]>
Commit | Line | Data |
---|---|---|
94439e4e | 1 | /* |
2 | * $Id: ntlmauth.c,v 1.1 2001/01/07 23:36:36 hno Exp $ | |
3 | * | |
4 | * * * * * * * * Legal stuff * * * * * * * | |
5 | * | |
6 | * (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>, | |
7 | * inspired by previous work by Andy Doran. | |
8 | * This program is free software; you can redistribute it and/or modify | |
9 | * it under the terms of the GNU General Public License as published by | |
10 | * the Free Software Foundation; either version 2 of the License, or | |
11 | * (at your option) any later version. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, | |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with this program; if not, write to the Free Software | |
20 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
21 | * | |
22 | */ | |
23 | ||
24 | #include "ntlmauth.h" | |
25 | #include "util.h" /* for base64-related stuff */ | |
26 | ||
27 | /* Dumps NTLM flags to standard error for debugging purposes */ | |
28 | void | |
29 | ntlm_dump_ntlmssp_flags(u_int32_t flags) | |
30 | { | |
31 | fprintf(stderr, "flags: %s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n", | |
32 | (flags & NEGOTIATE_UNICODE ? "Unicode " : ""), | |
33 | (flags & NEGOTIATE_ASCII ? "ASCII " : ""), | |
34 | (flags & NEGOTIATE_REQUEST_TARGET ? "ReqTgt " : ""), | |
35 | (flags & NEGOTIATE_REQUEST_SIGN ? "ReqSign " : ""), | |
36 | (flags & NEGOTIATE_REQUEST_SEAL ? "ReqSeal " : ""), | |
37 | (flags & NEGOTIATE_DATAGRAM_STYLE ? "Dgram " : ""), | |
38 | (flags & NEGOTIATE_USE_LM ? "UseLM " : ""), | |
39 | (flags & NEGOTIATE_USE_NETWARE ? "UseNW " : ""), | |
40 | (flags & NEGOTIATE_USE_NTLM ? "UseNTLM " : ""), | |
41 | (flags & NEGOTIATE_DOMAIN_SUPPLIED ? "HaveDomain " : ""), | |
42 | (flags & NEGOTIATE_WORKSTATION_SUPPLIED ? "HaveWKS " : ""), | |
43 | (flags & NEGOTIATE_THIS_IS_LOCAL_CALL ? "LocalCall " : ""), | |
44 | (flags & NEGOTIATE_ALWAYS_SIGN ? "AlwaysSign " : ""), | |
45 | (flags & CHALLENGE_TARGET_IS_DOMAIN ? "Tgt_is_domain" : ""), | |
46 | (flags & CHALLENGE_TARGET_IS_SERVER ? "Tgt_is_server " : ""), | |
47 | (flags & CHALLENGE_TARGET_IS_SHARE ? "Tgt_is_share " : ""), | |
48 | (flags & REQUEST_INIT_RESPONSE ? "Req_init_response " : ""), | |
49 | (flags & REQUEST_ACCEPT_RESPONSE ? "Req_accept_response " : ""), | |
50 | (flags & REQUEST_NON_NT_SESSION_KEY ? "Req_nonnt_sesskey " : "") | |
51 | ); | |
52 | } | |
53 | ||
54 | #define lstring_zero(s) s.str=NULL; s.l=-1; | |
55 | ||
56 | /* fetches a string from the authentication packet. | |
57 | * The lstring data-part points to inside the packet itself. | |
58 | * It's up to the user to memcpy() that if the value needs to | |
59 | * be used in any way that requires a tailing \0. (he can check whether the | |
60 | * value is there though, in that case lstring.length==-1). | |
61 | */ | |
62 | lstring | |
63 | ntlm_fetch_string(char *packet, int32_t length, strhdr * str) | |
64 | { | |
65 | int16_t l; /* length */ | |
66 | int32_t o; /* offset */ | |
67 | lstring rv; | |
68 | ||
69 | lstring_zero(rv); | |
70 | ||
71 | l = SSWAP(str->len); | |
72 | o = WSWAP(str->offset); | |
73 | /* debug("fetch_string(plength=%d,l=%d,o=%d)\n",length,l,o); */ | |
74 | ||
75 | if (l < 0 || l > MAX_FIELD_LENGTH || o + l > length || o == 0) { | |
76 | /* debug("ntlmssp: insane data (l: %d, o: %d)\n", l,o); */ | |
77 | return rv; | |
78 | } | |
79 | rv.str = packet + o; | |
80 | rv.l = l; | |
81 | ||
82 | return rv; | |
83 | } | |
84 | ||
85 | /* Adds something to the payload. The caller must guarrantee that | |
86 | * there is enough space in the payload string to accommodate the | |
87 | * added value. | |
88 | * payload_length and hdr will be modified as a side-effect. | |
89 | * base_offset is the payload offset from the packet's beginning, and is | |
90 | */ | |
91 | void | |
92 | ntlm_add_to_payload(char *payload, int *payload_length, | |
93 | strhdr * hdr, char *toadd, | |
94 | int toadd_length, int base_offset) | |
95 | { | |
96 | ||
97 | int l = (*payload_length); | |
98 | memcpy(payload + l, toadd, toadd_length); | |
99 | ||
100 | hdr->len = toadd_length; | |
101 | hdr->maxlen = toadd_length; | |
102 | hdr->offset = l + base_offset; /* 48 is the base offset of the payload */ | |
103 | (*payload_length) += toadd_length; | |
104 | } | |
105 | ||
106 | ||
107 | /* prepares a base64-encode challenge packet to be sent to the client | |
108 | * note: domain should be upper_case | |
109 | * note: the storage type for the returned value depends on | |
110 | * base64_encode_bin. Currently this means static storage. | |
111 | */ | |
112 | const char * | |
113 | ntlm_make_challenge(char *domain, char *domain_controller, | |
114 | char *challenge_nonce, int challenge_nonce_len) | |
115 | { | |
116 | ntlm_challenge ch; | |
117 | int pl = 0; | |
118 | const char *encoded; | |
119 | memset(&ch, 0, sizeof(ntlm_challenge)); /* reset */ | |
120 | memcpy(ch.signature, "NTLMSSP", 8); /* set the signature */ | |
121 | ch.type = WSWAP(NTLM_CHALLENGE); /* this is a challenge */ | |
122 | ntlm_add_to_payload(ch.payload, &pl, &ch.target, domain, strlen(domain), | |
123 | NTLM_CHALLENGE_HEADER_OFFSET); | |
124 | ch.flags = WSWAP( | |
125 | REQUEST_NON_NT_SESSION_KEY | | |
126 | CHALLENGE_TARGET_IS_DOMAIN | | |
127 | NEGOTIATE_ALWAYS_SIGN | | |
128 | NEGOTIATE_USE_NTLM | | |
129 | NEGOTIATE_USE_LM | | |
130 | NEGOTIATE_ASCII | | |
131 | 0 | |
132 | ); | |
133 | ch.context_low = 0; /* check this out */ | |
134 | ch.context_high = 0; | |
135 | memcpy(ch.challenge, challenge_nonce, challenge_nonce_len); | |
136 | encoded = base64_encode_bin((char *) &ch, NTLM_CHALLENGE_HEADER_OFFSET + pl); | |
137 | return encoded; | |
138 | } |