1b3700b07SGordon Ross /*
2b3700b07SGordon Ross * This file and its contents are supplied under the terms of the
3b3700b07SGordon Ross * Common Development and Distribution License ("CDDL"), version 1.0.
4b3700b07SGordon Ross * You may only use this file in accordance with the terms of version
5b3700b07SGordon Ross * 1.0 of the CDDL.
6b3700b07SGordon Ross *
7b3700b07SGordon Ross * A full copy of the text of the CDDL should have accompanied this
8b3700b07SGordon Ross * source. A copy of the CDDL is also available via the Internet at
9b3700b07SGordon Ross * http://www.illumos.org/license/CDDL.
10b3700b07SGordon Ross */
11b3700b07SGordon Ross
12b3700b07SGordon Ross /*
13*bdc3270fSMatt Barden * Copyright 2020 Nexenta by DDN, Inc. All rights reserved.
14b3700b07SGordon Ross */
15b3700b07SGordon Ross
16b3700b07SGordon Ross #include <stdio.h>
17b3700b07SGordon Ross #include <stdlib.h>
18b3700b07SGordon Ross #include <stdarg.h>
19b3700b07SGordon Ross #include <string.h>
20b3700b07SGordon Ross #include <syslog.h>
21b3700b07SGordon Ross
22b3700b07SGordon Ross #include <sys/types.h>
23b3700b07SGordon Ross #include <sys/errno.h>
24b3700b07SGordon Ross #include <sys/socket.h>
25b3700b07SGordon Ross #include <netinet/in.h>
26b3700b07SGordon Ross #include <sys/note.h>
27b3700b07SGordon Ross
28b3700b07SGordon Ross #include <smbsrv/libsmbns.h>
29*bdc3270fSMatt Barden #include <ads/dsgetdc.h>
30b3700b07SGordon Ross
31b3700b07SGordon Ross #include "smbd.h"
32b3700b07SGordon Ross #include "locate_plugin.h"
33b3700b07SGordon Ross
34b3700b07SGordon Ross /* osconf.h - sigh */
35b3700b07SGordon Ross #define KRB5_DEFAULT_PORT 88
36b3700b07SGordon Ross #define DEFAULT_KADM5_PORT 749
37b3700b07SGordon Ross #define DEFAULT_KPASSWD_PORT 464
38b3700b07SGordon Ross
39b3700b07SGordon Ross /*
40b3700b07SGordon Ross * This is an "override plugin" used by libkrb5. See:
41b3700b07SGordon Ross * lib/gss_mechs/mech_krb5/krb5/os/locate_kdc.c
42b3700b07SGordon Ross *
43b3700b07SGordon Ross * The interface is based on:
44b3700b07SGordon Ross * http://web.mit.edu/~kerberos/krb5-1.12/doc/plugindev/locate.html
45b3700b07SGordon Ross */
46b3700b07SGordon Ross
47b3700b07SGordon Ross /*
48b3700b07SGordon Ross * Called by krb5int_locate_server / override_locate_server
49b3700b07SGordon Ross */
50b3700b07SGordon Ross
51b3700b07SGordon Ross krb5_error_code
_krb5_override_service_locator(void * arg0,enum locate_service_type svc,const char * realm,int socktype,int family,int (* cbfunc)(void *,int,struct sockaddr *),void * cbdata)52b3700b07SGordon Ross _krb5_override_service_locator(
53b3700b07SGordon Ross void *arg0,
54b3700b07SGordon Ross enum locate_service_type svc,
55b3700b07SGordon Ross const char *realm,
56b3700b07SGordon Ross int socktype,
57b3700b07SGordon Ross int family,
58b3700b07SGordon Ross int (*cbfunc)(void *, int, struct sockaddr *),
59b3700b07SGordon Ross void *cbdata)
60b3700b07SGordon Ross {
61b3700b07SGordon Ross _NOTE(ARGUNUSED(arg0))
62b3700b07SGordon Ross smb_domainex_t dxi;
63b3700b07SGordon Ross int rc = KRB5_PLUGIN_NO_HANDLE;
64b3700b07SGordon Ross short port;
65b3700b07SGordon Ross
66b3700b07SGordon Ross /*
67b3700b07SGordon Ross * Is this a service we want to override?
68b3700b07SGordon Ross */
69b3700b07SGordon Ross switch (svc) {
70b3700b07SGordon Ross case locate_service_kdc:
71b3700b07SGordon Ross case locate_service_master_kdc:
72b3700b07SGordon Ross port = htons(KRB5_DEFAULT_PORT);
73b3700b07SGordon Ross break;
74b3700b07SGordon Ross case locate_service_kadmin:
75b3700b07SGordon Ross port = htons(DEFAULT_KADM5_PORT);
76b3700b07SGordon Ross break;
77b3700b07SGordon Ross case locate_service_kpasswd:
78b3700b07SGordon Ross port = htons(DEFAULT_KPASSWD_PORT);
79b3700b07SGordon Ross break;
80b3700b07SGordon Ross case locate_service_krb524:
81b3700b07SGordon Ross default:
82b3700b07SGordon Ross return (rc);
83b3700b07SGordon Ross }
84b3700b07SGordon Ross
85b3700b07SGordon Ross /*
86b3700b07SGordon Ross * What's my domain? Note: have to get this in a way
87b3700b07SGordon Ross * that works while join domain is underway.
