/crypto/heimdal/appl/telnet/libtelnet/spx.c
Relevant Search: With Applications for Solr and Elasticsearch
For more in depth reading about search, ranking and generally everything you could ever want to know about how lucene, elasticsearch or solr work under the hood I highly suggest this book. Easily one of the most interesting technical books I have read in a long time. If you are tasked with solving search relevance problems even if not in Solr or Elasticsearch it should be your first reference. Amazon Affiliate LinkC | 589 lines | 431 code | 84 blank | 74 comment | 45 complexity | d91427c0f798639ccb7c4ee1ff2e00cd MD5 | raw file
1/*- 2 * Copyright (c) 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#include <config.h> 35 36RCSID("$Id$"); 37 38#ifdef SPX 39/* 40 * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION 41 * ALL RIGHTS RESERVED 42 * 43 * "Digital Equipment Corporation authorizes the reproduction, 44 * distribution and modification of this software subject to the following 45 * restrictions: 46 * 47 * 1. Any partial or whole copy of this software, or any modification 48 * thereof, must include this copyright notice in its entirety. 49 * 50 * 2. This software is supplied "as is" with no warranty of any kind, 51 * expressed or implied, for any purpose, including any warranty of fitness 52 * or merchantibility. DIGITAL assumes no responsibility for the use or 53 * reliability of this software, nor promises to provide any form of 54 * support for it on any basis. 55 * 56 * 3. Distribution of this software is authorized only if no profit or 57 * remuneration of any kind is received in exchange for such distribution. 58 * 59 * 4. This software produces public key authentication certificates 60 * bearing an expiration date established by DIGITAL and RSA Data 61 * Security, Inc. It may cease to generate certificates after the expiration 62 * date. Any modification of this software that changes or defeats 63 * the expiration date or its effect is unauthorized. 64 * 65 * 5. Software that will renew or extend the expiration date of 66 * authentication certificates produced by this software may be obtained 67 * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA 68 * 94065, (415)595-8782, or from DIGITAL" 69 * 70 */ 71 72#ifdef HAVE_SYS_TYPES_H 73#include <sys/types.h> 74#endif 75#ifdef HAVE_ARPA_TELNET_H 76#include <arpa/telnet.h> 77#endif 78#include <stdio.h> 79#include "gssapi_defs.h" 80#include <stdlib.h> 81#include <string.h> 82 83#include <pwd.h> 84#ifdef SOCKS 85#include <socks.h> 86#endif 87 88#include "encrypt.h" 89#include "auth.h" 90#include "misc.h" 91 92extern auth_debug_mode; 93 94static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, 95 AUTHTYPE_SPX, }; 96static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 97 TELQUAL_NAME, }; 98 99#define SPX_AUTH 0 /* Authentication data follows */ 100#define SPX_REJECT 1 /* Rejected (reason might follow) */ 101#define SPX_ACCEPT 2 /* Accepted */ 102 103static des_key_schedule sched; 104static des_cblock challenge = { 0 }; 105 106 107/*******************************************************************/ 108 109gss_OID_set actual_mechs; 110gss_OID actual_mech_type, output_name_type; 111int major_status, status, msg_ctx = 0, new_status; 112int req_flags = 0, ret_flags, lifetime_rec; 113gss_cred_id_t gss_cred_handle; 114gss_ctx_id_t actual_ctxhandle, context_handle; 115gss_buffer_desc output_token, input_token, input_name_buffer; 116gss_buffer_desc status_string; 117gss_name_t desired_targname, src_name; 118gss_channel_bindings input_chan_bindings; 119char lhostname[GSS_C_MAX_PRINTABLE_NAME]; 120char targ_printable[GSS_C_MAX_PRINTABLE_NAME]; 121int to_addr=0, from_addr=0; 122char *address; 123gss_buffer_desc fullname_buffer; 124gss_OID fullname_type; 125gss_cred_id_t gss_delegated_cred_handle; 126 127/*******************************************************************/ 128 129 130 131 static int 132Data(ap, type, d, c) 133 