = (unsigned char *)cred->password.value;
 254     eapPeerConfig->password_len = cred->password.length;
 255
 256     /* certs */
 257     eapPeerConfig->ca_cert = (unsigned char *)cred->caCertificate.value;
 258     eapPeerConfig->subject_match = (unsigned char *)cred->subjectNameConstraint.value;
 259     eapPeerConfig->altsubject_match = (unsigned char *)cred->subjectAltNameConstraint.value;
 260
 261     *minor = 0;
 262     return GSS_S_COMPLETE;
 263 }
 264
 265 static OM_uint32
 266 peerConfigFree(OM_uint32 *minor,
 267                gss_ctx_id_t ctx)
 268 {
 269     struct eap_peer_config *eapPeerConfig = &ctx->initiatorCtx.eapPeerConfig;
 270
 271     if (eapPeerConfig->identity != NULL) {
 272         GSSEAP_FREE(eapPeerConfig->identity);
 273         eapPeerConfig->identity = NULL;
 274         eapPeerConfig->identity_len = 0;
 275     }
 276
 277     if (eapPeerConfig->anonymous_identity != NULL) {
 278         GSSEAP_FREE(eapPeerConfig->anonymous_identity);
 279         eapPeerConfig->anonymous_identity = NULL;
 280         eapPeerConfig->anonymous_identity_len = 0;
 281     }
 282
 283     *minor = 0;
 284     return GSS_S_COMPLETE;
 285 }
 286
 287 /*
 288  * Mark an initiator context as ready for cryptographic operations
 289  */
 290 static OM_uint32
 291 initReady(OM_uint32 *minor, gss_ctx_id_t ctx, OM_uint32 reqFlags)
 292 {
 293     OM_uint32 major;
 294     const unsigned char *key;
 295     size_t keyLength;
 296
 297 #if 1
 298     /* XXX actually check for mutual auth */
 299     if (reqFlags & GSS_C_MUTUAL_FLAG)
 300         ctx->gssFlags |= GSS_C_MUTUAL_FLAG;
 301 #endif
 302
 303     /* Cache encryption type derived from selected mechanism OID */
 304     major = gssEapOidToEnctype(minor, ctx->mechanismUsed, &ctx->encryptionType);
 305     if (GSS_ERROR(major))
 306         return major;
 307
 308     if (!eap_key_available(ctx->initiatorCtx.eap)) {
 309         *minor = GSSEAP_KEY_UNAVAILABLE;
 310         return GSS_S_UNAVAILABLE;
 311     }
 312
 313     key = eap_get_eapKeyData(ctx->initiatorCtx.eap, &keyLength);
 314
 315     if (keyLength < EAP_EMSK_LEN) {
 316         *minor = GSSEAP_KEY_TOO_SHORT;
 317         return GSS_S_UNAVAILABLE;
 318     }
 319
 320     major = gssEapDeriveRfc3961Key(minor,
 321                                    &key[EAP_EMSK_LEN / 2],
 322                                    EAP_EMSK_LEN / 2,
 323                                    ctx->encryptionType,
 324                                    &ctx->rfc3961Key);
 325        if (GSS_ERROR(major))
 326            return major;
 327
 328     major = rfc3961ChecksumTypeForKey(minor, &ctx->rfc3961Key,
 329                                       &ctx->checksumType);
 330     if (GSS_ERROR(major))
 331         return major;
 332
 333     major = sequenceInit(minor,
 334                          &ctx->seqState,
 335                          ctx->recvSeq,
 336                          ((ctx->gssFlags & GSS_C_REPLAY_FLAG) != 0),
 337                          ((ctx->gssFlags & GSS_C_SEQUENCE_FLAG) != 0),
 338                          TRUE);
 339     if (GSS_ERROR(major))
 340         return major;
 341
 342     *minor = 0;
 343     return GSS_S_COMPLETE;
 344 }
 345
 346 static OM_uint32
 347 initBegin(OM_uint32 *minor,
 348           gss_ctx_id_t ctx,
 349           gss_name_t target,
 350           gss_OID mech,
 351           OM_uint32 reqFlags GSSEAP_UNUSED,
 352           OM_uint32 timeReq,
 353           gss_channel_bindings_t chanBindings GSSEAP_UNUSED)
 354 {
 355     OM_uint32 major;
 356     gss_cred_id_t cred = ctx->cred;
 357
 358     GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
 359
 360     if (cred->expiryTime)
 361         ctx->expiryTime = cred->expiryTime;
 362     else if (timeReq == 0 || timeReq == GSS_C_INDEFINITE)
 363         ctx->expiryTime = 0;
 364     else
 365         ctx->expiryTime = time(NULL) + timeReq;
 366
 367     /*
 368      * The credential mutex protects its name, however we need to
 369      * explicitly lock the acceptor name (unlikely as it may be
 370      * that it has attributes set on it).
