aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl_sspi.c
blob: e14c451e1babb0e9724efef16b8ff7d212eb3529 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278

  /********************************************************************\
  * BitlBee -- An IRC to other IM-networks gateway                     *
  *                                                                    *
  * Copyright 2002-2004 Wilmer van der Gaast and others                *
  \********************************************************************/

/* SSL module - SSPI backend */

/* Copyright (C) 2005 Jelmer Vernooij <jelmer@samba.org> */

/*
  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License with
  the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
  if not, write to the Free Software Foundation, Inc., 59 Temple Place,
  Suite 330, Boston, MA  02111-1307  USA
*/

#include "ssl_client.h"
#include <windows.h>
#define SECURITY_WIN32
#include <security.h>
#include <sspi.h>
#include <schannel.h>
#include "sock.h"

static gboolean initialized = FALSE;
int ssl_errno;

struct scd
{
	int fd;
	ssl_input_function func;
	gpointer data;
	gboolean established;
  	CredHandle cred;		/* SSL credentials */
	CtxtHandle context;		/* SSL context */
	SecPkgContext_StreamSizes sizes;

	char *host;

	char *pending_raw_data;
	gsize pending_raw_data_len;
	char *pending_data;
	gsize pending_data_len;
};

static void ssl_connected(gpointer, gint, GaimInputCondition);

void sspi_global_init(void)
{
	/* FIXME */
}

void sspi_global_deinit(void)
{
	/* FIXME */
}

void *ssl_connect(char *host, int port, ssl_input_function func, gpointer data)
{
	struct scd *conn = g_new0(struct scd, 1);
		
	conn->fd = proxy_connect(host, port, ssl_connected, conn);
	sock_make_nonblocking(conn->fd);
	conn->func = func;
	conn->data = data;
	conn->host = g_strdup(host);
	
	if (conn->fd < 0)
	{
		g_free(conn);
		return NULL;
	}
	
	if (!initialized)
	{
		sspi_global_init();
		initialized = TRUE;
		atexit(sspi_global_deinit);
	}

	return conn;
}

static void ssl_connected(gpointer _conn, gint fd, GaimInputCondition cond)
{
	struct scd *conn = _conn;
	SCHANNEL_CRED ssl_cred;
	TimeStamp timestamp;
	SecBuffer ibuf[2],obuf[1];
	SecBufferDesc ibufs,obufs;
	ULONG req = ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT |
    	ISC_REQ_CONFIDENTIALITY | ISC_REQ_USE_SESSION_KEY |
      	ISC_REQ_ALLOCATE_MEMORY | ISC_REQ_STREAM | ISC_REQ_EXTENDED_ERROR |
		ISC_REQ_MANUAL_CRED_VALIDATION;
	ULONG a;
	gsize size = 0;
	gchar *data = NULL;

	memset(&ssl_cred, 0, sizeof(SCHANNEL_CRED));
	ssl_cred.dwVersion = SCHANNEL_CRED_VERSION;
	ssl_cred.grbitEnabledProtocols = SP_PROT_SSL3_CLIENT;

	SECURITY_STATUS st = AcquireCredentialsHandle(NULL, UNISP_NAME, SECPKG_CRED_OUTBOUND, NULL, &ssl_cred, NULL, NULL, &conn->cred, &timestamp);

	if (st != SEC_E_OK) {
		conn->func(conn->data, NULL, cond);
		return;
	}
	
	do {
		/* initialize buffers */
	    ibuf[0].cbBuffer = size; ibuf[0].pvBuffer = data;
	    ibuf[1].cbBuffer = 0; ibuf[1].pvBuffer = NULL;
	    obuf[0].cbBuffer = 0; obuf[0].pvBuffer = NULL;
    	ibuf[0].BufferType = obuf[0].BufferType = SECBUFFER_TOKEN;
	    ibuf[1].BufferType = SECBUFFER_EMPTY;

		/* initialize buffer descriptors */
	    ibufs.ulVersion = obufs.ulVersion = SECBUFFER_VERSION;
	    ibufs.cBuffers = 2; obufs.cBuffers = 1;
	    ibufs.pBuffers = ibuf; obufs.pBuffers = obuf;

		st = InitializeSecurityContext(&conn->cred, size?&conn->context:NULL, conn->host, req, 0, SECURITY_NETWORK_DREP, size?&ibufs:NULL, 0, &conn->context, &obufs, &a, &timestamp);  
    	if (obuf[0].pvBuffer && obuf[0].cbBuffer) {
			/* FIXME: Check return value */
			send(conn->fd, obuf[0].pvBuffer, obuf[0].cbBuffer, 0);
		}

		switch (st) {
		case SEC_I_INCOMPLETE_CREDENTIALS:
			break;
		case SEC_I_CONTINUE_NEEDED:
			break;
		case SEC_E_INCOMPLETE_MESSAGE:
			break;
		case SEC_E_OK:
			break;
		}
	
