GSSAPI key exchange support

This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2014-02-10 Patch-Name: gssapi.patch
author: Simon Wilkinson <simon@sxw.org.uk> 2014-02-09 16:09:48 +0000
committer: Colin Watson <cjwatson@debian.org> 2014-02-10 02:40:08 +0000
commit: cd404114ded78fc51d5d9cbd458d55c9b2f67daa (patch)
tree: df7a424d9301b69af906b50d550bfce6e6e2c5f3 /gss-genr.c
parent: 9a975a9faed7c4f334e8c8490db3e77e102f2b21 (diff)
1 files changed, 272 insertions, 4 deletions
diff --git a/gss-genr.c b/gss-genr.c
index b39281bc1..b7d1b7dbf 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,7 +1,7 @@
 /* $OpenBSD: gss-genr.c,v 1.22 2013/11/08 00:39:15 djm Exp $ */
 /*
- * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -39,12 +39,167 @@
 #include "buffer.h"
 #include "log.h"
 #include "ssh2.h"
+#include "cipher.h"
+#include "key.h"
+#include "kex.h"
+#include <openssl/evp.h>
 #include "ssh-gss.h"
 extern u_char *session_id2;
 extern u_int session_id2_len;
+typedef struct {
+        char *encoded;
+        gss_OID oid;
+} ssh_gss_kex_mapping;
+/*
+ * XXX - It would be nice to find a more elegant way of handling the
+ * XXX   passing of the key exchange context to the userauth routines
+ */
+Gssctxt *gss_kex_context = NULL;
+static ssh_gss_kex_mapping *gss_enc2oid = NULL;
+int 
+ssh_gssapi_oid_table_ok() {
+        return (gss_enc2oid != NULL);
+}
+/*
+ * Return a list of the gss-group1-sha1 mechanisms supported by this program
+ *
+ * We test mechanisms to ensure that we can use them, to avoid starting
+ * a key exchange with a bad mechanism
+ */
+char *
+ssh_gssapi_client_mechanisms(const char *host, const char *client) {
+        gss_OID_set gss_supported;
+        OM_uint32 min_status;
+        if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported)))
+                return NULL;
+        return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
+            host, client));
+}
+char *
+ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
+    const char *host, const char *client) {
+        Buffer buf;
+        size_t i;
+        int oidpos, enclen;
+        char *mechs, *encoded;
+        u_char digest[EVP_MAX_MD_SIZE];
+        char deroid[2];
+        const EVP_MD *evp_md = EVP_md5();
+        EVP_MD_CTX md;
+        if (gss_enc2oid != NULL) {
+                for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
+                        free(gss_enc2oid[i].encoded);
+                free(gss_enc2oid);
+        }
+        gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
+            (gss_supported->count + 1));
+        buffer_init(&buf);
+        oidpos = 0;
+        for (i = 0; i < gss_supported->count; i++) {
+                if (gss_supported->elements[i].length < 128 &&
+                    (*check)(NULL, &(gss_supported->elements[i]), host, client)) {
+                        deroid[0] = SSH_GSS_OIDTYPE;
+                        deroid[1] = gss_supported->elements[i].length;
+                        EVP_DigestInit(&md, evp_md);
+                        EVP_DigestUpdate(&md, deroid, 2);
+                        EVP_DigestUpdate(&md,
+                            gss_supported->elements[i].elements,
+                            gss_supported->elements[i].length);
+                        EVP_DigestFinal(&md, digest, NULL);
+                        encoded = xmalloc(EVP_MD_size(evp_md) * 2);
+                        enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
+                            encoded, EVP_MD_size(evp_md) * 2);
+                        if (oidpos != 0)
+                                buffer_put_char(&buf, ',');
+                        buffer_append(&buf, KEX_GSS_GEX_SHA1_ID,
+                            sizeof(KEX_GSS_GEX_SHA1_ID) - 1);
+                        buffer_append(&buf, encoded, enclen);
+                        buffer_put_char(&buf, ',');
+                        buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, 