 371      */
 372     major = gssEapDuplicateName(minor, cred->name, &ctx->initiatorName);
 373     if (GSS_ERROR(major))
 374         return major;
 375
 376     if (target != GSS_C_NO_NAME) {
 377         GSSEAP_MUTEX_LOCK(&target->mutex);
 378
 379         major = gssEapDuplicateName(minor, target, &ctx->acceptorName);
 380         if (GSS_ERROR(major)) {
 381             GSSEAP_MUTEX_UNLOCK(&target->mutex);
 382             return major;
 383         }
 384
 385         GSSEAP_MUTEX_UNLOCK(&target->mutex);
 386     }
 387
 388     major = gssEapCanonicalizeOid(minor,
 389                                   mech,
 390                                   OID_FLAG_NULL_VALID | OID_FLAG_MAP_NULL_TO_DEFAULT_MECH,
 391                                   &ctx->mechanismUsed);
 392     if (GSS_ERROR(major))
 393         return major;
 394
 395     /* If credentials were provided, check they're usable with this mech */
 396     if (!gssEapCredAvailable(cred, ctx->mechanismUsed)) {
 397         *minor = GSSEAP_CRED_MECH_MISMATCH;
 398         return GSS_S_BAD_MECH;
 399     }
 400
 401     *minor = 0;
 402     return GSS_S_COMPLETE;
 403 }
 404
 405 static OM_uint32
 406 eapGssSmInitError(OM_uint32 *minor,
 407                   gss_cred_id_t cred GSSEAP_UNUSED,
 408                   gss_ctx_id_t ctx GSSEAP_UNUSED,
 409                   gss_name_t target GSSEAP_UNUSED,
 410                   gss_OID mech GSSEAP_UNUSED,
 411                   OM_uint32 reqFlags GSSEAP_UNUSED,
 412                   OM_uint32 timeReq GSSEAP_UNUSED,
 413                   gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 414                   gss_buffer_t inputToken,
 415                   gss_buffer_t outputToken GSSEAP_UNUSED,
 416                   OM_uint32 *smFlags GSSEAP_UNUSED)
 417 {
 418     OM_uint32 major;
 419     unsigned char *p;
 420
 421     if (inputToken->length < 8) {
 422         *minor = GSSEAP_TOK_TRUNC;
 423         return GSS_S_DEFECTIVE_TOKEN;
 424     }
 425
 426     p = (unsigned char *)inputToken->value;
 427
 428     major = load_uint32_be(&p[0]);
 429     *minor = ERROR_TABLE_BASE_eapg + load_uint32_be(&p[4]);
 430
 431     if (!GSS_ERROR(major) || !IS_WIRE_ERROR(*minor)) {
 432         major = GSS_S_FAILURE;
 433         *minor = GSSEAP_BAD_ERROR_TOKEN;
 434     }
 435
 436     GSSEAP_ASSERT(GSS_ERROR(major));
 437
 438     return major;
 439 }
 440
 441 #ifdef GSSEAP_ENABLE_REAUTH
 442 static OM_uint32
 443 eapGssSmInitGssReauth(OM_uint32 *minor,
 444                       gss_cred_id_t cred,
 445                       gss_ctx_id_t ctx,
 446                       gss_name_t target,
 447                       gss_OID mech GSSEAP_UNUSED,
 448                       OM_uint32 reqFlags,
 449                       OM_uint32 timeReq,
 450                       gss_channel_bindings_t chanBindings,
 451                       gss_buffer_t inputToken,
 452                       gss_buffer_t outputToken,
 453                       OM_uint32 *smFlags GSSEAP_UNUSED)
 454 {
 455     OM_uint32 major, tmpMinor;
 456     gss_name_t mechTarget = GSS_C_NO_NAME;
 457     gss_OID actualMech = GSS_C_NO_OID;
 458     OM_uint32 gssFlags, timeRec;
 459
 460     GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
 461
 462     if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIAL) {
 463         if (!gssEapCanReauthP(cred, target, timeReq))
 464             return GSS_S_CONTINUE_NEEDED;
 465
 466         ctx->flags |= CTX_FLAG_KRB_REAUTH;
 467     } else if ((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0) {
 468         major = GSS_S_DEFECTIVE_TOKEN;
 469         *minor = GSSEAP_WRONG_ITOK;
 470         goto cleanup;
 471     }
 472
 473     major = gssEapMechToGlueName(minor, target, &mechTarget);
 474     if (GSS_ERROR(major))
 475         goto cleanup;
 476
 477     major = gssInitSecContext(minor,
 478                               cred->reauthCred,
