www.project-moonshot.org Git - mech_eap.orig/blob - mech_eap/init_sec_context.c

   1 /*
   2  * Copyright (c) 2011, JANET(UK)
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  *
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  *
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in the
  14  *    documentation and/or other materials provided with the distribution.
  15  *
  16  * 3. Neither the name of JANET(UK) nor the names of its contributors
  17  *    may be used to endorse or promote products derived from this software
  18  *    without specific prior written permission.
  19  *
  20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  21  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  23  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
  24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  30  * SUCH DAMAGE.
  31  */
  32
  33 /*
  34  * Establish a security context on the initiator (client). These functions
  35  * wrap around libeap.
  36  */
  37
  38 #include "gssapiP_eap.h"
  39
  40 static OM_uint32
  41 policyVariableToFlag(enum eapol_bool_var variable)
  42 {
  43     OM_uint32 flag = 0;
  44
  45     switch (variable) {
  46     case EAPOL_eapSuccess:
  47         flag = CTX_FLAG_EAP_SUCCESS;
  48         break;
  49     case EAPOL_eapRestart:
  50         flag = CTX_FLAG_EAP_RESTART;
  51         break;
  52     case EAPOL_eapFail:
  53         flag = CTX_FLAG_EAP_FAIL;
  54         break;
  55     case EAPOL_eapResp:
  56         flag = CTX_FLAG_EAP_RESP;
  57         break;
  58     case EAPOL_eapNoResp:
  59         flag = CTX_FLAG_EAP_NO_RESP;
  60         break;
  61     case EAPOL_eapReq:
  62         flag = CTX_FLAG_EAP_REQ;
  63         break;
  64     case EAPOL_portEnabled:
  65         flag = CTX_FLAG_EAP_PORT_ENABLED;
  66         break;
  67     case EAPOL_altAccept:
  68         flag = CTX_FLAG_EAP_ALT_ACCEPT;
  69         break;
  70     case EAPOL_altReject:
  71         flag = CTX_FLAG_EAP_ALT_REJECT;
  72         break;
  73     }
  74
  75     return flag;
  76 }
  77
  78 static struct eap_peer_config *
  79 peerGetConfig(void *ctx)
  80 {
  81     gss_ctx_id_t gssCtx = (gss_ctx_id_t)ctx;
  82
  83     return &gssCtx->initiatorCtx.eapPeerConfig;
  84 }
  85
  86 static Boolean
  87 peerGetBool(void *data, enum eapol_bool_var variable)
  88 {
  89     gss_ctx_id_t ctx = data;
  90     OM_uint32 flag;
  91
  92     if (ctx == GSS_C_NO_CONTEXT)
  93         return FALSE;
  94
  95     flag = policyVariableToFlag(variable);
  96
  97     return ((ctx->flags & flag) != 0);
  98 }
  99
 100 static void
 101 peerSetBool(void *data, enum eapol_bool_var variable,
 102             Boolean value)
 103 {
 104     gss_ctx_id_t ctx = data;
 105     OM_uint32 flag;
 106
 107     if (ctx == GSS_C_NO_CONTEXT)
 108         return;
 109
 110     flag = policyVariableToFlag(variable);
 111
 112     if (value)
 113         ctx->flags |= flag;
 114     else
 115         ctx->flags &= ~(flag);
 116 }
 117
 118 static unsigned int
 119 peerGetInt(void *data, enum eapol_int_var variable)
 120 {
 121     gss_ctx_id_t ctx = data;
 122
 123     if (ctx == GSS_C_NO_CONTEXT)
 124         return FALSE;
 125
 126     GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx));
 127
 128     switch (variable) {
 129     case EAPOL_idleWhile:
 130         return ctx->initiatorCtx.idleWhile;
 131         break;
 132     }
 133
 134     return 0;
 135 }
 136
 137 static void
 138 peerSetInt(void *data, enum eapol_int_var variable,
 139            unsigned int value)
 140 {
 141     gss_ctx_id_t ctx = data;
 142
 143     if (ctx == GSS_C_NO_CONTEXT)
 144         return;
 145
 146     GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx));
 147
 148     switch (variable) {
 149     case EAPOL_idleWhile:
 150         ctx->initiatorCtx.idleWhile = value;
 151         break;
 152     }
 153 }
 154
 155 static struct wpabuf *
 156 peerGetEapReqData(void *ctx)
 157 {
 158     gss_ctx_id_t gssCtx = (gss_ctx_id_t)ctx;
 159
 160     return &gssCtx->initiatorCtx.reqData;
 161 }
 162
 163 static void
 164 peerSetConfigBlob(void *ctx GSSEAP_UNUSED,
 165                   struct wpa_config_blob *blob GSSEAP_UNUSED)
 166 {
 167 }
 168
 169 static const struct wpa_config_blob *
 170 peerGetConfigBlob(void *ctx GSSEAP_UNUSED,
 171                   const char *name GSSEAP_UNUSED)
 172 {
 173     return NULL;
 174 }
 175
 176 static void
 177 peerNotifyPending(void *ctx GSSEAP_UNUSED)
 178 {
 179 }
 180
 181 static struct eapol_callbacks gssEapPolicyCallbacks = {
 182     peerGetConfig,
 183     peerGetBool,
 184     peerSetBool,
 185     peerGetInt,
 186     peerSetInt,
 187     peerGetEapReqData,
 188     peerSetConfigBlob,
 189     peerGetConfigBlob,
 190     peerNotifyPending,
 191 };
 192