		QueryContextAttributes(&conn->context, SECPKG_ATTR_STREAM_SIZES, &conn->sizes);
	} while (1);

	conn->func(conn->data, conn, cond);
}

int ssl_read(void *conn, char *retdata, int len)
{
	struct scd *scd = conn;
	SecBufferDesc msg;
	SecBuffer buf[4];
	int ret = -1, i;
	char *data = g_malloc(scd->sizes.cbHeader + scd->sizes.cbMaximumMessage + scd->sizes.cbTrailer);

	/* FIXME: Try to read some data */

  	msg.ulVersion = SECBUFFER_VERSION;
	msg.cBuffers = 4;
	msg.pBuffers = buf;
	
	buf[0].BufferType = SECBUFFER_DATA;
	buf[0].cbBuffer = len;
	buf[0].pvBuffer = data;

	buf[1].BufferType = SECBUFFER_EMPTY;
	buf[2].BufferType = SECBUFFER_EMPTY;
	buf[3].BufferType = SECBUFFER_EMPTY;

	SECURITY_STATUS st = DecryptMessage(&scd->context, &msg, 0, NULL);

	if (st != SEC_E_OK) {
		/* FIXME */
		return -1;
	}

	for (i = 0; i < 4; i++) {
		if (buf[i].BufferType == SECBUFFER_DATA) {
			memcpy(retdata, buf[i].pvBuffer, len);
			ret = len;
		}	
	}

	g_free(data);
	return -1;
}

int ssl_write(void *conn, const char *userdata, int len)
{
	struct scd *scd = conn;
	SecBuffer buf[4];
	SecBufferDesc msg;
	char *data;
	int ret;

	msg.ulVersion = SECBUFFER_VERSION;
	msg.cBuffers = 4;
	msg.pBuffers = buf;

	data = g_malloc(scd->sizes.cbHeader + scd->sizes.cbMaximumMessage + scd->sizes.cbTrailer);
	memcpy(data + scd->sizes.cbHeader, userdata, len);

	buf[0].BufferType = SECBUFFER_STREAM_HEADER;
	buf[0].cbBuffer = scd->sizes.cbHeader;
	buf[0].pvBuffer = data;

	buf[1].BufferType = SECBUFFER_DATA;
	buf[1].cbBuffer = len;
	buf[1].pvBuffer = data + scd->sizes.cbHeader;

	buf[2].BufferType = SECBUFFER_STREAM_TRAILER;
	buf[2].cbBuffer = scd->sizes.cbTrailer;
	buf[2].pvBuffer = data + scd->sizes.cbHeader + len;
	buf[3].BufferType = SECBUFFER_EMPTY;

	SECURITY_STATUS st = EncryptMessage(&scd->context, 0, &msg, 0);

	ret = send(scd->fd, data, 
				buf[0].cbBuffer + buf[1].cbBuffer + buf[2].cbBuffer, 0);

	g_free(data);

	return ret;
}

void ssl_disconnect(void *conn)
{
	struct scd *scd = conn;

	SecBufferDesc msg;
	SecBuffer buf;
	DWORD dw;

	dw = SCHANNEL_SHUTDOWN;
	buf.cbBuffer = sizeof(dw);
	buf.BufferType = SECBUFFER_TOKEN;
	buf.pvBuffer = &dw;
	
	msg.ulVersion = SECBUFFER_VERSION;
	msg.cBuffers = 1;
	msg.pBuffers = &buf;

	SECURITY_STATUS st = ApplyControlToken(&scd->context, &msg);

	if (st != SEC_E_OK) {
		/* FIXME */
	}
	
	/* FIXME: call InitializeSecurityContext(Schannel), passing 
	 * in empty buffers*/

	DeleteSecurityContext(&scd->context);

	FreeCredentialsHandle(&scd->cred);

