From: Josef 'Jeff' Sipek Date: Fri, 23 Oct 2020 20:24:09 +0000 (-0400) Subject: auth: Remove ntlm mechanism & the LANMAN and NTLM password schemes X-Git-Tag: 2.3.13~23 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=48d6f7282d8c230373b1ce6f84d9a86bd8b87e03;p=thirdparty%2Fdovecot%2Fcore.git auth: Remove ntlm mechanism & the LANMAN and NTLM password schemes --- diff --git a/COPYING b/COPYING index a98b2820e6..11291fc128 100644 --- a/COPYING +++ b/COPYING @@ -1,8 +1,7 @@ See AUTHORS file for list of copyright holders. -Everything in src/lib/, src/auth/, src/lib-sql/ and src/lib-ntlm/ is under -MIT license (see COPYING.MIT) unless otherwise mentioned at the beginning -of the file. +Everything in src/lib/, src/auth/, and src/lib-sql/ is under MIT license +(see COPYING.MIT) unless otherwise mentioned at the beginning of the file. Everything else is LGPLv2.1 (see COPYING.LGPL) unless otherwise mentioned at the beginning of the file. diff --git a/configure.ac b/configure.ac index 5ca75d0854..fa6c1e90c0 100644 --- a/configure.ac +++ b/configure.ac @@ -836,7 +836,6 @@ src/lib-ldap/Makefile src/lib-lua/Makefile src/lib-mail/Makefile src/lib-master/Makefile -src/lib-ntlm/Makefile src/lib-program-client/Makefile src/lib-otp/Makefile src/lib-dovecot/Makefile diff --git a/src/Makefile.am b/src/Makefile.am index 93fd4c8cfa..aa0af22f8f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -40,7 +40,6 @@ SUBDIRS = \ lib-index \ lib-storage \ lib-sql \ - lib-ntlm \ lib-otp \ lib-lda \ lib-dict-backend \ diff --git a/src/auth/Makefile.am b/src/auth/Makefile.am index f9d15981cc..009c808722 100644 --- a/src/auth/Makefile.am +++ b/src/auth/Makefile.am @@ -32,7 +32,6 @@ AM_CPPFLAGS = \ -I$(top_srcdir)/src/lib-sql \ -I$(top_srcdir)/src/lib-settings \ -I$(top_srcdir)/src/lib-old-stats \ - -I$(top_srcdir)/src/lib-ntlm \ -I$(top_srcdir)/src/lib-otp \ -I$(top_srcdir)/src/lib-master \ -I$(top_srcdir)/src/lib-oauth2 \ @@ -72,7 +71,6 @@ auth_libs = \ libauth.la \ libstats_auth.la \ libpassword.la \ - ../lib-ntlm/libntlm.la \ ../lib-otp/libotp.la \ $(LIBDOVECOT_LUA) \ $(LIBDOVECOT_SQL) @@ -119,7 +117,6 @@ libauth_la_SOURCES = \ mech-digest-md5.c \ mech-external.c \ mech-gssapi.c \ - mech-ntlm.c \ mech-otp.c \ mech-scram.c \ mech-apop.c \ @@ -258,7 +255,6 @@ test_libs = \ test_libpassword_SOURCES = test-libpassword.c test_libpassword_LDADD = \ libpassword.la \ - ../lib-ntlm/libntlm.la \ ../lib-otp/libotp.la \ $(CRYPT_LIBS) \ $(LIBDOVECOT_SQL) \ diff --git a/src/auth/mech-ntlm.c b/src/auth/mech-ntlm.c deleted file mode 100644 index db9ce4aad5..0000000000 --- a/src/auth/mech-ntlm.c +++ /dev/null @@ -1,260 +0,0 @@ -/* - * NTLM and NTLMv2 authentication mechanism. - * - * Copyright (c) 2004 Andrey Panin - * - * This software is released under the MIT license. - */ - -#include "auth-common.h" -#include "mech.h" -#include "passdb.h" -#include "str.h" -#include "buffer.h" -#include "hex-binary.h" -#include "safe-memset.h" - -#include "ntlm.h" - -struct ntlm_auth_request { - struct auth_request auth_request; - - pool_t pool; - - /* requested: */ - bool ntlm2_negotiated; - bool unicode_negotiated; - const unsigned char *challenge; - - /* received: */ - struct ntlmssp_response *response; -}; - -static bool lm_verify_credentials(struct ntlm_auth_request *request, - const unsigned char *credentials, size_t size) -{ - const unsigned char *client_response; - unsigned char lm_response[LM_RESPONSE_SIZE]; - unsigned int response_length; - - if (size != LM_HASH_SIZE) { - e_error(request->auth_request.mech_event, - "invalid LM credentials length"); - return FALSE; - } - - response_length = - ntlmssp_buffer_length(request->response, lm_response); - client_response = ntlmssp_buffer_data(request->response, lm_response); - - if (response_length < LM_RESPONSE_SIZE) { - e_error(request->auth_request.mech_event, - "LM response length is too small"); - return FALSE; - } - - ntlmssp_v1_response(credentials, request->challenge, lm_response); - return