git.samba.org / samba.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
s4:heimdal: import lorikeet-heimdal-202201172009 (commit 5a0b45cd723628b3690ea848548b...
[samba.git] / source4 / heimdal / lib / krb5 / fast.c
1 /*
2  * Copyright (c) 2011 Kungliga Tekniska Högskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33
34 #include "krb5_locl.h"
35 #ifndef WIN32
36 #include <heim-ipc.h>
37 #endif
38
39 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
40 _krb5_fast_cf2(krb5_context context,
41                krb5_keyblock *key1,
42                const char *pepper1,
43                krb5_keyblock *key2,
44                const char *pepper2,
45                krb5_keyblock *armorkey,
46                krb5_crypto *armor_crypto)
47 {
48     krb5_crypto crypto1, crypto2;
49     krb5_data pa1, pa2;
50     krb5_error_code ret;
51
52     ret = krb5_crypto_init(context, key1, 0, &crypto1);
53     if (ret)
54         return ret;
55
56     ret = krb5_crypto_init(context, key2, 0, &crypto2);
57     if (ret) {
58         krb5_crypto_destroy(context, crypto1);
59         return ret;
60     }
61
62     pa1.data = rk_UNCONST(pepper1);
63     pa1.length = strlen(pepper1);
64     pa2.data = rk_UNCONST(pepper2);
65     pa2.length = strlen(pepper2);
66
67     ret = krb5_crypto_fx_cf2(context, crypto1, crypto2, &pa1, &pa2,
68                              key1->keytype, armorkey);
69     krb5_crypto_destroy(context, crypto1);
70     krb5_crypto_destroy(context, crypto2);
71     if (ret)
72         return ret;
73
74     if (armor_crypto) {
75         ret = krb5_crypto_init(context, armorkey, 0, armor_crypto);
76         if (ret)
77             krb5_free_keyblock_contents(context, armorkey);
78     }
79
80     return ret;
81 }
82
83 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
84 _krb5_fast_armor_key(krb5_context context,
85                      krb5_keyblock *subkey,
86                      krb5_keyblock *sessionkey,
87                      krb5_keyblock *armorkey,
88                      krb5_crypto *armor_crypto)
89 {
90     return _krb5_fast_cf2(context,
91                           subkey,
92                           "subkeyarmor",
93                           sessionkey,
94                           "ticketarmor",
95                           armorkey,
96                           armor_crypto);
97 }
98
99 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
100 _krb5_fast_explicit_armor_key(krb5_context context,
101                               krb5_keyblock *armorkey,
102                               krb5_keyblock *subkey,
103                               krb5_keyblock *explicit_armorkey,
104                               krb5_crypto *explicit_armor_crypto)
105 {
106     return _krb5_fast_cf2(context,
107                           armorkey,
108                           "explicitarmor",
109                           subkey,
110                           "tgsarmor",
111                           explicit_armorkey,
112                           explicit_armor_crypto);
113 }
114
115 static krb5_error_code
116 check_fast(krb5_context context, struct krb5_fast_state *state)
117 {
118     if (state && (state->flags & KRB5_FAST_EXPECTED)) {
119         krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED,
120                                "Expected FAST, but no FAST "
121                                "was in the response from the KDC");
122         return KRB5KRB_AP_ERR_MODIFIED;
123     }
124     return 0;
125 }
126
127 static krb5_error_code
128 make_local_fast_ap_fxarmor(krb5_context context,
129                            krb5_ccache armor_ccache,
130                            krb5_const_realm realm,
131                            krb5_data *armor_value,
132                            krb5_keyblock *armor_key,
133                            krb5_crypto *armor_crypto)
134 {
135     krb5_auth_context auth_context = NULL;
136     krb5_creds cred, *credp = NULL;
137     krb5_error_code ret;
138     krb5_data empty;
139     krb5_const_realm tgs_realm;
140
141     krb5_data_zero(&empty);
142     memset(&cred, 0, sizeof(cred));
143
144     ret = krb5_auth_con_init (context, &auth_context);
145     if (ret)
146         goto out;
147
148     ret = krb5_cc_get_principal(context, armor_ccache, &cred.client);