 479                               &ctx->reauthCtx,
 480                               mechTarget,
 481                               (gss_OID)gss_mech_krb5,
 482                               reqFlags | GSS_C_MUTUAL_FLAG,
 483                               timeReq,
 484                               chanBindings,
 485                               inputToken,
 486                               &actualMech,
 487                               outputToken,
 488                               &gssFlags,
 489                               &timeRec);
 490     if (GSS_ERROR(major))
 491         goto cleanup;
 492
 493     ctx->gssFlags = gssFlags;
 494
 495     if (major == GSS_S_COMPLETE) {
 496         GSSEAP_ASSERT(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE);
 497
 498         major = gssEapReauthComplete(minor, ctx, cred, actualMech, timeRec);
 499         if (GSS_ERROR(major))
 500             goto cleanup;
 501         GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_ESTABLISHED);
 502     } else {
 503         GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_REAUTHENTICATE);
 504     }
 505
 506 cleanup:
 507     gssReleaseName(&tmpMinor, &mechTarget);
 508
 509     return major;
 510 }
 511 #endif /* GSSEAP_ENABLE_REAUTH */
 512
 513 #ifdef GSSEAP_DEBUG
 514 static OM_uint32
 515 eapGssSmInitVendorInfo(OM_uint32 *minor,
 516                        gss_cred_id_t cred GSSEAP_UNUSED,
 517                        gss_ctx_id_t ctx GSSEAP_UNUSED,
 518                        gss_name_t target GSSEAP_UNUSED,
 519                        gss_OID mech GSSEAP_UNUSED,
 520                        OM_uint32 reqFlags GSSEAP_UNUSED,
 521                        OM_uint32 timeReq GSSEAP_UNUSED,
 522                        gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 523                        gss_buffer_t inputToken GSSEAP_UNUSED,
 524                        gss_buffer_t outputToken,
 525                        OM_uint32 *smFlags GSSEAP_UNUSED)
 526 {
 527     OM_uint32 major;
 528
 529     major = makeStringBuffer(minor, "JANET(UK)", outputToken);
 530     if (GSS_ERROR(major))
 531         return major;
 532
 533     return GSS_S_CONTINUE_NEEDED;
 534 }
 535 #endif
 536
 537 static OM_uint32
 538 eapGssSmInitAcceptorName(OM_uint32 *minor,
 539                          gss_cred_id_t cred GSSEAP_UNUSED,
 540                          gss_ctx_id_t ctx,
 541                          gss_name_t target GSSEAP_UNUSED,
 542                          gss_OID mech GSSEAP_UNUSED,
 543                          OM_uint32 reqFlags GSSEAP_UNUSED,
 544                          OM_uint32 timeReq GSSEAP_UNUSED,
 545                          gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 546                          gss_buffer_t inputToken GSSEAP_UNUSED,
 547                          gss_buffer_t outputToken,
 548                          OM_uint32 *smFlags GSSEAP_UNUSED)
 549 {
 550     OM_uint32 major;
 551
 552     if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIAL &&
 553         ctx->acceptorName != GSS_C_NO_NAME) {
 554
 555         /* Send desired target name to acceptor */
 556         major = gssEapDisplayName(minor, ctx->acceptorName,
 557                                   outputToken, NULL);
 558         if (GSS_ERROR(major))
 559             return major;
 560     } else if (inputToken != GSS_C_NO_BUFFER &&
 561                ctx->acceptorName == GSS_C_NO_NAME) {
 562         /* Accept target name hint from acceptor */
 563         major = gssEapImportName(minor, inputToken,
 564                                  GSS_C_NT_USER_NAME,
 565                                  ctx->mechanismUsed,
 566                                  &ctx->acceptorName);
 567         if (GSS_ERROR(major))
 568             return major;
 569     }
 570
 571     /*
 572      * Currently, other parts of the code assume that the acceptor name
 573      * is available, hence this check.