 193 #ifdef GSSEAP_DEBUG
 194 extern int wpa_debug_level;
 195 #endif
 196
 197 static OM_uint32
 198 peerConfigInit(OM_uint32 *minor, gss_ctx_id_t ctx)
 199 {
 200     OM_uint32 major;
 201     krb5_context krbContext;
 202     struct eap_peer_config *eapPeerConfig = &ctx->initiatorCtx.eapPeerConfig;
 203     gss_buffer_desc identity = GSS_C_EMPTY_BUFFER;
 204     gss_buffer_desc realm = GSS_C_EMPTY_BUFFER;
 205     gss_cred_id_t cred = ctx->cred;
 206
 207     eapPeerConfig->identity = NULL;
 208     eapPeerConfig->identity_len = 0;
 209     eapPeerConfig->anonymous_identity = NULL;
 210     eapPeerConfig->anonymous_identity_len = 0;
 211     eapPeerConfig->password = NULL;
 212     eapPeerConfig->password_len = 0;
 213
 214     GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
 215
 216     GSSEAP_KRB_INIT(&krbContext);
 217
 218     eapPeerConfig->fragment_size = 1024;
 219 #ifdef GSSEAP_DEBUG
 220     wpa_debug_level = 0;
 221 #endif
 222
 223     GSSEAP_ASSERT(cred->name != GSS_C_NO_NAME);
 224
 225     if ((cred->name->flags & (NAME_FLAG_NAI | NAME_FLAG_SERVICE)) == 0) {
 226         *minor = GSSEAP_BAD_INITIATOR_NAME;
 227         return GSS_S_BAD_NAME;
 228     }
 229
 230     /* identity */
 231     major = gssEapDisplayName(minor, cred->name, &identity, NULL);
 232     if (GSS_ERROR(major))
 233         return major;
 234
 235     eapPeerConfig->identity = (unsigned char *)identity.value;
 236     eapPeerConfig->identity_len = identity.length;
 237
 238     krbPrincRealmToGssBuffer(cred->name->krbPrincipal, &realm);
 239
 240     /* anonymous_identity */
 241     eapPeerConfig->anonymous_identity = GSSEAP_MALLOC(realm.length + 2);
 242     if (eapPeerConfig->anonymous_identity == NULL) {
 243         *minor = ENOMEM;
 244         return GSS_S_FAILURE;
 245     }
 246
 247     eapPeerConfig->anonymous_identity[0] = '@';
 248     memcpy(eapPeerConfig->anonymous_identity + 1, realm.value, realm.length);
 249     eapPeerConfig->anonymous_identity[1 + realm.length] = '\0';
 250     eapPeerConfig->anonymous_identity_len = 1 + realm.length;
 251
 252     /* password */
 253     eapPeerConfig->password = (unsigned char *)cred->password.value;
 254     eapPeerConfig->password_len = cred->password.length;
 255
 256     /* certs */
 257     eapPeerConfig->ca_cert = (unsigned char *)cred->caCertificate.value;
 258     eapPeerConfig->subject_match = (unsigned char *)cred->subjectNameConstraint.value;
 259     eapPeerConfig->altsubject_match = (unsigned char *)cred->subjectAltNameConstraint.value;
 260
 261     *minor = 0;
 262     return GSS_S_COMPLETE;
 263 }
 264
 265 static OM_uint32
 266 peerConfigFree(OM_uint32 *minor,
 267                gss_ctx_id_t ctx)
 268 {
 269     struct eap_peer_config *eapPeerConfig = &ctx->initiatorCtx.eapPeerConfig;
 270
 271     if (eapPeerConfig->identity != NULL) {
 272         GSSEAP_FREE(eapPeerConfig->identity);
 273         eapPeerConfig->identity = NULL;
 274         eapPeerConfig->identity_len = 0;
 275     }
 276
 277     if (eapPeerConfig->anonymous_identity != NULL) {
 278         GSSEAP_FREE(eapPeerConfig->anonymous_identity);
 279         eapPeerConfig->anonymous_identity = NULL;
 280         eapPeerConfig->anonymous_identity_len = 0;
 281     }
 282
 283     *minor = 0;
 284     return GSS_S_COMPLETE;
 285 }
 286
 287 /*
 288  * Mark an initiator context as ready for cryptographic operations
 289  */
 290 static OM_uint32
 291 initReady(OM_uint32 *minor, gss_ctx_id_t ctx, OM_uint32 reqFlags)
 292 {
 293     OM_uint32 major;
 294     const unsigned char *key;
 295     size_t keyLength;
 296
 297 #if 1
 298     /* XXX actually check for mutual auth */
 299     if (reqFlags & GSS_C_MUTUAL_FLAG)
 300         ctx->gssFlags |= GSS_C_MUTUAL_FLAG;
 301 #endif
 302
 303     /* Cache encryption type derived from selected mechanism OID */
 304     major = gssEapOidToEnctype(minor, ctx->mechanismUsed, &ctx->encryptionType);
 305     if (GSS_ERROR(major))
 306         return major;
 307
 308     if (!eap_key_available(ctx->initiatorCtx.eap)) {
 309         *minor = GSSEAP_KEY_UNAVAILABLE;
 310         return GSS_S_UNAVAILABLE;
 311     }
 312
 313     key = eap_get_eapKeyData(ctx->initiatorCtx.eap, &keyLength);
 314
 315     if (keyLength < EAP_EMSK_LEN) {
 316         *minor = GSSEAP_KEY_TOO_SHORT;
 317         return GSS_S_UNAVAILABLE;
 318     }
 319
 320     major = gssEapDeriveRfc3961Key(minor,
 321                                    &key[EAP_EMSK_LEN / 2],
 322                                    EAP_EMSK_LEN / 2,
 323                                    ctx->encryptionType,
 324                                    &ctx->rfc3961Key);
 325        if (GSS_ERROR(major))
 326            return major;
 327
 328     major = rfc3961ChecksumTypeForKey(minor, &ctx->rfc3961Key,