149     if (ret)
150         goto out;
151
152     /*
153      * Make sure we don't ask for a krbtgt/WELLKNOWN:ANONYMOUS
154      */
155     if (krb5_principal_is_anonymous(context, cred.client,
156                                     KRB5_ANON_MATCH_UNAUTHENTICATED))
157         tgs_realm = realm;
158     else
159         tgs_realm = cred.client->realm;
160
161     ret = krb5_make_principal(context, &cred.server,
162                               tgs_realm,
163                               KRB5_TGS_NAME,
164                               tgs_realm,
165                               NULL);
166     if (ret)
167         goto out;
168
169     ret = krb5_get_credentials(context, 0, armor_ccache, &cred, &credp);
170     if (ret)
171         goto out;
172
173     ret = krb5_auth_con_add_AuthorizationData(context, auth_context,
174                                               KRB5_AUTHDATA_FX_FAST_ARMOR,
175                                               &empty);
176     if (ret)
177         goto out;
178
179     ret = krb5_mk_req_extended(context,
180                                &auth_context,
181                                AP_OPTS_USE_SUBKEY,
182                                NULL,
183                                credp,
184                                armor_value);
185     if (ret)
186         goto out;
187
188     ret = _krb5_fast_armor_key(context,
189                                auth_context->local_subkey,
190                                auth_context->keyblock,
191                                armor_key,
192                                armor_crypto);
193     if (ret)
194         goto out;
195
196  out:
197     if (auth_context)
198         krb5_auth_con_free(context, auth_context);
199     if (credp)
200         krb5_free_creds(context, credp);
201     krb5_free_principal(context, cred.server);
202     krb5_free_principal(context, cred.client);
203
204     return ret;
205 }
206
207 #ifndef WIN32
208 static heim_base_once_t armor_service_once = HEIM_BASE_ONCE_INIT;
209 static heim_ipc armor_service = NULL;
210
211 static void
212 fast_armor_init_ipc(void *ctx)
213 {
214     heim_ipc *ipc = ctx;
215     heim_ipc_init_context("ANY:org.h5l.armor-service", ipc);
216 }
217 #endif
218
219 static krb5_error_code
220 make_fast_ap_fxarmor(krb5_context context,
221                      struct krb5_fast_state *state,
222                      krb5_const_realm realm,
223                      KrbFastArmor **armor)
224 {
225     KrbFastArmor *fxarmor = NULL;
226     krb5_error_code ret;
227
228     ALLOC(fxarmor, 1);
229     if (fxarmor == NULL) {
230         ret = ENOMEM;
231         goto out;
232     }
233
234     if (state->flags & KRB5_FAST_AP_ARMOR_SERVICE) {
235 #ifdef WIN32
236         krb5_set_error_message(context, ENOTSUP, "Fast armor IPC service not supportted yet on Windows");
237         ret = ENOTSUP;
238         goto out;
239 #else
240         KERB_ARMOR_SERVICE_REPLY msg;
241         krb5_data request, reply;
242
243         heim_base_once_f(&armor_service_once, &armor_service, fast_armor_init_ipc);
244         if (armor_service == NULL) {
245             krb5_set_error_message(context, ENOENT, "Failed to open fast armor service");
246             ret = ENOENT;
247             goto out;
248         }
249
250         krb5_data_zero(&reply);
251
252         request.data = rk_UNCONST(realm);
253         request.length = strlen(realm);
254
255         ret = heim_ipc_call(armor_service, &request, &reply, NULL);
256         if (ret) {
257             krb5_set_error_message(context, ret, "Failed to get armor service credential");
258             goto out;
259         }
260
261         ret = decode_KERB_ARMOR_SERVICE_REPLY(reply.data, reply.length, &msg, NULL);
262         krb5_data_free(&reply);
263         if (ret)
264             goto out;
265
266         ret = copy_KrbFastArmor(fxarmor, &msg.armor);
267         if (ret) {
268             free_KERB_ARMOR_SERVICE_REPLY(&msg);
269             goto out;
270         }
271
272         ret = krb5_copy_keyblock_contents(context, &msg.armor_key, &state->armor_key);
273         free_KERB_ARMOR_SERVICE_REPLY(&msg);
274         if (ret)
275             goto out;
276
277         ret = krb5_crypto_init(context, &state->armor_key, 0, &state->armor_crypto);
278         if (ret)
