summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorSam Hartman <hartmans@mit.edu>1996-01-20 00:55:45 +0000
committerSam Hartman <hartmans@mit.edu>1996-01-20 00:55:45 +0000
commitc5f77d7f244dda724d9c3f4b68973e0aa3fb6de1 (patch)
tree91c230f34b81410ce714b836bc8a9603d1f78c4a /src
parent358ec4a75edfa70ae585dc53b18db3767f732f8e (diff)
downloadkrb5-c5f77d7f244dda724d9c3f4b68973e0aa3fb6de1.tar.gz
krb5-c5f77d7f244dda724d9c3f4b68973e0aa3fb6de1.tar.xz
krb5-c5f77d7f244dda724d9c3f4b68973e0aa3fb6de1.zip
In the client, construct a checksum from the command line
and remote user and encode them in the authenticator. In the daemon, if a checksum is present, verify it. This change *should* make it possible to use rsh in a secure fassion provided that you always use a client that has checksumming. If you do not use encrypted rsh, then the command line cannot be spoofed, but the standard input and output can still be spoofed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7341 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r--src/appl/bsd/ChangeLog4
-rw-r--r--src/appl/bsd/kcmd.c15
-rw-r--r--src/appl/bsd/krshd.c28
3 files changed, 44 insertions, 3 deletions
diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog
index c319837e9..50d2cbdd7 100644
--- a/src/appl/bsd/ChangeLog
+++ b/src/appl/bsd/ChangeLog
@@ -1,5 +1,9 @@
Fri Jan 19 10:45:29 1996 Sam Hartman <hartmans@tertius.mit.edu>
+ * krshd.c (recvauth): Verify checksum against command line and remote user.
+
+ * kcmd.c: Send authenticator with checksum of command line and remote user.
+
* krlogin.c (des_read): Return 0 or -1 on close/error respectively.
Wed Jan 17 15:14:33 1996 Sam Hartman <hartmans@tertius.mit.edu>
diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c
index 1c232c6a0..28944b6a1 100644
--- a/src/appl/bsd/kcmd.c
+++ b/src/appl/bsd/kcmd.c
@@ -107,7 +107,17 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
krb5_data outbuf;
krb5_flags options = authopts;
krb5_auth_context auth_context = NULL;
-
+ char *cksumbuf;
+ krb5_data cksumdat;
+ if ((cksumbuf = malloc(strlen(cmd)+strlen(remuser))) == 0 ) {
+ fprintf(stderr, "Unable to allocate memory for checksum buffer.\n");
+ return(-1);
+ }
+ strcpy(cksumbuf, cmd);
+ strcat(cksumbuf, remuser);
+ cksumdat.data = cksumbuf;
+ cksumdat.length = strlen(cksumbuf);
+
pid = getpid();
hp = gethostbyname(*ahost);
if (hp == 0) {
@@ -305,7 +315,8 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
authentication. */
status = krb5_sendauth(bsd_context, &auth_context, (krb5_pointer) &s,
"KCMDV0.1", ret_cred->client, ret_cred->server,
- authopts, NULL, ret_cred, 0, &error, &rep_ret, NULL);
+ authopts, &cksumdat, ret_cred, 0, &error, &rep_ret, NULL);
+ krb5_xfree(cksumdat.data);
if (status) {
printf("Couldn't authenticate to server: %s\n", error_message(status));
if (error) {
diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c
index eb760fc13..29fc75754 100644
--- a/src/appl/bsd/krshd.c
+++ b/src/appl/bsd/krshd.c
@@ -1611,6 +1611,7 @@ recvauth(netf, peersin)
krb5_data inbuf;
char v4_instance[INST_SZ]; /* V4 Instance */
char v4_version[9];
+krb5_authenticator *authenticator;
krb5_ticket *ticket;
len = sizeof(laddr);
@@ -1699,7 +1700,32 @@ recvauth(netf, peersin)
if (status = krb5_copy_principal(bsd_context, ticket->enc_part2->client,
&client))
return status;
-
+ if (status = krb5_auth_con_getauthenticator(bsd_context, auth_context, &authenticator))
+ return status;
+
+ if (authenticator->checksum) {
+ char * chksumbuf = (char *) malloc(strlen(cmdbuf)+strlen(remuser)+1);
+ if (chksumbuf == 0)
+ goto error_cleanup;
+
+ strcpy(chksumbuf,cmdbuf);
+ strcat(chksumbuf,remuser);
+
+ if ( status = krb5_verify_checksum(bsd_context,
+ authenticator->checksum->checksum_type,
+ authenticator->checksum,
+ chksumbuf, strlen(chksumbuf),
+ ticket->enc_part2->session->contents,
+ ticket->enc_part2->session->length))
+ goto error_cleanup;
+
+ error_cleanup:
+krb5_free_authenticator(bsd_context, authenticator);
+krb5_xfree(chksumbuf);
+if (status)
+ return status;
+}
+
/* Setup eblock for encrypted sessions. */
krb5_use_enctype(bsd_context, &eblock, ticket->enc_part2->session->enctype);
if (status = krb5_process_key(bsd_context, &eblock, ticket->enc_part2->session))
generated by cgit (git 2.34.1) at 2026-02-15 14:28:11 +0000