+                            sizeof(KEX_GSS_GRP1_SHA1_ID) - 1);
+                        buffer_append(&buf, encoded, enclen);
+                        buffer_put_char(&buf, ',');
+                        buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID,
+                            sizeof(KEX_GSS_GRP14_SHA1_ID) - 1);
+                        buffer_append(&buf, encoded, enclen);
+                        gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
+                        gss_enc2oid[oidpos].encoded = encoded;
+                        oidpos++;
+                }
+        }
+        gss_enc2oid[oidpos].oid = NULL;
+        gss_enc2oid[oidpos].encoded = NULL;
+        buffer_put_char(&buf, '\0');
+        mechs = xmalloc(buffer_len(&buf));
+        buffer_get(&buf, mechs, buffer_len(&buf));
+        buffer_free(&buf);
+        if (strlen(mechs) == 0) {
+                free(mechs);
+                mechs = NULL;
+        }
+        
+        return (mechs);
+}
+gss_OID
+ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) {
+        int i = 0;
+        
+        switch (kex_type) {
+        case KEX_GSS_GRP1_SHA1:
+                if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID))
+                        return GSS_C_NO_OID;
+                name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1;
+                break;
+        case KEX_GSS_GRP14_SHA1:
+                if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID))
+                        return GSS_C_NO_OID;
+                name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1;
+                break;
+        case KEX_GSS_GEX_SHA1:
+                if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID))
+                        return GSS_C_NO_OID;
+                name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1;
+                break;
+        default:
+                return GSS_C_NO_OID;
+        }
+        while (gss_enc2oid[i].encoded != NULL &&
+            strcmp(name, gss_enc2oid[i].encoded) != 0)
+                i++;
+        if (gss_enc2oid[i].oid != NULL && ctx != NULL)
+                ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid);
+        return gss_enc2oid[i].oid;
+}
 /* Check that the OID in a data stream matches that in the context */
 int
 ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
@@ -197,7 +352,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
        }
        ctx->major = gss_init_sec_context(&ctx->minor,
-            GSS_C_NO_CREDENTIAL, &ctx->context, ctx->name, ctx->oid,
+            ctx->client_creds, &ctx->context, ctx->name, ctx->oid,
            GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag,
            0, NULL, recv_tok, NULL, send_tok, flags, NULL);
@@ -227,8 +382,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
 }
 OM_uint32
+ssh_gssapi_client_identity(Gssctxt *ctx, const char *name)
+{
+        gss_buffer_desc gssbuf;
+        gss_name_t gssname;
+        OM_uint32 status;
+        gss_OID_set oidset;
+        gssbuf.value = (void *) name;
+        gssbuf.length = strlen(gssbuf.value);
+        gss_create_empty_oid_set(&status, &oidset);
+        gss_add_oid_set_member(&status, ctx->oid, &oidset);
+        ctx->major = gss_import_name(&ctx->minor, &gssbuf,
+            GSS_C_NT_USER_NAME, &gssname);
+        if (!ctx->major)
+                ctx->major = gss_acquire_cred(&ctx->minor, 
+                    gssname, 0, oidset, GSS_C_INITIATE, 
+                    &ctx->client_creds, NULL, NULL);
+        gss_release_name(&status, &gssname);
+        gss_release_oid_set(&status, &oidset);
+        if (ctx->major)
+                ssh_gssapi_error(ctx);
+        return(ctx->major);
+}
+OM_uint32
 ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
 {
+        if (ctx == NULL) 
+                return -1;
        if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
