r24780: More work allowing libutil to be used by external users.
[kai/samba.git] / source4 / auth / gensec / socket.c
1 /* 
2    Unix SMB/CIFS implementation.
3
4    GENSEC socket interface
5
6    Copyright (C) Andrew Bartlett 2006
7  
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 3 of the License, or
11    (at your option) any later version.
12    
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17    
18    You should have received a copy of the GNU General Public License
19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "lib/events/events.h"
24 #include "lib/socket/socket.h"
25 #include "lib/stream/packet.h"
26 #include "auth/gensec/gensec.h"
27
28 static const struct socket_ops gensec_socket_ops;
29
30 struct gensec_socket {
31         struct gensec_security *gensec_security;
32         struct socket_context *socket;
33         struct event_context *ev;
34         struct packet_context *packet;
35         DATA_BLOB read_buffer;  /* SASL packets are turned into liniarlised data here, for reading */
36         size_t orig_send_len;
37         BOOL eof;
38         NTSTATUS error;
39         BOOL interrupted;
40         void (*recv_handler)(void *, uint16_t);
41         void *recv_private;
42         int in_extra_read;
43         BOOL wrap; /* Should we be wrapping on this socket at all? */
44 };
45
46 static NTSTATUS gensec_socket_init_fn(struct socket_context *sock)
47 {
48         switch (sock->type) {
49         case SOCKET_TYPE_STREAM:
50                 break;
51         default:
52                 return NT_STATUS_INVALID_PARAMETER;
53         }
54
55         sock->backend_name = "gensec";
56
57         return NT_STATUS_OK;
58 }
59
60 /* These functions are for use here only (public because SPNEGO must
61  * use them for recursion) */
62 _PUBLIC_ NTSTATUS gensec_wrap_packets(struct gensec_security *gensec_security, 
63                              TALLOC_CTX *mem_ctx, 
64                              const DATA_BLOB *in, 
65                              DATA_BLOB *out,
66                              size_t *len_processed) 
67 {
68         if (!gensec_security->ops->wrap_packets) {
69                 NTSTATUS nt_status;
70                 size_t max_input_size;
71                 DATA_BLOB unwrapped, wrapped;
72                 max_input_size = gensec_max_input_size(gensec_security);
73                 unwrapped = data_blob_const(in->data, MIN(max_input_size, (size_t)in->length));
74                 
75                 nt_status = gensec_wrap(gensec_security, 
76                                         mem_ctx,
77                                         &unwrapped, &wrapped);
78                 if (!NT_STATUS_IS_OK(nt_status)) {
79                         talloc_free(mem_ctx);
80                         return nt_status;
81                 }
82                 
83                 *out = data_blob_talloc(mem_ctx, NULL, 4);
84                 if (!out->data) {
85                         return NT_STATUS_NO_MEMORY;
86                 }
87                 RSIVAL(out->data, 0, wrapped.length);
88                 
89                 if (!data_blob_append(mem_ctx, out, wrapped.data, wrapped.length)) {
90                         return NT_STATUS_NO_MEMORY;
91                 }
92                 *len_processed = unwrapped.length;
93                 return NT_STATUS_OK;
94         }
95         return gensec_security->ops->wrap_packets(gensec_security, mem_ctx, in, out,
96                                                   len_processed);
97 }
98
99 /* These functions are for use here only (public because SPNEGO must
100  * use them for recursion) */
101 NTSTATUS gensec_unwrap_packets(struct gensec_security *gensec_security, 
102                                         TALLOC_CTX *mem_ctx, 
103                                         const DATA_BLOB *in, 
104                                         DATA_BLOB *out,
105                                         size_t *len_processed) 
106 {
107         if (!gensec_security->ops->unwrap_packets) {
108                 DATA_BLOB wrapped;
109                 NTSTATUS nt_status;
110                 size_t packet_size;
111                 if (in->length < 4) {
112                         /* Missing the header we already had! */
113                         DEBUG(0, ("Asked to unwrap packet of bogus length!  How did we get the short packet?!\n"));
114                         return NT_STATUS_INVALID_PARAMETER;