 574      */
 575     if (ctx->acceptorName == GSS_C_NO_NAME) {
 576         *minor = GSSEAP_NO_ACCEPTOR_NAME;
 577         return GSS_S_FAILURE;
 578     }
 579
 580     return GSS_S_CONTINUE_NEEDED;
 581 }
 582
 583 static OM_uint32
 584 eapGssSmInitIdentity(OM_uint32 *minor,
 585                      gss_cred_id_t cred GSSEAP_UNUSED,
 586                      gss_ctx_id_t ctx,
 587                      gss_name_t target GSSEAP_UNUSED,
 588                      gss_OID mech GSSEAP_UNUSED,
 589                      OM_uint32 reqFlags GSSEAP_UNUSED,
 590                      OM_uint32 timeReq GSSEAP_UNUSED,
 591                      gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 592                      gss_buffer_t inputToken GSSEAP_UNUSED,
 593                      gss_buffer_t outputToken GSSEAP_UNUSED,
 594                      OM_uint32 *smFlags)
 595 {
 596     struct eap_config eapConfig;
 597
 598 #ifdef GSSEAP_ENABLE_REAUTH
 599     if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE) {
 600         OM_uint32 tmpMinor;
 601
 602         /* server didn't support reauthentication, sent EAP request */
 603         gssDeleteSecContext(&tmpMinor, &ctx->reauthCtx, GSS_C_NO_BUFFER);
 604         ctx->flags &= ~(CTX_FLAG_KRB_REAUTH);
 605         GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_INITIAL);
 606     } else
 607 #endif
 608         *smFlags |= SM_FLAG_FORCE_SEND_TOKEN;
 609
 610     GSSEAP_ASSERT((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
 611     GSSEAP_ASSERT(inputToken == GSS_C_NO_BUFFER);
 612
 613     memset(&eapConfig, 0, sizeof(eapConfig));
 614
 615     ctx->initiatorCtx.eap = eap_peer_sm_init(ctx,
 616                                              &gssEapPolicyCallbacks,
 617                                              ctx,
 618                                              &eapConfig);
 619     if (ctx->initiatorCtx.eap == NULL) {
 620         *minor = GSSEAP_PEER_SM_INIT_FAILURE;
 621         return GSS_S_FAILURE;
 622     }
 623
 624     ctx->flags |= CTX_FLAG_EAP_RESTART | CTX_FLAG_EAP_PORT_ENABLED;
 625
 626     /* poke EAP state machine */
 627     if (eap_peer_sm_step(ctx->initiatorCtx.eap) != 0) {
 628         *minor = GSSEAP_PEER_SM_STEP_FAILURE;
 629         return GSS_S_FAILURE;
 630     }
 631
 632     GSSEAP_SM_TRANSITION_NEXT(ctx);
 633
 634     *minor = 0;
 635
 636     return GSS_S_CONTINUE_NEEDED;
 637 }
 638
 639 static OM_uint32
 640 eapGssSmInitAuthenticate(OM_uint32 *minor,
 641                          gss_cred_id_t cred GSSEAP_UNUSED,
 642                          gss_ctx_id_t ctx,
 643                          gss_name_t target GSSEAP_UNUSED,
 644                          gss_OID mech GSSEAP_UNUSED,
 645                          OM_uint32 reqFlags GSSEAP_UNUSED,
 646                          OM_uint32 timeReq GSSEAP_UNUSED,
 647                          gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 648                          gss_buffer_t inputToken GSSEAP_UNUSED,
 649                          gss_buffer_t outputToken,
 650                          OM_uint32 *smFlags)
 651 {
 652     OM_uint32 major;
 653     OM_uint32 tmpMinor;
 654     struct wpabuf *resp = NULL;
 655
 656     *minor = 0;
 657
 658     GSSEAP_ASSERT(inputToken != GSS_C_NO_BUFFER);
 659
 660     major = peerConfigInit(minor, ctx);
 661     if (GSS_ERROR(major))
 662         goto cleanup;
 663
 664     GSSEAP_ASSERT(ctx->initiatorCtx.eap != NULL);
 665     GSSEAP_ASSERT(ctx->flags & CTX_FLAG_EAP_PORT_ENABLED);
 666
