1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <string.h>
31 #include <unistd.h>
32 #include <ctype.h>
33 #include "gsscred.h"
34 
35 /*
36  *  gsscred utility
37  *  Manages mapping between a security principal name and unix uid.
38  *  Implementation file for the file based gsscred utility.
39  */
40 
41 #define	MAX_ENTRY_LEN 1024
42 
43 static const char credFile[] = "/etc/gss/gsscred_db";
44 static const char credFileTmp[] = "/etc/gss/gsscred_db.tmp";
45 static const int expNameTokIdLen = 2;
46 static const int mechOidLenLen = 2;
47 static const int krb5OidTagLen = 1;
48 static const int krb5OidLenLen = 1;
49 static const int nameLen = 4;
50 static const int krb5OidLen = 9;
51 
52 /*
53  * Multiply by two given that the token has already gone through hex string
54  * expansion.
55  */
56 #define	NAME_OFFSET (expNameTokIdLen + mechOidLenLen + krb5OidTagLen + \
57 	krb5OidLenLen + krb5OidLen + nameLen) * 2
58 
59 static int matchEntry(const char *entry, const gss_buffer_t name,
60 		const char *uid, uid_t *uidOut);
61 
62 /*
63  * file_addGssCredEntry
64  *
65  * Adds a new entry to the gsscred table.
66  * Does not check for duplicate entries.
67  */
file_addGssCredEntry(const gss_buffer_t hexName,const char * uid,const char * comment,char ** errDetails)68 int file_addGssCredEntry(const gss_buffer_t hexName, const char *uid,
69 		const char *comment, char **errDetails)
70 {
71 	FILE *fp;
72 	char tmpBuf[256];
73 
74 	if ((fp = fopen(credFile, "a")) == NULL) {
75 		if (errDetails) {
76 			(void) snprintf(tmpBuf, sizeof (tmpBuf),
77 				gettext("Unable to open gsscred file [%s]"),
78 				credFile);
79 			*errDetails = strdup(tmpBuf);
80 		}
81 		return (0);
82 	}
83 
84 	(void) fprintf(fp,
85 		    "%s\t%s\t%s\n", (char *)hexName->value, uid, comment);
86 	(void) fclose(fp);
87 	return (1);
88 }  /* *******  file_addGssCredEntry ****** */
89 
90 
91 
92 /*
93  * file_getGssCredEntry
94  *
95  * Searches the file for the file matching the name.  Since the name
96  * contains a mechanism identifier, to search for all names for a given
97  * mechanism just supply the mechanism portion in the name buffer.
98  * To search by uid only, supply a non-null value of uid.
99  */
file_getGssCredEntry(const gss_buffer_t name,const char * uid,char ** errDetails)100 int file_getGssCredEntry(const gss_buffer_t name, const char *uid,
101 		char **errDetails)
102 {
103 	FILE *fp;
104 	char entry[MAX_ENTRY_LEN+1];
105 
106 	if ((fp = fopen(credFile, "r")) == NULL) {
107 
108 		if (errDetails) {
109 			(void) snprintf(entry, sizeof (entry),
110 				gettext("Unable to open gsscred file [%s]"),
111 				credFile);
112 			*errDetails = strdup(entry);
113 		}
114 
115 		return (0);
116 	}
117 
118 	/* go through the file in sequential order */
119 	while (fgets(entry, MAX_ENTRY_LEN, fp) != NULL) {
120 		/* is there any search criteria */
121 		if (name == NULL && uid == NULL) {
122 			(void) fprintf(stdout, "%s", entry);
123 			continue;
124 		}
125 
126 		if (matchEntry(entry, name, uid, NULL))
127 			(void) fprintf(stdout, "%s", entry);
128 
129 	}	 /* while */
130 
131 	(void) fclose(fp);
132 	return (1);
133 }  /* file_getGssCredEntry */
134 
135 /*
136  * file_getGssCredUid
137  *
138  * GSS entry point for retrieving user uid information.
139  * We need to go through the entire file to ensure that
140  * the last matching entry is retrieved - this is because
141  * new entries are added to the end, and in case of
142  * duplicates we want to get the latest entry.
