1
/*
2
 * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan
3
 * (Royal Institute of Technology, Stockholm, Sweden).
4
 * All rights reserved.
5
 *
6
 * Redistribution and use in source and binary forms, with or without
7
 * modification, are permitted provided that the following conditions
8
 * are met:
9
 *
10
 * 1. Redistributions of source code must retain the above copyright
11
 *    notice, this list of conditions and the following disclaimer.
12
 *
13
 * 2. Redistributions in binary form must reproduce the above copyright
14
 *    notice, this list of conditions and the following disclaimer in the
15
 *    documentation and/or other materials provided with the distribution.
16
 *
17
 * 3. Neither the name of the Institute nor the names of its contributors
18
 *    may be used to endorse or promote products derived from this software
19
 *    without specific prior written permission.
20
 *
21
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31
 * SUCH DAMAGE.
32
 */
33

34
#include "gsskrb5_locl.h"
35

36
#define DEFAULT_JITTER_WINDOW 20
37

38
struct gss_msg_order {
39
    OM_uint32 flags;
40
    OM_uint32 start;
41
    OM_uint32 length;
42
    OM_uint32 jitter_window;
43
    OM_uint32 first_seq;
44
    OM_uint32 elem[1];
45
};
46

47

48
/*
49
 *
50
 */
51

52
static OM_uint32
53
msg_order_alloc(OM_uint32 *minor_status,
54
		struct gss_msg_order **o,
55
		OM_uint32 jitter_window)
56
{
57
    size_t len;
58

59
    len = jitter_window * sizeof((*o)->elem[0]);
60
    len += sizeof(**o);
61
    len -= sizeof((*o)->elem[0]);
62

63
    *o = calloc(1, len);
64
    if (*o == NULL) {
65
	*minor_status = ENOMEM;
66
	return GSS_S_FAILURE;
67
    }
68

69
    *minor_status = 0;
70
    return GSS_S_COMPLETE;
71
}
72

73
/*
74
 *
75
 */
76

77
OM_uint32
78
_gssapi_msg_order_create(OM_uint32 *minor_status,
79
			 struct gss_msg_order **o,
80
			 OM_uint32 flags,
81
			 OM_uint32 seq_num,
82
			 OM_uint32 jitter_window,
83
			 int use_64)
84
{
85
    OM_uint32 ret;
86

87
    if (jitter_window == 0)
88
	jitter_window = DEFAULT_JITTER_WINDOW;
89

90
    ret = msg_order_alloc(minor_status, o, jitter_window);
91
    if(ret != GSS_S_COMPLETE)
92
        return ret;
93

94
    (*o)->flags = flags;
95
    (*o)->length = 0;
96
    (*o)->first_seq = seq_num;
97
    (*o)->jitter_window = jitter_window;
98
    (*o)->elem[0] = seq_num - 1;
99

100
    *minor_status = 0;
101
    return GSS_S_COMPLETE;
102
}
103

104
OM_uint32
105
_gssapi_msg_order_destroy(struct gss_msg_order **m)
106
{
107
    free(*m);
108
    *m = NULL;
109
    return GSS_S_COMPLETE;
110
}
111

112
static void
113
elem_set(struct gss_msg_order *o, unsigned int slot, OM_uint32 val)
114
{
115
    o->elem[slot % o->jitter_window] = val;
116
}
117

118
static void
119
elem_insert(struct gss_msg_order *o,
120
	    unsigned int after_slot,
121
	    OM_uint32 seq_num)
122
{
123
    assert(o->jitter_window > after_slot);
124

125
    if (o->length > after_slot)
126
	memmove(&o->elem[after_slot + 1], &o->elem[after_slot],
127
		(o->length - after_slot - 1) * sizeof(o->elem[0]));
128

129
    elem_set(o, after_slot, seq_num);
130

131
    if (o->length < o->jitter_window)
132
	o->length++;
133
}
134

135
/* rule 1: expected sequence number */
136
/* rule 2: > expected sequence number */
137
/* rule 3: seqnum < seqnum(first) */
138
/* rule 4+5: seqnum in [seqnum(first),seqnum(last)]  */
139

140
OM_uint32
141
_gssapi_msg_order_check(struct gss_msg_order *o, OM_uint32 seq_num)
142
{
143
    OM_uint32 r;
144
    size_t i;
145

146
    if (o == NULL)
147
	return GSS_S_COMPLETE;
148

149
    if ((o->flags & (GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG)) == 0)
150
	return GSS_S_COMPLETE;
151

152
    /* check if the packet is the next in order */
153
    if (o->elem[0] == seq_num - 1) {
154
	elem_insert(o, 0, seq_num);
155
	return GSS_S_COMPLETE;
156
    }
157

