+#endif /* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
+
+
+/* Given pointers to KerberosTime and struct tm structs, convert the
+** KerberosTime string to struct tm. Note that KerberosTime is a
+** ASN1_GENERALIZEDTIME value, constrained to GMT with no fractional
+** seconds as defined in RFC 1510.
+** Return pointer to the (partially) filled in struct tm on success,
+** return NULL on failure.
+*/
+static struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
+ {
+ char c, *p;
+
+ if (!k_tm) return NULL;
+ if (gtime == NULL || gtime->length < 14) return NULL;
+ if (gtime->data == NULL) return NULL;
+
+ p = (char *)>ime->data[14];
+
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_sec = atoi(p); *(p+2) = c;
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_min = atoi(p); *(p+2) = c;
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_hour = atoi(p); *(p+2) = c;
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_mday = atoi(p); *(p+2) = c;
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_mon = atoi(p)-1; *(p+2) = c;
+ c = *p; *p = '\0'; p -= 4; k_tm->tm_year = atoi(p)-1900; *(p+4) = c;
+
+ return k_tm;
+ }
+
+
+/* Helper function for kssl_validate_times().
+** We need context->clockskew, but krb5_context is an opaque struct.
+** So we try to sneek the clockskew out through the replay cache.
+** If that fails just return a likely default (300 seconds).
+*/
+static krb5_deltat get_rc_clockskew(krb5_context context)
+ {
+ krb5_rcache rc;
+ krb5_deltat clockskew;
+
+ if (krb5_rc_default(context, &rc)) return KSSL_CLOCKSKEW;
+ if (krb5_rc_initialize(context, rc, 0)) return KSSL_CLOCKSKEW;
+ if (krb5_rc_get_lifespan(context, rc, &clockskew)) {
+ clockskew = KSSL_CLOCKSKEW;
+ }
+ (void) krb5_rc_destroy(context, rc);
+ return clockskew;
+ }
+
+
+/* kssl_validate_times() combines (and more importantly exposes)
+** the MIT KRB5 internal function krb5_validate_times() and the
+** in_clock_skew() macro. The authenticator client time is checked
+** to be within clockskew secs of the current time and the current
+** time is checked to be within the ticket start and expire times.
+** Either check may be omitted by supplying a NULL value.
+** Returns 0 for valid times, SSL_R_KRB5* error codes otherwise.
+** See Also: (Kerberos source)/krb5/lib/krb5/krb/valid_times.c
+** 20010420 VRS
+*/
+krb5_error_code kssl_validate_times( krb5_timestamp atime,
+ krb5_ticket_times *ttimes)
+ {
+ krb5_deltat skew;
+ krb5_timestamp start, now;
+ krb5_error_code rc;
+ krb5_context context;
+
+ if ((rc = krb5_init_context(&context))) return SSL_R_KRB5_S_BAD_TICKET;
+ skew = get_rc_clockskew(context);
+ if ((rc = krb5_timeofday(context,&now))) return SSL_R_KRB5_S_BAD_TICKET;
+ krb5_free_context(context);
+
+ if (atime && labs(atime - now) >= skew) return SSL_R_KRB5_S_TKT_SKEW;
+
+ if (! ttimes) return 0;
+
+ start = (ttimes->starttime != 0)? ttimes->starttime: ttimes->authtime;
+ if (start - now > skew) return SSL_R_KRB5_S_TKT_NYV;
+ if ((now - ttimes->endtime) > skew) return SSL_R_KRB5_S_TKT_EXPIRED;
+
+#ifdef KSSL_DEBUG
+ printf("kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n",
+ start, atime, now, skew, ttimes->endtime);
+#endif /* KSSL_DEBUG */
+
+ return 0;
+ }
+
+
+/* Decode and decrypt given DER-encoded authenticator, then pass
+** authenticator ctime back in *atimep (or 0 if time unavailable).
+** Returns krb5_error_code and kssl_err on error. A NULL
+** authenticator (authentp->length == 0) is not considered an error.
+** Note that kssl_check_authent() makes use of the KRB5 session key;
+** you must call kssl_sget_tkt() to get the key before calling this routine.
+*/
+krb5_error_code kssl_check_authent(
+ /* IN */ KSSL_CTX *kssl_ctx,
+ /* IN */ krb5_data *authentp,
+ /* OUT */ krb5_timestamp *atimep,
+ /* OUT */ KSSL_ERR *kssl_err )
+ {
+ krb5_error_code krb5rc = 0;
+ KRB5_ENCDATA *dec_authent = NULL;
+ KRB5_AUTHENTBODY *auth = NULL;
+ krb5_enctype enctype;
+ EVP_CIPHER_CTX ciph_ctx;
+ const EVP_CIPHER *enc = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ const unsigned char *p;
+ unsigned char *unenc_authent;
+ int outl, unencbufsize;
+ struct tm tm_time, *tm_l, *tm_g;
+ time_t now, tl, tg, tr, tz_offset;
+
+ EVP_CIPHER_CTX_init(&ciph_ctx);
+ *atimep = 0;
+ kssl_err_set(kssl_err, 0, "");
+
+#ifndef KRB5CHECKAUTH
+ authentp = NULL;
+#else
+#if KRB5CHECKAUTH == 0
+ authentp = NULL;
+#endif
+#endif /* KRB5CHECKAUTH */
+
+ if (authentp == NULL || authentp->length == 0) return 0;
+
+#ifdef KSSL_DEBUG
+ {
+ unsigned int ui;
+ printf("kssl_check_authent: authenticator[%d]:\n",authentp->length);
+ p = authentp->data;
+ for (ui=0; ui < authentp->length; ui++) printf("%02x ",p[ui]);
+ printf("\n");
+ }
+#endif /* KSSL_DEBUG */
+
+ unencbufsize = 2 * authentp->length;
+ if ((unenc_authent = calloc(1, unencbufsize)) == NULL)
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "Unable to allocate authenticator buffer.\n");
+ krb5rc = KRB5KRB_ERR_GENERIC;
+ goto err;
+ }
+
+ p = (unsigned char *)authentp->data;
+ if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
+ (long) authentp->length)) == NULL)
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "Error decoding authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+
+ enctype = dec_authent->etype->data[0]; /* should = kssl_ctx->enctype */
+#if !defined(KRB5_MIT_OLD11)
+ switch ( enctype ) {
+ case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
+ case ENCTYPE_DES3_CBC_SHA:
+ case ENCTYPE_DES3_CBC_RAW:
+ krb5rc = 0; /* Skip, can't handle derived keys */
+ goto err;
+ }
+#endif
+ enc = kssl_map_enc(enctype);
+ memset(iv, 0, sizeof iv); /* per RFC 1510 */
+
+ if (enc == NULL)
+ {
+ /* Disable kssl_check_authent for ENCTYPE_DES3_CBC_SHA1.