143  */
144 int
file_getGssCredUid(const gss_buffer_t expName,uid_t * uidOut)145 file_getGssCredUid(const gss_buffer_t expName, uid_t *uidOut)
146 {
147 	FILE *fp;
148 	char entry[MAX_ENTRY_LEN+1];
149 	int retVal = 0;
150 
151 	if ((fp = fopen(credFile, "r")) == NULL)
152 		return (0);
153 
154 	/* go through the entire file in sequential order */
155 	while (fgets(entry, MAX_ENTRY_LEN, fp) != NULL) {
156 		if (matchEntry(entry, expName, NULL, uidOut)) {
157 			retVal = 1;
158 		}
159 	} /* while */
160 
161 	(void) fclose(fp);
162 	return (retVal);
163 } /* file_getGssCredUid */
164 
165 
166 
167 /*
168  *
169  * file_deleteGssCredEntry
170  *
171  * removes entries form file that match the delete criteria
172  */
file_deleteGssCredEntry(const gss_buffer_t name,const char * uid,char ** errDetails)173 int file_deleteGssCredEntry(const gss_buffer_t name, const char *uid,
174 		char **errDetails)
175 {
176 	FILE *fp, *tempFp;
177 	char entry[MAX_ENTRY_LEN+1];
178 	int foundOne = 0;
179 
180 	/* are we deleting everyone? */
181 	if (name == NULL && uid == NULL) {
182 
183 		if ((fp = fopen(credFile, "w")) == NULL) {
184 
185 			if (errDetails) {
186 				(void) snprintf(entry, sizeof (entry),
187 					gettext("Unable to open gsscred"
188 						" file [%s]"),
189 					credFile);
190 				*errDetails = strdup(entry);
191 			}
192 			return (0);
193 		}
194 
195 		(void) fclose(fp);
196 		return (1);
197 	}
198 
199 	/* selective delete - might still be everyone */
200 	if ((fp = fopen(credFile, "r")) == NULL) {
201 
202 		if (errDetails) {
203 			(void) snprintf(entry, sizeof (entry),
204 				gettext("Unable to open gsscred file [%s]"),
205 				credFile);
206 			*errDetails = strdup(entry);
207 		}
208 		return (0);
209 	}
210 
211 	/* also need to open temp file */
212 	if ((tempFp = fopen(credFileTmp, "w")) == NULL) {
213 		if (errDetails) {
214 			(void) snprintf(entry, sizeof (entry),
215 				gettext("Unable to open gsscred temporary"
216 					" file [%s]"),
217 				credFileTmp);
218 			*errDetails = strdup(entry);
219 		}
220 
221 		(void) fclose(fp);
222 		return (0);
223 	}
224 
225 	/* go through all the entries sequentially removing ones that match */
226 	while (fgets(entry, MAX_ENTRY_LEN, fp) != NULL) {
227 
228 		if (!matchEntry(entry, name, uid, NULL))
229 			(void) fputs(entry, tempFp);
230 		else
231 			foundOne = 1;
232 	}
233 	(void) fclose(tempFp);
234 	(void) fclose(fp);
235 
236 	/* now make the tempfile the gsscred file */
237 	(void) rename(credFileTmp, credFile);
238 	(void) unlink(credFileTmp);
239 
240 	if (!foundOne) {
241 		*errDetails = strdup(gettext("No users found"));
242 		return (0);
243 	}
244 	return (1);
245 }  /* file_deleteGssCredEntry */
246 
247 
248 
249 /*
250  *
251  * match entry
252  *
253  * checks if the specified entry matches the supplied criteria
254  * returns 1 if yes, 0 if no
255  * uidOut value can be used to retrieve the uid from the entry
256  * when the uid string is passed in, the uidOut value is not set
257  */
matchEntry(const char * entry,const gss_buffer_t name,const char * uid,uid_t * uidOut)258 static int matchEntry(const char *entry, const gss_buffer_t name,
259 		const char *uid, uid_t *uidOut)
260 {
261 	char fullEntry[MAX_ENTRY_LEN+1], *item, *item_buf, *name_buf;
262 	char dilims[] = "\t \n";
263 	/*
264 	 * item_len is the length of the token in the gsscred_db.