            GSS_C_QOP_DEFAULT, buffer, hash)))
                ssh_gssapi_error(ctx);
@@ -236,6 +425,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
        return (ctx->major);
 }
+/* Priviledged when used by server */
+OM_uint32
+ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
+{
+        if (ctx == NULL)
+                return -1;
+        ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
+            gssbuf, gssmic, NULL);
+        return (ctx->major);
+}
 void
 ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
    const char *context)
@@ -249,11 +451,16 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
 }
 int
-ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
+ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, 
+    const char *client)
 {
        gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
        OM_uint32 major, minor;
        gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};
+        Gssctxt *intctx = NULL;
+        if (ctx == NULL)
+                ctx = &intctx;
        /* RFC 4462 says we MUST NOT do SPNEGO */
        if (oid->length == spnego_oid.length && 
@@ -263,6 +470,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
        ssh_gssapi_build_ctx(ctx);
        ssh_gssapi_set_oid(*ctx, oid);
        major = ssh_gssapi_import_name(*ctx, host);
+        if (!GSS_ERROR(major) && client)
+                major = ssh_gssapi_client_identity(*ctx, client);
        if (!GSS_ERROR(major)) {
                major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, 
                    NULL);
@@ -272,10 +483,67 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
                            GSS_C_NO_BUFFER);
        }
-        if (GSS_ERROR(major)) 
+        if (GSS_ERROR(major) || intctx != NULL) 
                ssh_gssapi_delete_ctx(ctx);
        return (!GSS_ERROR(major));
 }
+int
+ssh_gssapi_credentials_updated(Gssctxt *ctxt) {
+        static gss_name_t saved_name = GSS_C_NO_NAME;
+        static OM_uint32 saved_lifetime = 0;
+        static gss_OID saved_mech = GSS_C_NO_OID;
+        static gss_name_t name;
+        static OM_uint32 last_call = 0;
+        OM_uint32 lifetime, now, major, minor;
+        int equal;
+        gss_cred_usage_t usage = GSS_C_INITIATE;
+        
+        now = time(NULL);
+        if (ctxt) {
+                debug("Rekey has happened - updating saved versions");
+                if (saved_name != GSS_C_NO_NAME)
+                        gss_release_name(&minor, &saved_name);
+                major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL,
+                    &saved_name, &saved_lifetime, NULL, NULL);
+                if (!GSS_ERROR(major)) {
+                        saved_mech = ctxt->oid;
+                        saved_lifetime+= now;
+                } else {
+                        /* Handle the error */
+                }
+                return 0;
+        }
+        if (now - last_call < 10)
+                return 0;
+        last_call = now;
+        if (saved_mech == GSS_C_NO_OID)
+                return 0;
+        
+        major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, 
+            &name, &lifetime, NULL, NULL);
+        if (major == GSS_S_CREDENTIALS_EXPIRED)
+                return 0;
+        else if (GSS_ERROR(major))
+                return 0;
+        major = gss_compare_name(&minor, saved_name, name, &equal);
+        gss_release_name(&minor, &name);
+        if (GSS_ERROR(major))
+                return 0;
+        if (equal && (saved_lifetime < lifetime + now - 10))
+                return 1;
+        return 0;
+}
 #endif /* GSSAPI */
author	Simon Wilkinson <simon@sxw.org.uk>	2014-02-09 16:09:48 +0000
committer	Colin Watson <cjwatson@debian.org>	2014-02-10 02:40:08 +0000
commit	cd404114ded78fc51d5d9cbd458d55c9b2f67daa (patch)
tree	df7a424d9301b69af906b50d550bfce6e6e2c5f3 /gss-genr.c
parent	9a975a9faed7c4f334e8c8490db3e77e102f2b21 (diff)

