Blob Blame History Raw
From 626402d0e29e816e46fea97797c02c6264997a6f Mon Sep 17 00:00:00 2001
From: John Wolfe <jwolfe@vmware.com>
Date: Mon, 8 May 2023 20:15:01 -0700
Subject: [PATCH] Remove some dead code.

RH-Author: Ani Sinha <None>
RH-MergeRequest: 22: Remove some dead code.
RH-Bugzilla: 2215562
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Cathy Avery <cavery@redhat.com>
RH-Commit: [1/1] f1963d6d390d5f10d827fb3f1057123bb32dda53

Address CVE-2023-20867.
Remove some authentication types which were deprecated long
ago and are no longer in use. These are dead code.

cherry-picked from
https://github.com/vmware/open-vm-tools/blob/CVE-2023-20867.patch/2023-20867-Remove-some-dead-code-1100-1105.patch

Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
 open-vm-tools/services/plugins/vix/vixTools.c | 102 ------------------
 1 file changed, 102 deletions(-)

diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c
index c40ad15a..d9b947f6 100644
--- a/open-vm-tools/services/plugins/vix/vixTools.c
+++ b/open-vm-tools/services/plugins/vix/vixTools.c
@@ -228,8 +228,6 @@ char *gImpersonatedUsername = NULL;
 #define  VIX_TOOLS_CONFIG_API_AUTHENTICATION          "Authentication"
 #define  VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS             "InfrastructureAgents"
 
-#define VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT  TRUE
-
 /*
  * The switch that controls all APIs
  */
@@ -704,9 +702,6 @@ VixError GuestAuthSAMLAuthenticateAndImpersonate(
 
 void GuestAuthUnimpersonate();
 
-static Bool VixToolsCheckIfAuthenticationTypeEnabled(GKeyFile *confDictRef,
-                                                     const char *typeName);
-
 #if SUPPORT_VGAUTH
 
 VGAuthError TheVGAuthContext(VGAuthContext **ctx);
@@ -7845,29 +7840,6 @@ VixToolsImpersonateUser(VixCommandRequestHeader *requestMsg,   // IN
                                           userToken);
       break;
    }
-   case VIX_USER_CREDENTIAL_ROOT:
-   {
-      if ((requestMsg->requestFlags & VIX_REQUESTMSG_HAS_HASHED_SHARED_SECRET) &&
-          !VixToolsCheckIfAuthenticationTypeEnabled(gConfDictRef,
-                                            VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS)) {
-          /*
-           * Don't accept hashed shared secret if disabled.
-           */
-          g_message("%s: Requested authentication type has been disabled.\n",
-                    __FUNCTION__);
-          err = VIX_E_GUEST_AUTHTYPE_DISABLED;
-          goto done;
-      }
-   }
-   // fall through
-
-   case VIX_USER_CREDENTIAL_CONSOLE_USER:
-      err = VixToolsImpersonateUserImplEx(NULL,
-                                          credentialType,
-                                          NULL,
-                                          loadUserProfile,
-                                          userToken);
-      break;
    case VIX_USER_CREDENTIAL_NAME_PASSWORD:
    case VIX_USER_CREDENTIAL_NAME_PASSWORD_OBFUSCATED:
    case VIX_USER_CREDENTIAL_NAMED_INTERACTIVE_USER:
@@ -8036,36 +8008,6 @@ VixToolsImpersonateUserImplEx(char const *credentialTypeStr,         // IN
          }
       }
 
-      /*
-       * If the VMX asks to be root, then we allow them.
-       * The VMX will make sure that only it will pass this value in,
-       * and only when the VM and host are configured to allow this.
-       */
-      if ((VIX_USER_CREDENTIAL_ROOT == credentialType)
-            && (thisProcessRunsAsRoot)) {
-         *userToken = PROCESS_CREATOR_USER_TOKEN;
-
-         gImpersonatedUsername = Util_SafeStrdup("_ROOT_");
-         err = VIX_OK;
-         goto abort;
-      }
-
-      /*
-       * If the VMX asks to be root, then we allow them.
-       * The VMX will make sure that only it will pass this value in,
-       * and only when the VM and host are configured to allow this.
-       *
-       * XXX This has been deprecated XXX
-       */
-      if ((VIX_USER_CREDENTIAL_CONSOLE_USER == credentialType)
-            && ((allowConsoleUserOps) || !(thisProcessRunsAsRoot))) {
-         *userToken = PROCESS_CREATOR_USER_TOKEN;
-
-         gImpersonatedUsername = Util_SafeStrdup("_CONSOLE_USER_NAME_");
-         err = VIX_OK;
-         goto abort;
-      }
-
       /*
        * If the VMX asks us to run commands in the context of the current
        * user, make sure that the user who requested the command is the
@@ -10755,50 +10697,6 @@ VixToolsCheckIfVixCommandEnabled(int opcode,                          // IN
 }
 
 
-/*
- *-----------------------------------------------------------------------------
- *
- * VixToolsCheckIfAuthenticationTypeEnabled --
- *
- *    Checks to see if a given authentication type has been
- *    disabled via the tools configuration.
- *
- * Return value:
- *    TRUE if enabled, FALSE otherwise.
- *
- * Side effects:
- *    None
- *
- *-----------------------------------------------------------------------------
- */
-
-static Bool
-VixToolsCheckIfAuthenticationTypeEnabled(GKeyFile *confDictRef,     // IN
-                                         const char *typeName)      // IN
-{
-   char authnDisabledName[64]; // Authentication.<AuthenticationType>.disabled
-   gboolean disabled;
-
-   Str_Snprintf(authnDisabledName, sizeof(authnDisabledName),
-                VIX_TOOLS_CONFIG_API_AUTHENTICATION ".%s.disabled",
-                typeName);
-
-   ASSERT(confDictRef != NULL);
-
-   /*
-    * XXX Skip doing the strcmp() to verify the auth type since we only
-    * have the one typeName (VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS), and default
-    * it to VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT.
-    */
-   disabled = VixTools_ConfigGetBoolean(confDictRef,
-                                        VIX_TOOLS_CONFIG_API_GROUPNAME,
-                                        authnDisabledName,
-                                        VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT);
-
-   return !disabled;
-}
-
-
 /*
  *-----------------------------------------------------------------------------
  *
-- 
2.37.3