vendor/heimdal/1.5

1 files changed, 90 insertions, 97 deletions

diff --git a/lib/gssapi/ntlm/init_sec_context.c b/lib/gssapi/ntlm/init_sec_context.c
index 140dbece8435..bae04e174060 100644
--- a/lib/gssapi/ntlm/init_sec_context.c
+++ b/lib/gssapi/ntlm/init_sec_context.c
@@ -1,50 +1,49 @@
 /*
- * Copyright (c) 2006 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden). 
- * All rights reserved. 
+ * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
  *
- * Redistribution and use in source and binary forms, with or without 
- * modification, are permitted provided that the following conditions 
- * are met: 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
  *
- * 1. Redistributions of source code must retain the above copyright 
- *    notice, this list of conditions and the following disclaimer. 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
  *
- * 2. Redistributions in binary form must reproduce the above copyright 
- *    notice, this list of conditions and the following disclaimer in the 
- *    documentation and/or other materials provided with the distribution. 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
  *
- * 3. Neither the name of the Institute nor the names of its contributors 
- *    may be used to endorse or promote products derived from this software 
- *    without specific prior written permission. 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
  *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
- * SUCH DAMAGE. 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
  */
 
-#include "ntlm/ntlm.h"
-
-RCSID("$Id: init_sec_context.c 22382 2007-12-30 12:13:17Z lha $");
+#include "ntlm.h"
 
 static int
-from_file(const char *fn, const char *target_domain, 
+from_file(const char *fn, const char *target_domain,
 	  char **username, struct ntlm_buf *key)
-{	  
+{
     char *str, buf[1024];
     FILE *f;
 
     f = fopen(fn, "r");
     if (f == NULL)
 	return ENOENT;
+    rk_cloexec_file(f);
 
     while (fgets(buf, sizeof(buf), f) != NULL) {
 	char *d, *u, *p;
@@ -74,7 +73,7 @@ from_file(const char *fn, const char *target_domain,
 }
 
 static int
-get_user_file(const ntlm_name target_name, 
+get_user_file(const ntlm_name target_name,
 	      char **username, struct ntlm_buf *key)
 {
     const char *fn;
@@ -98,19 +97,18 @@ get_user_file(const ntlm_name target_name,
 static int
 get_user_ccache(const ntlm_name name, char **username, struct ntlm_buf *key)
 {
-    krb5_principal client;
     krb5_context context = NULL;
-    krb5_error_code ret;
+    krb5_principal client;
     krb5_ccache id = NULL;
-    krb5_creds mcreds, creds;
+    krb5_error_code ret;
+    char *confname;
+    krb5_data data;
 
     *username = NULL;
+    krb5_data_zero(&data);
     key->length = 0;
     key->data = NULL;
 
-    memset(&creds, 0, sizeof(creds));
-    memset(&mcreds, 0, sizeof(mcreds));
-
     ret = krb5_init_context(&context);
     if (ret)
 	return ret;
@@ -126,47 +124,36 @@ get_user_ccache(const ntlm_name name, char **username, struct ntlm_buf *key)
     ret = krb5_unparse_name_flags(context, client,
 				  KRB5_PRINCIPAL_UNPARSE_NO_REALM,
 				  username);
-    if (ret)
-	goto out;
-
-    ret = krb5_make_principal(context, &mcreds.server,
-			      krb5_principal_get_realm(context, client),
-			      "@ntlm-key", name->domain, NULL);
     krb5_free_principal(context, client);
     if (ret)
 	goto out;
 
-    mcreds.session.keytype = ENCTYPE_ARCFOUR_HMAC_MD5;
-    ret = krb5_cc_retrieve_cred(context, id, KRB5_TC_MATCH_KEYTYPE, 
-				&mcreds, &creds);
-    if (ret) {
-	char *s = krb5_get_error_message(context, ret);
-	krb5_free_error_string(context, s);
+    asprintf(&confname, "ntlm-key-%s", name->domain);
+    if (confname == NULL) {
+	krb5_clear_error_message(context);
+	ret = ENOMEM;
 	goto out;
     }
 
-    key->data = malloc(creds.session.keyvalue.length);
-    if (key->data == NULL)
+    ret = krb5_cc_get_config(context, id, NULL,
+			     confname, &data);
+    if (ret)
 	goto out;
-    key->length = creds.session.keyvalue.length;
-    memcpy(key->data, creds.session.keyvalue.data, key->length);
-
-    krb5_free_cred_contents(context, &creds);
 