diff --git a/gss-genr.c b/gss-genr.c index b39281bc1..b7d1b7dbf 100644 --- a/gss-genr.c +++ b/gss-genr.c
@@ -1,7 +1,7 @@
1	/* $OpenBSD: gss-genr.c,v 1.22 2013/11/08 00:39:15 djm Exp $ */	1	/* $OpenBSD: gss-genr.c,v 1.22 2013/11/08 00:39:15 djm Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.	4	* Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
5	*	5	*
6	* Redistribution and use in source and binary forms, with or without	6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions	7	* modification, are permitted provided that the following conditions
@@ -39,12 +39,167 @@
39	#include "buffer.h"	39	#include "buffer.h"
40	#include "log.h"	40	#include "log.h"
41	#include "ssh2.h"	41	#include "ssh2.h"
		42	#include "cipher.h"
		43	#include "key.h"
		44	#include "kex.h"
		45	#include <openssl/evp.h>
42		46
43	#include "ssh-gss.h"	47	#include "ssh-gss.h"
44		48
45	extern u_char *session_id2;	49	extern u_char *session_id2;
46	extern u_int session_id2_len;	50	extern u_int session_id2_len;
47		51
		52	typedef struct {
		53	char *encoded;
		54	gss_OID oid;
		55	} ssh_gss_kex_mapping;
		56
		57	/*
		58	* XXX - It would be nice to find a more elegant way of handling the
		59	* XXX passing of the key exchange context to the userauth routines
		60	*/
		61
		62	Gssctxt *gss_kex_context = NULL;
		63
		64	static ssh_gss_kex_mapping *gss_enc2oid = NULL;
		65
		66	int
		67	ssh_gssapi_oid_table_ok() {
		68	return (gss_enc2oid != NULL);
		69	}
		70
		71	/*
		72	* Return a list of the gss-group1-sha1 mechanisms supported by this program
		73	*
		74	* We test mechanisms to ensure that we can use them, to avoid starting
		75	* a key exchange with a bad mechanism
		76	*/
		77
		78	char *
		79	ssh_gssapi_client_mechanisms(const char host, const char client) {
		80	gss_OID_set gss_supported;
		81	OM_uint32 min_status;
		82
		83	if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported)))
		84	return NULL;
		85
		86	return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
		87	host, client));
		88	}
		89
		90	char *
		91	ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
		92	const char host, const char client) {
		93	Buffer buf;
		94	size_t i;
		95	int oidpos, enclen;
		96	char mechs, encoded;
		97	u_char digest[EVP_MAX_MD_SIZE];
		98	char deroid[2];
		99	const EVP_MD *evp_md = EVP_md5();
		100	EVP_MD_CTX md;
		101
		102	if (gss_enc2oid != NULL) {
		103	for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
		104	free(gss_enc2oid[i].encoded);
		105	free(gss_enc2oid);
		106	}
		107
		108	gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
		109	(gss_supported->count + 1));
		110
		111	buffer_init(&buf);
		112
		113	oidpos = 0;
		114	for (i = 0; i < gss_supported->count; i++) {
		115	if (gss_supported->elements[i].length < 128 &&
		116	(*check)(NULL, &(gss_supported->elements[i]), host, client)) {
		117
		118	deroid[0] = SSH_GSS_OIDTYPE;
		119	deroid[1] = gss_supported->elements[i].length;
		120
		121	EVP_DigestInit(&md, evp_md);
		122	EVP_DigestUpdate(&md, deroid, 2);
		123	EVP_DigestUpdate(&md,
		124	gss_supported->elements[i].elements,
		125	gss_supported->elements[i].length);
		126	EVP_DigestFinal(&md, digest, NULL);
		127
		128	encoded = xmalloc(EVP_MD_size(evp_md) * 2);
		129	enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
		130	encoded, EVP_MD_size(evp_md) * 2);
		131
		132	if (oidpos != 0)
		133	buffer_put_char(&buf, ',');
		134
		135	buffer_append(&buf, KEX_GSS_GEX_SHA1_ID,
		136	sizeof(KEX_GSS_GEX_SHA1_ID) - 1);
		137	buffer_append(&buf, encoded, enclen);
		138	buffer_put_char(&buf, ',');
		139	buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID,
		140	sizeof(KEX_GSS_GRP1_SHA1_ID) - 1);
		141	buffer_append(&buf, encoded, enclen);
		142	buffer_put_char(&buf, ',');
		143	buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID,
		144	sizeof(KEX_GSS_GRP14_SHA1_ID) - 1);
		145	buffer_append(&buf, encoded, enclen);
		146
		147	gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