115                 }
116                 
117                 packet_size = RIVAL(in->data, 0);
118                 
119                 wrapped = data_blob_const(in->data + 4, packet_size);
120                 
121                 if (wrapped.length > (in->length - 4)) {
122                         DEBUG(0, ("Asked to unwrap packed of bogus length %d > %d!  How did we get this?!\n",
123                                   (int)wrapped.length, (int)(in->length - 4)));
124                         return NT_STATUS_INTERNAL_ERROR;
125                 }
126                 
127                 nt_status = gensec_unwrap(gensec_security, 
128                                           mem_ctx,
129                                           &wrapped, out);
130                 if (!NT_STATUS_IS_OK(nt_status)) {
131                         return nt_status;
132                 }
133                 
134                 *len_processed = packet_size + 4;
135                 return nt_status;
136         }
137         return gensec_security->ops->unwrap_packets(gensec_security, mem_ctx, in, out,
138                                                     len_processed);
139 }
140
141 /* These functions are for use here only (public because SPNEGO must
142  * use them for recursion) */
143 NTSTATUS gensec_packet_full_request(struct gensec_security *gensec_security,
144                                     DATA_BLOB blob, size_t *size) 
145 {
146         if (gensec_security->ops->packet_full_request) {
147                 return gensec_security->ops->packet_full_request(gensec_security,
148                                                                  blob, size);
149         }
150         if (gensec_security->ops->unwrap_packets) {
151                 if (blob.length) {
152                         *size = blob.length;
153                         return NT_STATUS_OK;
154                 }
155                 return STATUS_MORE_ENTRIES;
156         }
157         return packet_full_request_u32(NULL, blob, size);
158 }
159
160 static NTSTATUS gensec_socket_full_request(void *private, DATA_BLOB blob, size_t *size) 
161 {
162         struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
163         struct gensec_security *gensec_security = gensec_socket->gensec_security;
164         return gensec_packet_full_request(gensec_security, blob, size);
165 }
166
167 /* Try to figure out how much data is waiting to be read */
168 static NTSTATUS gensec_socket_pending(struct socket_context *sock, size_t *npending) 
169 {
170         struct gensec_socket *gensec_socket = talloc_get_type(sock->private_data, struct gensec_socket);
171         if (!gensec_socket->wrap) {
172                 return socket_pending(gensec_socket->socket, npending);
173         }
174
175         if (gensec_socket->read_buffer.length > 0) {
176                 *npending = gensec_socket->read_buffer.length;
177                 return NT_STATUS_OK;
178         }
179
180         /* This is a lie.  We hope the decrypted data will always be
181          * less than this value, so the application just gets a short
182          * read.  Without reading and decrypting it, we can't tell.
183          * If the SASL mech does compression, then we just need to
184          * manually trigger read events */
185         return socket_pending(gensec_socket->socket, npending);
186 }      
187
188 /* Note if an error occours, so we can return it up the stack */
189 static void gensec_socket_error_handler(void *private, NTSTATUS status)
190 {
191         struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
192         if (NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)) {
193                 gensec_socket->eof = True;
194         } else {
195                 gensec_socket->error = status;
196         }
197 }
198
199 static void gensec_socket_trigger_read(struct event_context *ev, 
200                                        struct timed_event *te, 
201                                        struct timeval t, void *private)
202 {
203         struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
204
205         gensec_socket->in_extra_read++;
206         gensec_socket->recv_handler(gensec_socket->recv_private, EVENT_FD_READ);
207         gensec_socket->in_extra_read--;
208
209         /* It may well be that, having run the recv handler, we still
210          * have even more data waiting for us! 
211          */
212         if (gensec_socket->read_buffer.length && gensec_socket->recv_handler) {
213                 /* Schedule this funcion to run again */
214                 event_add_timed(gensec_socket->ev, gensec_socket, timeval_zero(), 
215                                 gensec_socket_trigger_read, gensec_socket);
216         }
217 }
218
219 /* These two routines could be changed to use a circular buffer of
220  * some kind, or linked lists, or ... */
221 static NTSTATUS gensec_socket_recv(struct socket_context *sock, void *buf,
222                                    size_t wantlen, size_t *nread) 
223 {
224         struct gensec_socket *gensec_socket = talloc_get_type(sock->private_data, struct gensec_socket);
225
226         if (!gensec_socket->wrap) {
227                 return socket_recv(gensec_socket->socket, buf, wantlen, nread);
228         }
229
230         gensec_socket->error = NT_STATUS_OK;
231
232         if (gensec_socket->read_buffer.length == 0) {
233                 /* Process any data on the socket, into the read buffer. At
234                  * this point, the socket is not available for read any
235                  * longer */
236                 packet_recv(gensec_socket->packet);
237
238                 if (gensec_socket->eof) {
239                         *nread = 0;
240                         return NT_STATUS_OK;
241                 }
242                 
243                 if (!NT_STATUS_IS_OK(gensec_socket->error)) {
244                         return gensec_socket->error;
245                 }
246
247                 if (gensec_socket->read_buffer.length == 0) {
248                         /* Clearly we don't have the entire SASL packet yet,
249                          * so it has not been written into the buffer */
250                         *nread = 0;
251                         return STATUS_MORE_ENTRIES;
252                 }
253         }
254
255
256         *nread = MIN(wantlen, gensec_socket->read_buffer.length);
257         memcpy(buf, gensec_socket->read_buffer.data, *nread);
258
259         if (gensec_socket->read_buffer.length > *nread) {
260                 memmove(gensec_socket->read_buffer.data, 
261                         gensec_socket->read_buffer.data + *nread, 
262                         gensec_socket->read_buffer.length - *nread);
263         }
264
265         gensec_socket->read_buffer.length -= *nread;
266         gensec_socket->read_buffer.data = talloc_realloc(gensec_socket, 
267                                                          gensec_socket->read_buffer.data, 
268                                                          uint8_t, 
269                                                          gensec_socket->read_buffer.length);
270
271         if (gensec_socket->read_buffer.length && 
272             gensec_socket->in_extra_read == 0 && 
273             gensec_socket->recv_handler) {
274                 /* Manually call a read event, to get this moving
275                  * again (as the socket should be dry, so the normal
276                  * event handler won't trigger) */
277                 event_add_timed(gensec_socket->ev, gensec_socket, timeval_zero(), 
278                                 gensec_socket_trigger_read, gensec_socket);
279         }
280
281         return NT_STATUS_OK;
282 }
283
284 /* Completed SASL packet callback.  When we have a 'whole' SASL
285  * packet, decrypt it, and add it to the read buffer
286  *
287  * This function (and anything under it) MUST NOT call the event system
288  */
289 static NTSTATUS gensec_socket_unwrap(void *private, DATA_BLOB blob)
290 {
291         struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
292         DATA_BLOB unwrapped;
293         NTSTATUS nt_status;
294         TALLOC_CTX *mem_ctx;
295         size_t packet_size;
296
297         mem_ctx = talloc_new(gensec_socket);
298         if (!mem_ctx) {
299                 return NT_STATUS_NO_MEMORY;
300         }
301         nt_status = gensec_unwrap_packets(gensec_socket->gensec_security, 
302                                           mem_ctx,
303                                           &blob, &unwrapped, 
304                                           &packet_size);
305         if (!NT_STATUS_IS_OK(nt_status)) {
306                 talloc_free(mem_ctx);
307                 return nt_status;
308         }
309
310         if (packet_size != blob.length) {
311                 DEBUG(0, ("gensec_socket_unwrap: Did not consume entire packet!\n"));
312                 talloc_free(mem_ctx);
313                 return NT_STATUS_INTERNAL_ERROR;
314         }
315
316         /* We could change this into a linked list, and have
317          * gensec_socket_recv() and gensec_socket_pending() walk the
318          * linked list */
319
320         if (!data_blob_append(gensec_socket, &gensec_socket->read_buffer, 
321                                      unwrapped.data, unwrapped.length)) {
322                 talloc_free(mem_ctx);
323                 return NT_STATUS_NO_MEMORY;
324         }
325
326         talloc_free(mem_ctx);
327         return NT_STATUS_OK;
328 }
329
330 /* when the data is sent, we know we have not been interrupted */
331 static void send_callback(void *private) 
332 {
333         struct gensec_socket *gensec_socket = talloc_get_type(private, struct gensec_socket);
334         gensec_socket->interrupted = False;
335 }
336
337 /*
338   send data, but only as much as we allow in one packet.  
339
340   If this returns STATUS_MORE_ENTRIES, the caller must retry with
341   exactly the same data, or a NULL blob.
342 */
343 static NTSTATUS gensec_socket_send(struct socket_context *sock, 
344                                    const DATA_BLOB *blob, size_t *sendlen)
345 {
346         NTSTATUS nt_status;
347         struct gensec_socket *gensec_socket = talloc_get_type(sock->private_data, struct gensec_socket);
348         DATA_BLOB wrapped;
349         TALLOC_CTX *mem_ctx;
350
351         if (!gensec_socket->wrap) {
352                 return socket_send(gensec_socket->socket, blob, sendlen);
353         }
354
355         *sendlen = 0;
356
357         /* We have have been interupted, so the caller should be
358          * giving us the same data again.  */
359         if (gensec_socket->interrupted) {
360                 packet_queue_run(gensec_socket->packet);
361
362                 if (!NT_STATUS_IS_OK(gensec_socket->error)) {
363                         return gensec_socket->error;
364                 } else if (gensec_socket->interrupted) {
365                         return STATUS_MORE_ENTRIES;
366                 } else {
367                         *sendlen = gensec_socket->orig_send_len;
368                         gensec_socket->orig_send_len = 0;
369                         return NT_STATUS_OK;
370                 }
371         }
372
373         mem_ctx = talloc_new(gensec_socket);
374         if (!mem_ctx) {
375                 return NT_STATUS_NO_MEMORY;
376         }
377
378         nt_status = gensec_wrap_packets(gensec_socket->gensec_security, 
379                                         mem_ctx,
380                                         blob, &wrapped, 
381                                         &gensec_socket->orig_send_len);
382         if (!NT_STATUS_IS_OK(nt_status)) {
383                 talloc_free(mem_ctx);
384                 return nt_status;
385         }
386         
387         gensec_socket->interrupted = True;
388         gensec_socket->error = NT_STATUS_OK;
389
390         nt_status = packet_send_callback(gensec_socket->packet, 
391                                          wrapped,
392                                          send_callback, gensec_socket);
393
394         talloc_free(mem_ctx);
395
396         packet_queue_run(gensec_socket->packet);
397
398         if (!NT_STATUS_IS_OK(gensec_socket->error)) {
399                 return gensec_socket->error;
400         } else if (gensec_socket->interrupted) {
401                 return STATUS_MORE_ENTRIES;
402         } else {
403                 *sendlen = gensec_socket->orig_send_len;
404                 gensec_socket->orig_send_len = 0;
405                 return NT_STATUS_OK;
406         }
407 }
408
409 /* Turn a normal socket into a potentially GENSEC wrapped socket */
410
411 NTSTATUS gensec_socket_init(struct gensec_security *gensec_security,
412                             struct socket_context *current_socket,
413                             struct event_context *ev,
414                             void (*recv_handler)(void *, uint16_t),
415                             void *recv_private,
416                             struct socket_context **new_socket)
417 {
418         struct gensec_socket *gensec_socket;
419         struct socket_context *new_sock;
420         NTSTATUS nt_status;
421
422         nt_status = socket_create_with_ops(current_socket, &gensec_socket_ops, &new_sock, 
423                                            SOCKET_TYPE_STREAM, current_socket->flags | SOCKET_FLAG_ENCRYPT);
424         if (!NT_STATUS_IS_OK(nt_status)) {
425                 *new_socket = NULL;
426                 return nt_status;
427         }
428
429         new_sock->state = current_socket->state;
430
431         gensec_socket = talloc(new_sock, struct gensec_socket);
432         if (gensec_socket == NULL) {
433                 *new_socket = NULL;
434                 return NT_STATUS_NO_MEMORY;
435         }
436
437         new_sock->private_data       = gensec_socket;