 667     ctx->flags |= CTX_FLAG_EAP_REQ; /* we have a Request from the acceptor */
 668
 669     wpabuf_set(&ctx->initiatorCtx.reqData,
 670                inputToken->value, inputToken->length);
 671
 672     major = GSS_S_CONTINUE_NEEDED;
 673
 674     eap_peer_sm_step(ctx->initiatorCtx.eap);
 675     if (ctx->flags & CTX_FLAG_EAP_RESP) {
 676         ctx->flags &= ~(CTX_FLAG_EAP_RESP);
 677
 678         resp = eap_get_eapRespData(ctx->initiatorCtx.eap);
 679     } else if (ctx->flags & CTX_FLAG_EAP_SUCCESS) {
 680         major = initReady(minor, ctx, reqFlags);
 681         if (GSS_ERROR(major))
 682             goto cleanup;
 683
 684         ctx->flags &= ~(CTX_FLAG_EAP_SUCCESS);
 685         major = GSS_S_CONTINUE_NEEDED;
 686         GSSEAP_SM_TRANSITION_NEXT(ctx);
 687     } else if (ctx->flags & CTX_FLAG_EAP_FAIL) {
 688         major = GSS_S_DEFECTIVE_CREDENTIAL;
 689         *minor = GSSEAP_PEER_AUTH_FAILURE;
 690     } else {
 691         major = GSS_S_DEFECTIVE_TOKEN;
 692         *minor = GSSEAP_PEER_BAD_MESSAGE;
 693     }
 694
 695 cleanup:
 696     if (resp != NULL) {
 697         OM_uint32 tmpMajor;
 698         gss_buffer_desc respBuf;
 699
 700         GSSEAP_ASSERT(major == GSS_S_CONTINUE_NEEDED);
 701
 702         respBuf.length = wpabuf_len(resp);
 703         respBuf.value = (void *)wpabuf_head(resp);
 704
 705         tmpMajor = duplicateBuffer(&tmpMinor, &respBuf, outputToken);
 706         if (GSS_ERROR(tmpMajor)) {
 707             major = tmpMajor;
 708             *minor = tmpMinor;
 709         }
 710
 711         *smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL;
 712     }
 713
 714     wpabuf_set(&ctx->initiatorCtx.reqData, NULL, 0);
 715     peerConfigFree(&tmpMinor, ctx);
 716
 717     return major;
 718 }
 719
 720 static OM_uint32
 721 eapGssSmInitGssFlags(OM_uint32 *minor,
 722                      gss_cred_id_t cred GSSEAP_UNUSED,
 723                      gss_ctx_id_t ctx,
 724                      gss_name_t target GSSEAP_UNUSED,
 725                      gss_OID mech GSSEAP_UNUSED,
 726                      OM_uint32 reqFlags GSSEAP_UNUSED,
 727                      OM_uint32 timeReq GSSEAP_UNUSED,
 728                      gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 729                      gss_buffer_t inputToken GSSEAP_UNUSED,
 730                      gss_buffer_t outputToken,
 731                      OM_uint32 *smFlags GSSEAP_UNUSED)
 732 {
 733     unsigned char wireFlags[4];
 734     gss_buffer_desc flagsBuf;
 735
 736     store_uint32_be(ctx->gssFlags & GSSEAP_WIRE_FLAGS_MASK, wireFlags);
 737
 738     flagsBuf.length = sizeof(wireFlags);
 739     flagsBuf.value = wireFlags;
 740
 741     return duplicateBuffer(minor, &flagsBuf, outputToken);
 742 }
 743
 744 static OM_uint32
 745 eapGssSmInitGssChannelBindings(OM_uint32 *minor,
 746                                gss_cred_id_t cred GSSEAP_UNUSED,
 747                                gss_ctx_id_t ctx,
 748                                gss_name_t target GSSEAP_UNUSED,
 749                                gss_OID mech GSSEAP_UNUSED,
 750                                OM_uint32 reqFlags GSSEAP_UNUSED,
 751                                OM_uint32 timeReq GSSEAP_UNUSED,
 752                                gss_channel_bindings_t chanBindings,
 753                                gss_buffer_t inputToken GSSEAP_UNUSED,
 754                                gss_buffer_t outputToken,
 755                                OM_uint32 *smFlags)
 756 {
 757     OM_uint32 major;
 758     gss_buffer_desc buffer = GSS_C_EMPTY_BUFFER;