158
    r = (o->flags & (GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG))==GSS_C_REPLAY_FLAG;
159

160
    /* sequence number larger then largest sequence number
161
     * or smaller then the first sequence number */
162
    if (seq_num > o->elem[0]
163
	|| seq_num < o->first_seq
164
	|| o->length == 0)
165
    {
166
	elem_insert(o, 0, seq_num);
167
	if (r) {
168
	    return GSS_S_COMPLETE;
169
	} else {
170
	    return GSS_S_GAP_TOKEN;
171
	}
172
    }
173

174
    assert(o->length > 0);
175

176
    /* sequence number smaller the first sequence number */
177
    if (seq_num < o->elem[o->length - 1]) {
178
	if (r)
179
	    return(GSS_S_OLD_TOKEN);
180
	else
181
	    return(GSS_S_UNSEQ_TOKEN);
182
    }
183

184
    if (seq_num == o->elem[o->length - 1]) {
185
	return GSS_S_DUPLICATE_TOKEN;
186
    }
187

188
    for (i = 0; i < o->length - 1; i++) {
189
	if (o->elem[i] == seq_num)
190
	    return GSS_S_DUPLICATE_TOKEN;
191
	if (o->elem[i + 1] < seq_num && o->elem[i] < seq_num) {
192
	    elem_insert(o, i, seq_num);
193
	    if (r)
194
		return GSS_S_COMPLETE;
195
	    else
196
		return GSS_S_UNSEQ_TOKEN;
197
	}
198
    }
199

200
    return GSS_S_FAILURE;
201
}
202

203
OM_uint32
204
_gssapi_msg_order_f(OM_uint32 flags)
205
{
206
    return flags & (GSS_C_SEQUENCE_FLAG|GSS_C_REPLAY_FLAG);
207
}
208

209
/*
210
 * Translate `o` into inter-process format and export in to `sp'.
211
 */
212

213
krb5_error_code
214
_gssapi_msg_order_export(krb5_storage *sp, struct gss_msg_order *o)
215
{
216
    krb5_error_code kret;
217
    OM_uint32 i;
218

219
    kret = krb5_store_int32(sp, o->flags);
220
    if (kret)
221
        return kret;
222
    kret = krb5_store_int32(sp, o->start);
223
    if (kret)
224
        return kret;
225
    kret = krb5_store_int32(sp, o->length);
226
    if (kret)
227
        return kret;
228
    kret = krb5_store_int32(sp, o->jitter_window);
229
    if (kret)
230
        return kret;
231
    kret = krb5_store_int32(sp, o->first_seq);
232
    if (kret)
233
        return kret;
234

235
    for (i = 0; i < o->jitter_window; i++) {
236
        kret = krb5_store_int32(sp, o->elem[i]);
237
	if (kret)
238
	    return kret;
239
    }
240

241
    return 0;
242
}
243

244
OM_uint32
245
_gssapi_msg_order_import(OM_uint32 *minor_status,
246
			 krb5_storage *sp,
247
			 struct gss_msg_order **o)
248
{
249
    OM_uint32 ret;
250
    krb5_error_code kret;
251
    int32_t i, flags, start, length, jitter_window, first_seq;
252

253
    kret = krb5_ret_int32(sp, &flags);
254
    if (kret)
255
	goto failed;
256
    kret = krb5_ret_int32(sp, &start);
257
    if (kret)
258
	goto failed;
259
    kret = krb5_ret_int32(sp, &length);
260
    if (kret)
261
	goto failed;
262
    kret = krb5_ret_int32(sp, &jitter_window);
263
    if (kret)
264
	goto failed;
265
    kret = krb5_ret_int32(sp, &first_seq);
266
    if (kret)
267
	goto failed;
268

269
    ret = msg_order_alloc(minor_status, o, jitter_window);
270
    if (ret != GSS_S_COMPLETE)
271
        return ret;
272

273
    (*o)->flags = flags;
274
    (*o)->start = start;
275
    (*o)->length = length;
276
    (*o)->jitter_window = jitter_window;
277
    (*o)->first_seq = first_seq;
278

279
    for( i = 0; i < jitter_window; i++ ) {
280
        kret = krb5_ret_int32(sp, (int32_t*)&((*o)->elem[i]));
281
	if (kret)
282
	    goto failed;
283
    }
284

285
    *minor_status = 0;
286
    return GSS_S_COMPLETE;
287

288
failed:
289
    _gssapi_msg_order_destroy(o);
290
    *minor_status = kret;
291
    return GSS_S_FAILURE;
292
}
293

294