]>
Commit | Line | Data |
---|---|---|
94439e4e | 1 | /* |
262a0e14 | 2 | * $Id$ |
94439e4e | 3 | * |
4 | * * * * * * * * Legal stuff * * * * * * * | |
5 | * | |
6 | * (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>, | |
5d146f7d | 7 | * inspired by previous work by Andrew Doran <ad@interlude.eu.org>. |
94439e4e | 8 | * This program is free software; you can redistribute it and/or modify |
9 | * it under the terms of the GNU General Public License as published by | |
10 | * the Free Software Foundation; either version 2 of the License, or | |
11 | * (at your option) any later version. | |
26ac0430 | 12 | * |
94439e4e | 13 | * This program is distributed in the hope that it will be useful, |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
26ac0430 | 17 | * |
94439e4e | 18 | * You should have received a copy of the GNU General Public License |
19 | * along with this program; if not, write to the Free Software | |
20 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
21 | * | |
22 | */ | |
23 | ||
d434f297 | 24 | #include "config.h" |
94439e4e | 25 | |
32d002cb | 26 | #if HAVE_STRING_H |
cf17b739 | 27 | #include <string.h> |
28 | #endif | |
32d002cb | 29 | #if HAVE_STRINGS_H |
cf17b739 | 30 | #include <strings.h> |
31 | #endif | |
32 | ||
d434f297 | 33 | #include "ntlmauth.h" |
34 | #include "util.h" /* for base64-related stuff */ | |
35 | ||
2d72d4fd | 36 | #if UNUSED_CODE |
dac46b89 | 37 | /** Dumps NTLM flags to standard error for debugging purposes */ |
94439e4e | 38 | void |
39 | ntlm_dump_ntlmssp_flags(u_int32_t flags) | |
40 | { | |
41 | fprintf(stderr, "flags: %s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n", | |
26ac0430 AJ |
42 | (flags & NEGOTIATE_UNICODE ? "Unicode " : ""), |
43 | (flags & NEGOTIATE_ASCII ? "ASCII " : ""), | |
44 | (flags & NEGOTIATE_REQUEST_TARGET ? "ReqTgt " : ""), | |
45 | (flags & NEGOTIATE_REQUEST_SIGN ? "ReqSign " : ""), | |
46 | (flags & NEGOTIATE_REQUEST_SEAL ? "ReqSeal " : ""), | |
47 | (flags & NEGOTIATE_DATAGRAM_STYLE ? "Dgram " : ""), | |
48 | (flags & NEGOTIATE_USE_LM ? "UseLM " : ""), | |
49 | (flags & NEGOTIATE_USE_NETWARE ? "UseNW " : ""), | |
50 | (flags & NEGOTIATE_USE_NTLM ? "UseNTLM " : ""), | |
51 | (flags & NEGOTIATE_DOMAIN_SUPPLIED ? "HaveDomain " : ""), | |
52 | (flags & NEGOTIATE_WORKSTATION_SUPPLIED ? "HaveWKS " : ""), | |
53 | (flags & NEGOTIATE_THIS_IS_LOCAL_CALL ? "LocalCall " : ""), | |
54 | (flags & NEGOTIATE_ALWAYS_SIGN ? "AlwaysSign " : ""), | |
55 | (flags & CHALLENGE_TARGET_IS_DOMAIN ? "Tgt_is_domain" : ""), | |
56 | (flags & CHALLENGE_TARGET_IS_SERVER ? "Tgt_is_server " : ""), | |
57 | (flags & CHALLENGE_TARGET_IS_SHARE ? "Tgt_is_share " : ""), | |
58 | (flags & REQUEST_INIT_RESPONSE ? "Req_init_response " : ""), | |
59 | (flags & REQUEST_ACCEPT_RESPONSE ? "Req_accept_response " : ""), | |
60 | (flags & REQUEST_NON_NT_SESSION_KEY ? "Req_nonnt_sesskey " : "") | |
61 | ); | |
94439e4e | 62 | } |
2d72d4fd | 63 | #endif |
94439e4e | 64 | |
65 | #define lstring_zero(s) s.str=NULL; s.l=-1; | |
66 | ||
dac46b89 AJ |
67 | /** |
68 | * Fetches a string from the authentication packet. | |
94439e4e | 69 | * The lstring data-part points to inside the packet itself. |
70 | * It's up to the user to memcpy() that if the value needs to | |
dac46b89 AJ |
