Store the full SPN within a server gssntlm_name

simo5 · simo5 · commit 4d3f37d61958 · 2022-02-23T21:04:05.000-05:00
The SPN is used to fill the Traget Name Attribute in the Target Info
array. This means we need to preserver the SPN as passed to us (via
conversion from a GSS Name).

This patch adds an spn field to the server union part of gssntlm_name
structure.

Signed-off-by: Simo Sorce &lt;simo@redhat.com&gt;
diff --git a/src/gss_names.c b/src/gss_names.c
@@ -291,30 +291,61 @@ uint32_t gssntlm_import_name_by_mech(uint32_t *minor_status,
 
     if (gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE) ||
         gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE_X)) {
+        char *spn = NULL;
+        char *p;
 
         name->type = GSSNTLM_NAME_SERVER;
 
-        retmaj = string_split(&retmin, '@',
-                              input_name_buffer->value,
-                              input_name_buffer->length,
-                              NULL, &name->data.server.name);
-        if ((retmaj == GSS_S_COMPLETE) ||
-            (retmaj != GSS_S_UNAVAILABLE)) {
-            goto done;
-        }
-
-        /* no seprator, assume only service is provided and try to source
-         * the local host name */
-        retmin = gethostname(hostname, HOST_NAME_MAX);
-        if (retmin) {
-            set_GSSERR(retmin);
+        spn = strndup(input_name_buffer->value, input_name_buffer->length);
+        if (!spn) {
+            set_GSSERR(ENOMEM);
             goto done;
         }
-        hostname[HOST_NAME_MAX] = '\0';
-        name->data.server.name = strdup(hostname);
-        if (!name->data.server.name) {
-            set_GSSERR(ENOMEM);
+        p = memchr(spn, '@', input_name_buffer->length);
+        if (p) {
+            /* Windows expects a SPN not a GSS Name */
+            *p = '/';
+            name->data.server.spn = spn;
+            spn = NULL;
+            name->data.server.name = strdup(p + 1);
+            if (!name->data.server.name) {
+                free(spn);
+                set_GSSERR(ENOMEM);
+                goto done;
+            }
+        } else {
+            size_t l, r;
+            /* no seprator, assume only service is provided and try to
+             * source the local host name */
+            retmin = gethostname(hostname, HOST_NAME_MAX);
+            if (retmin) {
+                free(spn);
+                set_GSSERR(retmin);
+                goto done;
+            }
+            hostname[HOST_NAME_MAX] = '\0';
+            /* spn = <service> + </> + <hostname> + <\0> */
+            l = strlen(spn) + 1 + strlen(hostname) + 1;
+            name->data.server.spn = malloc(l);
+            if (!name->data.server.spn) {
+                free(spn);
+                set_GSSERR(ENOMEM);
+                goto done;
+            }
+            r = snprintf(name->data.server.spn, l, "%s/%s", spn, hostname);
+            if (r != l - 1) {
+                free(spn);
+                set_GSSERR(ENOMEM);
+                goto done;
+            }
+            name->data.server.name = strdup(hostname);
+            if (!name->data.server.name) {
+                free(spn);
+                set_GSSERR(ENOMEM);
+                goto done;
+            }
         }
+        free(spn);
         set_GSSERRS(0, GSS_S_COMPLETE);
 
     } else if (gss_oid_equal(input_name_type, GSS_C_NT_USER_NAME)) {
@@ -454,7 +485,7 @@ void gssntlm_release_attrs(struct gssntlm_name_attribute **attrs)
 
 int gssntlm_copy_name(struct gssntlm_name *src, struct gssntlm_name *dst)
 {
-    char *dom = NULL, *usr = NULL, *srv = NULL;
+    char *dom = NULL, *usr = NULL, *spn = NULL, *srv = NULL;
     int ret;
     dst->type = src->type;
     switch (src->type) {
@@ -480,6 +511,14 @@ int gssntlm_copy_name(struct gssntlm_name *src, struct gssntlm_name *dst)
         dst->data.user.name = usr;
         break;
     case GSSNTLM_NAME_SERVER:
+        if (src->data.server.spn) {
+            spn = strdup(src->data.server.spn);
+            if (!spn) {
+                ret = ENOMEM;
+                goto done;
+            }
+        }
+        dst->data.server.spn = spn;
         if (src->data.server.name) {
             srv = strdup(src->data.server.name);
             if (!srv) {
@@ -499,6 +538,7 @@ int gssntlm_copy_name(struct gssntlm_name *src, struct gssntlm_name *dst)
     if (ret) {
         safefree(dom);
         safefree(usr);
+        safefree(spn);
         safefree(srv);
     }
     return ret;
@@ -560,6 +600,7 @@ void gssntlm_int_release_name(struct gssntlm_name *name)
         safefree(name->data.user.name);
         break;
     case GSSNTLM_NAME_SERVER:
+        safefree(name->data.server.spn);
         safefree(name->data.server.name);
         break;
     }
@@ -635,7 +676,7 @@ uint32_t gssntlm_display_name(uint32_t *minor_status,
         }
         break;
     case GSSNTLM_NAME_SERVER:
-        out->value = strdup(in->data.server.name);
+        out->value = strdup(in->data.server.spn);
         if (!out->value) {
             set_GSSERR(ENOMEM);
             goto done;
diff --git a/src/gss_ntlmssp.h b/src/gss_ntlmssp.h
@@ -59,6 +59,7 @@ struct gssntlm_name {
             char *name;
         } user;
         struct {
+            char *spn;
             char *name;
         } server;
     } data;