265 	 * name_len is the length of the token passed to this function.
266 	 */
267 	int item_len, name_len;
268 	/*
269 	 * This is the hex encoding of the beginning of all exported name
270 	 * tokens for the Kerberos V mechanism.  We need this to detect old,
271 	 * incorrectly exported name tokens; see below.
272 	 */
273 	char *krb5_ntok_prefix = "0401000B06092A864886F712010202";
274 	/*
275 	 * This is the hex encoded GSS_C_NT_USER_NAME OID, needed for the same
276 	 * reason as krb5_ntok_prefix.
277 	 */
278 	char *gss_u_name = "2A864886F71201020101";
279 
280 	if (entry == NULL || isspace(*entry))
281 		return (0);
282 
283 	/* save the entry since strtok will chop it up */
284 	(void) strcpy(fullEntry, entry);
285 
286 	if ((item = strtok(fullEntry, dilims)) == NULL)
287 		return (0);
288 
289 	/* do we need to search the name */
290 	if (name != NULL) {
291 
292 		item_len = strlen(item);
293 		name_len = name->length;
294 		name_buf = name->value;
295 
296 		/* we can match the prefix of the string */
297 		if (item_len < name_len)
298 			return (0);
299 
300 		if (strncmp(item, name->value, name_len) != 0) {
301 
302 			/*
303 			 * The following section is needed in order to detect
304 			 * two existing errant formats in the gsscred db.
305 			 *
306 			 * 1. Exported names that have a trailing null byte
307 			 * ("00" in two hex characters) with the name length
308 			 * incremented to account for the extra null byte.
309 			 *
310 			 * 2. Exported names that have the name type length
311 			 * and name type OID prepended to the exported name.
312 			 *
313 			 */
314 			if (strncmp(name->value, krb5_ntok_prefix,
315 			    strlen(krb5_ntok_prefix)) != 0)
316 				return (0);
317 
318 			if (strncmp(item, krb5_ntok_prefix,
319 			    strlen(krb5_ntok_prefix)) != 0)
320 				return (0);
321 
322 			if ((item_buf = strstr(item, gss_u_name)) == NULL)
323 				return (0);
324 
325 			item_buf += strlen(gss_u_name);
326 
327 			name_buf += NAME_OFFSET;
328 
329 			if ((strlen(item_buf) != strlen(name_buf)) &&
330 			    (strncmp(item_buf + (strlen(item_buf) - 2), "00", 2)
331 			    != 0))
332 				return (0);
333 
334 			/*
335 			 * Here we compare the end of name_len, given
336 			 * that item_len could have two extra "00"
337 			 * representing the null byte.
338 			 */
339 			if (strncmp(item_buf, name_buf, name_len - NAME_OFFSET)
340 			    != 0)
341 				return (0);
342 		} else
343 			/*
344 			 * We only strncmp() so we could check for old,
345 			 * broken exported name tokens for the krb5 mech.
346 			 * For any other exported name tokens we want exact
347 			 * matches only.
348 			 */
349 			if (item_len != name_len)
350 				return (0);
351 
352 		/* do we need to check the uid - if not then we found it */
353 		if (uid == NULL) {
354 			/* do we ned to parse out the uid ? */
355 			if (uidOut) {
356 				if ((item = strtok(NULL, dilims)) == NULL)
357 					return (0);
358 				*uidOut = atol(item);
359 			}
360 			return (1);
361 		}
362 
363 		/* continue with checking the uid */
364 	}
365 
366 	if (uid == NULL)
367 		return (1);
368 
369 	/* get the next token from the string - the uid */
370 	if ((item = strtok(NULL, dilims)) == NULL)
371 		return (0);
372 
373 	if (strcmp(item, uid) == 0)
374 		return (1);
375 
376 	return (0);
377 }  /* *******  matchEntry ****** */
378