source3/libads/authdata.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    kerberos authorization data (PAC) utility library
   4    Copyright (C) Jim McDonough 2003
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 2 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program; if not, write to the Free Software
  18    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  19 */
  20
  21 #include "includes.h"
  22
  23 #ifdef HAVE_KRB5
  24
  25 static DATA_BLOB unwrap_pac(DATA_BLOB *auth_data)
  26 {
  27         DATA_BLOB pac_contents;
  28         ASN1_DATA data;
  29         int data_type;
  30
  31         asn1_load(&data, *auth_data);
  32         asn1_start_tag(&data, ASN1_SEQUENCE(0));
  33         asn1_start_tag(&data, ASN1_SEQUENCE(0));
  34         asn1_start_tag(&data, ASN1_CONTEXT(0));
  35         asn1_read_Integer(&data, &data_type);
  36         asn1_end_tag(&data);
  37         asn1_start_tag(&data, ASN1_CONTEXT(1));
  38         asn1_read_OctetString(&data, &pac_contents);
  39         asn1_end_tag(&data);
  40         asn1_end_tag(&data);
  41         asn1_end_tag(&data);
  42         return pac_contents;
  43 }
  44
  45 static BOOL pac_io_unknown_type_10(const char *desc, UNKNOWN_TYPE_10 *type_10,
  46                                    prs_struct *ps, int depth)
  47 {
  48         if (NULL == type_10)
  49                 return False;
  50
  51         prs_debug(ps, depth, desc, "pac_io_unknown_type_10");
  52         depth++;
  53
  54         if (!smb_io_time("unknown_time", &type_10->unknown_time, ps, depth))
  55                 return False;
  56
  57         if (!prs_uint16("len", ps, depth, &type_10->len))
  58                 return False;
  59
  60         if (UNMARSHALLING(ps) && type_10->len) {
  61                 type_10->username = (uint16 *) prs_alloc_mem(ps, type_10->len);
  62                 if (!type_10->username) {
  63                         DEBUG(3, ("No memory available\n"));
  64                         return False;
  65                 }
  66         }
  67
  68         if (!prs_uint16s(True, "name", ps, depth, type_10->username,
  69                          (type_10->len / sizeof(uint16))))
  70                 return False;
  71
  72         return True;
  73
  74 }
  75
  76
  77 static BOOL pac_io_krb_sids(const char *desc, KRB_SID_AND_ATTRS *sid_and_attr,
  78                             prs_struct *ps, int depth)
  79 {
  80         if (NULL == sid_and_attr)
  81                 return False;
  82
  83         prs_debug(ps, depth, desc, "pac_io_krb_sids");
  84         depth++;
  85
  86         if (UNMARSHALLING(ps)) {
  87                 sid_and_attr->sid =
  88                         (DOM_SID2 * ) prs_alloc_mem(ps, sizeof(DOM_SID2));
  89                 if (!sid_and_attr->sid) {
  90                         DEBUG(3, ("No memory available\n"));
  91                         return False;
  92                 }
  93         }
  94
  95         if(!smb_io_dom_sid2("sid", sid_and_attr->sid, ps, depth))
  96                 return False;
  97
  98         return True;
  99 }
 100
 101
 102 static BOOL pac_io_krb_attrs(const char *desc, KRB_SID_AND_ATTRS *sid_and_attr,
 103                              prs_struct *ps, int depth)
 104 {
 105         if (NULL == sid_and_attr)
 106                 return False;
 107
 108         prs_debug(ps, depth, desc, "pac_io_krb_attrs");
 109         depth++;
 110
 111         if (!prs_uint32("sid_ptr", ps, depth, &sid_and_attr->sid_ptr))
 112                 return False;
 113         if (!prs_uint32("attrs", ps, depth, &sid_and_attr->attrs))
 114                 return False;
 115
 116         return True;
 117 }
 118
 119 static BOOL pac_io_krb_sid_and_attr_array(const char *desc,
 120                                           KRB_SID_AND_ATTR_ARRAY *array,
 121                                           uint32 num,
 122                                           prs_struct *ps, int depth)
 123 {
 124         int i;
 125
 126         if (NULL == array)
 127                 return False;
 128
 129         prs_debug(ps, depth, desc, "pac_io_krb_sid_and_attr_array");
 130         depth++;
 131
 132
 133         if (!prs_uint32("count", ps, depth, &array->count))
 134                 return False;
 135
 136         if (UNMARSHALLING(ps)) {
 137                 array->krb_sid_and_attrs = (KRB_SID_AND_ATTRS *)
 138                         prs_alloc_mem(ps, sizeof(KRB_SID_AND_ATTRS) * num);
 139                 if (!array->krb_sid_and_attrs) {
 140                         DEBUG(3, ("No memory available\n"));
 141                         return False;
 142                 }
 143         }
 144
 145         for (i=0; i<num; i++) {
 146                 if (!pac_io_krb_attrs(desc,
 147                                       &array->krb_sid_and_attrs[i],
 148                                       ps, depth))
 149                         return False;
 150
 151         }
 152         for (i=0; i<num; i++) {
 153                 if (!pac_io_krb_sids(desc,
 154                                      &array->krb_sid_and_attrs[i],
 155                                      ps, depth))
 156                         return False;
 157
 158         }
 159
 160         return True;
 161
 162 }
 163
 164 static BOOL pac_io_group_membership(const char *desc,
 165                                     GROUP_MEMBERSHIP *membership,
 166                                     prs_struct *ps, int depth)
 167 {
 168         if (NULL == membership)
 169                 return False;
 170
 171         prs_debug(ps, depth, desc, "pac_io_group_membership");
 172         depth++;
 173
 174         if (!prs_uint32("rid", ps, depth, &membership->rid))
 175                 return False;
 176         if (!prs_uint32("attrs", ps, depth, &membership->attrs))
 177                 return False;
 178
 179         return True;
 180 }
 181
 182
 183 static BOOL pac_io_group_membership_array(const char *desc,
 184                                           GROUP_MEMBERSHIP_ARRAY *array,
 185                                           uint32 num,
 186                                           prs_struct *ps, int depth)
 187 {
 188         int i;
 189
 190         if (NULL == array)
 191                 return False;
 192
 193         prs_debug(ps, depth, desc, "pac_io_group_membership_array");
 194         depth++;
 195
 196
 197         if (!prs_uint32("count", ps, depth, &array->count))
 198                 return False;
 199
 200         if (UNMARSHALLING(ps)) {
 201                 array->group_membership = (GROUP_MEMBERSHIP *)
 202                         prs_alloc_mem(ps, sizeof(GROUP_MEMBERSHIP) * num);
 203                 if (!array->group_membership) {
 204                         DEBUG(3, ("No memory available\n"));
 205                         return False;
 206                 }
 207         }
 208
 209         for (i=0; i<num; i++) {
 210                 if (!pac_io_group_membership(desc,
 211                                              &array->group_membership[i],
 212                                              ps, depth))
 213                         return False;
 214
 215         }
 216
 217         return True;
 218
 219 }
 220
 221 static BOOL pac_io_pac_logon_info(const char *desc, PAC_LOGON_INFO *info,
 222                                   prs_struct *ps, int depth)
 223 {
 224         uint32 garbage;
 225         if (NULL == info)
 226                 return False;
 227
 228         prs_debug(ps, depth, desc, "pac_io_pac_logon_info");
 229         depth++;
 230
 231         if (!prs_uint32("unknown", ps, depth, &garbage))
 232                 return False;
 233         if (!prs_uint32("unknown", ps, depth, &garbage))
 234                 return False;
 235         if (!prs_uint32("bufferlen", ps, depth, &garbage))
 236                 return False;
 237         if (!prs_uint32("bufferlenhi", ps, depth, &garbage))
 238                 return False;
 239         if (!prs_uint32("pointer", ps, depth, &garbage))
 240                 return False;
 241
 242         if (!smb_io_time("logon_time", &info->logon_time, ps, depth))
 243                 return False;
 244         if (!smb_io_time("logoff_time", &info->logoff_time, ps, depth))