Authenticator *ap; 134 int type; 135 void *d; 136 int c; 137{ 138 unsigned char *p = str_data + 4; 139 unsigned char *cd = (unsigned char *)d; 140 141 if (c == -1) 142 c = strlen((char *)cd); 143 144 if (0) { 145 printf("%s:%d: [%d] (%d)", 146 str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", 147 str_data[3], 148 type, c); 149 printd(d, c); 150 printf("\r\n"); 151 } 152 *p++ = ap->type; 153 *p++ = ap->way; 154 *p++ = type; 155 while (c-- > 0) { 156 if ((*p++ = *cd++) == IAC) 157 *p++ = IAC; 158 } 159 *p++ = IAC; 160 *p++ = SE; 161 if (str_data[3] == TELQUAL_IS) 162 printsub('>', &str_data[2], p - (&str_data[2])); 163 return(telnet_net_write(str_data, p - str_data)); 164} 165 166 int 167spx_init(ap, server) 168 Authenticator *ap; 169 int server; 170{ 171 gss_cred_id_t tmp_cred_handle; 172 173 if (server) { 174 str_data[3] = TELQUAL_REPLY; 175 gethostname(lhostname, sizeof(lhostname)); 176 snprintf (targ_printable, sizeof(targ_printable), 177 "SERVICE:rcmd@%s", lhostname); 178 input_name_buffer.length = strlen(targ_printable); 179 input_name_buffer.value = targ_printable; 180 major_status = gss_import_name(&status, 181 &input_name_buffer, 182 GSS_C_NULL_OID, 183 &desired_targname); 184 major_status = gss_acquire_cred(&status, 185 desired_targname, 186 0, 187 GSS_C_NULL_OID_SET, 188 GSS_C_ACCEPT, 189 &tmp_cred_handle, 190 &actual_mechs, 191 &lifetime_rec); 192 if (major_status != GSS_S_COMPLETE) return(0); 193 } else { 194 str_data[3] = TELQUAL_IS; 195 } 196 return(1); 197} 198 199 int 200spx_send(ap) 201 Authenticator *ap; 202{ 203 des_cblock enckey; 204 int r; 205 206 gss_OID actual_mech_type, output_name_type; 207 int msg_ctx = 0, new_status, status; 208 int req_flags = 0, ret_flags, lifetime_rec, major_status; 209 gss_buffer_desc output_token, input_token, input_name_buffer; 210 gss_buffer_desc output_name_buffer, status_string; 211 gss_name_t desired_targname; 212 gss_channel_bindings input_chan_bindings; 213 char targ_printable[GSS_C_MAX_PRINTABLE_NAME]; 214 int from_addr=0, to_addr=0, myhostlen, j; 215 int deleg_flag=1, mutual_flag=0, replay_flag=0, seq_flag=0; 216 char *address; 217 218 printf("[ Trying SPX ... ]\r\n"); 219 snprintf (targ_printable, sizeof(targ_printable), 220 "SERVICE:rcmd@%s", RemoteHostName); 221 222 input_name_buffer.length = strlen(targ_printable); 223 input_name_buffer.value = targ_printable; 224 225 if (!UserNameRequested) { 226 return(0); 227 } 228 229 major_status = gss_import_name(&status, 230 &input_name_buffer, 231 GSS_C_NULL_OID, 232 &desired_targname); 233 234 235 major_status = gss_display_name(&status, 236 desired_targname, 237 &output_name_buffer, 238 &output_name_type); 239 240 printf("target is '%.*s'\n", (int)output_name_buffer.length, 241 (char*)output_name_buffer.value); 242 fflush(stdout); 243 244 major_status = gss_release_buffer(&status, &output_name_buffer); 245 246 input_chan_bindings = (gss_channel_bindings) 247 malloc(sizeof(gss_channel_bindings_desc)); 248 249 input_chan_bindings->initiator_addrtype = GSS_C_AF_INET; 250 input_chan_bindings->initiator_address.length = 4; 251 address = (char *) malloc(4); 252 input_chan_bindings->initiator_address.value = (char *) address; 253 address[0] = ((from_addr & 0xff000000) >> 24); 254 address[1] = ((from_addr & 0xff0000) >> 16); 255 address[2] = ((from_addr & 0xff00) >> 8); 256 address[3] = (from_addr & 0xff); 257 input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET; 258 input_chan_bindings->acceptor_address.length = 4; 259 address = (char *) malloc(4); 260 input_chan_bindings->acceptor_address.value = (char *) address; 261 address[0] = ((to_addr & 0xff000000) >> 24); 262 address[1] = ((to_addr & 0xff0000) >> 16); 263 address[2] = ((to_addr & 0xff00) >> 8); 264 address[3] = (to_addr & 0xff); 265 input_chan_bindings->application_data.length = 0; 266 267 req_flags = 0; 268 if (deleg_flag) req_flags = req_flags | 1; 269 if (mutual_flag) req_flags = req_flags | 2; 270 if (replay_flag) req_flags = req_flags | 4; 271 if (seq_flag) req_flags = req_flags | 8; 272 273 major_status = gss_init_sec_context(&status, /* minor status */ 274 GSS_C_NO_CREDENTIAL, /* cred handle */ 275 &actual_ctxhandle, /* ctx handle */ 276 desired_targname, /* target name */ 277 GSS_C_NULL_OID, /* mech type */ 278 req_flags, /* req flags */ 279 0, /* time req */ 280 input_chan_bindings, /* chan binding */ 281 GSS_C_NO_BUFFER, /* input token */ 282 &actual_mech_type, /* actual mech */ 283 &output_token, /* output token */ 284 &ret_flags, /* ret flags */ 285 &lifetime_rec); /* time rec */ 286 287 if ((major_status != GSS_S_COMPLETE) && 288 (major_status != GSS_S_CONTINUE_NEEDED)) { 289 gss_display_status(&new_status, 290 status, 291 GSS_C_MECH_CODE, 292 GSS_C_NULL_OID, 293 &msg_ctx, 294 &status_string); 295 printf("%.*s\n", (int)status_string.length, 296 (char*)status_string.value); 297 return(0); 298 } 299 300 if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { 301 return(0); 302 } 303 304 if (!Data(ap, SPX_AUTH, output_token.value, output_token.length)) { 305 return(0); 306 } 307 308 return(1); 309} 310 311 void 312spx_is(ap, data, cnt) 313 Authenticator *ap; 314 unsigned char *data; 315 int cnt; 316{ 317 Session_Key skey; 318 des_cblock datablock; 319 int r; 320 321 if (cnt-- < 1) 322 return; 323 switch (*data++) { 324 case SPX_AUTH: 325 input_token.length = cnt; 326 input_token.value = (char *) data; 327 328 gethostname(lhostname, sizeof(lhostname)); 329 330 snprintf(targ_printable, sizeof(targ_printable), 331 "SERVICE:rcmd@%s", lhostname); 332 333 input_name_buffer.length = strlen(targ_printable); 334 input_name_buffer.value = targ_printable; 335 336 major_status = gss_import_name(&status, 337 &input_name_buffer, 338 GSS_C_NULL_OID, 339 &desired_targname); 340 341 major_status = gss_acquire_cred(&status, 342 desired_targname, 343 0, 344 GSS_C_NULL_OID_SET, 345 GSS_C_ACCEPT, 346 &gss_cred_handle, 347 &actual_mechs, 348 &lifetime_rec); 349 350 major_status = gss_release_name(&status, desired_targname); 351 352 input_chan_bindings = (gss_channel_bindings) 353 malloc(sizeof(gss_channel_bindings_desc)); 354 355 input_chan_bindings->initiator_addrtype = GSS_C_AF_INET; 356 input_chan_bindings->initiator_address.length = 4; 357 address = (char *) malloc(4); 358 input_chan_bindings->initiator_address.value = (char *) address; 359 address[0] = ((from_addr & 0xff000000) >> 24); 360 address[1] = ((from_addr & 0xff0000) >> 16); 361 address[2] = ((from_addr & 0xff00) >> 8); 362 address[3] = (from_addr & 0xff); 363 input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET; 364 input_chan_bindings->acceptor_address.length = 4; 365 address = (char *) malloc(4); 366 input_chan_bindings->acceptor_address.value = (char *) address; 367 address[0] = ((to_addr & 0xff000000) >> 24); 368 address[1] = ((to_addr & 0xff0000) >> 16); 369 address[2] = ((to_addr & 0xff00) >> 8); 370 address[3] = (to_addr & 0xff); 371 input_chan_bindings->application_data.length = 0; 372 373 major_status = gss_accept_sec_context(&status, 374 &context_handle, 375 gss_cred_handle, 376 &input_token, 377 input_chan_bindings, 378 &src_name, 379 &actual_mech_type, 380 &output_token, 381 &ret_flags, 382 &lifetime_rec, 383 &gss_delegated_cred_handle); 384 385 386 if (major_status != GSS_S_COMPLETE) { 387 388 major_status = gss_display_name(&status, 389 src_name, 390 &fullname_buffer, 391 &fullname_type); 392 Data(ap, SPX_REJECT, "auth failed", -1); 393 auth_finished(ap, AUTH_REJECT); 394 return; 395 } 396 397 major_status = gss_display_name(&status, 398 src_name, 399 &fullname_buffer, 400 &fullname_type); 401 402 403 Data(ap, SPX_ACCEPT, output_token.value, output_token.length); 404 auth_finished(ap, AUTH_USER); 405 break; 406 407 default: 408 Data(ap, SPX_REJECT, 0, 0); 409 break; 410 } 411} 412 413 414 void 415spx_reply(ap, data, cnt) 416 Authenticator *ap; 417 unsigned char *data; 418 int cnt; 419{ 420 Session_Key skey; 421 422 if (cnt-- < 1) 423 return; 424 switch (*data++) { 425 case SPX_REJECT: 426 if (cnt > 0) { 427 printf("[ SPX refuses authentication because %.