	closesocket(scd->fd);
	g_free(scd->host);
	g_free(scd);
}

int ssl_getfd(void *conn)
{
	return ((struct scd*)conn)->fd;
}

GaimInputCondition ssl_getdirection( void *conn )
{
	return B_EV_IO_WRITE; /* FIXME: or B_EV_IO_READ */
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-05 05:59:35 +0000
="w"> = ret->str; g_string_free( ret, FALSE ); return( str ); } /* Decode%20a%20file%20name */ void http_decode( char *s ) { char *t; int i, j, k; t = g_new( char, strlen( s ) + 1 ); for( i = j = 0; s[i]; i ++, j ++ ) { if( s[i] == '%' ) { if( sscanf( s + i + 1, "%2x", &k ) ) { t[j] = k; i += 2; } else { *t = 0; break; } } else { t[j] = s[i]; } } t[j] = 0; strcpy( s, t ); g_free( t ); } /* Warning: This one explodes the string. Worst-cases can make the string 3x its original size! */ /* This fuction is safe, but make sure you call it safely as well! */ void http_encode( char *s ) { char *t; int i, j; t = g_strdup( s ); for( i = j = 0; t[i]; i ++, j ++ ) { /* if( t[i] <= ' ' || ((unsigned char *)t)[i] >= 128 || t[i] == '%' ) */ if( !isalnum( t[i] ) ) { sprintf( s + j, "%%%02X", ((unsigned char*)t)[i] ); j += 2; } else { s[j] = t[i]; } } s[j] = 0; g_free( t ); } /* Strip newlines from a string. Modifies the string passed to it. */ char *strip_newlines( char *source ) { int i; for( i = 0; source[i] != '\0'; i ++ ) if( source[i] == '\n' || source[i] == '\r' ) source[i] = ' '; return source; } /* Wrap an IPv4 address into IPv6 space. Not thread-safe... */ char *ipv6_wrap( char *src ) { static char dst[64]; int i; for( i = 0; src[i]; i ++ ) if( ( src[i] < '0' || src[i] > '9' ) && src[i] != '.' ) break; /* Hmm, it's not even an IP... */ if( src[i] ) return src; g_snprintf( dst, sizeof( dst ), "::ffff:%s", src ); return dst; } /* Unwrap an IPv4 address into IPv6 space. Thread-safe, because it's very simple. :-) */ char *ipv6_unwrap( char *src ) { int i; if( g_strncasecmp( src, "::ffff:", 7 ) != 0 ) return src; for( i = 7; src[i]; i ++ ) if( ( src[i] < '0' || src[i] > '9' ) && src[i] != '.' ) break; /* Hmm, it's not even an IP... */ if( src[i] ) return src; return ( src + 7 ); } /* Convert from one charset to another. from_cs, to_cs: Source and destination charsets src, dst: Source and destination strings size: Size if src. 0 == use strlen(). strlen() is not reliable for UNICODE/UTF16 strings though. maxbuf: Maximum number of bytes to write to dst Returns the number of bytes written to maxbuf or -1 on an error. */ signed int do_iconv( char *from_cs, char *to_cs, char *src, char *dst, size_t size, size_t maxbuf ) { GIConv cd; size_t res; size_t inbytesleft, outbytesleft; char *inbuf = src; char *outbuf = dst; cd = g_iconv_open( to_cs, from_cs ); if( cd == (GIConv) -1 ) return( -1 ); inbytesleft = size ? size : strlen( src ); outbytesleft = maxbuf - 1; res = g_iconv( cd, &inbuf, &inbytesleft, &outbuf, &outbytesleft ); *outbuf = '\0'; g_iconv_close( cd ); if( res == (size_t) -1 ) return( -1 ); else return( outbuf - dst ); } /* A pretty reliable random number generator. Tries to use the /dev/random devices first, and falls back to the random number generator from libc when it fails. Opens randomizer devices with O_NONBLOCK to make sure a lack of entropy won't halt BitlBee. */ void random_bytes( unsigned char *buf, int count ) { #ifndef _WIN32 static int use_dev = -1; /* Actually this probing code isn't really necessary, is it? */ if( use_dev == -1 ) { if( access( "/dev/random", R_OK ) == 0 || access( "/dev/urandom", R_OK ) == 0 ) use_dev = 1; else { use_dev = 0; srand( ( getpid() << 16 ) ^ time( NULL ) ); } } if( use_dev ) { int fd; /* At least on Linux, /dev/random can block if there's not enough entropy. We really don't want that, so if it can't give anything, use /dev/urandom instead. */ if( ( fd = open( "/dev/random", O_RDONLY | O_NONBLOCK ) ) >= 0 ) if( read( fd, buf, count ) == count ) { close( fd ); return; } close( fd ); /* urandom isn't supposed to block at all, but just to be sure. If it blocks, we'll disable use_dev and use the libc randomizer instead. */ if( ( fd = open( "/dev/urandom", O_RDONLY | O_NONBLOCK ) ) >= 0 ) if( read( fd, buf, count ) == count ) { close( fd ); return; } close( fd ); /* If /dev/random blocks once, we'll still try to use it again next time. If /dev/urandom also fails for some reason, stick with libc during this session. */ use_dev = 0; srand( ( getpid() << 16 ) ^ time( NULL ) ); } if( !use_dev ) #endif { int i; /* Possibly the LSB of rand() isn't very random on some platforms. Seems okay on at least Linux and OSX though. */ for( i = 0; i < count; i ++ ) buf[i] = rand() & 0xff; } } int is_bool( char *value ) { if( *value == 0 ) return 0; if( ( g_strcasecmp( value, "true" ) == 0 ) || ( g_strcasecmp( value, "yes" ) == 0 ) || ( g_strcasecmp( value, "on" ) == 0 ) ) return 1; if( ( g_strcasecmp( value, "false" ) == 0 ) || ( g_strcasecmp( value, "no" ) == 0 ) || ( g_strcasecmp( value, "off" ) == 0 ) ) return 1; while( *value ) if( !isdigit( *value ) ) return 0; else value ++; return 1; } int bool2int( char *value ) { int i; if( ( g_strcasecmp( value, "true" ) == 0 ) || ( g_strcasecmp( value, "yes" ) == 0 ) || ( g_strcasecmp( value, "on" ) == 0 ) ) return 1; if( ( g_strcasecmp( value, "false" ) == 0 ) || ( g_strcasecmp( value, "no" ) == 0 ) || ( g_strcasecmp( value, "off" ) == 0 ) ) return 0; if( sscanf( value, "%d", &i ) == 1 ) return i; return 0; } struct ns_srv_reply *srv_lookup( char *service, char *protocol, char *domain ) { struct ns_srv_reply *reply = NULL; #ifdef HAVE_RESOLV_A char name[1024]; unsigned char querybuf[1024]; const unsigned char *buf; ns_msg nsh; ns_rr rr; int i, len, size; g_snprintf( name, sizeof( name ), "_%s._%s.%s", service, protocol, domain ); if( ( size = res_query( name, ns_c_in, ns_t_srv, querybuf, sizeof( querybuf ) ) ) <= 0 ) return NULL; if( ns_initparse( querybuf, size, &nsh ) != 0 ) return NULL; if( ns_parserr( &nsh, ns_s_an, 0, &rr ) != 0 ) return NULL; size = ns_rr_rdlen( rr ); buf = ns_rr_rdata( rr ); len = 0; for( i = 6; i < size && buf[i]; i += buf[i] + 1 ) len += buf[i] + 1; if( i > size ) return NULL; reply = g_malloc( sizeof( struct ns_srv_reply ) + len ); memcpy( reply->name, buf + 7, len ); for( i = buf[6]; i < len && buf[7+i]; i += buf[7+i] + 1 ) reply->name[i] = '.'; if( i > len ) { g_free( reply ); return NULL; } reply->prio = ( buf[0] << 8 ) | buf[1]; reply->weight = ( buf[2] << 8 ) | buf[3]; reply->port = ( buf[4] << 8 ) | buf[5]; #endif return reply; } /* Word wrapping. Yes, I know this isn't UTF-8 clean. I'm willing to take the risk. */ char *word_wrap( const char *msg, int line_len ) { GString *ret = g_string_sized_new( strlen( msg ) + 16 ); while( strlen( msg ) > line_len ) { int i; /* First try to find out if there's a newline already. Don't want to add more splits than necessary. */ for( i = line_len; i > 0 && msg[i] != '\n'; i -- ); if( msg[i] == '\n' ) { g_string_append_len( ret, msg, i + 1 ); msg += i + 1; continue; } for( i = line_len; i > 0; i -- ) { if( msg[i] == '-' ) { g_string_append_len( ret, msg, i + 1 ); g_string_append_c( ret, '\n' ); msg += i + 1; break; } else if( msg[i] == ' ' ) { g_string_append_len( ret, msg, i ); g_string_append_c( ret, '\n' ); msg += i + 1; break; } } if( i == 0 ) { g_string_append_len( ret, msg, line_len ); g_string_append_c( ret, '\n' ); msg += line_len; } } g_string_append( ret, msg ); return g_string_free( ret, FALSE ); } gboolean ssl_sockerr_again( void *ssl ) { if( ssl ) return ssl_errno == SSL_AGAIN; else return sockerr_again(); } /* Returns values: -1 == Failure (base64-decoded to something unexpected) 0 == Okay 1 == Password doesn't match the hash. */ int md5_verify_password( char *password, char *hash ) { md5_byte_t *pass_dec = NULL; md5_byte_t pass_md5[16]; md5_state_t md5_state; int ret = -1, i; if( base64_decode( hash, &pass_dec ) == 21 ) { md5_init( &md5_state ); md5_append( &md5_state, (md5_byte_t*) password, strlen( password ) ); md5_append( &md5_state, (md5_byte_t*) pass_dec + 16, 5 ); /* Hmmm, salt! */ md5_finish( &md5_state, pass_md5 ); for( i = 0; i < 16; i ++ ) { if( pass_dec[i] != pass_md5[i] ) { ret = 1; break; } } /* If we reached the end of the loop, it was a match! */ if( i == 16 ) ret = 0; } g_free( pass_dec ); return ret; }
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-05 05:59:34 +0000