 329                                       &ctx->checksumType);
 330     if (GSS_ERROR(major))
 331         return major;
 332
 333     major = sequenceInit(minor,
 334                          &ctx->seqState,
 335                          ctx->recvSeq,
 336                          ((ctx->gssFlags & GSS_C_REPLAY_FLAG) != 0),
 337                          ((ctx->gssFlags & GSS_C_SEQUENCE_FLAG) != 0),
 338                          TRUE);
 339     if (GSS_ERROR(major))
 340         return major;
 341
 342     *minor = 0;
 343     return GSS_S_COMPLETE;
 344 }
 345
 346 static OM_uint32
 347 initBegin(OM_uint32 *minor,
 348           gss_ctx_id_t ctx,
 349           gss_name_t target,
 350           gss_OID mech,
 351           OM_uint32 reqFlags GSSEAP_UNUSED,
 352           OM_uint32 timeReq,
 353           gss_channel_bindings_t chanBindings GSSEAP_UNUSED)
 354 {
 355     OM_uint32 major;
 356     gss_cred_id_t cred = ctx->cred;
 357
 358     GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
 359
 360     if (cred->expiryTime)
 361         ctx->expiryTime = cred->expiryTime;
 362     else if (timeReq == 0 || timeReq == GSS_C_INDEFINITE)
 363         ctx->expiryTime = 0;
 364     else
 365         ctx->expiryTime = time(NULL) + timeReq;
 366
 367     /*
 368      * The credential mutex protects its name, however we need to
 369      * explicitly lock the acceptor name (unlikely as it may be
 370      * that it has attributes set on it).
 371      */
 372     major = gssEapDuplicateName(minor, cred->name, &ctx->initiatorName);
 373     if (GSS_ERROR(major))
 374         return major;
 375
 376     if (target != GSS_C_NO_NAME) {
 377         GSSEAP_MUTEX_LOCK(&target->mutex);
 378
 379         major = gssEapDuplicateName(minor, target, &ctx->acceptorName);
 380         if (GSS_ERROR(major)) {
 381             GSSEAP_MUTEX_UNLOCK(&target->mutex);
 382             return major;
 383         }
 384
 385         GSSEAP_MUTEX_UNLOCK(&target->mutex);
 386     }
 387
 388     major = gssEapCanonicalizeOid(minor,
 389                                   mech,
 390                                   OID_FLAG_NULL_VALID | OID_FLAG_MAP_NULL_TO_DEFAULT_MECH,
 391                                   &ctx->mechanismUsed);
 392     if (GSS_ERROR(major))
 393         return major;
 394
 395     /* If credentials were provided, check they're usable with this mech */
 396     if (!gssEapCredAvailable(cred, ctx->mechanismUsed)) {
 397         *minor = GSSEAP_CRED_MECH_MISMATCH;
 398         return GSS_S_BAD_MECH;
 399     }
 400
 401     *minor = 0;
 402     return GSS_S_COMPLETE;
 403 }
 404
 405 static OM_uint32
 406 eapGssSmInitError(OM_uint32 *minor,
 407                   gss_cred_id_t cred GSSEAP_UNUSED,
 408                   gss_ctx_id_t ctx GSSEAP_UNUSED,
 409                   gss_name_t target GSSEAP_UNUSED,
 410                   gss_OID mech GSSEAP_UNUSED,
 411                   OM_uint32 reqFlags GSSEAP_UNUSED,
 412                   OM_uint32 timeReq GSSEAP_UNUSED,
 413                   gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 414                   gss_buffer_t inputToken,
 415                   gss_buffer_t outputToken GSSEAP_UNUSED,
 416                   OM_uint32 *smFlags GSSEAP_UNUSED)
 417 {
 418     OM_uint32 major;
 419     unsigned char *p;
 420
 421     if (inputToken->length < 8) {
 422         *minor = GSSEAP_TOK_TRUNC;
 423         return GSS_S_DEFECTIVE_TOKEN;
 424     }
 425
 426     p = (unsigned char *)inputToken->value;
 427
 428     major = load_uint32_be(&p[0]);
 429     *minor = ERROR_TABLE_BASE_eapg + load_uint32_be(&p[4]);
 430
 431     if (!GSS_ERROR(major) || !IS_WIRE_ERROR(*minor)) {
 432         major = GSS_S_FAILURE;
 433         *minor = GSSEAP_BAD_ERROR_TOKEN;
 434     }
 435
 436     GSSEAP_ASSERT(GSS_ERROR(major));
 437
 438     return major;
 439 }
 440
 441 #ifdef GSSEAP_ENABLE_REAUTH
 442 static OM_uint32
 443 eapGssSmInitGssReauth(OM_uint32 *minor,
 444                       gss_cred_id_t cred,
 445                       gss_ctx_id_t ctx,
 446                       gss_name_t target,
 447                       gss_OID mech GSSEAP_UNUSED,
 448                       OM_uint32 reqFlags,
 449                       OM_uint32 timeReq,
 450                       gss_channel_bindings_t chanBindings,
 451                       gss_buffer_t inputToken,
 452                       gss_buffer_t outputToken,
 453                       OM_uint32 *smFlags GSSEAP_UNUSED)
 454 {
 455     OM_uint32 major, tmpMinor;
 456     gss_name_t mechTarget = GSS_C_NO_NAME;
 457     gss_OID actualMech = GSS_C_NO_OID;
 458     OM_uint32 gssFlags, timeRec;
 459
 460     /*
 461      * Here we use the passed in credential handle because the resolved
 462      * context credential does not currently have the reauth creds.