*s ]\r\n", 428 cnt, data); 429 } else 430 printf("[ SPX refuses authentication ]\r\n"); 431 auth_send_retry(); 432 return; 433 case SPX_ACCEPT: 434 printf("[ SPX accepts you ]\r\n"); 435 if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { 436 /* 437 * Send over the encrypted challenge. 438 */ 439 input_token.value = (char *) data; 440 input_token.length = cnt; 441 442 major_status = gss_init_sec_context(&status, /* minor stat */ 443 GSS_C_NO_CREDENTIAL, /* cred handle */ 444 &actual_ctxhandle, /* ctx handle */ 445 desired_targname, /* target name */ 446 GSS_C_NULL_OID, /* mech type */ 447 req_flags, /* req flags */ 448 0, /* time req */ 449 input_chan_bindings, /* chan binding */ 450 &input_token, /* input token */ 451 &actual_mech_type, /* actual mech */ 452 &output_token, /* output token */ 453 &ret_flags, /* ret flags */ 454 &lifetime_rec); /* time rec */ 455 456 if (major_status != GSS_S_COMPLETE) { 457 gss_display_status(&new_status, 458 status, 459 GSS_C_MECH_CODE, 460 GSS_C_NULL_OID, 461 &msg_ctx, 462 &status_string); 463 printf("[ SPX mutual response fails ... '%.*s' ]\r\n", 464 (int)status_string.length, 465 (char*)status_string.value); 466 auth_send_retry(); 467 return; 468 } 469 } 470 auth_finished(ap, AUTH_USER); 471 return; 472 473 default: 474 return; 475 } 476} 477 478 int 479spx_status(ap, name, name_sz, level) 480 Authenticator *ap; 481 char *name; 482 size_t name_sz; 483 int level; 484{ 485 486 gss_buffer_desc fullname_buffer, acl_file_buffer; 487 gss_OID fullname_type; 488 char acl_file[160], fullname[160]; 489 int major_status, status = 0; 490 struct passwd *pwd; 491 492 /* 493 * hard code fullname to 494 * "SPX:/C=US/O=Digital/OU=LKG/OU=Sphinx/OU=Users/CN=Kannan Alagappan" 495 * and acl_file to "~kannan/.sphinx" 496 */ 497 498 pwd = k_getpwnam(UserNameRequested); 499 if (pwd == NULL) { 500 return(AUTH_USER); /* not authenticated */ 501 } 502 503 snprintf (acl_file, sizeof(acl_file), 504 "%s/.sphinx", pwd->pw_dir); 505 506 acl_file_buffer.value = acl_file; 507 acl_file_buffer.length = strlen(acl_file); 508 509 major_status = gss_display_name(&status, 510 src_name, 511 &fullname_buffer, 512 &fullname_type); 513 514 if (level < AUTH_USER) 515 return(level); 516 517 major_status = gss__check_acl(&status, &fullname_buffer, 518 &acl_file_buffer); 519 520 if (major_status == GSS_S_COMPLETE) { 521 strlcpy(name, UserNameRequested, name_sz); 522 return(AUTH_VALID); 523 } else { 524 return(AUTH_USER); 525 } 526 527} 528 529#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} 530#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} 531 532 void 533spx_printsub(unsigned char *data, size_t cnt, 534 unsigned char *buf, size_t buflen) 535{ 536 size_t i; 537 538 buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ 539 buflen -= 1; 540 541 switch(data[3]) { 542 case SPX_REJECT: /* Rejected (reason might follow) */ 543 strlcpy((char *)buf, " REJECT ", buflen); 544 goto common; 545 546 case SPX_ACCEPT: /* Accepted (name might follow) */ 547 strlcpy((char *)buf, " ACCEPT ", buflen); 548 common: 549 BUMP(buf, buflen); 550 if (cnt <= 4) 551 break; 552 ADDC(buf, buflen, '"'); 553 for (i = 4; i < cnt; i++) 554 ADDC(buf, buflen, data[i]); 555 ADDC(buf, buflen, '"'); 556 ADDC(buf, buflen, '\0'); 557 break; 558 559 case SPX_AUTH: /* Authentication data follows */ 560 strlcpy((char *)buf, " AUTH", buflen); 561 goto common2; 562 563 default: 564 snprintf(buf, buflen, " %d (unknown)", data[3]); 565 common2: 566 BUMP(buf, buflen); 567 for (i = 4; i < cnt; i++) { 568 snprintf(buf, buflen, " %d", data[i]); 569 BUMP(buf, buflen); 570 } 571 break; 572 } 573} 574 575#endif 576 577#ifdef notdef 578 579prkey(msg, key) 580 char *msg; 581 unsigned char *key; 582{ 583 int i; 584 printf("%s:", msg); 585 for (i = 0; i < 8; i++) 586 printf(" %3d", key[i]); 587 printf("\r\n"); 588} 589#endif