438         gensec_socket->socket        = current_socket;
439
440         if (talloc_reference(gensec_socket, current_socket) == NULL) {
441                 *new_socket = NULL;
442                 return NT_STATUS_NO_MEMORY;
443         }
444
445         /* Nothing to do here, if we are not actually wrapping on this socket */
446         if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL) &&
447             !gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
448                 
449                 gensec_socket->wrap = False;
450                 *new_socket = new_sock;
451                 return NT_STATUS_OK;
452         }
453
454         gensec_socket->gensec_security = gensec_security;
455
456         gensec_socket->wrap          = True;
457         gensec_socket->eof           = False;
458         gensec_socket->error         = NT_STATUS_OK;
459         gensec_socket->interrupted   = False;
460         gensec_socket->in_extra_read = 0;
461
462         gensec_socket->read_buffer   = data_blob(NULL, 0);
463
464         gensec_socket->recv_handler  = recv_handler;
465         gensec_socket->recv_private  = recv_private;
466         gensec_socket->ev            = ev;
467
468         gensec_socket->packet = packet_init(gensec_socket);
469         if (gensec_socket->packet == NULL) {
470                 *new_socket = NULL;
471                 return NT_STATUS_NO_MEMORY;
472         }
473
474         packet_set_private(gensec_socket->packet, gensec_socket);
475         packet_set_socket(gensec_socket->packet, gensec_socket->socket);
476         packet_set_callback(gensec_socket->packet, gensec_socket_unwrap);
477         packet_set_full_request(gensec_socket->packet, gensec_socket_full_request);
478         packet_set_error_handler(gensec_socket->packet, gensec_socket_error_handler);
479         packet_set_serialise(gensec_socket->packet);
480
481         /* TODO: full-request that knows about maximum packet size */
482
483         *new_socket = new_sock;
484         return NT_STATUS_OK;
485 }
486
487
488 static NTSTATUS gensec_socket_set_option(struct socket_context *sock, const char *option, const char *val)
489 {
490         set_socket_options(socket_get_fd(sock), option);
491         return NT_STATUS_OK;
492 }
493
494 static char *gensec_socket_get_peer_name(struct socket_context *sock, TALLOC_CTX *mem_ctx)
495 {
496         struct gensec_socket *gensec = talloc_get_type(sock->private_data, struct gensec_socket);
497         return socket_get_peer_name(gensec->socket, mem_ctx);
498 }
499
500 static struct socket_address *gensec_socket_get_peer_addr(struct socket_context *sock, TALLOC_CTX *mem_ctx)
501 {
502         struct gensec_socket *gensec = talloc_get_type(sock->private_data, struct gensec_socket);
503         return socket_get_peer_addr(gensec->socket, mem_ctx);
504 }
505
506 static struct socket_address *gensec_socket_get_my_addr(struct socket_context *sock, TALLOC_CTX *mem_ctx)
507 {
508         struct gensec_socket *gensec = talloc_get_type(sock->private_data, struct gensec_socket);
509         return socket_get_my_addr(gensec->socket, mem_ctx);
510 }
511
512 static int gensec_socket_get_fd(struct socket_context *sock)
513 {
514         struct gensec_socket *gensec = talloc_get_type(sock->private_data, struct gensec_socket);
515         return socket_get_fd(gensec->socket);
516 }
517
518 static const struct socket_ops gensec_socket_ops = {
519         .name                   = "gensec",
520         .fn_init                = gensec_socket_init_fn,
521         .fn_recv                = gensec_socket_recv,
522         .fn_send                = gensec_socket_send,
523         .fn_pending             = gensec_socket_pending,
524
525         .fn_set_option          = gensec_socket_set_option,
526
527         .fn_get_peer_name       = gensec_socket_get_peer_name,
528         .fn_get_peer_addr       = gensec_socket_get_peer_addr,
529         .fn_get_my_addr         = gensec_socket_get_my_addr,
530         .fn_get_fd              = gensec_socket_get_fd
531 };
532