* Copyright (c) 1991 The Regents of the University of California.
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
static char sccsid
[] = "@(#)kerberos.c 5.2 (Berkeley) 3/22/91";
* Copyright (C) 1990 by the Massachusetts Institute of Technology
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
#include <des.h> /* BSD wont include this in krb.h, so we do it here */
#if defined(__NEED_ENCRYPT__) && !defined(ENCRYPT)
int cksum
P((unsigned char *, int));
int krb_mk_req
P((KTEXT
, char *, char *, char *, u_long
));
int krb_rd_req
P((KTEXT
, char *, char *, u_long
, AUTH_DAT
*, char *));
int krb_kntoln
P((AUTH_DAT
*, char *));
int krb_get_cred
P((char *, char *, char *, CREDENTIALS
*));
int krb_get_lrealm
P((char *, int));
int kuserok
P((AUTH_DAT
*, char *));
static unsigned char str_data
[1024] = { IAC
, SB
, TELOPT_AUTHENTICATION
, 0,
static unsigned char str_name
[1024] = { IAC
, SB
, TELOPT_AUTHENTICATION
,
#define KRB_AUTH 0 /* Authentication data follows */
#define KRB_REJECT 1 /* Rejected (reason might follow) */
#define KRB_ACCEPT 2 /* Accepted */
#define KRB_CHALLANGE 3 /* Challange for mutual auth. */
#define KRB_RESPONSE 4 /* Response for mutual auth. */
static char name
[ANAME_SZ
];
static AUTH_DAT adat
= { 0 };
static Block session_key
= { 0 };
static Block challange
= { 0 };
unsigned char *p
= str_data
+ 4;
unsigned char *cd
= (unsigned char *)d
;
printf("%s:%d: [%d] (%d)",
str_data
[3] == TELQUAL_IS
? ">>>IS" : ">>>REPLY",
if ((*p
++ = *cd
++) == IAC
)
if (str_data
[3] == TELQUAL_IS
)
printsub('>', &str_data
[2], p
- (&str_data
[2]));
return(net_write(str_data
, p
- str_data
));
kerberos4_init(ap
, server
)
str_data
[3] = TELQUAL_REPLY
;
str_data
[3] = TELQUAL_IS
;
char dst_realm_buf
[REALM_SZ
], *dest_realm
= NULL
;
int dst_realm_sz
= REALM_SZ
;
if (!UserNameRequested
) {
printf("Kerberos V4: no user name supplied\r\n");
bzero(instance
, sizeof(instance
));
if (realm
= krb_get_phost(RemoteHostName
))
strncpy(instance
, realm
, sizeof(instance
));
instance
[sizeof(instance
)-1] = '\0';
realm
= dest_realm
? dest_realm
: krb_realmofhost(RemoteHostName
);
printf("Kerberos V4: no realm for %s\r\n", RemoteHostName
);
if (r
= krb_mk_req(&auth
, "rcmd", instance
, realm
, 0L)) {
printf("mk_req failed: %s\r\n", krb_err_txt
[r
]);
if (r
= krb_get_cred("rcmd", instance
, realm
, &cred
)) {
printf("get_cred failed: %s\r\n", krb_err_txt
[r
]);
if (!auth_sendname(UserNameRequested
, strlen(UserNameRequested
))) {
printf("Not enough room for user name\r\n");
printf("Sent %d bytes of authentication data\r\n", auth
.length
);
if (!Data(ap
, KRB_AUTH
, (void *)auth
.dat
, auth
.length
)) {
printf("Not enough room for authentication data\r\n");
* If we are doing mutual authentication, get set up to send
* the challange, and verify it when the response comes back.