 463      */
 464     if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIAL) {
 465         if (!gssEapCanReauthP(cred, target, timeReq))
 466             return GSS_S_CONTINUE_NEEDED;
 467
 468         ctx->flags |= CTX_FLAG_KRB_REAUTH;
 469     } else if ((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0) {
 470         major = GSS_S_DEFECTIVE_TOKEN;
 471         *minor = GSSEAP_WRONG_ITOK;
 472         goto cleanup;
 473     }
 474
 475     GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
 476
 477     major = gssEapMechToGlueName(minor, target, &mechTarget);
 478     if (GSS_ERROR(major))
 479         goto cleanup;
 480
 481     major = gssInitSecContext(minor,
 482                               cred->reauthCred,
 483                               &ctx->reauthCtx,
 484                               mechTarget,
 485                               (gss_OID)gss_mech_krb5,
 486                               reqFlags | GSS_C_MUTUAL_FLAG,
 487                               timeReq,
 488                               chanBindings,
 489                               inputToken,
 490                               &actualMech,
 491                               outputToken,
 492                               &gssFlags,
 493                               &timeRec);
 494     if (GSS_ERROR(major))
 495         goto cleanup;
 496
 497     ctx->gssFlags = gssFlags;
 498
 499     if (major == GSS_S_COMPLETE) {
 500         GSSEAP_ASSERT(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE);
 501
 502         major = gssEapReauthComplete(minor, ctx, cred, actualMech, timeRec);
 503         if (GSS_ERROR(major))
 504             goto cleanup;
 505         GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_ESTABLISHED);
 506     } else {
 507         GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_REAUTHENTICATE);
 508     }
 509
 510 cleanup:
 511     gssReleaseName(&tmpMinor, &mechTarget);
 512
 513     return major;
 514 }
 515 #endif /* GSSEAP_ENABLE_REAUTH */
 516
 517 #ifdef GSSEAP_DEBUG
 518 static OM_uint32
 519 eapGssSmInitVendorInfo(OM_uint32 *minor,
 520                        gss_cred_id_t cred GSSEAP_UNUSED,
 521                        gss_ctx_id_t ctx GSSEAP_UNUSED,
 522                        gss_name_t target GSSEAP_UNUSED,
 523                        gss_OID mech GSSEAP_UNUSED,
 524                        OM_uint32 reqFlags GSSEAP_UNUSED,
 525                        OM_uint32 timeReq GSSEAP_UNUSED,
 526                        gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 527                        gss_buffer_t inputToken GSSEAP_UNUSED,
 528                        gss_buffer_t outputToken,
 529                        OM_uint32 *smFlags GSSEAP_UNUSED)
 530 {
 531     OM_uint32 major;
 532
 533     major = makeStringBuffer(minor, "JANET(UK)", outputToken);
 534     if (GSS_ERROR(major))
 535         return major;
 536
 537     return GSS_S_CONTINUE_NEEDED;
 538 }
 539 #endif
 540
 541 static OM_uint32
 542 eapGssSmInitAcceptorName(OM_uint32 *minor,
 543                          gss_cred_id_t cred GSSEAP_UNUSED,
 544                          gss_ctx_id_t ctx,
 545                          gss_name_t target GSSEAP_UNUSED,
 546                          gss_OID mech GSSEAP_UNUSED,
 547                          OM_uint32 reqFlags GSSEAP_UNUSED,
 548                          OM_uint32 timeReq GSSEAP_UNUSED,
 549                          gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 550                          gss_buffer_t inputToken GSSEAP_UNUSED,
 551                          gss_buffer_t outputToken,
 552                          OM_uint32 *smFlags GSSEAP_UNUSED)
 553 {
 554     OM_uint32 major;
 555
 556     if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIAL &&
 557         ctx->acceptorName != GSS_C_NO_NAME) {
 558
 559         /* Send desired target name to acceptor */
 560         major = gssEapDisplayName(minor, ctx->acceptorName,
 561                                   outputToken, NULL);
 562         if (GSS_ERROR(major))
 563             return major;
 564     } else if (inputToken != GSS_C_NO_BUFFER &&
 565                ctx->acceptorName == GSS_C_NO_NAME) {
 566         /* Accept target name hint from acceptor */
 567         major = gssEapImportName(minor, inputToken,
 568                                  GSS_C_NT_USER_NAME,
 569                                  ctx->mechanismUsed,
 570                                  &ctx->acceptorName);
 571         if (GSS_ERROR(major))
 572             return major;
 573     }
 574
 575     /*
 576      * Currently, other parts of the code assume that the acceptor name
 577      * is available, hence this check.
