* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
-
+
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
#include <ctype.h>
#endif
-void
+void
hex_dump(void *data, int size)
{
/* dumps size bytes of *data to stdout. Looks like:
*/
if (!data)
- return;
+ return;
if (debug_enabled) {
- unsigned char *p = data;
- unsigned char c;
- int n;
- char bytestr[4] =
- {0};
- char addrstr[10] =
- {0};
- char hexstr[16 * 3 + 5] =
- {0};
- char charstr[16 * 1 + 5] =
- {0};
- for (n = 1; n <= size; n++) {
- if (n % 16 == 1) {
- /* store address for this line */
- snprintf(addrstr, sizeof(addrstr), "%.4x",
- ((unsigned int) p - (unsigned int) data));
- }
- c = *p;
- if (xisalnum(c) == 0) {
- c = '.';
- }
- /* store hex str (for left side) */
- snprintf(bytestr, sizeof(bytestr), "%02X ", *p);
- strncat(hexstr, bytestr, sizeof(hexstr) - strlen(hexstr) - 1);
+ unsigned char *p = data;
+ unsigned char c;
+ int n;
+ char bytestr[4] = {0};
+ char addrstr[10] = {0};
+ char hexstr[16 * 3 + 5] = {0};
+ char charstr[16 * 1 + 5] = {0};
+ for (n = 1; n <= size; n++) {
+ if (n % 16 == 1) {
+ /* store address for this line */
+ snprintf(addrstr, sizeof(addrstr), "%.4x",
+ ((unsigned int) p - (unsigned int) data));
+ }
+ c = *p;
+ if (xisalnum(c) == 0) {
+ c = '.';
+ }
+ /* store hex str (for left side) */
+ snprintf(bytestr, sizeof(bytestr), "%02X ", *p);
+ strncat(hexstr, bytestr, sizeof(hexstr) - strlen(hexstr) - 1);
- /* store char str (for right side) */
- snprintf(bytestr, sizeof(bytestr), "%c", c);
- strncat(charstr, bytestr, sizeof(charstr) - strlen(charstr) - 1);
+ /* store char str (for right side) */
+ snprintf(bytestr, sizeof(bytestr), "%c", c);
+ strncat(charstr, bytestr, sizeof(charstr) - strlen(charstr) - 1);
- if (n % 16 == 0) {
- /* line completed */
- fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr);
- hexstr[0] = 0;
- charstr[0] = 0;
- } else if (n % 8 == 0) {
- /* half line: add whitespaces */
- strncat(hexstr, " ", sizeof(hexstr) - strlen(hexstr) - 1);
- strncat(charstr, " ", sizeof(charstr) - strlen(charstr) - 1);
- }
- p++; /* next byte */
- }
+ if (n % 16 == 0) {
+ /* line completed */
+ fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr);
+ hexstr[0] = 0;
+ charstr[0] = 0;
+ } else if (n % 8 == 0) {
+ /* half line: add whitespaces */
+ strncat(hexstr, " ", sizeof(hexstr) - strlen(hexstr) - 1);
+ strncat(charstr, " ", sizeof(charstr) - strlen(charstr) - 1);
+ }
+ p++; /* next byte */
+ }
- if (strlen(hexstr) > 0) {
- /* print rest of buffer if not empty */
- fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr);
- }
+ if (strlen(hexstr) > 0) {
+ /* print rest of buffer if not empty */
+ fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr);
+ }
}
}
{
char *p = string, c;
while ((c = *p)) {
- *p = xtoupper(c);
- p++;
+ *p = xtoupper(c);
+ p++;
}
}
{
char *p = string, c;
while ((c = *p)) {
- *p = xtolower(c);
- p++;
+ *p = xtolower(c);
+ p++;
}
}
usage()
{
fprintf(stderr,
- "Usage: %s [-d] [-v] [-h]\n"
- " -d enable debugging.\n"
- " -v enable verbose Negotiate packet debugging.\n"
- " -h this message\n\n",
- my_program_name);
+ "Usage: %s [-d] [-v] [-h]\n"
+ " -d enable debugging.\n"
+ " -v enable verbose Negotiate packet debugging.\n"
+ " -h this message\n\n",
+ my_program_name);
}
opterr = 0;
while (-1 != (opt = getopt(argc, argv, "hdv"))) {
- switch (opt) {
- case 'd':
- debug_enabled = 1;
- break;
- case 'v':
- debug_enabled = 1;
- Negotiate_packet_debug_enabled = 1;
- break;
- case 'h':
- usage();
- exit(0);
- case '?':
- opt = optopt;
- /* fall thru to default */
- default:
- fprintf(stderr, "unknown option: -%c. Exiting\n", opt);
- usage();
- had_error = 1;
- }
+ switch (opt) {
+ case 'd':
+ debug_enabled = 1;
+ break;
+ case 'v':
+ debug_enabled = 1;
+ Negotiate_packet_debug_enabled = 1;
+ break;
+ case 'h':
+ usage();
+ exit(0);
+ case '?':
+ opt = optopt;
+ /* fall thru to default */
+ default:
+ fprintf(stderr, "unknown option: -%c. Exiting\n", opt);
+ usage();
+ had_error = 1;
+ }
}
if (had_error)
- exit(1);
+ exit(1);
}
int
static char cred[SSP_MAX_CRED_LEN + 1];
BOOL Done = FALSE;
- try_again:
+try_again:
if (fgets(buf, BUFFER_SIZE, stdin) == NULL)
- return 0;
+ return 0;
c = memchr(buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */
if (c) {
- if (oversized) {
- helperfail("illegal request received");
- fprintf(stderr, "Illegal request received: '%s'\n", buf);
- return 1;
- }
- *c = '\0';
+ if (oversized) {
+ helperfail("illegal request received");
+ fprintf(stderr, "Illegal request received: '%s'\n", buf);
+ return 1;
+ }
+ *c = '\0';
} else {
- fprintf(stderr, "No newline in '%s'\n", buf);
- oversized = 1;
- goto try_again;
+ fprintf(stderr, "No newline in '%s'\n", buf);
+ oversized = 1;
+ goto try_again;
}
if ((strlen(buf) > 3) && Negotiate_packet_debug_enabled) {
- decoded = base64_decode(buf + 3);
- strncpy(helper_command, buf, 2);
- debug("Got '%s' from Squid with data:\n", helper_command);
- hex_dump(decoded, ((strlen(buf) - 3) * 3) / 4);
+ decoded = base64_decode(buf + 3);
+ strncpy(helper_command, buf, 2);
+ debug("Got '%s' from Squid with data:\n", helper_command);
+ hex_dump(decoded, ((strlen(buf) - 3) * 3) / 4);
} else
- debug("Got '%s' from Squid\n", buf);
+ debug("Got '%s' from Squid\n", buf);
if (memcmp(buf, "YR ", 3) == 0) { /* refresh-request */
- /* figure out what we got */
- decoded = base64_decode(buf + 3);
- /* Note: we don't need to manage memory at this point, since
- * base64_decode returns a pointer to static storage.
- */
- if (!decoded) { /* decoding failure, return error */
- SEND("NA * Packet format error, couldn't base64-decode");
- return 1;
- }
- /* Obtain server blob against SSPI */
- plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */
- c = (char *) SSP_MakeNegotiateBlob(decoded, plen, &Done, &status, cred);
+ /* figure out what we got */
+ decoded = base64_decode(buf + 3);
+ /* Note: we don't need to manage memory at this point, since
+ * base64_decode returns a pointer to static storage.
+ */
+ if (!decoded) { /* decoding failure, return error */
+ SEND("NA * Packet format error, couldn't base64-decode");
+ return 1;
+ }
+ /* Obtain server blob against SSPI */
+ plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */
+ c = (char *) SSP_MakeNegotiateBlob(decoded, plen, &Done, &status, cred);
- if (status == SSP_OK) {
- if (Done) {
- lc(cred); /* let's lowercase them for our convenience */
- have_serverblob = 0;
- Done = FALSE;
- if (Negotiate_packet_debug_enabled) {
- decoded = base64_decode(c);
- debug("sending 'AF' %s to squid with data:\n", cred);
- if (c != NULL)
- hex_dump(decoded, (strlen(c) * 3) / 4);
- else
- fprintf(stderr, "No data available.\n");
- printf("AF %s %s\n", c, cred);
- } else
- SEND3("AF %s %s", c, cred);
- } else {
- if (Negotiate_packet_debug_enabled) {
- decoded = base64_decode(c);
- debug("sending 'TT' to squid with data:\n");
- hex_dump(decoded, (strlen(c) * 3) / 4);
- printf("TT %s\n", c);
- } else {
- SEND2("TT %s", c);
- }
- have_serverblob = 1;
- }
- } else
- helperfail("can't obtain server blob");
- return 1;
+ if (status == SSP_OK) {
+ if (Done) {
+ lc(cred); /* let's lowercase them for our convenience */
+ have_serverblob = 0;
+ Done = FALSE;
+ if (Negotiate_packet_debug_enabled) {
+ decoded = base64_decode(c);
+ debug("sending 'AF' %s to squid with data:\n", cred);
+ if (c != NULL)
+ hex_dump(decoded, (strlen(c) * 3) / 4);
+ else
+ fprintf(stderr, "No data available.\n");
+ printf("AF %s %s\n", c, cred);
+ } else
+ SEND3("AF %s %s", c, cred);
+ } else {
+ if (Negotiate_packet_debug_enabled) {
+ decoded = base64_decode(c);
+ debug("sending 'TT' to squid with data:\n");
+ hex_dump(decoded, (strlen(c) * 3) / 4);
+ printf("TT %s\n", c);
+ } else {
+ SEND2("TT %s", c);
+ }
+ have_serverblob = 1;
+ }
+ } else
+ helperfail("can't obtain server blob");
+ return 1;
}
if (memcmp(buf, "KK ", 3) == 0) { /* authenticate-request */
- if (!have_serverblob) {
- helperfail("invalid server blob");
- return 1;
- }
- /* figure out what we got */
- decoded = base64_decode(buf + 3);
- /* Note: we don't need to manage memory at this point, since
- * base64_decode returns a pointer to static storage.