if ((ap
->way
& AUTH_HOW_MASK
) == AUTH_HOW_MUTUAL
) {
des_key_sched(cred
.session
, sched
);
des_set_random_generator_seed(cred
.session
);
des_new_random_key(challange
);
des_ecb_encrypt(challange
, session_key
, sched
, 1);
* Increment the challange by 1, and encrypt it for
for (i
= 7; i
>= 0; --i
) {
x
= (unsigned int)challange
[i
] + 1;
challange
[i
] = x
; /* ignore overflow */
if (x
< 256) /* if no overflow, all done */
des_ecb_encrypt(challange
, challange
, sched
, 1);
printf("CK: %d:", cksum(auth
.dat
, auth
.length
));
printd(auth
.dat
, auth
.length
);
printf("Sent Kerberos V4 credentials to server\r\n");
kerberos4_is(ap
, data
, cnt
)
if (krb_get_lrealm(realm
, 1) != KSUCCESS
) {
Data(ap
, KRB_REJECT
, (void *)"No local V4 Realm.", -1);
auth_finished(ap
, AUTH_REJECT
);
printf("No local realm\r\n");
bcopy((void *)data
, (void *)auth
.dat
, auth
.length
= cnt
);
printf("Got %d bytes of authentication data\r\n", cnt
);
printf("CK: %d:", cksum(auth
.dat
, auth
.length
));
printd(auth
.dat
, auth
.length
);
instance
[0] = '*'; instance
[1] = 0;
if (r
= krb_rd_req(&auth
, "rcmd", instance
, 0, &adat
, "")) {
printf("Kerberos failed him as %s\r\n", name
);
Data(ap
, KRB_REJECT
, (void *)krb_err_txt
[r
], -1);
auth_finished(ap
, AUTH_REJECT
);
bcopy((void *)adat
.session
, (void *)session_key
, sizeof(Block
));
Data(ap
, KRB_ACCEPT
, (void *)0, 0);
auth_finished(ap
, AUTH_USER
);
printf("Kerberos accepting him as %s\r\n", name
);
if (!VALIDKEY(session_key
)) {
* We don't have a valid session key, so just
* send back a response with an empty session
Data(ap
, KRB_RESPONSE
, (void *)0, 0);
des_key_sched(session_key
, sched
);
bcopy((void *)data
, (void *)datablock
, sizeof(Block
));
* Take the received encrypted challange, and encrypt
* it again to get a unique session_key for the
des_ecb_encrypt(datablock
, session_key
, sched
, 1);
encrypt_session_key(&skey
, 1);
* Now decrypt the received encrypted challange,
* increment by one, re-encrypt it and send it back.
des_ecb_encrypt(datablock
, challange
, sched
, 0);
for (r
= 7; r
>= 0; r
++) {
t
= (unsigned int)challange
[r
] + 1;
challange
[r
] = t
; /* ignore overflow */
if (t
< 256) /* if no overflow, all done */
des_ecb_encrypt(challange
, challange
, sched
, 1);
Data(ap
, KRB_RESPONSE
, (void *)challange
, sizeof(challange
));
printf("Unknown Kerberos option %d\r\n", data
[-1]);
Data(ap
, KRB_REJECT
, 0, 0);
kerberos4_reply(ap
, data
, cnt
)
printf("[ Kerberos V4 refuses authentication because %.*s ]\r\n",
printf("[ Kerberos V4 refuses authentication ]\r\n");
printf("[ Kerberos V4 accepts you ]\n");
if ((ap
->way
& AUTH_HOW_MASK
) == AUTH_HOW_MUTUAL
) {
* Send over the encrypted challange.
Data(ap
, KRB_CHALLANGE
, (void *)session_key
,
des_ecb_encrypt(session_key
, session_key
, sched
, 1);
encrypt_session_key(&skey
, 0);
auth_finished(ap
, AUTH_USER
);
* Verify that the response to the challange is correct.
if ((cnt
!= sizeof(Block
)) ||
(0 != memcmp((void *)data
, (void *)challange
,
printf("[ Kerberos V4 challange failed!!! ]\r\n");
printf("[ Kerberos V4 challange successful ]\r\n");
auth_finished(ap
, AUTH_USER
);
printf("Unknown Kerberos option %d\r\n", data
[-1]);
kerberos4_status(ap
, name
, level
)
if (UserNameRequested
&& !kuserok(&adat
, UserNameRequested
)) {
strcpy(name
, UserNameRequested
);
#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
kerberos4_printsub(data
, cnt
, buf
, buflen
)
unsigned char *data
, *buf
;
buf
[buflen
-1] = '\0'; /* make sure its NULL terminated */
case KRB_REJECT
: /* Rejected (reason might follow) */
strncpy((char *)buf
, " REJECT ", buflen
);
case KRB_ACCEPT
: /* Accepted (name might follow) */
strncpy((char *)buf
, " ACCEPT ", buflen
);
for (i
= 4; i
< cnt
; i
++)
ADDC(buf
, buflen
, data
[i
]);
case KRB_AUTH
: /* Authentication data follows */
strncpy((char *)buf
, " AUTH", buflen
);
strncpy((char *)buf
, " CHALLANGE", buflen
);
strncpy((char *)buf
, " RESPONSE", buflen
);
sprintf(lbuf
, " %d (unknown)", data
[3]);
strncpy((char *)buf
, lbuf
, buflen
);
for (i
= 4; i
< cnt
; i
++) {
sprintf(lbuf
, " %d", data
[i
]);
strncpy((char *)buf
, lbuf
, buflen
);