dispatcher.c 8.81 KB
Newer Older
1
/*
2
 * Copyright 2005, 2006 Kai Blin
3 4 5 6 7 8 9 10 11 12 13 14 15
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
16
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 18 19 20 21 22
 *
 * A dispatcher to run ntlm_auth for wine's sspi module.
 */

#include "config.h"
#include <stdarg.h>
23
#include <stdio.h>
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <sys/types.h>
#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif 
#include <stdlib.h>
#include <fcntl.h>
#include "windef.h"
#include "winbase.h"
#include "winerror.h"
#include "sspi.h"
#include "secur32_priv.h"
#include "wine/debug.h"

#define INITIAL_BUFFER_SIZE 200

42
WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
43 44 45 46

SECURITY_STATUS fork_helper(PNegoHelper *new_helper, const char *prog,
        char* const argv[])
{
47
#ifdef HAVE_FORK
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
    int pipe_in[2];
    int pipe_out[2];
    int i;
    PNegoHelper helper;

    TRACE("%s ", debugstr_a(prog));
    for(i = 0; argv[i] != NULL; ++i)
    {
        TRACE("%s ", debugstr_a(argv[i]));
    }
    TRACE("\n");

    if( pipe(pipe_in) < 0 )
    {
        return SEC_E_INTERNAL_ERROR;
    }
    if( pipe(pipe_out) < 0 )
    {
        close(pipe_in[0]);
        close(pipe_in[1]);
        return SEC_E_INTERNAL_ERROR;
    }
    if (!(helper = HeapAlloc(GetProcessHeap(),0, sizeof(NegoHelper))))
    {
        close(pipe_in[0]);
        close(pipe_in[1]);
        close(pipe_out[0]);
        close(pipe_out[1]);
        return SEC_E_INSUFFICIENT_MEMORY;
    }

    helper->helper_pid = fork();

    if(helper->helper_pid == -1)
    {
        close(pipe_in[0]);
        close(pipe_in[1]);
        close(pipe_out[0]);
        close(pipe_out[1]);
        HeapFree( GetProcessHeap(), 0, helper );
        return SEC_E_INTERNAL_ERROR;
    }

    if(helper->helper_pid == 0)
    {
        /* We're in the child now */
        close(0);
        close(1);

        dup2(pipe_out[0], 0);
        close(pipe_out[0]);
        close(pipe_out[1]);

        dup2(pipe_in[1], 1);
        close(pipe_in[0]);
        close(pipe_in[1]);

        execvp(prog, argv);

        /* Whoops, we shouldn't get here. Big badaboom.*/
        write(STDOUT_FILENO, "BH\n", 3);
109
        _exit(1);
110 111 112 113
    }
    else
    {
        *new_helper = helper;
114
        helper->major = helper->minor = helper->micro = -1;
115 116 117
        helper->com_buf = NULL;
        helper->com_buf_size = 0;
        helper->com_buf_offset = 0;
118 119
        helper->session_key = NULL;
        helper->neg_flags = 0;
120 121 122 123 124 125 126
        helper->crypt.ntlm.a4i = NULL;
        helper->crypt.ntlm2.send_a4i = NULL;
        helper->crypt.ntlm2.recv_a4i = NULL;
        helper->crypt.ntlm2.send_sign_key = NULL;
        helper->crypt.ntlm2.send_seal_key = NULL;
        helper->crypt.ntlm2.recv_sign_key = NULL;
        helper->crypt.ntlm2.recv_seal_key = NULL;
127
        helper->pipe_in = pipe_in[0];
128
        fcntl( pipe_in[0], F_SETFD, 1 );
129 130
        close(pipe_in[1]);
        helper->pipe_out = pipe_out[1];
131
        fcntl( pipe_out[1], F_SETFD, 1 );
132 133 134 135
        close(pipe_out[0]);
    }

    return SEC_E_OK;
136 137 138 139
#else
    ERR( "no fork support on this platform\n" );
    return SEC_E_INTERNAL_ERROR;
#endif
140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237
}

static SECURITY_STATUS read_line(PNegoHelper helper, int *offset_len)
{
    char *newline;
    int read_size;
    
    if(helper->com_buf == NULL)
    {
        TRACE("Creating a new buffer for the helper\n");
        if((helper->com_buf = HeapAlloc(GetProcessHeap(), 0, INITIAL_BUFFER_SIZE)) == NULL)
            return SEC_E_INSUFFICIENT_MEMORY;
        
        /* Created a new buffer, size is INITIAL_BUFFER_SIZE, offset is 0 */
        helper->com_buf_size = INITIAL_BUFFER_SIZE;
        helper->com_buf_offset = 0;
    }

    do
    {
        TRACE("offset = %d, size = %d\n", helper->com_buf_offset, helper->com_buf_size);
        if(helper->com_buf_offset + INITIAL_BUFFER_SIZE > helper->com_buf_size)
        {
            /* increment buffer size in INITIAL_BUFFER_SIZE steps */
            char *buf = HeapReAlloc(GetProcessHeap(), 0, helper->com_buf,
                                    helper->com_buf_size + INITIAL_BUFFER_SIZE);
            TRACE("Resizing buffer!\n");
            if (!buf) return SEC_E_INSUFFICIENT_MEMORY;
            helper->com_buf_size += INITIAL_BUFFER_SIZE;
            helper->com_buf = buf;
        }
        if((read_size = read(helper->pipe_in, helper->com_buf + helper->com_buf_offset,
                    helper->com_buf_size - helper->com_buf_offset)) <= 0)
        {
            return SEC_E_INTERNAL_ERROR;
        }
        
