From 573198182b708d352534574570efefd97202375d Mon Sep 17 00:00:00 2001 From: Philipp Eder Date: Thu, 24 Oct 2024 12:59:03 +0000 Subject: [PATCH] Add: krb5_gss_session_key, krb5_error_code_to_string Adds new nasl functions: - krb5_gss_session_key: to extract the session key - krb5_error_code_to_string: to translate the stored error code into a string. Usage: ``` sk = krb5_gss_session_key(); display("Error code: " + krb5_error_code_to_string()); ``` --- misc/openvas-krb5.c | 57 ++++++++++++++++++++++++++++++- misc/openvas-krb5.h | 14 +++++--- nasl/nasl_init.c | 2 ++ nasl/nasl_krb5.c | 76 ++++++++++++++++++++---------------------- nasl/nasl_krb5.h | 7 ++++ rust/examples/gss.nasl | 12 +++++++ 6 files changed, 122 insertions(+), 46 deletions(-) diff --git a/misc/openvas-krb5.c b/misc/openvas-krb5.c index e747d2dde..549698155 100644 --- a/misc/openvas-krb5.c +++ b/misc/openvas-krb5.c @@ -669,7 +669,6 @@ o_krb5_gss_prepare_context (const OKrb5Credential *creds, gss_buffer_desc targetbuf = GSS_C_EMPTY_BUFFER; const struct OKrb5Target *target = &creds->target; - if (gss_context->gss_creds == GSS_C_NO_CREDENTIAL) { if ((result = okrb5_gss_authenticate (creds, gss_context))) @@ -809,3 +808,59 @@ o_krb5_gss_session_key_context (struct OKrb5GSSContext *gss_context, result: return result; } + +char * +okrb5_error_code_to_string (const OKrb5ErrorCode code) +{ +#define HEAP_STRING(var, s) \ + do \ + { \ + var = calloc (1, strlen (s) + 1); \ + goto result; \ + } \ + while (0) + + char *result = NULL; + switch (code) + { + case O_KRB5_SUCCESS: + HEAP_STRING (result, "success"); + case O_KRB5_CONF_NOT_FOUND: + HEAP_STRING (result, "krb5.conf not found"); + case O_KRB5_CONF_NOT_CREATED: + HEAP_STRING (result, "krb5.conf not created"); + case O_KRB5_TMP_CONF_NOT_CREATED: + HEAP_STRING (result, "tmp krb5.conf not created"); + case O_KRB5_TMP_CONF_NOT_MOVED: + HEAP_STRING (result, "tmp krb5.conf not moved"); + case O_KRB5_REALM_NOT_FOUND: + HEAP_STRING (result, "realm not found"); + case O_KRB5_EXPECTED_NULL: + HEAP_STRING (result, "expected null"); + case O_KRB5_EXPECTED_NOT_NULL: + HEAP_STRING (result, "expected not null"); + case O_KRB5_UNABLE_TO_WRITE: + HEAP_STRING (result, "unable to write"); + case O_KRB5_NOMEM: + HEAP_STRING (result, "no memory"); + default: + if (code >= O_KRB5_ERROR) + { + int maj_stat = code - O_KRB5_ERROR; + OM_uint32 min_stat; + gss_buffer_desc msg; + OM_uint32 msg_ctx; + + (void) gss_display_status (&min_stat, maj_stat, GSS_C_GSS_CODE, + GSS_C_NULL_OID, &msg_ctx, &msg); + result = msg.value; + } + else + { + result = NULL; + goto result; + } + } +result: + return result; +} diff --git a/misc/openvas-krb5.h b/misc/openvas-krb5.h index a61952343..59a3c506a 100644 --- a/misc/openvas-krb5.h +++ b/misc/openvas-krb5.h @@ -69,8 +69,6 @@ typedef struct struct OKrb5Target target; } OKrb5Credential; - - // TODO: initializer with default values and NULL typedef struct @@ -155,7 +153,6 @@ o_krb5_cache_request (const OKrb5Credential credentials, const char *data, } \ while (0) - typedef struct OKrb5GSSContext OKrb5GSSContext; // Unsure about bool type @@ -163,9 +160,11 @@ OKrb5ErrorCode o_krb5_gss_session_key_context (struct OKrb5GSSContext *gss_context, struct OKrb5Slice **out); -struct OKrb5GSSContext *okrb5_gss_init_context (void); +struct OKrb5GSSContext * +okrb5_gss_init_context (void); -void okrb5_gss_free_context (struct OKrb5GSSContext *context); +void +okrb5_gss_free_context (struct OKrb5GSSContext *context); OKrb5ErrorCode o_krb5_gss_prepare_context (const OKrb5Credential *creds, @@ -176,5 +175,10 @@ o_krb5_gss_update_context (struct OKrb5GSSContext *gss_context, const struct OKrb5Slice *in_data, struct OKrb5Slice **out_data, bool *more); +// Returns NULL if the error code is not found. The returned string must be +// freed by the caller. +char * +okrb5_error_code_to_string (const OKrb5ErrorCode code); + #endif diff --git a/nasl/nasl_init.c b/nasl/nasl_init.c index c09375510..e004a867e 100644 --- a/nasl/nasl_init.c +++ b/nasl/nasl_init.c @@ -424,6 +424,8 @@ static init_func libfuncs[] = { {"krb5_gss_update_context", nasl_okrb5_gss_update_context}, {"krb5_gss_update_context_needs_more", nasl_okrb5_gss_update_context_needs_more}, {"krb5_gss_update_context_out", nasl_okrb5_gss_update_context_out}, + {"krb5_gss_session_key", nasl_okrb5_gss_session_key_context}, + {"krb5_error_code_to_string", nasl_okrb5_error_code_to_string}, {NULL, NULL}}; /* String variables */ diff --git a/nasl/nasl_krb5.c b/nasl/nasl_krb5.c index e8b8e2af7..2bb934115 100644 --- a/nasl/nasl_krb5.c +++ b/nasl/nasl_krb5.c @@ -284,6 +284,16 @@ nasl_okrb5_gss_update_context_needs_more (lex_ctxt *lexic) return retc; } +static inline tree_cell * +okrb5_slice_to_tree_cell (struct OKrb5Slice *slice) +{ + tree_cell *retc = alloc_typed_cell (CONST_DATA); + printf ("slice->data: %s\n", (char *) slice->data); + retc->x.str_val = slice->data; + retc->size = slice->len; + return retc; +} + tree_cell * nasl_okrb5_gss_update_context_out (lex_ctxt *lexic) { @@ -292,51 +302,37 @@ nasl_okrb5_gss_update_context_out (lex_ctxt *lexic) { return FAKE_CELL; } - tree_cell *retc = alloc_typed_cell (CONST_DATA); - retc->x.str_val = to_application->data; - retc->size = to_application->len; - return retc; + return okrb5_slice_to_tree_cell (to_application); } -/* - context = okrb5_gss_init_context (); - printf ("Using realm: %s\n", (char *) credentials.realm.data); - if ((result = o_krb5_gss_prepare_context (&credentials, context))) - { - return 1; - } - printf ("Using realm: %s\n", (char *) credentials.realm.data); - // first call always empty - if ((result = o_krb5_gss_update_context (context, &from_application, - &to_application, &more))) +tree_cell * +nasl_okrb5_gss_session_key_context (lex_ctxt *lexic) +{ + (void) lexic; + struct OKrb5Slice *session_key = NULL; + if (cached_gss_context == NULL) { - return 1; + printf ("cached_gss_context is NULL\n"); + last_okrb5_result = O_KRB5_EXPECTED_NOT_NULL; + return FAKE_CELL; } - printf ("success: %d: outdata_len: %zu\n", result, to_application->len); - - for (size_t i = 0; i < to_application->len; i++) + if ((last_okrb5_result = + o_krb5_gss_session_key_context (cached_gss_context, &session_key)) + != O_KRB5_SUCCESS) { - printf ("%02x", ((char *) to_application->data)[i]); + printf ("o_krb5_gss_session_key_context failed\n"); + return FAKE_CELL; } - printf ("\n"); - -*/ - -/* -*OKrb5ErrorCode -o_krb5_gss_session_key_context (struct OKrb5GSSContext *gss_context, - struct OKrb5Slice **out); - -struct OKrb5GSSContext *okrb5_gss_init_context (void); - -void okrb5_gss_free_context (struct OKrb5GSSContext *context); + return okrb5_slice_to_tree_cell (session_key); +} -OKrb5ErrorCode -o_krb5_gss_prepare_context (const OKrb5Credential *creds, - struct OKrb5GSSContext *gss_context); +tree_cell * -OKrb5ErrorCode -o_krb5_gss_update_context (struct OKrb5GSSContext *gss_context, - const struct OKrb5Slice *in_data, - struct OKrb5Slice **out_data, bool *more); -*/ +nasl_okrb5_error_code_to_string (lex_ctxt *lexic) +{ + (void) lexic; + tree_cell *retc = alloc_typed_cell (CONST_STR); + retc->x.str_val = okrb5_error_code_to_string (last_okrb5_result); + retc->size = strlen (retc->x.str_val); + return retc; +} diff --git a/nasl/nasl_krb5.h b/nasl/nasl_krb5.h index 6464ef9be..ab5844a13 100644 --- a/nasl/nasl_krb5.h +++ b/nasl/nasl_krb5.h @@ -98,3 +98,10 @@ nasl_okrb5_gss_update_context_needs_more(lex_ctxt *lexic); tree_cell * nasl_okrb5_gss_update_context_out (lex_ctxt *lexic); + + +tree_cell * +nasl_okrb5_gss_session_key_context (lex_ctxt *lexic); + +tree_cell * +nasl_okrb5_error_code_to_string (lex_ctxt *lexic); diff --git a/rust/examples/gss.nasl b/rust/examples/gss.nasl index ff9e68711..d3e6e3d00 100644 --- a/rust/examples/gss.nasl +++ b/rust/examples/gss.nasl @@ -29,4 +29,16 @@ if (out) { display('no data?!'); } + +soc = open_sock_tcp( 445 ); +if( ! soc ) { + return -1; +} + +display("Forking"); +sk = krb5_gss_session_key(); +display("Error code: " + krb5_error_code_to_string()); +display("Session key: " + hexstr(sk)); + + # TODO: provide clean up function