71 | * be used in any way that requires a tailing \0. (can check whether the |
72 | * value is there though, in that case lstring.length == -1). | |
94439e4e | 73 | */ |
74 | lstring | |
75 | ntlm_fetch_string(char *packet, int32_t length, strhdr * str) | |
76 | { | |
77 | int16_t l; /* length */ | |
78 | int32_t o; /* offset */ | |
79 | lstring rv; | |
80 | ||
81 | lstring_zero(rv); | |
82 | ||
f9576890 | 83 | l = le16toh(str->len); |
84 | o = le32toh(str->offset); | |
94439e4e | 85 | /* debug("fetch_string(plength=%d,l=%d,o=%d)\n",length,l,o); */ |
86 | ||
87 | if (l < 0 || l > MAX_FIELD_LENGTH || o + l > length || o == 0) { | |
26ac0430 AJ |
88 | /* debug("ntlmssp: insane data (l: %d, o: %d)\n", l,o); */ |
89 | return rv; | |
94439e4e | 90 | } |
91 | rv.str = packet + o; | |
92 | rv.l = l; | |
93 | ||
94 | return rv; | |
95 | } | |
96 | ||
dac46b89 AJ |
97 | /** |
98 | * Adds something to the payload. The caller must guarrantee that | |
94439e4e | 99 | * there is enough space in the payload string to accommodate the |
100 | * added value. | |
101 | * payload_length and hdr will be modified as a side-effect. | |
102 | * base_offset is the payload offset from the packet's beginning, and is | |
103 | */ | |
104 | void | |
105 | ntlm_add_to_payload(char *payload, int *payload_length, | |
26ac0430 AJ |
106 | strhdr * hdr, char *toadd, |
107 | int toadd_length, int base_offset) | |
94439e4e | 108 | { |
109 | ||
110 | int l = (*payload_length); | |
111 | memcpy(payload + l, toadd, toadd_length); | |
112 | ||
f9576890 | 113 | hdr->len = htole16(toadd_length); |
114 | hdr->maxlen = htole16(toadd_length); | |
115 | hdr->offset = htole32(l + base_offset); /* 48 is the base offset of the payload */ | |
94439e4e | 116 | (*payload_length) += toadd_length; |
117 | } | |
118 | ||
119 | ||
dac46b89 AJ |
120 | /** |
121 | * Prepares a base64-encode challenge packet to be sent to the client | |
122 | * \note domain should be upper_case | |
123 | * \note the storage type for the returned value depends on | |
94439e4e | 124 | * base64_encode_bin. Currently this means static storage. |
125 | */ | |
126 | const char * | |
127 | ntlm_make_challenge(char *domain, char *domain_controller, | |
26ac0430 | 128 | char *challenge_nonce, int challenge_nonce_len) |
94439e4e | 129 | { |
130 | ntlm_challenge ch; | |
131 | int pl = 0; | |
132 | const char *encoded; | |
133 | memset(&ch, 0, sizeof(ntlm_challenge)); /* reset */ | |
dac46b89 AJ |
134 | memcpy(ch.hdr.signature, "NTLMSSP", 8); /* set the signature */ |
135 | ch.hdr.type = htole32(NTLM_CHALLENGE); /* this is a challenge */ | |
94439e4e | 136 | ntlm_add_to_payload(ch.payload, &pl, &ch.target, domain, strlen(domain), |
26ac0430 | 137 | NTLM_CHALLENGE_HEADER_OFFSET); |
f9576890 | 138 | ch.flags = htole32( |
26ac0430 AJ |
139 | REQUEST_NON_NT_SESSION_KEY | |
140 | CHALLENGE_TARGET_IS_DOMAIN | | |
141 | NEGOTIATE_ALWAYS_SIGN | | |
142 | NEGOTIATE_USE_NTLM | | |
143 | NEGOTIATE_USE_LM | | |
144 | NEGOTIATE_ASCII | | |
145 | 0 | |
146 | ); | |
94439e4e | 147 | ch.context_low = 0; /* check this out */ |
148 | ch.context_high = 0; | |
149 | memcpy(ch.challenge, challenge_nonce, challenge_nonce_len); | |
150 | encoded = base64_encode_bin((char *) &ch, NTLM_CHALLENGE_HEADER_OFFSET + pl); | |
151 | return encoded; | |
152 | } |