        TRACE("read_size = %d, read: %s\n", read_size, 
                debugstr_a(helper->com_buf + helper->com_buf_offset));
        helper->com_buf_offset += read_size;
        newline = memchr(helper->com_buf, '\n', helper->com_buf_offset);
    }while(newline == NULL);

    /* Now, if there's a newline character, and we read more than that newline,
     * we have to store the offset so we can preserve the additional data.*/
    if( newline != helper->com_buf + helper->com_buf_offset)
    {
        TRACE("offset_len is calculated from %p - %p\n", 
                (helper->com_buf + helper->com_buf_offset), newline+1);
        /* the length of the offset is the number of chars after the newline */
        *offset_len = (helper->com_buf + helper->com_buf_offset) - (newline + 1);
    }
    else
    {
        *offset_len = 0;
    }
    
    *newline = '\0';

    return SEC_E_OK;
}

static SECURITY_STATUS preserve_unused(PNegoHelper helper, int offset_len)
{
    TRACE("offset_len = %d\n", offset_len);

    if(offset_len > 0)
    {
        memmove(helper->com_buf, helper->com_buf + helper->com_buf_offset, 
                offset_len);
        helper->com_buf_offset = offset_len;
    }
    else
    {
        helper->com_buf_offset = 0;
    }

    TRACE("helper->com_buf_offset was set to: %d\n", helper->com_buf_offset);
    return SEC_E_OK;
}

SECURITY_STATUS run_helper(PNegoHelper helper, char *buffer,
        unsigned int max_buflen, int *buflen)
{
    int offset_len;
    SECURITY_STATUS sec_status = SEC_E_OK;

    TRACE("In helper: sending %s\n", debugstr_a(buffer));

    /* buffer + '\n' */
    write(helper->pipe_out, buffer, lstrlenA(buffer));
    write(helper->pipe_out, "\n", 1);

    if((sec_status = read_line(helper, &offset_len)) != SEC_E_OK)
    {
        return sec_status;
    }
    
238
    TRACE("In helper: received %s\n", debugstr_a(helper->com_buf));
239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272
    *buflen = lstrlenA(helper->com_buf);

    if( *buflen > max_buflen)
    {   
        ERR("Buffer size too small(%d given, %d required) dropping data!\n",
                max_buflen, *buflen);
        return SEC_E_BUFFER_TOO_SMALL;
    }

    if( *buflen < 2 )
    {
        return SEC_E_ILLEGAL_MESSAGE;
    }

    /* We only get ERR if the input size is too big. On a GENSEC error,
     * ntlm_auth will return BH */
    if(strncmp(helper->com_buf, "ERR", 3) == 0)
    {
        return SEC_E_INVALID_TOKEN;
    }

    memcpy(buffer, helper->com_buf, *buflen+1);

    sec_status = preserve_unused(helper, offset_len);
    
    return sec_status;
}

void cleanup_helper(PNegoHelper helper)
{

    TRACE("Killing helper %p\n", helper);
    if( (helper == NULL) || (helper->helper_pid == 0))
        return;
273

274 275 276 277 278 279 280 281 282 283 284 285 286 287
    HeapFree(GetProcessHeap(), 0, helper->com_buf);

    /* closing stdin will terminate ntlm_auth */
    close(helper->pipe_out);
    close(helper->pipe_in);

    helper->helper_pid = 0;
    HeapFree(GetProcessHeap(), 0, helper);
}

void check_version(PNegoHelper helper)
{
    char temp[80];
    char *newline;
288
    int major = 0, minor = 0, micro = 0, ret;
289 290 291 292 293 294 295 296 297 298 299 300 301

    TRACE("Checking version of helper\n");
    if(helper != NULL)
    {
        int len = read(helper->pipe_in, temp, sizeof(temp)-1);
        if (len > 8)
        {
            if((newline = memchr(temp, '\n', len)) != NULL)
                *newline = '\0';
            else
                temp[len] = 0;

            TRACE("Exact version is %s\n", debugstr_a(temp));
302 303
            ret = sscanf(temp, "Version %d.%d.%d", &major, &minor, &micro);
            if(ret != 3)
304
            {
305 306
                ERR("Failed to get the helper version.\n");
                helper->major = helper->minor = helper->micro = -1;
307 308 309
            }
            else
            {
310 311 312 313
                TRACE("Version recognized: %d.%d.%d\n", major, minor, micro);
                helper->major = major;
                helper->minor = minor;
                helper->micro = micro;
314 315 316 317
            }
        }
    }
}