+ ** This enctype indicates the authenticator was encrypted
+ ** using key-usage derived keys which openssl cannot decrypt.
+ */
+ goto err;
+ }
+
+ if (!EVP_CipherInit(&ciph_ctx,enc,kssl_ctx->key,iv,0))
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "EVP_CipherInit error decrypting authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+ outl = dec_authent->cipher->length;
+ if (!EVP_Cipher(&ciph_ctx,unenc_authent,dec_authent->cipher->data,outl))
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "EVP_Cipher error decrypting authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+ EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+#ifdef KSSL_DEBUG
+ {
+ int padl;
+ printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl);
+ for (padl=0; padl < outl; padl++) printf("%02x ",unenc_authent[padl]);
+ printf("\n");
+ }
+#endif /* KSSL_DEBUG */
+
+ if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL)
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "confounded by authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+ outl -= p - unenc_authent;
+
+ if ((auth = (KRB5_AUTHENTBODY *) d2i_KRB5_AUTHENT(NULL, &p,
+ (long) outl))==NULL)
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "Error decoding authenticator body.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+
+ memset(&tm_time,0,sizeof(struct tm));
+ if (k_gmtime(auth->ctime, &tm_time) &&
+ ((tr = mktime(&tm_time)) != (time_t)(-1)))
+ {
+ now = time(&now);
+ tm_l = localtime(&now); tl = mktime(tm_l);
+ tm_g = gmtime(&now); tg = mktime(tm_g);
+ tz_offset = tg - tl;
+
+ *atimep = (krb5_timestamp)(tr - tz_offset);
+ }
+
+#ifdef KSSL_DEBUG
+ printf("kssl_check_authent: returns %d for client time ", *atimep);
+ if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
+ printf("%.*s\n", auth->ctime->length, auth->ctime->data);
+ else printf("NULL\n");
+#endif /* KSSL_DEBUG */
+
+ err:
+ if (auth) KRB5_AUTHENT_free((KRB5_AUTHENT *) auth);
+ if (dec_authent) KRB5_ENCDATA_free(dec_authent);
+ if (unenc_authent) free(unenc_authent);
+ EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+ return krb5rc;
+ }
+
+
+/* Replaces krb5_build_principal_ext(), with varargs length == 2 (svc, host),
+** because I dont't know how to stub varargs.
+** Returns krb5_error_code == ENOMEM on alloc error, otherwise
+** passes back newly constructed principal, which should be freed by caller.
+*/
+krb5_error_code kssl_build_principal_2(
+ /* UPDATE */ krb5_context context,
+ /* OUT */ krb5_principal *princ,
+ /* IN */ int rlen, const char *realm,
+ /* IN */ int slen, const char *svc,
+ /* IN */ int hlen, const char *host)
+ {
+ krb5_data *p_data = NULL;
+ krb5_principal new_p = NULL;
+ char *new_r = NULL;
+
+ if ((p_data = (krb5_data *) calloc(2, sizeof(krb5_data))) == NULL ||
+ (new_p = (krb5_principal) calloc(1, sizeof(krb5_principal_data)))
+ == NULL) goto err;
+ new_p->length = 2;
+ new_p->data = p_data;
+
+ if ((new_r = calloc(1, rlen + 1)) == NULL) goto err;
+ memcpy(new_r, realm, rlen);
+ krb5_princ_set_realm_length(context, new_p, rlen);
+ krb5_princ_set_realm_data(context, new_p, new_r);
+
+ if ((new_p->data[0].data = calloc(1, slen + 1)) == NULL) goto err;
+ memcpy(new_p->data[0].data, svc, slen);
+ new_p->data[0].length = slen;
+
+ if ((new_p->data[1].data = calloc(1, hlen + 1)) == NULL) goto err;
+ memcpy(new_p->data[1].data, host, hlen);
+ new_p->data[1].length = hlen;
+
+ krb5_princ_type(context, new_p) = KRB5_NT_UNKNOWN;
+ *princ = new_p;
+ return 0;
+
+ err:
+ if (new_p && new_p[0].data) free(new_p[0].data);
+ if (new_p && new_p[1].data) free(new_p[1].data);
+ if (new_p) free(new_p);
+ if (new_r) free(new_r);
+ return ENOMEM;
+ }
+
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
+ {
+ s->kssl_ctx = kctx;
+ }
+
+KSSL_CTX * SSL_get0_kssl_ctx(SSL *s)
+ {
+ return s->kssl_ctx;
+ }
+
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx)
+ {
+ if (kctx)
+ return kctx->client_princ;
+ return NULL;
+ }