279             goto out;
280 #endif /* WIN32 */
281     } else {
282         fxarmor->armor_type = 1;
283
284         ret = make_local_fast_ap_fxarmor(context,
285                                          state->armor_ccache,
286                                          realm,
287                                          &fxarmor->armor_value,
288                                          &state->armor_key,
289                                          &state->armor_crypto);
290         if (ret)
291             goto out;
292     }
293
294
295     *armor = fxarmor;
296     fxarmor = NULL;
297
298  out:
299     if (fxarmor) {
300         free_KrbFastArmor(fxarmor);
301         free(fxarmor);
302     }
303     return ret;
304 }
305
306 static krb5_error_code
307 unwrap_fast_rep(krb5_context context,
308                 struct krb5_fast_state *state,
309                 PA_DATA *pa,
310                 KrbFastResponse *fastrep)
311 {
312     PA_FX_FAST_REPLY fxfastrep;
313     krb5_error_code ret;
314
315     memset(&fxfastrep, 0, sizeof(fxfastrep));
316
317     ret = decode_PA_FX_FAST_REPLY(pa->padata_value.data,
318                                   pa->padata_value.length,
319                                   &fxfastrep, NULL);
320     if (ret)
321         return ret;
322
323     if (fxfastrep.element == choice_PA_FX_FAST_REPLY_armored_data) {
324         krb5_data data;
325
326         ret = krb5_decrypt_EncryptedData(context,
327                                          state->armor_crypto,
328                                          KRB5_KU_FAST_REP,
329                                          &fxfastrep.u.armored_data.enc_fast_rep,
330                                          &data);
331         if (ret)
332             goto out;
333
334         ret = decode_KrbFastResponse(data.data, data.length, fastrep, NULL);
335         krb5_data_free(&data);
336         if (ret)
337             goto out;
338
339     } else {
340         ret = KRB5KDC_ERR_PREAUTH_FAILED;
341         goto out;
342     }
343
344  out:
345     free_PA_FX_FAST_REPLY(&fxfastrep);
346
347     return ret;
348 }
349
350 static krb5_error_code
351 set_anon_principal(krb5_context context, PrincipalName **p)
352 {
353
354     ALLOC((*p), 1);
355     if (*p == NULL)
356         goto fail;
357
358     (*p)->name_type = KRB5_NT_PRINCIPAL;
359
360     ALLOC_SEQ(&(*p)->name_string, 2);
361     if ((*p)->name_string.val == NULL)
362         goto fail;
363
364     (*p)->name_string.val[0] = strdup(KRB5_WELLKNOWN_NAME);
365     if ((*p)->name_string.val[0] == NULL)
366         goto fail;
367
368     (*p)->name_string.val[1] = strdup(KRB5_ANON_NAME);
369     if ((*p)->name_string.val[1] == NULL)
370         goto fail;
371
372     return 0;
373  fail:
374     if (*p) {
375         if ((*p)->name_string.val) {
376             free((*p)->name_string.val[0]);
377             free((*p)->name_string.val[1]);
378             free((*p)->name_string.val);
379         }
380         free(*p);
381     }
382
383     return krb5_enomem(context);
384 }
385
386 krb5_error_code
387 _krb5_fast_create_armor(krb5_context context,
388                         struct krb5_fast_state *state,
389                         const char *realm)
390 {
391     krb5_error_code ret;
392
393     if (state->armor_crypto == NULL) {
394         if (state->armor_ccache || state->armor_ac || (state->flags & KRB5_FAST_AP_ARMOR_SERVICE)) {
395             /*
396              * Instead of keeping state in FX_COOKIE in the KDC, we
397              * rebuild a new armor key for every request, because this
398              * is what the MIT KDC expect and RFC6113 is vage about
399              * what the behavior should be.
400              */
401             state->type = choice_PA_FX_FAST_REQUEST_armored_data;
402         } else {
403             return check_fast(context, state);
404         }
405     }
406
407     if (state->type == choice_PA_FX_FAST_REQUEST_armored_data) {
408         if (state->armor_crypto)
409             krb5_crypto_destroy(context, state->armor_crypto);
410         krb5_free_keyblock_contents(context, &state->armor_key);
411
412         /*
413          * If we have a armor auth context, its because the caller
414          * wants us to do an implicit FAST armor (TGS-REQ).