 578      */
 579     if (ctx->acceptorName == GSS_C_NO_NAME) {
 580         *minor = GSSEAP_NO_ACCEPTOR_NAME;
 581         return GSS_S_FAILURE;
 582     }
 583
 584     return GSS_S_CONTINUE_NEEDED;
 585 }
 586
 587 static OM_uint32
 588 eapGssSmInitIdentity(OM_uint32 *minor,
 589                      gss_cred_id_t cred GSSEAP_UNUSED,
 590                      gss_ctx_id_t ctx,
 591                      gss_name_t target GSSEAP_UNUSED,
 592                      gss_OID mech GSSEAP_UNUSED,
 593                      OM_uint32 reqFlags GSSEAP_UNUSED,
 594                      OM_uint32 timeReq GSSEAP_UNUSED,
 595                      gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 596                      gss_buffer_t inputToken GSSEAP_UNUSED,
 597                      gss_buffer_t outputToken GSSEAP_UNUSED,
 598                      OM_uint32 *smFlags)
 599 {
 600     struct eap_config eapConfig;
 601
 602 #ifdef GSSEAP_ENABLE_REAUTH
 603     if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE) {
 604         OM_uint32 tmpMinor;
 605
 606         /* server didn't support reauthentication, sent EAP request */
 607         gssDeleteSecContext(&tmpMinor, &ctx->reauthCtx, GSS_C_NO_BUFFER);
 608         ctx->flags &= ~(CTX_FLAG_KRB_REAUTH);
 609         GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_INITIAL);
 610     } else
 611 #endif
 612         *smFlags |= SM_FLAG_FORCE_SEND_TOKEN;
 613
 614     GSSEAP_ASSERT((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
 615     GSSEAP_ASSERT(inputToken == GSS_C_NO_BUFFER);
 616
 617     memset(&eapConfig, 0, sizeof(eapConfig));
 618
 619     ctx->initiatorCtx.eap = eap_peer_sm_init(ctx,
 620                                              &gssEapPolicyCallbacks,
 621                                              ctx,
 622                                              &eapConfig);
 623     if (ctx->initiatorCtx.eap == NULL) {
 624         *minor = GSSEAP_PEER_SM_INIT_FAILURE;
 625         return GSS_S_FAILURE;
 626     }
 627
 628     ctx->flags |= CTX_FLAG_EAP_RESTART | CTX_FLAG_EAP_PORT_ENABLED;
 629
 630     /* poke EAP state machine */
 631     if (eap_peer_sm_step(ctx->initiatorCtx.eap) != 0) {
 632         *minor = GSSEAP_PEER_SM_STEP_FAILURE;
 633         return GSS_S_FAILURE;
 634     }
 635
 636     GSSEAP_SM_TRANSITION_NEXT(ctx);
 637
 638     *minor = 0;
 639
 640     return GSS_S_CONTINUE_NEEDED;
 641 }
 642
 643 static OM_uint32
 644 eapGssSmInitAuthenticate(OM_uint32 *minor,
 645                          gss_cred_id_t cred GSSEAP_UNUSED,
 646                          gss_ctx_id_t ctx,
 647                          gss_name_t target GSSEAP_UNUSED,
 648                          gss_OID mech GSSEAP_UNUSED,
 649                          OM_uint32 reqFlags GSSEAP_UNUSED,
 650                          OM_uint32 timeReq GSSEAP_UNUSED,
 651                          gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 652                          gss_buffer_t inputToken GSSEAP_UNUSED,
 653                          gss_buffer_t outputToken,
 654                          OM_uint32 *smFlags)
 655 {
 656     OM_uint32 major;
 657     OM_uint32 tmpMinor;
 658     struct wpabuf *resp = NULL;
 659
 660     *minor = 0;
 661
 662     GSSEAP_ASSERT(inputToken != GSS_C_NO_BUFFER);
 663
 664     major = peerConfigInit(minor, ctx);
 665     if (GSS_ERROR(major))
 666         goto cleanup;
 667
 668     GSSEAP_ASSERT(ctx->initiatorCtx.eap != NULL);
 669     GSSEAP_ASSERT(ctx->flags & CTX_FLAG_EAP_PORT_ENABLED);
 670
 671     ctx->flags |= CTX_FLAG_EAP_REQ; /* we have a Request from the acceptor */
 672
 673     wpabuf_set(&ctx->initiatorCtx.reqData,
 674                inputToken->value, inputToken->length);
 675
 676     major = GSS_S_CONTINUE_NEEDED;
 677
 678     eap_peer_sm_step(ctx->initiatorCtx.eap);
 679     if (ctx->flags & CTX_FLAG_EAP_RESP) {
 680         ctx->flags &= ~(CTX_FLAG_EAP_RESP);
 681
 682         resp = eap_get_eapRespData(ctx->initiatorCtx.eap);
 683     } else if (ctx->flags & CTX_FLAG_EAP_SUCCESS) {
 684         major = initReady(minor, ctx, reqFlags);
 685         if (GSS_ERROR(major))
 686             goto cleanup;
 687
 688         ctx->flags &= ~(CTX_FLAG_EAP_SUCCESS);
 689         major = GSS_S_CONTINUE_NEEDED;
 690         GSSEAP_SM_TRANSITION_NEXT(ctx);
 691     } else if (ctx->flags & CTX_FLAG_EAP_FAIL) {
 692         major = GSS_S_DEFECTIVE_CREDENTIAL;
 693         *minor = GSSEAP_PEER_AUTH_FAILURE;
 694     } else {
 695         major = GSS_S_DEFECTIVE_TOKEN;
 696         *minor = GSSEAP_PEER_BAD_MESSAGE;
 697     }
 698
 699 cleanup:
 700     if (resp != NULL) {
 701         OM_uint32 tmpMajor;
 702         gss_buffer_desc respBuf;
 703
 704         GSSEAP_ASSERT(major == GSS_S_CONTINUE_NEEDED);