88b3700b07SGordon Ross */
89b3700b07SGordon Ross if (!smb_domain_getinfo(&dxi)) {
90b3700b07SGordon Ross smbd_report("_krb5_override_service_locator "
91b3700b07SGordon Ross "failed getting domain info");
92b3700b07SGordon Ross return (KRB5_ERR_HOST_REALM_UNKNOWN);
93b3700b07SGordon Ross }
94b3700b07SGordon Ross
95b3700b07SGordon Ross /*
96b3700b07SGordon Ross * Is this a realm we want to override?
97b3700b07SGordon Ross */
98b3700b07SGordon Ross if (0 != strcasecmp(realm, dxi.d_primary.di_fqname)) {
99b3700b07SGordon Ross syslog(LOG_DEBUG, "_krb5_override_service_locator, "
100b3700b07SGordon Ross "realm=%s, fqdn=%s", realm, dxi.d_primary.di_fqname);
101b3700b07SGordon Ross return (rc);
102b3700b07SGordon Ross }
103b3700b07SGordon Ross
104b3700b07SGordon Ross /*
105b3700b07SGordon Ross * Yes, this is our domain. Have a DC?
106b3700b07SGordon Ross */
107b3700b07SGordon Ross if (dxi.d_dci.dc_name[0] == '\0' ||
108b3700b07SGordon Ross dxi.d_dci.dc_addr.a_family == 0)
109b3700b07SGordon Ross return (KRB5_REALM_CANT_RESOLVE);
110b3700b07SGordon Ross
111*bdc3270fSMatt Barden if ((dxi.d_dci.dc_flags & DS_KDC_FLAG) == 0) {
112*bdc3270fSMatt Barden smbd_report("_krb5_override_service_locator: "
113*bdc3270fSMatt Barden "Domain Controller is not a KDC: "
114*bdc3270fSMatt Barden "Kerberos auth may be slow");
115*bdc3270fSMatt Barden return (rc);
116*bdc3270fSMatt Barden }
117*bdc3270fSMatt Barden
118b3700b07SGordon Ross switch (family) {
119b3700b07SGordon Ross case AF_UNSPEC:
120b3700b07SGordon Ross break; /* OK */
121b3700b07SGordon Ross case AF_INET:
122b3700b07SGordon Ross case AF_INET6:
123b3700b07SGordon Ross if (family == dxi.d_dci.dc_addr.a_family)
124b3700b07SGordon Ross break; /* OK */
125b3700b07SGordon Ross /* else fallthrough */
126b3700b07SGordon Ross default:
127b3700b07SGordon Ross return (KRB5_ERR_NO_SERVICE);
128b3700b07SGordon Ross }
129b3700b07SGordon Ross
130b3700b07SGordon Ross /*
131b3700b07SGordon Ross * Provide the service address we have.
132b3700b07SGordon Ross */
133b3700b07SGordon Ross switch (dxi.d_dci.dc_addr.a_family) {
134b3700b07SGordon Ross case AF_INET: {
135b3700b07SGordon Ross struct sockaddr_in sin;
136b3700b07SGordon Ross (void) memset(&sin, 0, sizeof (sin));
137b3700b07SGordon Ross sin.sin_family = AF_INET;
138b3700b07SGordon Ross sin.sin_port = port;
139b3700b07SGordon Ross (void) memcpy(&sin.sin_addr, &dxi.d_dci.dc_addr.a_ipv4,
140b3700b07SGordon Ross sizeof (sin.sin_addr));
141b3700b07SGordon Ross rc = cbfunc(cbdata, socktype, (struct sockaddr *)&sin);
142b3700b07SGordon Ross /* rc from cbfunc is special. */
143b3700b07SGordon Ross if (rc)
144b3700b07SGordon Ross rc = ENOMEM;
145b3700b07SGordon Ross break;
146b3700b07SGordon Ross }
147b3700b07SGordon Ross case AF_INET6: {
148b3700b07SGordon Ross struct sockaddr_in6 sin6;
149b3700b07SGordon Ross (void) memset(&sin6, 0, sizeof (sin6));
150b3700b07SGordon Ross sin6.sin6_family = AF_INET6;
151b3700b07SGordon Ross sin6.sin6_port = port;
152b3700b07SGordon Ross (void) memcpy(&sin6.sin6_addr, &dxi.d_dci.dc_addr.a_ipv6,
153b3700b07SGordon Ross sizeof (sin6.sin6_addr));
154b3700b07SGordon Ross rc = cbfunc(cbdata, socktype, (struct sockaddr *)&sin6);
155b3700b07SGordon Ross /* rc from cbfunc is special. */
156b3700b07SGordon Ross if (rc)
157b3700b07SGordon Ross rc = ENOMEM;
158b3700b07SGordon Ross break;
159b3700b07SGordon Ross }
160b3700b07SGordon Ross default:
161b3700b07SGordon Ross rc = KRB5_ERR_NO_SERVICE;
162b3700b07SGordon Ross break;
163b3700b07SGordon Ross }
164b3700b07SGordon Ross
165b3700b07SGordon Ross return (rc);
166b3700b07SGordon Ross }
167