415          */
416         if (state->armor_ac) {
417             heim_assert((state->flags & KRB5_FAST_AS_REQ) == 0, "FAST AS with AC");
418
419             ret = _krb5_fast_armor_key(context,
420                                        state->armor_ac->local_subkey,
421                                        state->armor_ac->keyblock,
422                                        &state->armor_key,
423                                        &state->armor_crypto);
424             if (ret)
425                 goto out;
426         } else {
427             heim_assert((state->flags & KRB5_FAST_AS_REQ) != 0, "FAST TGS without AC");
428
429             if (state->armor_data) {
430                 free_KrbFastArmor(state->armor_data);
431                 free(state->armor_data);
432             }
433             ret = make_fast_ap_fxarmor(context, state, realm,
434                                        &state->armor_data);
435             if (ret)
436                 goto out;
437         }
438     } else {
439         heim_abort("unknown state type: %d", (int)state->type);
440     }
441  out:
442     return ret;
443 }
444
445
446 krb5_error_code
447 _krb5_fast_wrap_req(krb5_context context,
448                     struct krb5_fast_state *state,
449                     krb5_data *checksum_data,
450                     KDC_REQ *req)
451 {
452     PA_FX_FAST_REQUEST fxreq;
453     krb5_error_code ret;
454     KrbFastReq fastreq;
455     krb5_data data, aschecksum_data;
456     size_t size = 0;
457
458     if (state->flags & KRB5_FAST_DISABLED) {
459         _krb5_debug(context, 10, "fast disabled, not doing any fast wrapping");
460         return 0;
461     }
462
463     memset(&fxreq, 0, sizeof(fxreq));
464     memset(&fastreq, 0, sizeof(fastreq));
465     krb5_data_zero(&data);
466     krb5_data_zero(&aschecksum_data);
467
468     if (state->armor_crypto == NULL)
469         return check_fast(context, state);
470
471     state->flags |= KRB5_FAST_EXPECTED;
472
473     fastreq.fast_options.hide_client_names = 1;
474
475     ret = copy_KDC_REQ_BODY(&req->req_body, &fastreq.req_body);
476     if (ret)
477         goto out;
478
479     /*
480      * In the case of a AS-REQ, remove all account names. Want to this
481      * for TGS-REQ too, but due to layering this is tricky.
482      *
483      * 1. TGS-REQ need checksum of REQ-BODY
484      * 2. FAST needs checksum of TGS-REQ, so, FAST needs to happen after TGS-REQ
485      * 3. FAST privacy mangaling needs to happen before TGS-REQ does the checksum in 1.
486      *
487      * So lets not modify the bits for now for TGS-REQ
488      */
489     if (state->flags & KRB5_FAST_AS_REQ) {
490         free_KDC_REQ_BODY(&req->req_body);
491
492         req->req_body.realm = strdup(KRB5_ANON_REALM);
493         if (req->req_body.realm == NULL) {
494             ret = krb5_enomem(context);
495             goto out;
496         }
497
498         ret = set_anon_principal(context, &req->req_body.cname);
499         if (ret)
500             goto out;
501
502         ALLOC(req->req_body.till, 1);
503         *req->req_body.till = 0;
504
505         heim_assert(checksum_data == NULL, "checksum data not NULL");
506
507         ASN1_MALLOC_ENCODE(KDC_REQ_BODY,
508                            aschecksum_data.data,
509                            aschecksum_data.length,
510                            &req->req_body,
511                            &size, ret);
512         if (ret)
513             goto out;
514         heim_assert(aschecksum_data.length == size, "ASN.1 internal error");
515
516         checksum_data = &aschecksum_data;
517     }
518
519     if (req->padata) {
520         ret = copy_METHOD_DATA(req->padata, &fastreq.padata);
521         free_METHOD_DATA(req->padata);
522         if (ret)
523             goto out;
524     } else {
525         ALLOC(req->padata, 1);
526         if (req->padata == NULL) {
527             ret = krb5_enomem(context);
528             goto out;
529         }
530     }
531