 705
 706         respBuf.length = wpabuf_len(resp);
 707         respBuf.value = (void *)wpabuf_head(resp);
 708
 709         tmpMajor = duplicateBuffer(&tmpMinor, &respBuf, outputToken);
 710         if (GSS_ERROR(tmpMajor)) {
 711             major = tmpMajor;
 712             *minor = tmpMinor;
 713         }
 714
 715         *smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL;
 716     }
 717
 718     wpabuf_set(&ctx->initiatorCtx.reqData, NULL, 0);
 719     peerConfigFree(&tmpMinor, ctx);
 720
 721     return major;
 722 }
 723
 724 static OM_uint32
 725 eapGssSmInitGssFlags(OM_uint32 *minor,
 726                      gss_cred_id_t cred GSSEAP_UNUSED,
 727                      gss_ctx_id_t ctx,
 728                      gss_name_t target GSSEAP_UNUSED,
 729                      gss_OID mech GSSEAP_UNUSED,
 730                      OM_uint32 reqFlags GSSEAP_UNUSED,
 731                      OM_uint32 timeReq GSSEAP_UNUSED,
 732                      gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 733                      gss_buffer_t inputToken GSSEAP_UNUSED,
 734                      gss_buffer_t outputToken,
 735                      OM_uint32 *smFlags GSSEAP_UNUSED)
 736 {
 737     unsigned char wireFlags[4];
 738     gss_buffer_desc flagsBuf;
 739
 740     store_uint32_be(ctx->gssFlags & GSSEAP_WIRE_FLAGS_MASK, wireFlags);
 741
 742     flagsBuf.length = sizeof(wireFlags);
 743     flagsBuf.value = wireFlags;
 744
 745     return duplicateBuffer(minor, &flagsBuf, outputToken);
 746 }
 747
 748 static OM_uint32
 749 eapGssSmInitGssChannelBindings(OM_uint32 *minor,
 750                                gss_cred_id_t cred GSSEAP_UNUSED,
 751                                gss_ctx_id_t ctx,
 752                                gss_name_t target GSSEAP_UNUSED,
 753                                gss_OID mech GSSEAP_UNUSED,
 754                                OM_uint32 reqFlags GSSEAP_UNUSED,
 755                                OM_uint32 timeReq GSSEAP_UNUSED,
 756                                gss_channel_bindings_t chanBindings,
 757                                gss_buffer_t inputToken GSSEAP_UNUSED,
 758                                gss_buffer_t outputToken,
 759                                OM_uint32 *smFlags)
 760 {
 761     OM_uint32 major;
 762     gss_buffer_desc buffer = GSS_C_EMPTY_BUFFER;
 763
 764     if (chanBindings != GSS_C_NO_CHANNEL_BINDINGS)
 765         buffer = chanBindings->application_data;
 766
 767     major = gssEapWrap(minor, ctx, TRUE, GSS_C_QOP_DEFAULT,
 768                        &buffer, NULL, outputToken);
 769     if (GSS_ERROR(major))
 770         return major;
 771
 772     GSSEAP_ASSERT(outputToken->value != NULL);
 773
 774     *minor = 0;
 775     *smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL;
 776
 777     return GSS_S_CONTINUE_NEEDED;
 778 }
 779
 780 static OM_uint32
 781 eapGssSmInitInitiatorMIC(OM_uint32 *minor,
 782                          gss_cred_id_t cred GSSEAP_UNUSED,
 783                          gss_ctx_id_t ctx,
 784                          gss_name_t target GSSEAP_UNUSED,
 785                          gss_OID mech GSSEAP_UNUSED,
 786                          OM_uint32 reqFlags GSSEAP_UNUSED,
 787                          OM_uint32 timeReq GSSEAP_UNUSED,
 788                          gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 789                          gss_buffer_t inputToken GSSEAP_UNUSED,
 790                          gss_buffer_t outputToken,
 791                          OM_uint32 *smFlags)
 792 {
 793     OM_uint32 major;
 794
 795     major = gssEapMakeTokenMIC(minor, ctx, outputToken);
 796     if (GSS_ERROR(major))
 797         return major;
 798
 799     GSSEAP_SM_TRANSITION_NEXT(ctx);
 800
 801     *minor = 0;
 802     *smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL;
 803
 804     return GSS_S_CONTINUE_NEEDED;
 805 }
 806
 807 #ifdef GSSEAP_ENABLE_REAUTH
 808 static OM_uint32
 809 eapGssSmInitReauthCreds(OM_uint32 *minor,
 810                         gss_cred_id_t cred,
 811                         gss_ctx_id_t ctx,
 812                         gss_name_t target GSSEAP_UNUSED,
 813                         gss_OID mech GSSEAP_UNUSED,
 814                         OM_uint32 reqFlags GSSEAP_UNUSED,
 815                         OM_uint32 timeReq GSSEAP_UNUSED,
 816                         gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 817                         gss_buffer_t inputToken,
 818                         gss_buffer_t outputToken GSSEAP_UNUSED,
 819                         OM_uint32 *smFlags GSSEAP_UNUSED)
 820 {
 821     OM_uint32 major;
 822
 823     if (ctx->gssFlags & GSS_C_MUTUAL_FLAG) {