		148	gss_enc2oid[oidpos].encoded = encoded;
		149	oidpos++;
		150	}
		151	}
		152	gss_enc2oid[oidpos].oid = NULL;
		153	gss_enc2oid[oidpos].encoded = NULL;
		154
		155	buffer_put_char(&buf, '\0');
		156
		157	mechs = xmalloc(buffer_len(&buf));
		158	buffer_get(&buf, mechs, buffer_len(&buf));
		159	buffer_free(&buf);
		160
		161	if (strlen(mechs) == 0) {
		162	free(mechs);
		163	mechs = NULL;
		164	}
		165
		166	return (mechs);
		167	}
		168
		169	gss_OID
		170	ssh_gssapi_id_kex(Gssctxt ctx, char name, int kex_type) {
		171	int i = 0;
		172
		173	switch (kex_type) {
		174	case KEX_GSS_GRP1_SHA1:
		175	if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID))
		176	return GSS_C_NO_OID;
		177	name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1;
		178	break;
		179	case KEX_GSS_GRP14_SHA1:
		180	if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID))
		181	return GSS_C_NO_OID;
		182	name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1;
		183	break;
		184	case KEX_GSS_GEX_SHA1:
		185	if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID))
		186	return GSS_C_NO_OID;
		187	name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1;
		188	break;
		189	default:
		190	return GSS_C_NO_OID;
		191	}
		192
		193	while (gss_enc2oid[i].encoded != NULL &&
		194	strcmp(name, gss_enc2oid[i].encoded) != 0)
		195	i++;
		196
		197	if (gss_enc2oid[i].oid != NULL && ctx != NULL)
		198	ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid);
		199
		200	return gss_enc2oid[i].oid;
		201	}
		202
48	/* Check that the OID in a data stream matches that in the context */	203	/* Check that the OID in a data stream matches that in the context */
49	int	204	int
50	ssh_gssapi_check_oid(Gssctxt ctx, void data, size_t len)	205	ssh_gssapi_check_oid(Gssctxt ctx, void data, size_t len)
@@ -197,7 +352,7 @@ ssh_gssapi_init_ctx(Gssctxt ctx, int deleg_creds, gss_buffer_desc recv_tok,
197	}	352	}
198		353
199	ctx->major = gss_init_sec_context(&ctx->minor,	354	ctx->major = gss_init_sec_context(&ctx->minor,
200	GSS_C_NO_CREDENTIAL, &ctx->context, ctx->name, ctx->oid,	355	ctx->client_creds, &ctx->context, ctx->name, ctx->oid,
201	GSS_C_MUTUAL_FLAG \| GSS_C_INTEG_FLAG \| deleg_flag,	356	GSS_C_MUTUAL_FLAG \| GSS_C_INTEG_FLAG \| deleg_flag,
202	0, NULL, recv_tok, NULL, send_tok, flags, NULL);	357	0, NULL, recv_tok, NULL, send_tok, flags, NULL);
203		358
@@ -227,8 +382,42 @@ ssh_gssapi_import_name(Gssctxt ctx, const char host)
227	}	382	}
228		383
229	OM_uint32	384	OM_uint32
		385	ssh_gssapi_client_identity(Gssctxt ctx, const char name)
		386	{
		387	gss_buffer_desc gssbuf;
		388	gss_name_t gssname;
		389	OM_uint32 status;
		390	gss_OID_set oidset;
		391
		392	gssbuf.value = (void *) name;
		393	gssbuf.length = strlen(gssbuf.value);
		394
		395	gss_create_empty_oid_set(&status, &oidset);
		396	gss_add_oid_set_member(&status, ctx->oid, &oidset);
		397
		398	ctx->major = gss_import_name(&ctx->minor, &gssbuf,
		399	GSS_C_NT_USER_NAME, &gssname);
		400
		401	if (!ctx->major)
		402	ctx->major = gss_acquire_cred(&ctx->minor,
		403	gssname, 0, oidset, GSS_C_INITIATE,
		404	&ctx->client_creds, NULL, NULL);
		405
		406	gss_release_name(&status, &gssname);
		407	gss_release_oid_set(&status, &oidset);
		408
		409	if (ctx->major)
		410	ssh_gssapi_error(ctx);
		411
		412	return(ctx->major);
		413	}
		414
		415	OM_uint32
230	ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)	416	ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
231	{	417	{
		418	if (ctx == NULL)
		419	return -1;
		420
232	if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,	421	if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
233	GSS_C_QOP_DEFAULT, buffer, hash)))	422	GSS_C_QOP_DEFAULT, buffer, hash)))
234	ssh_gssapi_error(ctx);	423	ssh_gssapi_error(ctx);
@@ -236,6 +425,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
236	return (ctx->major);	425	return (ctx->major);
237	}	426	}
238		427
		428	/* Priviledged when used by server */