532     ASN1_MALLOC_ENCODE(KrbFastReq, data.data, data.length, &fastreq, &size, ret);
533     if (ret)
534         goto out;
535     heim_assert(data.length == size, "ASN.1 internal error");
536
537     fxreq.element = state->type;
538
539     if (state->type == choice_PA_FX_FAST_REQUEST_armored_data) {
540         fxreq.u.armored_data.armor = state->armor_data;
541         state->armor_data = NULL;
542         if (ret)
543             goto out;
544
545         heim_assert(state->armor_crypto != NULL,
546                     "FAST armor key missing when FAST started");
547
548         ret = krb5_create_checksum(context, state->armor_crypto,
549                                    KRB5_KU_FAST_REQ_CHKSUM, 0,
550                                    checksum_data->data,
551                                    checksum_data->length,
552                                    &fxreq.u.armored_data.req_checksum);
553         if (ret)
554             goto out;
555
556         ret = krb5_encrypt_EncryptedData(context, state->armor_crypto,
557                                          KRB5_KU_FAST_ENC,
558                                          data.data,
559                                          data.length,
560                                          0,
561                                          &fxreq.u.armored_data.enc_fast_req);
562         krb5_data_free(&data);
563         if (ret)
564             goto out;
565
566     } else {
567         krb5_data_free(&data);
568         heim_assert(false, "unknown FAST type, internal error");
569     }
570
571     ASN1_MALLOC_ENCODE(PA_FX_FAST_REQUEST, data.data, data.length, &fxreq, &size, ret);
572     if (ret)
573         goto out;
574     heim_assert(data.length == size, "ASN.1 internal error");
575
576
577     ret = krb5_padata_add(context, req->padata, KRB5_PADATA_FX_FAST, data.data, data.length);
578     if (ret)
579         goto out;
580     krb5_data_zero(&data);
581
582  out:
583     free_KrbFastReq(&fastreq);
584     free_PA_FX_FAST_REQUEST(&fxreq);
585     krb5_data_free(&data);
586     krb5_data_free(&aschecksum_data);
587
588     return ret;
589 }
590
591 krb5_error_code
592 _krb5_fast_unwrap_error(krb5_context context,
593                         int32_t nonce,
594                         struct krb5_fast_state *state,
595                         METHOD_DATA *md,
596                         KRB_ERROR *error)
597 {
598     KrbFastResponse fastrep;
599     krb5_error_code ret;
600     PA_DATA *pa;
601     int idx;
602
603     if (state->armor_crypto == NULL)
604         return check_fast(context, state);
605
606     memset(&fastrep, 0, sizeof(fastrep));
607
608     idx = 0;
609     pa = krb5_find_padata(md->val, md->len, KRB5_PADATA_FX_FAST, &idx);
610     if (pa == NULL) {
611         ret = KRB5_KDCREP_MODIFIED;
612         krb5_set_error_message(context, ret,
613                                N_("FAST fast response is missing FX-FAST", ""));
614         goto out;
615     }
616
617     ret = unwrap_fast_rep(context, state, pa, &fastrep);
618     if (ret)
619         goto out;
620
621     if (fastrep.strengthen_key || nonce != (int32_t)fastrep.nonce) {
622         ret = KRB5KDC_ERR_PREAUTH_FAILED;
623         goto out;
624     }
625
626     idx = 0;
627     pa = krb5_find_padata(fastrep.padata.val, fastrep.padata.len, KRB5_PADATA_FX_ERROR, &idx);
628     if (pa == NULL) {
629         ret = KRB5_KDCREP_MODIFIED;
630         krb5_set_error_message(context, ret, N_("No wrapped error", ""));
631         goto out;
632     }
633
634     free_KRB_ERROR(error);
635
636     ret = krb5_rd_error(context, &pa->padata_value, error);
637     if (ret)
638         goto out;
639
640     if (error->e_data)
641         _krb5_debug(context, 10, "FAST wrapped KBB_ERROR contained e_data: %d",
642                      (int)error->e_data->length);
643
644     free_METHOD_DATA(md);
645     md->val = fastrep.padata.val;
646     md->len = fastrep.padata.len;
647
648     fastrep.padata.val = NULL;
649     fastrep.padata.len = 0;
650
651  out:
652     free_KrbFastResponse(&fastrep);
653     return ret;
654 }
655
656 krb5_error_code
657 _krb5_fast_unwrap_kdc_rep(krb5_context context, int32_t nonce,
658                           krb5_data *chksumdata,
659                           struct krb5_fast_state *state, AS_REP *rep)
660 {
661     KrbFastResponse fastrep;
662     krb5_error_code ret;
663     PA_DATA *pa = NULL;
664     int idx = 0;
665
666     if (state == NULL || state->armor_crypto == NULL || rep->padata == NULL)
667         return check_fast(context, state);
668
669     /* find PA_FX_FAST_REPLY */
670
671     pa = krb5_find_padata(rep->padata->val, rep->padata->len,
672                           KRB5_PADATA_FX_FAST, &idx);
673     if (pa == NULL)
674         return check_fast(context, state);
675
676     memset(&fastrep, 0, sizeof(fastrep));
677
678     ret = unwrap_fast_rep(context, state, pa, &fastrep);
679     if (ret)
680         goto out;
681
682     free_METHOD_DATA(rep->padata);
683     ret = copy_METHOD_DATA(&fastrep.padata, rep->padata);
684     if (ret)
685         goto out;
686
687     if (fastrep.strengthen_key) {
688         if (state->strengthen_key)
689             krb5_free_keyblock(context, state->strengthen_key);
690
691         ret = krb5_copy_keyblock(context, fastrep.strengthen_key, &state->strengthen_key);
692         if (ret)
693             goto out;
694     }
695
696     if (nonce != (int32_t)fastrep.nonce) {
697         ret = KRB5KDC_ERR_PREAUTH_FAILED;
698         goto out;
699     }
700     if (fastrep.finished) {
701         PrincipalName cname;
702         krb5_realm crealm = NULL;
703
704         if (chksumdata == NULL) {
705             ret = KRB5KDC_ERR_PREAUTH_FAILED;
706             goto out;
707         }
708
709         ret = krb5_verify_checksum(context, state->armor_crypto,
710                                    KRB5_KU_FAST_FINISHED,
711                                    chksumdata->data, chksumdata->length,
712                                    &fastrep.finished->ticket_checksum);
713         if (ret)
714             goto out;
715
716         /* update */
717         ret = copy_Realm(&fastrep.finished->crealm, &crealm);
718         if (ret)
719             goto out;
720         free_Realm(&rep->crealm);
721         rep->crealm = crealm;
722
723         ret = copy_PrincipalName(&fastrep.finished->cname, &cname);
724         if (ret)
725             goto out;
726         free_PrincipalName(&rep->cname);
727         rep->cname = cname;
728     } else if (chksumdata) {
729         /* expected fastrep.finish but didn't get it */
730         ret = KRB5KDC_ERR_PREAUTH_FAILED;
731     }
732
733  out:
734     free_KrbFastResponse(&fastrep);
735     return ret;
736 }
737
738 void
739 _krb5_fast_free(krb5_context context, struct krb5_fast_state *state)
740 {
741     if (state->armor_ccache) {
742         if (state->flags & KRB5_FAST_ANON_PKINIT_ARMOR)
743             krb5_cc_destroy(context, state->armor_ccache);
744         else
745             krb5_cc_close(context, state->armor_ccache);
746     }
747     if (state->armor_service)
748         krb5_free_principal(context, state->armor_service);
749     if (state->armor_crypto)
750         krb5_crypto_destroy(context, state->armor_crypto);
751     if (state->strengthen_key)
752         krb5_free_keyblock(context, state->strengthen_key);
753     krb5_free_keyblock_contents(context, &state->armor_key);
754     if (state->armor_data) {
755         free_KrbFastArmor(state->armor_data);
756         free(state->armor_data);
757     }
758
759     if (state->anon_pkinit_ctx)
760         krb5_init_creds_free(context, state->anon_pkinit_ctx);
761     if (state->anon_pkinit_opt)
762         krb5_get_init_creds_opt_free(context, state->anon_pkinit_opt);
763
764     memset(state, 0, sizeof(*state));
765 }
766
767 krb5_error_code
768 _krb5_fast_anon_pkinit_step(krb5_context context,
769                             krb5_init_creds_context ctx,
770                             struct krb5_fast_state *state,