 824         major = gssEapStoreReauthCreds(minor, ctx, cred, inputToken);
 825         if (GSS_ERROR(major))
 826             return major;
 827     }
 828
 829     *minor = 0;
 830     return GSS_S_CONTINUE_NEEDED;
 831 }
 832 #endif /* GSSEAP_ENABLE_REAUTH */
 833
 834 static OM_uint32
 835 eapGssSmInitAcceptorMIC(OM_uint32 *minor,
 836                         gss_cred_id_t cred GSSEAP_UNUSED,
 837                         gss_ctx_id_t ctx,
 838                         gss_name_t target GSSEAP_UNUSED,
 839                         gss_OID mech GSSEAP_UNUSED,
 840                         OM_uint32 reqFlags GSSEAP_UNUSED,
 841                         OM_uint32 timeReq GSSEAP_UNUSED,
 842                         gss_channel_bindings_t chanBindings GSSEAP_UNUSED,
 843                         gss_buffer_t inputToken,
 844                         gss_buffer_t outputToken GSSEAP_UNUSED,
 845                         OM_uint32 *smFlags GSSEAP_UNUSED)
 846 {
 847     OM_uint32 major;
 848
 849     major = gssEapVerifyTokenMIC(minor, ctx, inputToken);
 850     if (GSS_ERROR(major))
 851         return major;
 852
 853     GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_ESTABLISHED);
 854
 855     *minor = 0;
 856
 857     return GSS_S_COMPLETE;
 858 }
 859
 860 static struct gss_eap_sm eapGssInitiatorSm[] = {
 861     {
 862         ITOK_TYPE_CONTEXT_ERR,
 863         ITOK_TYPE_NONE,
 864         GSSEAP_STATE_ALL & ~(GSSEAP_STATE_INITIAL),
 865         0,
 866         eapGssSmInitError
 867     },
 868     {
 869         ITOK_TYPE_ACCEPTOR_NAME_RESP,
 870         ITOK_TYPE_ACCEPTOR_NAME_REQ,
 871         GSSEAP_STATE_INITIAL | GSSEAP_STATE_AUTHENTICATE,
 872         0,
 873         eapGssSmInitAcceptorName
 874     },
 875 #ifdef GSSEAP_DEBUG
 876     {
 877         ITOK_TYPE_NONE,
 878         ITOK_TYPE_VENDOR_INFO,
 879         GSSEAP_STATE_INITIAL,
 880         0,
 881         eapGssSmInitVendorInfo
 882     },
 883 #endif
 884 #ifdef GSSEAP_ENABLE_REAUTH
 885     {
 886         ITOK_TYPE_REAUTH_RESP,
 887         ITOK_TYPE_REAUTH_REQ,
 888         GSSEAP_STATE_INITIAL | GSSEAP_STATE_REAUTHENTICATE,
 889         0,
 890         eapGssSmInitGssReauth
 891     },
 892 #endif
 893     {
 894         ITOK_TYPE_NONE,
 895         ITOK_TYPE_NONE,
 896 #ifdef GSSEAP_ENABLE_REAUTH
 897         GSSEAP_STATE_REAUTHENTICATE |
 898 #endif
 899         GSSEAP_STATE_INITIAL,
 900         SM_ITOK_FLAG_REQUIRED,
 901         eapGssSmInitIdentity
 902     },
 903     {
 904         ITOK_TYPE_EAP_REQ,
 905         ITOK_TYPE_EAP_RESP,
 906         GSSEAP_STATE_AUTHENTICATE,
 907         SM_ITOK_FLAG_REQUIRED,
 908         eapGssSmInitAuthenticate
 909     },
 910     {
 911         ITOK_TYPE_NONE,
 912         ITOK_TYPE_GSS_FLAGS,
 913         GSSEAP_STATE_INITIATOR_EXTS,
 914         0,
 915         eapGssSmInitGssFlags
 916     },
 917     {
 918         ITOK_TYPE_NONE,
 919         ITOK_TYPE_GSS_CHANNEL_BINDINGS,
 920         GSSEAP_STATE_INITIATOR_EXTS,
 921         SM_ITOK_FLAG_REQUIRED,
 922         eapGssSmInitGssChannelBindings
 923     },
 924     {
 925         ITOK_TYPE_NONE,
 926         ITOK_TYPE_INITIATOR_MIC,
 927         GSSEAP_STATE_INITIATOR_EXTS,
 928         SM_ITOK_FLAG_REQUIRED,
 929         eapGssSmInitInitiatorMIC
 930     },
 931 #ifdef GSSEAP_ENABLE_REAUTH
 932     {
 933         ITOK_TYPE_REAUTH_CREDS,
 934         ITOK_TYPE_NONE,
 935         GSSEAP_STATE_ACCEPTOR_EXTS,
 936         0,
 937         eapGssSmInitReauthCreds
 938     },
 939 #endif
 940     /* other extensions go here */
 941     {
 942         ITOK_TYPE_ACCEPTOR_MIC,
 943         ITOK_TYPE_NONE,
 944         GSSEAP_STATE_ACCEPTOR_EXTS,
 945         SM_ITOK_FLAG_REQUIRED,
 946         eapGssSmInitAcceptorMIC
 947     }
 948 };
 949
 950 OM_uint32
 951 gssEapInitSecContext(OM_uint32 *minor,
 952                      gss_cred_id_t cred,
 953                      gss_ctx_id_t ctx,
 954                      gss_name_t target_name,
 955                      gss_OID mech_type,
 956                      OM_uint32 req_flags,
 957                      OM_uint32 time_req,
 958                      gss_channel_bindings_t input_chan_bindings,
 959                      gss_buffer_t input_token,
 960                      gss_OID *actual_mech_type,
 961                      gss_buffer_t output_token,
 962                      OM_uint32 *ret_flags,
 963                      OM_uint32 *time_rec)
 964 {
 965     OM_uint32 major, tmpMinor;
 966     int initialContextToken = (ctx->mechanismUsed == GSS_C_NO_OID);
 967
 968     /*
 969      * XXX is acquiring the credential lock here necessary? The password is
 970      * mutable but the contract could specify that this is not updated whilst
 971      * a context is being initialized.