 759
 760     if (chanBindings != GSS_C_NO_CHANNEL_BINDINGS)
 761         buffer = chanBindings->application_data;
 762
 763     major = gssEapWrap(minor, ctx, TRUE, GSS_C_QOP_DEFAULT,
 764                        &buffer, NULL, outputToken);
 765     if (GSS_ERROR(major))
 766         return major;
 767
 768     GSSEAP_ASSERT(outputToken->value != NULL);
 769
 770     *minor = 0;
 771     *smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL;
 772
 773     return GSS_S_CONTINUE_NEEDED;
 774 }
 775
 776 static OM_uint32
 777 eapGssSmInitInitiatorMIC(OM_uint32 *minor,
 778                          gss_cred_id_t cred GSSEAP_UNUSED,
 779                          gss_ctx_id_t ctx,
 780                          gss_name_t target GSSEAP_UNUSED,
 781                          gss_OID mech GSSEAP_UNUSED,
 782                          OM_uint32 reqFlags GSSEAP_UNUSED,
 783                          OM_uint32 timeReq GSSEAP_UNUSED,
 784                          gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 785                          gss_buffer_t inputToken GSSEAP_UNUSED,
 786                          gss_buffer_t outputToken,
 787                          OM_uint32 *smFlags)
 788 {
 789     OM_uint32 major;
 790
 791     major = gssEapMakeTokenMIC(minor, ctx, outputToken);
 792     if (GSS_ERROR(major))
 793         return major;
 794
 795     GSSEAP_SM_TRANSITION_NEXT(ctx);
 796
 797     *minor = 0;
 798     *smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL;
 799
 800     return GSS_S_CONTINUE_NEEDED;
 801 }
 802
 803 #ifdef GSSEAP_ENABLE_REAUTH
 804 static OM_uint32
 805 eapGssSmInitReauthCreds(OM_uint32 *minor,
 806                         gss_cred_id_t cred,
 807                         gss_ctx_id_t ctx,
 808                         gss_name_t target GSSEAP_UNUSED,
 809                         gss_OID mech GSSEAP_UNUSED,
 810                         OM_uint32 reqFlags GSSEAP_UNUSED,
 811                         OM_uint32 timeReq GSSEAP_UNUSED,
 812                         gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 813                         gss_buffer_t inputToken,
 814                         gss_buffer_t outputToken GSSEAP_UNUSED,
 815                         OM_uint32 *smFlags GSSEAP_UNUSED)
 816 {
 817     OM_uint32 major;
 818
 819     if (ctx->gssFlags & GSS_C_MUTUAL_FLAG) {
 820         major = gssEapStoreReauthCreds(minor, ctx, cred, inputToken);
 821         if (GSS_ERROR(major))
 822             return major;
 823     }
 824
 825     *minor = 0;
 826     return GSS_S_CONTINUE_NEEDED;
 827 }
 828 #endif /* GSSEAP_ENABLE_REAUTH */
 829
 830 static OM_uint32
 831 eapGssSmInitAcceptorMIC(OM_uint32 *minor,
 832                         gss_cred_id_t cred GSSEAP_UNUSED,
 833                         gss_ctx_id_t ctx,
 834                         gss_name_t target GSSEAP_UNUSED,
 835                         gss_OID mech GSSEAP_UNUSED,
 836                         OM_uint32 reqFlags GSSEAP_UNUSED,
 837                         OM_uint32 timeReq GSSEAP_UNUSED,
 838                         gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 839                         gss_buffer_t inputToken,
 840                         gss_buffer_t outputToken GSSEAP_UNUSED,
 841                         OM_uint32 *smFlags GSSEAP_UNUSED)
 842 {
 843     OM_uint32 major;
 844
 845     major = gssEapVerifyTokenMIC(minor, ctx, inputToken);
 846     if (GSS_ERROR(major))
 847         return major;
 848
 849     GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_ESTABLISHED);
 850