 245                 return False;
 246         if (!smb_io_time("kickoff_time", &info->kickoff_time, ps, depth))
 247                 return False;
 248         if (!smb_io_time("pass_last_set_time", &info->pass_last_set_time,
 249                          ps, depth))
 250                 return False;
 251         if (!smb_io_time("pass_can_change_time", &info->pass_can_change_time,
 252                          ps, depth))
 253                 return False;
 254         if (!smb_io_time("pass_must_change_time", &info->pass_must_change_time,
 255                          ps, depth))
 256                 return False;
 257
 258         if (!smb_io_unihdr("hdr_user_name", &info->hdr_user_name, ps, depth))
 259                 return False;
 260         if (!smb_io_unihdr("hdr_full_name", &info->hdr_full_name, ps, depth))
 261                 return False;
 262         if (!smb_io_unihdr("hdr_logon_script", &info->hdr_logon_script,
 263                            ps, depth))
 264                 return False;
 265         if (!smb_io_unihdr("hdr_profile_path", &info->hdr_profile_path,
 266                            ps, depth))
 267                 return False;
 268         if (!smb_io_unihdr("hdr_home_dir", &info->hdr_home_dir, ps, depth))
 269                 return False;
 270         if (!smb_io_unihdr("hdr_dir_drive", &info->hdr_dir_drive, ps, depth))
 271                 return False;
 272
 273         if (!prs_uint16("logon_count", ps, depth, &info->logon_count))
 274                 return False;
 275         if (!prs_uint16("reserved12", ps, depth, &info->reserved12))
 276                 return False;
 277         if (!prs_uint32("user_rid", ps, depth, &info->user_rid))
 278                 return False;
 279         if (!prs_uint32("group_rid", ps, depth, &info->group_rid))
 280                 return False;
 281         if (!prs_uint32("group_count", ps, depth, &info->group_count))
 282                 return False;
 283         /* I haven't seen this contain anything yet, but when it does
 284            we will have to make sure we decode the contents in the middle
 285            all the unistr2s ... */
 286         if (!prs_uint32("group_mem_ptr", ps, depth,
 287                         &info->group_membership_ptr))
 288                 return False;
 289         if (!prs_uint32("user_flags", ps, depth, &info->user_flags))
 290                 return False;
 291
 292         if (!prs_uint32("reserved13.0", ps, depth, &info->reserved13[0]))
 293                 return False;
 294         if (!prs_uint32("reserved13.1", ps, depth, &info->reserved13[1]))
 295                 return False;
 296         if (!prs_uint32("reserved13.2", ps, depth, &info->reserved13[2]))
 297                 return False;
 298         if (!prs_uint32("reserved13.3", ps, depth, &info->reserved13[3]))
 299                 return False;
 300
 301         if (!smb_io_unihdr("hdr_dom_controller",
 302                            &info->hdr_dom_controller, ps, depth))
 303                 return False;
 304         if (!smb_io_unihdr("hdr_dom_name", &info->hdr_dom_name, ps, depth))
 305                 return False;
 306
 307         /* this should be followed, but just get ptr for now */
 308         if (!prs_uint32("ptr_dom_sid", ps, depth, &info->ptr_dom_sid))
 309                 return False;
 310
 311         if (!prs_uint32("reserved16.0", ps, depth, &info->reserved16[0]))
 312                 return False;
 313         if (!prs_uint32("reserved16.1", ps, depth, &info->reserved16[1]))
 314                 return False;
 315
 316         /* might be acb_info */
 317         if (!prs_uint32("reserved17", ps, depth, &info->reserved17))
 318                 return False;
 319
 320
 321         if (!prs_uint32("reserved18.0", ps, depth, &info->reserved18[0]))
 322                 return False;
 323         if (!prs_uint32("reserved18.1", ps, depth, &info->reserved18[1]))
 324                 return False;
 325         if (!prs_uint32("reserved18.2", ps, depth, &info->reserved18[2]))
 326                 return False;
 327         if (!prs_uint32("reserved18.3", ps, depth, &info->reserved18[3]))
 328                 return False;
 329         if (!prs_uint32("reserved18.4", ps, depth, &info->reserved18[4]))
 330                 return False;
 331         if (!prs_uint32("reserved18.5", ps, depth, &info->reserved18[5]))
 332                 return False;
 333         if (!prs_uint32("reserved18.6", ps, depth, &info->reserved18[6]))
 334                 return False;
 335
 336         if (!prs_uint32("sid_count", ps, depth, &info->sid_count))
 337                 return False;
 338         if (!prs_uint32("ptr_extra_sids", ps, depth, &info->ptr_extra_sids))
 339                 return False;
 340         if (!prs_uint32("ptr_res_group_dom_sid", ps, depth,
 341                         &info->ptr_res_group_dom_sid))
 342                 return False;
 343         if (!prs_uint32("res_group_count", ps, depth, &info->res_group_count))
 344                 return False;
 345         if (!prs_uint32("ptr_res_groups", ps, depth, &info->ptr_res_groups))
 346                 return False;
 347
 348         if(!smb_io_unistr2("uni_user_name", &info->uni_user_name,
 349                            info->hdr_user_name.buffer, ps, depth))
 350                 return False;
 351         if(!smb_io_unistr2("uni_full_name", &info->uni_full_name,
 352                            info->hdr_full_name.buffer, ps, depth))
 353                 return False;
 354         if(!smb_io_unistr2("uni_logon_script", &info->uni_logon_script,
 355                            info->hdr_logon_script.buffer, ps, depth))
 356                 return False;
 357         if(!smb_io_unistr2("uni_profile_path", &info->uni_profile_path,
 358                            info->hdr_profile_path.buffer, ps, depth))
 359                 return False;
 360         if(!smb_io_unistr2("uni_home_dir", &info->uni_home_dir,
 361                            info->hdr_home_dir.buffer, ps, depth))
 362                 return False;
 363         if(!smb_io_unistr2("uni_dir_drive", &info->uni_dir_drive,
 364                            info->hdr_dir_drive.buffer, ps, depth))
 365                 return False;
 366
 367         if (info->group_membership_ptr) {
 368                 if (!pac_io_group_membership_array("group membership",
 369                                                    &info->groups,
 370                                                    info->group_count,
 371                                                    ps, depth))
 372                         return False;
 373         }
 374
 375
 376         if(!smb_io_unistr2("uni_dom_controller", &info->uni_dom_controller,
 377                            info->hdr_dom_controller.buffer, ps, depth))
 378                 return False;
 379         if(!smb_io_unistr2("uni_dom_name", &info->uni_dom_name,
 380                            info->hdr_dom_name.buffer, ps, depth))
 381                 return False;
 382
 383         if(info->ptr_dom_sid)
 384                 if(!smb_io_dom_sid2("dom_sid", &info->dom_sid, ps, depth))
 385                         return False;
 386
 387
 388         if (info->sid_count && info->ptr_extra_sids)
 389                 if (!pac_io_krb_sid_and_attr_array("extra_sids",
 390                                                    &info->extra_sids,
 391                                                    info->sid_count,
 392                                                    ps, depth))
 393                         return False;
 394
 395         if (info->ptr_res_group_dom_sid)
 396                 if (!smb_io_dom_sid2("res_group_dom_sid",
 397                                      &info->res_group_dom_sid, ps, depth))
 398                         return False;
 399
 400         if (info->ptr_res_groups)
 401                 if (!pac_io_group_membership_array("res group membership",
 402                                                    &info->res_groups,
 403                                                    info->res_group_count,
 404                                                    ps, depth))
 405                         return False;
 406
 407         return True;
 408 }
