📄 krb5-security.c
字号:
/* * Amanda, The Advanced Maryland Automatic Network Disk Archiver * Copyright (c) 1999 University of Maryland * All Rights Reserved. * * Permission to use, copy, modify, distribute, and sell this software and its * documentation for any purpose is hereby granted without fee, provided that * the above copyright notice appear in all copies and that both that * copyright notice and this permission notice appear in supporting * documentation, and that the name of U.M. not be used in advertising or * publicity pertaining to distribution of the software without specific, * written prior permission. U.M. makes no representations about the * suitability of this software for any purpose. It is provided "as is" * without express or implied warranty. * * U.M. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL U.M. * BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * * Authors: the Amanda Development Team. Its members are listed in a * file named AUTHORS, in the root directory of this distribution. *//* * $Id: krb5-security.c,v 1.22 2006/06/16 10:55:05 martinea Exp $ * * krb5-security.c - kerberos V5 security module * * XXX still need to check for initial keyword on connect so we can skip * over shell garbage and other stuff that krb5 might want to spew out. */#include "amanda.h"#include "util.h"#include "event.h"#include "packet.h"#include "queue.h"#include "security.h"#include "security-util.h"#include "stream.h"#include "version.h"#include "sockaddr-util.h"#ifdef KRB5_HEIMDAL_INCLUDES#include "com_err.h"#endif#define BROKEN_MEMORY_CCACHE#ifdef BROKEN_MEMORY_CCACHE/* * If you don't have atexit() or on_exit(), you could just consider * making atexit() empty and clean up your ticket files some other * way */#ifndef HAVE_ATEXIT#ifdef HAVE_ON_EXIT#define atexit(func) on_exit(func, 0)#else#define atexit(func) (you must to resolve lack of atexit)#endif /* HAVE_ON_EXIT */#endif /* ! HAVE_ATEXIT */#endif#ifndef KRB5_HEIMDAL_INCLUDES#include <gssapi/gssapi_generic.h>#else#include <gssapi/gssapi.h>#endif#include <krb5.h>#ifndef KRB5_ENV_CCNAME#define KRB5_ENV_CCNAME "KRB5CCNAME"#endif/* * consider undefining when kdestroy() is fixed. The current version does * not work under krb5-1.2.4 in rh7.3, perhaps others. */#define KDESTROY_VIA_UNLINK 1/* * Where the keytab lives, if defined. Otherwise it expects something in the * config file. *//* #define AMANDA_KEYTAB "/.amanda-v5-keytab" *//* * The name of the principal we authenticate with, if defined. Otherwise * it expects something in the config file. *//* #define AMANDA_PRINCIPAL "service/amanda" *//* * The lifetime of our tickets in seconds. This may or may not need to be * configurable. */#define AMANDA_TKT_LIFETIME (12*60*60)/* * The name of the service in /etc/services. This probably shouldn't be * configurable. */#define AMANDA_KRB5_SERVICE_NAME "k5amanda"/* * The default port to use if above entry in /etc/services doesn't exist */#define AMANDA_KRB5_DEFAULT_PORT 10082/* * The timeout in seconds for each step of the GSS negotiation phase */#define GSS_TIMEOUT 30/* * The largest buffer we can send/receive. */#define AMANDA_MAX_TOK_SIZE (MAX_TAPE_BLOCK_BYTES * 4)/* * This is the tcp stream buffer size */#define KRB5_STREAM_BUFSIZE (MAX_TAPE_BLOCK_BYTES * 2)/* * This is the max number of outgoing connections we can have at once. * planner/amcheck/etc will open a bunch of connections as it tries * to contact everything. We need to limit this to avoid blowing * the max number of open file descriptors a process can have. */#define AMANDA_KRB5_MAXCONN 40/* * Number of seconds krb5 has to start up */#define CONNECT_TIMEOUT 20/* * Cache the local hostname */static char myhostname[MAX_HOSTNAME_LENGTH+1];/* * Interface functions */static void krb5_accept(const struct security_driver *, char *(*)(char *, void *), int, int, void (*)(security_handle_t *, pkt_t *), void *);static void krb5_connect(const char *, char *(*)(char *, void *), void (*)(void *, security_handle_t *, security_status_t), void *, void *);static void krb5_init(void);#ifdef BROKEN_MEMORY_CCACHEstatic void cleanup(void);#endifstatic const char *get_tgt(char *keytab_name, char *principal_name);static int gss_server(struct tcp_conn *);static int gss_client(struct sec_handle *);static const char *gss_error(OM_uint32, OM_uint32);static char *krb5_checkuser(char *host, char *name, char *realm);static int k5_encrypt(void *cookie, void *buf, ssize_t buflen, void **encbuf, ssize_t *encbuflen);static int k5_decrypt(void *cookie, void *buf, ssize_t buflen, void **encbuf, ssize_t *encbuflen);/* * This is our interface to the outside world. */const security_driver_t krb5_security_driver = { "KRB5", krb5_connect, krb5_accept, sec_close, stream_sendpkt, stream_recvpkt, stream_recvpkt_cancel, tcpma_stream_server, tcpma_stream_accept, tcpma_stream_client, tcpma_stream_close, sec_stream_auth, sec_stream_id, tcpm_stream_write, tcpm_stream_read, tcpm_stream_read_sync, tcpm_stream_read_cancel, tcpm_close_connection, k5_encrypt, k5_decrypt,};static int newhandle = 1;/* * Local functions */static int runkrb5(struct sec_handle *);char *keytab_name;char *principal_name;/* * krb5 version of a security handle allocator. Logically sets * up a network "connection". */static voidkrb5_connect( const char *hostname, char * (*conf_fn)(char *, void *), void (*fn)(void *, security_handle_t *, security_status_t), void * arg, void * datap){ struct sec_handle *rh; int result; char *canonname; assert(fn != NULL); assert(hostname != NULL); auth_debug(1, "krb5: krb5_connect: %s\n", hostname); krb5_init(); rh = alloc(sizeof(*rh)); security_handleinit(&rh->sech, &krb5_security_driver); rh->hostname = NULL; rh->rs = NULL; rh->ev_timeout = NULL; rh->rc = NULL; result = resolve_hostname(hostname, 0, NULL, &canonname); if(result != 0) { dbprintf(_("resolve_hostname(%s): %s\n"), hostname, gai_strerror(result)); security_seterror(&rh->sech, _("resolve_hostname(%s): %s\n"), hostname, gai_strerror(result)); (*fn)(arg, &rh->sech, S_ERROR); return; } if (canonname == NULL) { dbprintf(_("resolve_hostname(%s) did not return a canonical name\n"), hostname); security_seterror(&rh->sech, _("resolve_hostname(%s) did not return a canonical name\n"), hostname); (*fn)(arg, &rh->sech, S_ERROR); return; } rh->hostname = canonname; /* will be replaced */ canonname = NULL; /* steal reference */ rh->rs = tcpma_stream_client(rh, newhandle++); rh->rc->conf_fn = conf_fn; rh->rc->datap = datap; rh->rc->recv_security_ok = NULL; rh->rc->prefix_packet = NULL; if (rh->rs == NULL) goto error; amfree(rh->hostname); rh->hostname = stralloc(rh->rs->rc->hostname);#ifdef AMANDA_KEYTAB keytab_name = AMANDA_KEYTAB;#else if(conf_fn) { keytab_name = conf_fn("krb5keytab", datap); }#endif#ifdef AMANDA_PRINCIPAL principal_name = AMANDA_PRINCIPAL;#else if(conf_fn) { principal_name = conf_fn("krb5principal", datap); }#endif /* * We need to open a new connection. * * XXX need to eventually limit number of outgoing connections here. */ if(rh->rc->read == -1) { if (runkrb5(rh) < 0) goto error; rh->rc->refcnt++; } /* * The socket will be opened async so hosts that are down won't * block everything. We need to register a write event * so we will know when the socket comes alive. * * Overload rh->rs->ev_read to provide a write event handle. * We also register a timeout. */ rh->fn.connect = fn; rh->arg = arg; rh->rs->ev_read = event_register((event_id_t)(rh->rs->rc->write), EV_WRITEFD, sec_connect_callback, rh); rh->ev_timeout = event_register(CONNECT_TIMEOUT, EV_TIME, sec_connect_timeout, rh); amfree(canonname); return;error: amfree(canonname); (*fn)(arg, &rh->sech, S_ERROR);}/* * Setup to handle new incoming connections */static voidkrb5_accept( const struct security_driver *driver, char *(*conf_fn)(char *, void *), int in, int out, void (*fn)(security_handle_t *, pkt_t *), void *datap){ struct sockaddr_storage sin; socklen_t len; struct tcp_conn *rc; char hostname[NI_MAXHOST]; int result; char *errmsg = NULL; krb5_init(); len = sizeof(sin); if (getpeername(in, (struct sockaddr *)&sin, &len) < 0) { dbprintf(_("getpeername returned: %s\n"), strerror(errno)); return; } if ((result = getnameinfo((struct sockaddr *)&sin, len, hostname, NI_MAXHOST, NULL, 0, 0) != 0)) { dbprintf(_("getnameinfo failed: %s\n"), gai_strerror(result)); return; } if (check_name_give_sockaddr(hostname, (struct sockaddr *)&sin, &errmsg) < 0) { dbprintf(_("check_name_give_sockaddr(%s): %s\n"), hostname, errmsg); amfree(errmsg); return; } rc = sec_tcp_conn_get(hostname, 0); rc->conf_fn = conf_fn; rc->datap = datap; rc->recv_security_ok = NULL; rc->prefix_packet = NULL; copy_sockaddr(&rc->peer, &sin); rc->read = in; rc->write = out; rc->driver = driver; if (gss_server(rc) < 0) error("gss_server failed: %s\n", rc->errmsg); rc->accept_fn = fn; sec_tcp_conn_read(rc);}/* * Forks a krb5 to the host listed in rc->hostname * Returns negative on error, with an errmsg in rc->errmsg. */static intrunkrb5( struct sec_handle * rh){ struct servent * sp; int server_socket; in_port_t my_port, port; struct tcp_conn * rc = rh->rc; const char *err; if ((sp = getservbyname(AMANDA_KRB5_SERVICE_NAME, "tcp")) == NULL) port = htons(AMANDA_KRB5_DEFAULT_PORT); else port = sp->s_port; if ((err = get_tgt(keytab_name, principal_name)) != NULL) { security_seterror(&rh->sech, "%s: could not get TGT: %s", rc->hostname, err); return -1;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -