create_des_keys(const unsigned char *hash, unsigned char *key)
{
key[0] = hash[0];
- key[1] = ((hash[0]&1)<<7)|(hash[1]>>1);
- key[2] = ((hash[1]&3)<<6)|(hash[2]>>2);
- key[3] = ((hash[2]&7)<<5)|(hash[3]>>3);
- key[4] = ((hash[3]&15)<<4)|(hash[4]>>4);
- key[5] = ((hash[4]&31)<<3)|(hash[5]>>5);
- key[6] = ((hash[5]&63)<<2)|(hash[6]>>6);
- key[7] = ((hash[6]&127)<<1);
+ key[1] = ((hash[0] & 1) << 7) | (hash[1] >> 1);
+ key[2] = ((hash[1] & 3) << 6) | (hash[2] >> 2);
+ key[3] = ((hash[2] & 7) << 5) | (hash[3] >> 3);
+ key[4] = ((hash[3] & 15) << 4) | (hash[4] >> 4);
+ key[5] = ((hash[4] & 31) << 3) | (hash[5] >> 5);
+ key[6] = ((hash[5] & 63) << 2) | (hash[6] >> 6);
+ key[7] = ((hash[6] & 127) << 1);
key_des_fixup(key, 8, 1);
}
gen_timestamp(uint8_t *timestamp)
{
/* Copies 8 bytes long timestamp into "timestamp" buffer.
- * Timestamp is Little-endian, 64-bit signed value representing the number of tenths of a microsecond since January 1, 1601.
+ * Timestamp is Little-endian, 64-bit signed value representing the
+ * number of tenths of a microsecond since January 1, 1601.
*/
UINTEGER64 timestamp_ull;
{
dst[i++] = *src;
dst[i++] = 0;
- }
- while (*src++);
+ } while (*src++);
return i;
}
static void
-add_security_buffer(int sb_offset, void *data, int length, unsigned char *msg_buf, int *msg_bufpos)
+add_security_buffer(int sb_offset, void *data, int length,
+ unsigned char *msg_buf, int *msg_bufpos)
{
- /* Adds security buffer data to a message and sets security buffer's offset and length */
+ /* Adds security buffer data to a message and sets security buffer's
+ * offset and length */
msg_buf[sb_offset] = (unsigned char)length;
msg_buf[sb_offset + 2] = msg_buf[sb_offset];
msg_buf[sb_offset + 4] = (unsigned char)(*msg_bufpos & 0xff);
}
const char *
-ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2, struct gc_arena *gc)
+ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2,
+ struct gc_arena *gc)
{
/* NTLM handshake
*
ntlmv2_blob[0x18] = 0; /* Unknown, zero should work */
/* Add target information block to the blob */
- if (( *((long *)&buf2[0x14]) & 0x00800000) == 0x00800000) /* Check for Target Information block */
+
+ /* Check for Target Information block */
+ if ((*((long *)&buf2[0x14]) & 0x00800000) == 0x00800000)
{
tib_len = buf2[0x28]; /* Get Target Information block size */
if (tib_len > 96)
{
tib_len = 96;
}
+
{
uint8_t *tib_ptr;
uint8_t tib_pos = buf2[0x2c];
{
return NULL;
}
- tib_ptr = buf2 + tib_pos; /* Get Target Information block pointer */
- memcpy(&ntlmv2_blob[0x1c], tib_ptr, tib_len); /* Copy Target Information block into the blob */
+ /* Get Target Information block pointer */
+ tib_ptr = buf2 + tib_pos;
+ /* Copy Target Information block into the blob */
+ memcpy(&ntlmv2_blob[0x1c], tib_ptr, tib_len);
}
}
else
tib_len = 0;
}
- ntlmv2_blob[0x1c + tib_len] = 0; /* Unknown, zero works */
+ /* Unknown, zero works */
+ ntlmv2_blob[0x1c + tib_len] = 0;
/* Get blob length */
ntlmv2_blob_size = 0x20 + tib_len;
memcpy(&ntlmv2_response[8], challenge, 8);
/* hmac-md5 */
- gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash, MD5_DIGEST_LENGTH, ntlmv2_hmacmd5);
-
- /* Add hmac-md5 result to the blob */
- memcpy(ntlmv2_response, ntlmv2_hmacmd5, MD5_DIGEST_LENGTH); /* Note: This overwrites challenge previously written at ntlmv2_response[8..15] */
+ gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash,
+ MD5_DIGEST_LENGTH, ntlmv2_hmacmd5);
+ /* Add hmac-md5 result to the blob.
+ * Note: This overwrites challenge previously written at
+ * ntlmv2_response[8..15] */
+ memcpy(ntlmv2_response, ntlmv2_hmacmd5, MD5_DIGEST_LENGTH);
}
- else /* Generate NTLM response */
+ else /* Generate NTLM response */
{
- unsigned char key1[DES_KEY_LENGTH], key2[DES_KEY_LENGTH], key3[DES_KEY_LENGTH];
+ unsigned char key1[DES_KEY_LENGTH], key2[DES_KEY_LENGTH];
+ unsigned char key3[DES_KEY_LENGTH];
create_des_keys(md4_hash, key1);
cipher_des_encrypt_ecb(key1, challenge, ntlm_response);
cipher_des_encrypt_ecb(key2, challenge, &ntlm_response[DES_KEY_LENGTH]);
create_des_keys(&md4_hash[2 * (DES_KEY_LENGTH - 1)], key3);
- cipher_des_encrypt_ecb(key3, challenge, &ntlm_response[DES_KEY_LENGTH*2]);
+ cipher_des_encrypt_ecb(key3, challenge,
+ &ntlm_response[DES_KEY_LENGTH * 2]);
}
if (ntlmv2_enabled) /* NTLMv2 response */
{
- add_security_buffer(0x14, ntlmv2_response, ntlmv2_blob_size + 16, phase3, &phase3_bufpos);
+ add_security_buffer(0x14, ntlmv2_response, ntlmv2_blob_size + 16,
+ phase3, &phase3_bufpos);
}
else /* NTLM response */
{
}
/* username in ascii */
- add_security_buffer(0x24, username, strlen(username), phase3, &phase3_bufpos);
+ add_security_buffer(0x24, username, strlen(username), phase3,
+ &phase3_bufpos);
- /* Set domain. If <domain> is empty, default domain will be used (i.e. proxy's domain) */
+ /* Set domain. If <domain> is empty, default domain will be used
+ * (i.e. proxy's domain) */
add_security_buffer(0x1c, domain, strlen(domain), phase3, &phase3_bufpos);
-
/* other security buffers will be empty */
phase3[0x10] = phase3_bufpos; /* lm not used */
phase3[0x30] = phase3_bufpos; /* no workstation name supplied */
phase3[0x3c] = 0x02; /* negotiate oem */
phase3[0x3d] = 0x02; /* negotiate ntlm */
- return ((const char *)make_base64_string2((unsigned char *)phase3, phase3_bufpos, gc));
+ return ((const char *)make_base64_string2((unsigned char *)phase3,
+ phase3_bufpos, gc));
}
#else /* if NTLM */
projects / thirdparty / openvpn.git / commitdiff
