diff options
| author | Tom Yu <tlyu@mit.edu> | 2011-12-12 20:44:40 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2011-12-12 20:44:40 +0000 |
| commit | 51d93978794d2c3cae56d649ad8b6e4493432c10 (patch) | |
| tree | 6dcc37158f335e4cbec8c07ae1df423bd3cb6aac | |
| parent | 1975a728188fc1ffce3d67ffeb351e693a7e6797 (diff) | |
| download | krb5-51d93978794d2c3cae56d649ad8b6e4493432c10.tar.gz krb5-51d93978794d2c3cae56d649ad8b6e4493432c10.tar.xz krb5-51d93978794d2c3cae56d649ad8b6e4493432c10.zip | |
windows ccapi: use a random challenge to authenticate ccapiserver
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7050
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25542 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/ccapi/lib/win/OldCC/client.cxx | 40 |
1 files changed, 38 insertions, 2 deletions
diff --git a/src/ccapi/lib/win/OldCC/client.cxx b/src/ccapi/lib/win/OldCC/client.cxx index 5b82b6587..5a34d38cc 100644 --- a/src/ccapi/lib/win/OldCC/client.cxx +++ b/src/ccapi/lib/win/OldCC/client.cxx @@ -239,9 +239,39 @@ DWORD find_server(Init::InitInfo& info, LPSTR endpoint) { static DWORD +make_random_challenge(DWORD *challenge_out) { + HCRYPTPROV provider; + DWORD status = 0; + *challenge_out = 0; + if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT)) { + status = GetLastError(); + cci_check_error(status); + return status; + } + if (!CryptGenRandom(provider, sizeof(*challenge_out), + (BYTE *)challenge_out)) { + status = GetLastError(); + cci_check_error(status); + return status; + } + if (!CryptReleaseContext(provider, 0)) { + /* + * Note: even though CryptReleaseContext() failed, we don't really + * care since a) we've already successfully obtained our challenge + * anyway and b) at least one of the potential errors, "ERROR_BUSY" + * does not really seem to be an error at all. So GetLastError() is + * logged for informational purposes only and should not be returned. + */ + cci_check_error(GetLastError()); + } + return status; +} + +static +DWORD authenticate_server(Init::InitInfo& info) { - DWORD challenge = 17; // XXX - maybe use random number - DWORD desired_response= challenge + 1; + DWORD challenge, desired_response; HANDLE hMap = 0; LPSTR mem_name = 0; PDWORD pvalue = 0; @@ -255,6 +285,12 @@ authenticate_server(Init::InitInfo& info) { cci_check_error(status); if (!status) { + status = make_random_challenge(&challenge); + desired_response = challenge + 1; + cci_check_error(status); + } + + if (!status) { if (isNT()) { sa.nLength = sizeof(sa); status = alloc_own_security_descriptor_NT(&sa.lpSecurityDescriptor); |