-    return 0;
-
-out:
-    if (*username) {
-	free(*username);
-	*username = NULL;
+    key->data = malloc(data.length);
+    if (key->data == NULL) {
+	ret = ENOMEM;
+	goto out;
     }
-    krb5_free_cred_contents(context, &creds);
-    if (mcreds.server)
-	krb5_free_principal(context, mcreds.server);
+    key->length = data.length;
+    memcpy(key->data, data.data, data.length);
+
+ out:
+    krb5_data_free(&data);
     if (id)
 	krb5_cc_close(context, id);
-    if (context)
-	krb5_free_context(context);
+
+    krb5_free_context(context);
 
     return ret;
 }
@@ -177,11 +164,11 @@ _gss_ntlm_get_user_cred(const ntlm_name target_name,
 {
     ntlm_cred cred;
     int ret;
- 
+
     cred = calloc(1, sizeof(*cred));
     if (cred == NULL)
 	return ENOMEM;
-    
+
     ret = get_user_file(target_name, &cred->username, &cred->key);
     if (ret)
 	ret = get_user_ccache(target_name, &cred->username, &cred->key);
@@ -189,7 +176,7 @@ _gss_ntlm_get_user_cred(const ntlm_name target_name,
 	free(cred);
 	return ret;
     }
-    
+
     cred->domain = strdup(target_name->domain);
     *rcred = cred;
 
@@ -199,7 +186,7 @@ _gss_ntlm_get_user_cred(const ntlm_name target_name,
 static int
 _gss_copy_cred(ntlm_cred from, ntlm_cred *to)
 {
-    *to = calloc(1, sizeof(*to));
+    *to = calloc(1, sizeof(**to));
     if (*to == NULL)
 	return ENOMEM;
     (*to)->username = strdup(from->username);
@@ -226,7 +213,7 @@ _gss_copy_cred(ntlm_cred from, ntlm_cred *to)
     return 0;
 }
 
-OM_uint32
+OM_uint32 GSSAPI_CALLCONV
 _gss_ntlm_init_sec_context
            (OM_uint32 * minor_status,
             const gss_cred_id_t initiator_cred_handle,
@@ -260,7 +247,7 @@ _gss_ntlm_init_sec_context
 	struct ntlm_buf data;
 	uint32_t flags = 0;
 	int ret;
-	
+
 	ctx = calloc(1, sizeof(*ctx));
 	if (ctx == NULL) {
 	    *minor_status = EINVAL;
@@ -293,23 +280,23 @@ _gss_ntlm_init_sec_context
 	flags |= NTLM_NEG_KEYEX;
 
 	memset(&type1, 0, sizeof(type1));
-	
+
 	type1.flags = flags;
 	type1.domain = name->domain;
 	type1.hostname = NULL;
 	type1.os[0] = 0;
 	type1.os[1] = 0;
-	
+
 	ret = heim_ntlm_encode_type1(&type1, &data);
 	if (ret) {
 	    _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL);
 	    *minor_status = ret;
 	    return GSS_S_FAILURE;
 	}
-	
+
 	output_token->value = data.data;
 	output_token->length = data.length;
-	
+
 	return GSS_S_CONTINUE_NEEDED;
     } else {
 	krb5_error_code ret;
@@ -331,7 +318,7 @@ _gss_ntlm_init_sec_context
 
 	ctx->flags = type2.flags;
 
-	/* XXX check that type2.targetinfo matches `target_name´ */
+	/* XXX check that type2.targetinfo matches `target_name´ */
 	/* XXX check verify targetinfo buffer */
 
 	memset(&type3, 0, sizeof(type3));
@@ -352,21 +339,21 @@ _gss_ntlm_init_sec_context
 		unsigned char nonce[8];
 
 		if (RAND_bytes(nonce, sizeof(nonce)) != 1) {
-		    _gss_ntlm_delete_sec_context(minor_status, 
+		    _gss_ntlm_delete_sec_context(minor_status,
 						 context_handle, NULL);
 		    *minor_status = EINVAL;
 		    return GSS_S_FAILURE;
 		}
 
 		ret = heim_ntlm_calculate_ntlm2_sess(nonce,
-						     type2.challange,
+						     type2.challenge,
 						     ctx->client->key.data,
 						     &type3.lm,
 						     &type3.ntlm);
 	    } else {
-		ret = heim_ntlm_calculate_ntlm1(ctx->client->key.data, 
+		ret = heim_ntlm_calculate_ntlm1(ctx->client->key.data,
 						ctx->client->key.length,
-						type2.challange,
+						type2.challenge,
 						&type3.ntlm);
 
 	    }
@@ -376,7 +363,7 @@ _gss_ntlm_init_sec_context
 		return GSS_S_FAILURE;
 	    }
 