 972      */
 973     if (cred != GSS_C_NO_CREDENTIAL)
 974         GSSEAP_MUTEX_LOCK(&cred->mutex);
 975
 976     if (ctx->cred == GSS_C_NO_CREDENTIAL) {
 977         major = gssEapResolveInitiatorCred(minor, cred, target_name, &ctx->cred);
 978         if (GSS_ERROR(major))
 979             goto cleanup;
 980
 981         GSSEAP_ASSERT(ctx->cred != GSS_C_NO_CREDENTIAL);
 982     }
 983
 984     GSSEAP_MUTEX_LOCK(&ctx->cred->mutex);
 985
 986     GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_RESOLVED);
 987     GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_INITIATE);
 988
 989     if (initialContextToken) {
 990         major = initBegin(minor, ctx, target_name, mech_type,
 991                           req_flags, time_req, input_chan_bindings);
 992         if (GSS_ERROR(major))
 993             goto cleanup;
 994     }
 995
 996     major = gssEapSmStep(minor,
 997                          cred,
 998                          ctx,
 999                          target_name,
1000                          mech_type,
1001                          req_flags,
1002                          time_req,
1003                          input_chan_bindings,
1004                          input_token,
1005                          output_token,
1006                          eapGssInitiatorSm,
1007                          sizeof(eapGssInitiatorSm) / sizeof(eapGssInitiatorSm[0]));
1008     if (GSS_ERROR(major))
1009         goto cleanup;
1010
1011     if (actual_mech_type != NULL) {
1012         OM_uint32 tmpMajor;
1013
1014         tmpMajor = gssEapCanonicalizeOid(&tmpMinor, ctx->mechanismUsed, 0, actual_mech_type);
1015         if (GSS_ERROR(tmpMajor)) {
1016             major = tmpMajor;
1017             *minor = tmpMinor;
1018             goto cleanup;
1019         }
1020     }
1021     if (ret_flags != NULL)
1022         *ret_flags = ctx->gssFlags;
1023     if (time_rec != NULL)
1024         gssEapContextTime(&tmpMinor, ctx, time_rec);
1025
1026     GSSEAP_ASSERT(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
1027
1028 cleanup:
1029     if (cred != GSS_C_NO_CREDENTIAL)
1030         GSSEAP_MUTEX_UNLOCK(&cred->mutex);
1031     if (ctx->cred != GSS_C_NO_CREDENTIAL)
1032         GSSEAP_MUTEX_UNLOCK(&ctx->cred->mutex);
1033
1034     return major;
1035 }
1036
1037 OM_uint32 GSSAPI_CALLCONV
1038 gss_init_sec_context(OM_uint32 *minor,
1039                      gss_cred_id_t cred,
1040                      gss_ctx_id_t *context_handle,
1041                      gss_name_t target_name,
1042                      gss_OID mech_type,
1043                      OM_uint32 req_flags,
1044                      OM_uint32 time_req,
1045                      gss_channel_bindings_t input_chan_bindings,
1046                      gss_buffer_t input_token,
1047                      gss_OID *actual_mech_type,
1048                      gss_buffer_t output_token,
1049                      OM_uint32 *ret_flags,
1050                      OM_uint32 *time_rec)
1051 {
1052     OM_uint32 major, tmpMinor;
1053     gss_ctx_id_t ctx = *context_handle;
1054
1055     *minor = 0;
1056
1057     output_token->length = 0;
1058     output_token->value = NULL;
1059
1060     if (ctx == GSS_C_NO_CONTEXT) {
1061         if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) {
1062             *minor = GSSEAP_WRONG_SIZE;
1063             return GSS_S_DEFECTIVE_TOKEN;
1064         }
1065
1066         major = gssEapAllocContext(minor, &ctx);
1067         if (GSS_ERROR(major))
1068             return major;
1069
1070         ctx->flags |= CTX_FLAG_INITIATOR;
1071
1072         *context_handle = ctx;
1073     }
1074
1075     GSSEAP_MUTEX_LOCK(&ctx->mutex);
1076
1077     major = gssEapInitSecContext(minor,
1078                                  cred,
1079                                  ctx,
1080                                  target_name,
1081                                  mech_type,
1082                                  req_flags,
1083                                  time_req,
1084                                  input_chan_bindings,
1085                                  input_token,
1086                                  actual_mech_type,
1087                                  output_token,
1088                                  ret_flags,
1089                                  time_rec);
1090
1091     GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
1092
1093     if (GSS_ERROR(major))
1094         gssEapReleaseContext(&tmpMinor, context_handle);
1095
1096     return major;
1097 }