 851     *minor = 0;
 852
 853     return GSS_S_COMPLETE;
 854 }
 855
 856 static struct gss_eap_sm eapGssInitiatorSm[] = {
 857     {
 858         ITOK_TYPE_CONTEXT_ERR,
 859         ITOK_TYPE_NONE,
 860         GSSEAP_STATE_ALL & ~(GSSEAP_STATE_INITIAL),
 861         0,
 862         eapGssSmInitError
 863     },
 864     {
 865         ITOK_TYPE_ACCEPTOR_NAME_RESP,
 866         ITOK_TYPE_ACCEPTOR_NAME_REQ,
 867         GSSEAP_STATE_INITIAL | GSSEAP_STATE_AUTHENTICATE,
 868         0,
 869         eapGssSmInitAcceptorName
 870     },
 871 #ifdef GSSEAP_DEBUG
 872     {
 873         ITOK_TYPE_NONE,
 874         ITOK_TYPE_VENDOR_INFO,
 875         GSSEAP_STATE_INITIAL,
 876         0,
 877         eapGssSmInitVendorInfo
 878     },
 879 #endif
 880 #ifdef GSSEAP_ENABLE_REAUTH
 881     {
 882         ITOK_TYPE_REAUTH_RESP,
 883         ITOK_TYPE_REAUTH_REQ,
 884         GSSEAP_STATE_INITIAL | GSSEAP_STATE_REAUTHENTICATE,
 885         0,
 886         eapGssSmInitGssReauth
 887     },
 888 #endif
 889     {
 890         ITOK_TYPE_NONE,
 891         ITOK_TYPE_NONE,
 892 #ifdef GSSEAP_ENABLE_REAUTH
 893         GSSEAP_STATE_REAUTHENTICATE |
 894 #endif
 895         GSSEAP_STATE_INITIAL,
 896         SM_ITOK_FLAG_REQUIRED,
 897         eapGssSmInitIdentity
 898     },
 899     {
 900         ITOK_TYPE_EAP_REQ,
 901         ITOK_TYPE_EAP_RESP,
 902         GSSEAP_STATE_AUTHENTICATE,
 903         SM_ITOK_FLAG_REQUIRED,
 904         eapGssSmInitAuthenticate
 905     },
 906     {
 907         ITOK_TYPE_NONE,
 908         ITOK_TYPE_GSS_FLAGS,
 909         GSSEAP_STATE_INITIATOR_EXTS,
 910         0,
 911         eapGssSmInitGssFlags
 912     },
 913     {
 914         ITOK_TYPE_NONE,
 915         ITOK_TYPE_GSS_CHANNEL_BINDINGS,
 916         GSSEAP_STATE_INITIATOR_EXTS,
 917         SM_ITOK_FLAG_REQUIRED,
 918         eapGssSmInitGssChannelBindings
 919     },
 920     {
 921         ITOK_TYPE_NONE,
 922         ITOK_TYPE_INITIATOR_MIC,
 923         GSSEAP_STATE_INITIATOR_EXTS,
 924         SM_ITOK_FLAG_REQUIRED,
 925         eapGssSmInitInitiatorMIC
 926     },
 927 #ifdef GSSEAP_ENABLE_REAUTH
 928     {
 929         ITOK_TYPE_REAUTH_CREDS,
 930         ITOK_TYPE_NONE,
 931         GSSEAP_STATE_ACCEPTOR_EXTS,
 932         0,
 933         eapGssSmInitReauthCreds
 934     },
 935 #endif
 936     /* other extensions go here */
 937     {
 938         ITOK_TYPE_ACCEPTOR_MIC,
 939         ITOK_TYPE_NONE,
 940         GSSEAP_STATE_ACCEPTOR_EXTS,
 941         SM_ITOK_FLAG_REQUIRED,
 942         eapGssSmInitAcceptorMIC
 943     }
 944 };
 945
 946 OM_uint32
 947 gssEapInitSecContext(OM_uint32 *minor,
 948                      gss_cred_id_t cred,
 949                      gss_ctx_id_t ctx,
 950                      gss_name_t target_name,
 951                      gss_OID mech_type,
 952                      OM_uint32 req_flags,
 953                      OM_uint32 time_req,
 954                      gss_channel_bindings_t input_chan_bindings,
 955                      gss_buffer_t input_token,
 956                      gss_OID *actual_mech_type,
 957                      gss_buffer_t output_token,
 958                      OM_uint32 *ret_flags,
 959                      OM_uint32 *time_rec)
 960 {
 961     OM_uint32 major, tmpMinor;
 962     int initialContextToken = (ctx->mechanismUsed == GSS_C_NO_OID);
 963
 964     /*
 965      * XXX is acquiring the credential lock here necessary? The password is
 966      * mutable but the contract could specify that this is not updated whilst
 967      * a context is being initialized.