771                             krb5_data *in,
772                             krb5_data *out,
773                             krb5_krbhst_info *hostinfo,
774                             unsigned int *flags)
775 {
776     krb5_error_code ret;
777     krb5_const_realm realm = _krb5_init_creds_get_cred_client(context, ctx)->realm;
778     krb5_init_creds_context anon_pk_ctx;
779     krb5_principal principal = NULL, anon_pk_client;
780     krb5_ccache ccache = NULL;
781     krb5_creds cred;
782     krb5_data data = { 3, rk_UNCONST("yes") };
783
784     memset(&cred, 0, sizeof(cred));
785
786     if (state->anon_pkinit_opt == NULL) {
787         ret = krb5_get_init_creds_opt_alloc(context, &state->anon_pkinit_opt);
788         if (ret)
789             goto out;
790
791         krb5_get_init_creds_opt_set_tkt_life(state->anon_pkinit_opt, 60);
792         krb5_get_init_creds_opt_set_anonymous(state->anon_pkinit_opt, TRUE);
793
794         ret = krb5_make_principal(context, &principal, realm,
795                                   KRB5_WELLKNOWN_NAME, KRB5_ANON_NAME, NULL);
796         if (ret)
797             return ret;
798
799         ret = krb5_get_init_creds_opt_set_pkinit(context,
800                                                  state->anon_pkinit_opt,
801                                                  principal,
802                                                  NULL, NULL, NULL, NULL,
803                                                  KRB5_GIC_OPT_PKINIT_ANONYMOUS |
804                                                  KRB5_GIC_OPT_PKINIT_NO_KDC_ANCHOR,
805                                                  NULL, NULL, NULL);
806         if (ret)
807             goto out;
808
809         ret = krb5_init_creds_init(context, principal, NULL, NULL,
810                                    _krb5_init_creds_get_cred_starttime(context, ctx),
811                                    state->anon_pkinit_opt,
812                                    &state->anon_pkinit_ctx);
813         if (ret)
814             goto out;
815     }
816
817     anon_pk_ctx = state->anon_pkinit_ctx;
818
819     ret = krb5_init_creds_step(context, anon_pk_ctx, in, out, hostinfo, flags);
820     if (ret ||
821         (*flags & KRB5_INIT_CREDS_STEP_FLAG_CONTINUE))
822         goto out;
823
824     ret = krb5_process_last_request(context, state->anon_pkinit_opt, anon_pk_ctx);
825     if (ret)
826         goto out;
827
828     ret = krb5_cc_new_unique(context, "MEMORY", NULL, &ccache);
829     if (ret)
830         goto out;
831
832     ret = krb5_init_creds_get_creds(context, anon_pk_ctx, &cred);
833     if (ret)
834         goto out;
835
836     if (!cred.flags.b.enc_pa_rep) {
837         ret = KRB5KDC_ERR_BADOPTION; /* KDC does not support FAST */
838         goto out;
839     }
840
841     anon_pk_client = _krb5_init_creds_get_cred_client(context, anon_pk_ctx);
842
843     ret = krb5_cc_initialize(context, ccache, anon_pk_client);
844     if (ret)
845         goto out;
846
847     ret = krb5_cc_store_cred(context, ccache, &cred);
848     if (ret)
849         goto out;
850
851     ret = krb5_cc_set_config(context, ccache, cred.server,
852                              "fast_avail", &data);
853     if (ret)
854         return ret;
855
856     if (_krb5_pk_is_kdc_verified(context, state->anon_pkinit_opt))
857         state->flags |= KRB5_FAST_KDC_VERIFIED;
858     else
859         state->flags &= ~(KRB5_FAST_KDC_VERIFIED);
860
861     state->armor_ccache = ccache;
862     ccache = NULL;
863
864     krb5_init_creds_free(context, state->anon_pkinit_ctx);
865     state->anon_pkinit_ctx = NULL;
866
867     krb5_get_init_creds_opt_free(context, state->anon_pkinit_opt);
868     state->anon_pkinit_opt = NULL;
869
870     *flags |= KRB5_INIT_CREDS_STEP_FLAG_CONTINUE;
871
872 out:
873     krb5_free_principal(context, principal);
874     krb5_free_cred_contents(context, &cred);
875     if (ccache)
876         krb5_cc_destroy(context, ccache);
877
878     return ret;
879 }
Samba Shared Repository