		429	OM_uint32
		430	ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
		431	{
		432	if (ctx == NULL)
		433	return -1;
		434
		435	ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
		436	gssbuf, gssmic, NULL);
		437
		438	return (ctx->major);
		439	}
		440
239	void	441	void
240	ssh_gssapi_buildmic(Buffer b, const char user, const char *service,	442	ssh_gssapi_buildmic(Buffer b, const char user, const char *service,
241	const char *context)	443	const char *context)
@@ -249,11 +451,16 @@ ssh_gssapi_buildmic(Buffer b, const char user, const char *service,
249	}	451	}
250		452
251	int	453	int
252	ssh_gssapi_check_mechanism(Gssctxt *ctx, gss_OID oid, const char host)	454	ssh_gssapi_check_mechanism(Gssctxt *ctx, gss_OID oid, const char host,
		455	const char *client)
253	{	456	{
254	gss_buffer_desc token = GSS_C_EMPTY_BUFFER;	457	gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
255	OM_uint32 major, minor;	458	OM_uint32 major, minor;
256	gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};	459	gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};
		460	Gssctxt *intctx = NULL;
		461
		462	if (ctx == NULL)
		463	ctx = &intctx;
257		464
258	/* RFC 4462 says we MUST NOT do SPNEGO */	465	/* RFC 4462 says we MUST NOT do SPNEGO */
259	if (oid->length == spnego_oid.length &&	466	if (oid->length == spnego_oid.length &&
@@ -263,6 +470,10 @@ ssh_gssapi_check_mechanism(Gssctxt *ctx, gss_OID oid, const char host)
263	ssh_gssapi_build_ctx(ctx);	470	ssh_gssapi_build_ctx(ctx);
264	ssh_gssapi_set_oid(*ctx, oid);	471	ssh_gssapi_set_oid(*ctx, oid);
265	major = ssh_gssapi_import_name(*ctx, host);	472	major = ssh_gssapi_import_name(*ctx, host);
		473
		474	if (!GSS_ERROR(major) && client)
		475	major = ssh_gssapi_client_identity(*ctx, client);
		476
266	if (!GSS_ERROR(major)) {	477	if (!GSS_ERROR(major)) {
267	major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token,	478	major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token,
268	NULL);	479	NULL);
@@ -272,10 +483,67 @@ ssh_gssapi_check_mechanism(Gssctxt *ctx, gss_OID oid, const char host)
272	GSS_C_NO_BUFFER);	483	GSS_C_NO_BUFFER);
273	}	484	}
274		485
275	if (GSS_ERROR(major))	486	if (GSS_ERROR(major) \|\| intctx != NULL)
276	ssh_gssapi_delete_ctx(ctx);	487	ssh_gssapi_delete_ctx(ctx);
277		488
278	return (!GSS_ERROR(major));	489	return (!GSS_ERROR(major));
279	}	490	}
280		491
		492	int
		493	ssh_gssapi_credentials_updated(Gssctxt *ctxt) {
		494	static gss_name_t saved_name = GSS_C_NO_NAME;
		495	static OM_uint32 saved_lifetime = 0;
		496	static gss_OID saved_mech = GSS_C_NO_OID;
		497	static gss_name_t name;
		498	static OM_uint32 last_call = 0;
		499	OM_uint32 lifetime, now, major, minor;
		500	int equal;
		501	gss_cred_usage_t usage = GSS_C_INITIATE;
		502
		503	now = time(NULL);
		504
		505	if (ctxt) {
		506	debug("Rekey has happened - updating saved versions");
		507
		508	if (saved_name != GSS_C_NO_NAME)
		509	gss_release_name(&minor, &saved_name);
		510
		511	major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL,
		512	&saved_name, &saved_lifetime, NULL, NULL);
		513
		514	if (!GSS_ERROR(major)) {
		515	saved_mech = ctxt->oid;
		516	saved_lifetime+= now;
		517	} else {
		518	/* Handle the error */
		519	}
		520	return 0;
		521	}
		522
		523	if (now - last_call < 10)
		524	return 0;
		525
		526	last_call = now;
		527
		528	if (saved_mech == GSS_C_NO_OID)
		529	return 0;
		530
		531	major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL,
		532	&name, &lifetime, NULL, NULL);
		533	if (major == GSS_S_CREDENTIALS_EXPIRED)
		534	return 0;
		535	else if (GSS_ERROR(major))
		536	return 0;
		537
		538	major = gss_compare_name(&minor, saved_name, name, &equal);
		539	gss_release_name(&minor, &name);
		540	if (GSS_ERROR(major))
		541	return 0;
		542
		543	if (equal && (saved_lifetime < lifetime + now - 10))
		544	return 1;
		545
		546	return 0;
		547	}
		548
281	#endif /* GSSAPI */	549	#endif /* GSSAPI */