 968      */
 969     if (cred != GSS_C_NO_CREDENTIAL)
 970         GSSEAP_MUTEX_LOCK(&cred->mutex);
 971
 972     if (ctx->cred == GSS_C_NO_CREDENTIAL) {
 973         major = gssEapResolveInitiatorCred(minor, cred, target_name, &ctx->cred);
 974         if (GSS_ERROR(major))
 975             goto cleanup;
 976
 977         GSSEAP_ASSERT(ctx->cred != GSS_C_NO_CREDENTIAL);
 978     }
 979
 980     GSSEAP_MUTEX_LOCK(&ctx->cred->mutex);
 981
 982     GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_RESOLVED);
 983     GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_INITIATE);
 984
 985     if (initialContextToken) {
 986         major = initBegin(minor, ctx, target_name, mech_type,
 987                           req_flags, time_req, input_chan_bindings);
 988         if (GSS_ERROR(major))
 989             goto cleanup;
 990     }
 991
 992     major = gssEapSmStep(minor,
 993                          cred,
 994                          ctx,
 995                          target_name,
 996                          mech_type,
 997                          req_flags,
 998                          time_req,
 999                          input_chan_bindings,
1000                          input_token,
1001                          output_token,
1002                          eapGssInitiatorSm,
1003                          sizeof(eapGssInitiatorSm) / sizeof(eapGssInitiatorSm[0]));
1004     if (GSS_ERROR(major))
1005         goto cleanup;
1006
1007     if (actual_mech_type != NULL) {
1008         OM_uint32 tmpMajor;
1009
1010         tmpMajor = gssEapCanonicalizeOid(&tmpMinor, ctx->mechanismUsed, 0, actual_mech_type);
1011         if (GSS_ERROR(tmpMajor)) {
1012             major = tmpMajor;
1013             *minor = tmpMinor;
1014             goto cleanup;
1015         }
1016     }
1017     if (ret_flags != NULL)
1018         *ret_flags = ctx->gssFlags;
1019     if (time_rec != NULL)
1020         gssEapContextTime(&tmpMinor, ctx, time_rec);
1021
1022     GSSEAP_ASSERT(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
1023
1024 cleanup:
1025     if (cred != GSS_C_NO_CREDENTIAL)
1026         GSSEAP_MUTEX_UNLOCK(&cred->mutex);
1027     if (ctx->cred != GSS_C_NO_CREDENTIAL)
1028         GSSEAP_MUTEX_UNLOCK(&ctx->cred->mutex);
1029
1030     return major;
1031 }
1032
1033 OM_uint32 GSSAPI_CALLCONV
1034 gss_init_sec_context(OM_uint32 *minor,
1035                      gss_cred_id_t cred,
1036                      gss_ctx_id_t *context_handle,
1037                      gss_name_t target_name,
1038                      gss_OID mech_type,
1039                      OM_uint32 req_flags,
1040                      OM_uint32 time_req,
1041                      gss_channel_bindings_t input_chan_bindings,
1042                      gss_buffer_t input_token,
1043                      gss_OID *actual_mech_type,
1044                      gss_buffer_t output_token,
1045                      OM_uint32 *ret_flags,
1046                      OM_uint32 *time_rec)
1047 {
1048     OM_uint32 major, tmpMinor;
1049     gss_ctx_id_t ctx = *context_handle;
1050
1051     *minor = 0;
1052
1053     output_token->length = 0;
1054     output_token->value = NULL;
1055
1056     if (ctx == GSS_C_NO_CONTEXT) {
1057         if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) {
1058             *minor = GSSEAP_WRONG_SIZE;
1059             return GSS_S_DEFECTIVE_TOKEN;
1060         }
1061
1062         major = gssEapAllocContext(minor, &ctx);
1063         if (GSS_ERROR(major))
1064             return major;
1065
1066         ctx->flags |= CTX_FLAG_INITIATOR;
1067
1068         *context_handle = ctx;
1069     }
1070
1071     GSSEAP_MUTEX_LOCK(&ctx->mutex);
1072
1073     major = gssEapInitSecContext(minor,
1074                                  cred,
1075                                  ctx,
1076                                  target_name,
1077                                  mech_type,
1078                                  req_flags,
1079                                  time_req,
1080                                  input_chan_bindings,
1081                                  input_token,
1082                                  actual_mech_type,
1083                                  output_token,
1084                                  ret_flags,
1085                                  time_rec);
1086
1087     GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
1088
1089     if (GSS_ERROR(major))
1090         gssEapReleaseContext(&tmpMinor, context_handle);
1091
1092     return major;
1093 }