 409
 410
 411 static BOOL pac_io_pac_signature_data(const char *desc,
 412                                       PAC_SIGNATURE_DATA *data, uint32 length,
 413                                       prs_struct *ps, int depth)
 414 {
 415         uint32 siglen = length - sizeof(uint32);
 416         if (NULL == data)
 417                 return False;
 418
 419         prs_debug(ps, depth, desc, "pac_io_pac_signature_data");
 420         depth++;
 421
 422         if (!prs_uint32("type", ps, depth, &data->type))
 423                 return False;
 424         if (UNMARSHALLING(ps)) {
 425                 data->signature = prs_alloc_mem(ps, siglen);
 426                 if (!data->signature) {
 427                         DEBUG(3, ("No memory available\n"));
 428                         return False;
 429                 }
 430         }
 431         if (!prs_uint8s(False, "signature", ps, depth, data->signature,siglen))
 432                 return False;
 433
 434         return True;
 435 }
 436
 437 static BOOL pac_io_pac_info_hdr_ctr(const char *desc, PAC_INFO_HDR *hdr,
 438                                     prs_struct *ps, int depth)
 439 {
 440         if (NULL == hdr)
 441                 return False;
 442
 443         prs_debug(ps, depth, desc, "pac_io_pac_info_hdr_ctr");
 444         depth++;
 445
 446         if (!prs_align(ps))
 447                 return False;
 448
 449         if (hdr->offset != prs_offset(ps)) {
 450                 DEBUG(5, ("offset in header(x%x) and data(x%x) do not match\n",
 451                           hdr->offset, prs_offset(ps)));
 452                 prs_set_offset(ps, hdr->offset);
 453         }
 454
 455         if (UNMARSHALLING(ps) && hdr->size > 0) {
 456                 hdr->ctr = (PAC_INFO_CTR *)
 457                         prs_alloc_mem(ps, sizeof(PAC_INFO_CTR));
 458                 if (!hdr->ctr) {
 459                         DEBUG(3, ("No memory available\n"));
 460                         return False;
 461                 }
 462         }
 463
 464         switch(hdr->type) {
 465         case PAC_TYPE_LOGON_INFO:
 466                 DEBUG(5, ("PAC_TYPE_LOGON_INFO\n"));
 467                 if (UNMARSHALLING(ps))
 468                         hdr->ctr->pac.logon_info = (PAC_LOGON_INFO *)
 469                                 prs_alloc_mem(ps, sizeof(PAC_LOGON_INFO));
 470                 if (!hdr->ctr->pac.logon_info) {
 471                         DEBUG(3, ("No memory available\n"));
 472                         return False;
 473                 }
 474                 if (!pac_io_pac_logon_info(desc, hdr->ctr->pac.logon_info,
 475                                            ps, depth))
 476                         return False;
 477                 break;
 478
 479         case PAC_TYPE_SERVER_CHECKSUM:
 480                 DEBUG(5, ("PAC_TYPE_SERVER_CHECKSUM\n"));
 481                 if (UNMARSHALLING(ps))
 482                         hdr->ctr->pac.srv_cksum = (PAC_SIGNATURE_DATA *)
 483                                 prs_alloc_mem(ps, sizeof(PAC_SIGNATURE_DATA));
 484                 if (!hdr->ctr->pac.srv_cksum) {
 485                         DEBUG(3, ("No memory available\n"));
 486                         return False;
 487                 }
 488                 if (!pac_io_pac_signature_data(desc, hdr->ctr->pac.srv_cksum,
 489                                                hdr->size, ps, depth))
 490                         return False;
 491                 break;
 492
 493         case PAC_TYPE_PRIVSVR_CHECKSUM:
 494                 DEBUG(5, ("PAC_TYPE_PRIVSVR_CHECKSUM\n"));
 495                 if (UNMARSHALLING(ps))
 496                         hdr->ctr->pac.privsrv_cksum = (PAC_SIGNATURE_DATA *)
 497                                 prs_alloc_mem(ps, sizeof(PAC_SIGNATURE_DATA));
 498                 if (!hdr->ctr->pac.privsrv_cksum) {
 499                         DEBUG(3, ("No memory available\n"));
 500                         return False;
 501                 }
 502                 if (!pac_io_pac_signature_data(desc,
 503                                                hdr->ctr->pac.privsrv_cksum,