- */
- if (!decoded) { /* decoding failure, return error */
- SEND("NA * Packet format error, couldn't base64-decode");
- return 1;
- }
- /* check against SSPI */
- plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */
- c = (char *) SSP_ValidateNegotiateCredentials(decoded, plen, &Done, &status, cred);
+ if (!have_serverblob) {
+ helperfail("invalid server blob");
+ return 1;
+ }
+ /* figure out what we got */
+ decoded = base64_decode(buf + 3);
+ /* Note: we don't need to manage memory at this point, since
+ * base64_decode returns a pointer to static storage.
+ */
+ if (!decoded) { /* decoding failure, return error */
+ SEND("NA * Packet format error, couldn't base64-decode");
+ return 1;
+ }
+ /* check against SSPI */
+ plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */
+ c = (char *) SSP_ValidateNegotiateCredentials(decoded, plen, &Done, &status, cred);
- if (status == SSP_ERROR) {
+ if (status == SSP_ERROR) {
#if FAIL_DEBUG
- fail_debug_enabled = 1;
+ fail_debug_enabled = 1;
#endif
- FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM |
- FORMAT_MESSAGE_IGNORE_INSERTS,
- NULL,
- GetLastError(),
- MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */
- (LPTSTR) & ErrorMessage,
- 0,
- NULL);
- if (ErrorMessage[strlen(ErrorMessage) - 1] == '\n')
- ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
- if (ErrorMessage[strlen(ErrorMessage) - 1] == '\r')
- ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
- SEND2("NA * %s", ErrorMessage);
- LocalFree(ErrorMessage);
- return 1;
- }
- if (Done) {
- lc(cred); /* let's lowercase them for our convenience */
- have_serverblob = 0;
- Done = FALSE;
- if (Negotiate_packet_debug_enabled) {
- decoded = base64_decode(c);
- debug("sending 'AF' %s to squid with data:\n", cred);
- if (c != NULL)
- hex_dump(decoded, (strlen(c) * 3) / 4);
- else
- fprintf(stderr, "No data available.\n");
- printf("AF %s %s\n", c, cred);
- } else {
- SEND3("AF %s %s", c, cred);
- }
- return 1;
- } else {
- if (Negotiate_packet_debug_enabled) {
- decoded = base64_decode(c);
- debug("sending 'TT' to squid with data:\n");
- hex_dump(decoded, (strlen(c) * 3) / 4);
- printf("TT %s\n", c);
- } else
- SEND2("TT %s", c);
- return 1;
- }
+ FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM |
+ FORMAT_MESSAGE_IGNORE_INSERTS,
+ NULL,
+ GetLastError(),
+ MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */
+ (LPTSTR) & ErrorMessage,
+ 0,
+ NULL);
+ if (ErrorMessage[strlen(ErrorMessage) - 1] == '\n')
+ ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
+ if (ErrorMessage[strlen(ErrorMessage) - 1] == '\r')
+ ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
+ SEND2("NA * %s", ErrorMessage);
+ LocalFree(ErrorMessage);
+ return 1;
+ }
+ if (Done) {
+ lc(cred); /* let's lowercase them for our convenience */
+ have_serverblob = 0;
+ Done = FALSE;
+ if (Negotiate_packet_debug_enabled) {
+ decoded = base64_decode(c);
+ debug("sending 'AF' %s to squid with data:\n", cred);
+ if (c != NULL)
+ hex_dump(decoded, (strlen(c) * 3) / 4);
+ else
+ fprintf(stderr, "No data available.\n");
+ printf("AF %s %s\n", c, cred);
+ } else {
+ SEND3("AF %s %s", c, cred);
+ }
+ return 1;
+ } else {
+ if (Negotiate_packet_debug_enabled) {
+ decoded = base64_decode(c);
+ debug("sending 'TT' to squid with data:\n");
+ hex_dump(decoded, (strlen(c) * 3) / 4);
+ printf("TT %s\n", c);
+ } else
+ SEND2("TT %s", c);
+ return 1;
+ }
} else { /* not an auth-request */
- helperfail("illegal request received");
- fprintf(stderr, "Illegal request received: '%s'\n", buf);
- return 1;
+ helperfail("illegal request received");
+ fprintf(stderr, "Illegal request received: '%s'\n", buf);
+ return 1;
}
helperfail("detected protocol error");
return 1;
-/********* END ********/
+ /********* END ********/
}
int
debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name);
if (LoadSecurityDll(SSP_NTLM, NEGOTIATE_PACKAGE_NAME) == NULL) {
- fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n");
- exit(1);
+ fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n");
+ exit(1);
}
debug("SSPI initialized OK\n");
setbuf(stderr, NULL);
while (manage_request()) {
- /* everything is done within manage_request */
+ /* everything is done within manage_request */
}
exit(0);
}