-	    ret = heim_ntlm_build_ntlm1_master(ctx->client->key.data, 
+	    ret = heim_ntlm_build_ntlm1_master(ctx->client->key.data,
 					       ctx->client->key.length,
 					       &sessionkey,
 					       &type3.sessionkey);
@@ -390,7 +377,7 @@ _gss_ntlm_init_sec_context
 		return GSS_S_FAILURE;
 	    }
 
-	    ret = krb5_data_copy(&ctx->sessionkey, 
+	    ret = krb5_data_copy(&ctx->sessionkey,
 				 sessionkey.data, sessionkey.length);
 	    free(sessionkey.data);
 	    if (ret) {
@@ -402,7 +389,7 @@ _gss_ntlm_init_sec_context
 		*minor_status = ret;
 		return GSS_S_FAILURE;
 	    }
-	    ctx->status |= STATUS_SESSIONKEY; 
+	    ctx->status |= STATUS_SESSIONKEY;
 
 	} else {
 	    struct ntlm_buf sessionkey;
@@ -410,17 +397,17 @@ _gss_ntlm_init_sec_context
 	    struct ntlm_targetinfo ti;
 
 	    /* verify infotarget */
-	    
+
 	    ret = heim_ntlm_decode_targetinfo(&type2.targetinfo, 1, &ti);
 	    if(ret) {
-		_gss_ntlm_delete_sec_context(minor_status, 
+		_gss_ntlm_delete_sec_context(minor_status,
 					     context_handle, NULL);
 		*minor_status = ret;
 		return GSS_S_FAILURE;
 	    }
 
 	    if (ti.domainname && strcmp(ti.domainname, name->domain) != 0) {
-		_gss_ntlm_delete_sec_context(minor_status, 
+		_gss_ntlm_delete_sec_context(minor_status,
 					     context_handle, NULL);
 		*minor_status = EINVAL;
 		return GSS_S_FAILURE;
@@ -430,12 +417,12 @@ _gss_ntlm_init_sec_context
 					    ctx->client->key.length,
 					    ctx->client->username,
 					    name->domain,
-					    type2.challange,
+					    type2.challenge,
 					    &type2.targetinfo,
 					    ntlmv2,
 					    &type3.ntlm);
 	    if (ret) {
-		_gss_ntlm_delete_sec_context(minor_status, 
+		_gss_ntlm_delete_sec_context(minor_status,
 					     context_handle, NULL);
 		*minor_status = ret;
 		return GSS_S_FAILURE;
@@ -446,21 +433,27 @@ _gss_ntlm_init_sec_context
 					       &type3.sessionkey);
 	    memset(ntlmv2, 0, sizeof(ntlmv2));
 	    if (ret) {
-		_gss_ntlm_delete_sec_context(minor_status, 
+		_gss_ntlm_delete_sec_context(minor_status,
 					     context_handle, NULL);
 		*minor_status = ret;
 		return GSS_S_FAILURE;
 	    }
-	    
+
 	    ctx->flags |= NTLM_NEG_NTLM2_SESSION;
 
-	    ret = krb5_data_copy(&ctx->sessionkey, 
+	    ret = krb5_data_copy(&ctx->sessionkey,
 				 sessionkey.data, sessionkey.length);
 	    free(sessionkey.data);
+	    if (ret) {
+		_gss_ntlm_delete_sec_context(minor_status,
+					     context_handle, NULL);
+		*minor_status = ret;
+		return GSS_S_FAILURE;
+	    }
 	}
 
 	if (ctx->flags & NTLM_NEG_NTLM2_SESSION) {
-	    ctx->status |= STATUS_SESSIONKEY; 
+	    ctx->status |= STATUS_SESSIONKEY;
 	    _gss_ntlm_set_key(&ctx->u.v2.send, 0, (ctx->flags & NTLM_NEG_KEYEX),
 			      ctx->sessionkey.data,
 			      ctx->sessionkey.length);
@@ -468,15 +461,15 @@ _gss_ntlm_init_sec_context
 			      ctx->sessionkey.data,
 			      ctx->sessionkey.length);
 	} else {
-	    ctx->status |= STATUS_SESSIONKEY; 
-	    RC4_set_key(&ctx->u.v1.crypto_recv.key, 
+	    ctx->status |= STATUS_SESSIONKEY;
+	    RC4_set_key(&ctx->u.v1.crypto_recv.key,
 			ctx->sessionkey.length,
 			ctx->sessionkey.data);
-	    RC4_set_key(&ctx->u.v1.crypto_send.key, 
+	    RC4_set_key(&ctx->u.v1.crypto_send.key,
 			ctx->sessionkey.length,
 			ctx->sessionkey.data);
 	}
-	
+
 
 
 	ret = heim_ntlm_encode_type3(&type3, &data);