 504                                                hdr->size, ps, depth))
 505                         return False;
 506                 break;
 507
 508         case PAC_TYPE_UNKNOWN_10:
 509                 DEBUG(5, ("PAC_TYPE_UNKNOWN_10\n"));
 510                 if (UNMARSHALLING(ps))
 511                         hdr->ctr->pac.type_10 = (UNKNOWN_TYPE_10 *)
 512                                 prs_alloc_mem(ps, sizeof(UNKNOWN_TYPE_10));
 513                 if (!hdr->ctr->pac.type_10) {
 514                         DEBUG(3, ("No memory available\n"));
 515                         return False;
 516                 }
 517                 if (!pac_io_unknown_type_10(desc, hdr->ctr->pac.type_10,
 518                                             ps, depth))
 519                         return False;
 520                 break;
 521
 522         default:
 523                 /* dont' know, so we need to skip it */
 524                 DEBUG(3, ("unknown PAC type %d\n", hdr->type));
 525                 prs_set_offset(ps, prs_offset(ps) + hdr->size);
 526         }
 527
 528         return True;
 529 }
 530
 531 static BOOL pac_io_pac_info_hdr(const char *desc, PAC_INFO_HDR *hdr,
 532                                 prs_struct *ps, int depth)
 533 {
 534         if (NULL == hdr)
 535                 return False;
 536
 537         prs_debug(ps, depth, desc, "pac_io_pac_info_hdr");
 538         depth++;
 539
 540         if (!prs_align(ps))
 541                 return False;
 542         if (!prs_uint32("type", ps, depth, &hdr->type))
 543                 return False;
 544         if (!prs_uint32("size", ps, depth, &hdr->size))
 545                 return False;
 546         if (!prs_uint32("offset", ps, depth, &hdr->offset))
 547                 return False;
 548         if (!prs_uint32("offsethi", ps, depth, &hdr->offsethi))
 549                 return False;
 550
 551         return True;
 552 }
 553
 554 static BOOL pac_io_pac_data(const char *desc, PAC_DATA *data,
 555                             prs_struct *ps, int depth)
 556 {
 557         int i;
 558
 559         if (NULL == data)
 560                 return False;
 561
 562         prs_debug(ps, depth, desc, "pac_io_pac_data");
 563         depth++;
 564
 565         if (!prs_align(ps))
 566                 return False;
 567         if (!prs_uint32("num_buffers", ps, depth, &data->num_buffers))
 568                 return False;
 569         if (!prs_uint32("version", ps, depth, &data->version))
 570                 return False;
 571
 572         if (UNMARSHALLING(ps) && data->num_buffers > 0) {
 573                 if ((data->pac_info_hdr_ptr = (PAC_INFO_HDR *)
 574                      prs_alloc_mem(ps, sizeof(PAC_INFO_HDR) *
 575                                    data->num_buffers)) == NULL) {
 576                         return False;
 577                 }
 578         }
 579
 580         for (i=0; i<data->num_buffers; i++) {
 581                 if (!pac_io_pac_info_hdr(desc, &data->pac_info_hdr_ptr[i], ps,
 582                                          depth))
 583                         return False;
 584         }
 585
 586         for (i=0; i<data->num_buffers; i++) {
 587                 if (!pac_io_pac_info_hdr_ctr(desc, &data->pac_info_hdr_ptr[i],
 588                                              ps, depth))
 589                         return False;
 590         }
 591
 592         return True;
 593 }
 594
 595 PAC_DATA *decode_pac_data(DATA_BLOB *auth_data, TALLOC_CTX *ctx)
 596 {
 597         DATA_BLOB pac_data_blob = unwrap_pac(auth_data);
 598         prs_struct ps;
 599         PAC_DATA *pac_data;
 600
 601         DEBUG(5,("dump_pac_data\n"));
 602         prs_init(&ps, pac_data_blob.length, ctx, UNMARSHALL);
 603         prs_copy_data_in(&ps, pac_data_blob.data, pac_data_blob.length);
 604         prs_set_offset(&ps, 0);
 605
 606         pac_data = (PAC_DATA *) talloc_zero(ctx, sizeof(PAC_DATA));
 607         pac_io_pac_data("pac data", pac_data, &ps, 0);
 608
 609         prs_mem_free(&ps);
 610
 611         return pac_data;
 612 }
 613
 614 #endif