mem_equals_timing_safe(lm_response, client_response, LM_RESPONSE_SIZE); -} - -static void -lm_credentials_callback(enum passdb_result result, - const unsigned char *credentials, size_t size, - struct auth_request *auth_request) -{ - struct ntlm_auth_request *request = - (struct ntlm_auth_request *)auth_request; - - switch (result) { - case PASSDB_RESULT_OK: - if (lm_verify_credentials(request, credentials, size)) - auth_request_success(auth_request, "", 0); - else - auth_request_fail(auth_request); - break; - case PASSDB_RESULT_INTERNAL_FAILURE: - auth_request_internal_failure(auth_request); - break; - default: - auth_request_fail(auth_request); - break; - } -} - -static int -ntlm_verify_credentials(struct ntlm_auth_request *request, - const unsigned char *credentials, size_t size) -{ - struct auth_request *auth_request = &request->auth_request; - const unsigned char *client_response; - unsigned int response_length; - - response_length = - ntlmssp_buffer_length(request->response, ntlm_response); - client_response = ntlmssp_buffer_data(request->response, ntlm_response); - - if (response_length == 0) { - /* try LM authentication unless NTLM2 was negotiated */ - return request->ntlm2_negotiated ? -1 : 0; - } - - if (size != NTLMSSP_HASH_SIZE) { - e_error(request->auth_request.mech_event, - "invalid NTLM credentials length"); - return -1; - } - - if (response_length > NTLMSSP_RESPONSE_SIZE) { - unsigned char ntlm_v2_response[NTLMSSP_V2_RESPONSE_SIZE]; - const unsigned char *blob = - client_response + NTLMSSP_V2_RESPONSE_SIZE; - - /* - * Authentication target == NULL because we are acting - * as a standalone server, not as NT domain member. - */ - ntlmssp_v2_response(auth_request->fields.user, NULL, - credentials, request->challenge, blob, - response_length - NTLMSSP_V2_RESPONSE_SIZE, - ntlm_v2_response); - - return mem_equals_timing_safe(ntlm_v2_response, client_response, - NTLMSSP_V2_RESPONSE_SIZE) ? 1 : -1; - } else { - unsigned char ntlm_response[NTLMSSP_RESPONSE_SIZE]; - const unsigned char *client_lm_response = - ntlmssp_buffer_data(request->response, lm_response); - - if (request->ntlm2_negotiated) - ntlmssp2_response(credentials, request->challenge, - client_lm_response, - ntlm_response); - else - ntlmssp_v1_response(credentials, request->challenge, - ntlm_response); - - return mem_equals_timing_safe(ntlm_response, client_response, - NTLMSSP_RESPONSE_SIZE) ? 1 : -1; - } -} - -static void -ntlm_credentials_callback(enum passdb_result result, - const unsigned char *credentials, size_t size, - struct auth_request *auth_request) -{ - struct ntlm_auth_request *request = - (struct ntlm_auth_request *)auth_request; - int ret; - - switch (result) { - case PASSDB_RESULT_OK: - ret = ntlm_verify_credentials(request, credentials, size); - if (ret > 0) { - auth_request_success(auth_request, "", 0); - return; - } - if (ret < 0) { - auth_request_fail(auth_request); - return; - } - break; - case PASSDB_RESULT_INTERNAL_FAILURE: - auth_request_internal_failure(auth_request); - return; - default: - break; - } - - /* NTLM credentials not found or didn't want to use them, - try with LM credentials */ - auth_request_lookup_credentials(auth_request, "LANMAN", - lm_credentials_callback); -} - -static void -mech_ntlm_auth_continue(struct auth_request *auth_request, - const unsigned char *data, size_t data_size) -{ - struct ntlm_auth_request *request = - (struct ntlm_auth_request *)auth_request; - const char *error; - - if (request->challenge == NULL) { - const struct ntlmssp_request *ntlm_request = - (const struct ntlmssp_request *)data; - const struct ntlmssp_challenge *message; - size_t message_size; - uint32_t flags; - - if (!ntlmssp_check_request(ntlm_request, data_size, &error)) { - e_info(auth_request->mech_event, - "invalid NTLM request: %s", error); - auth_request_fail(auth_request); - return; - } - - message = ntlmssp_create_challenge(request->pool, ntlm_request, - &message_size); - flags = le32_to_cpu(message->flags); - request->ntlm2_negotiated = (flags & NTLMSSP_NEGOTIATE_NTLM2) != 0; - request->unicode_negotiated = (flags & NTLMSSP_NEGOTIATE_UNICODE) != 0; - request->challenge = message->challenge; - - auth_request_handler_reply_continue(auth_request, message, - message_size); - } else { - const struct ntlmssp_response *response = - (const struct ntlmssp_response *)data; - const char *username; - - if (!ntlmssp_check_response(response, data_size, &error)) { - e_info(auth_request->mech_event, - "invalid NTLM response: %s", error); - auth_request_fail(auth_request); - return; - } - - request->response = p_malloc(request->pool, data_size); - memcpy(request->response, response, data_size); - - username = ntlmssp_t_str(request->response, user, - request->unicode_negotiated); - - if (!auth_request_set_username(auth_request, username, &error)) { - e_info(auth_request->mech_event, - "%s", error); - auth_request_fail(auth_request); - return; - } - - auth_request_lookup_credentials(auth_request, "NTLM", - ntlm_credentials_callback); - } -} - -static struct auth_request *mech_ntlm_auth_new(void) -{ - struct ntlm_auth_request *request; - pool_t pool; - - pool = pool_alloconly_create(MEMPOOL_GROWING"ntlm_auth_request", 2048); - request = p_new(pool, struct ntlm_auth_request, 1); - request->pool = pool; - - request->auth_request.pool = pool; - return &request->auth_request; -} - -const struct mech_module mech_ntlm = { - "NTLM", - - .flags = MECH_SEC_DICTIONARY | MECH_SEC_ACTIVE | - MECH_SEC_ALLOW_NULS, - .passdb_need = MECH_PASSDB_NEED_LOOKUP_CREDENTIALS, - - mech_ntlm_auth_new, - mech_generic_auth_initial, - mech_ntlm_auth_continue, - mech_generic_auth_free -}; diff --git a/src/auth/mech.c b/src/auth/mech.c index b0ddfb713c..477f27bd3c 100644 --- a/src/auth/mech.c +++ b/src/auth/mech.c @@ -71,7 +71,6 @@ extern const struct mech_module mech_apop; extern const struct mech_module mech_cram_md5; extern const struct mech_module mech_digest_md5; extern const struct mech_module mech_external; -extern const struct mech_module mech_ntlm; extern const struct mech_module mech_otp; extern const struct mech_module mech_scram_sha1; extern const struct mech_module mech_scram_sha256; @@ -203,7 +202,6 @@ void mech_init(const struct auth_settings *set) mech_register_module(&mech_winbind_ntlm); mech_register_module(&mech_winbind_spnego); } else { - mech_register_module(&mech_ntlm); #if defined(HAVE_GSSAPI_SPNEGO) && defined(BUILTIN_GSSAPI) mech_register_module(&mech_gssapi_spnego); #endif @@ -231,7 +229,6 @@ void mech_deinit(const struct auth_settings *set) mech_unregister_module(&mech_winbind_ntlm); mech_unregister_module(&mech_winbind_spnego); } else { - mech_unregister_module(&mech_ntlm); #if defined(HAVE_GSSAPI_SPNEGO) && defined(BUILTIN_GSSAPI) mech_unregister_module(&mech_gssapi_spnego); #endif diff --git a/src/auth/password-scheme.c b/src/auth/password-scheme.c index 3d94c4a803..c572cd3779 100644 --- a/src/auth/password-scheme.c +++ b/src/auth/password-scheme.c @@ -9,7 +9,6 @@ #include "md5.h" #include "hmac.h" #include "hmac-cram-md5.h" -#include "ntlm.h" #include "mycrypt.h" #include "randgen.h" #include "sha1.h" @@ -710,32 +709,6 @@ plain_md5_generate(const char *plaintext, const struct password_generate_params *size_r = MD5_RESULTLEN; } -static void -lm_generate(const char *plaintext, const struct password_generate_params *params ATTR_UNUSED, - const unsigned char **raw_password_r, size_t *size_r) -{ - unsigned char *digest; - - digest = t_malloc_no0(LM_HASH_SIZE); - lm_hash(plaintext, digest); - - *raw_password_r = digest; - *size_r = LM_HASH_SIZE; -} - -static void -ntlm_generate(const char *plaintext, const struct password_generate_params *params ATTR_UNUSED, - const unsigned char **raw_password_r, size_t *size_r) -{ - unsigned char *digest; - - digest = t_malloc_no0(NTLMSSP_HASH_SIZE); - ntlm_v1_hash(plaintext, digest); - - *raw_password_r = digest; - *size_r = NTLMSSP_HASH_SIZE; -} - static int otp_verify(const char *plaintext, const struct password_generate_params *params ATTR_UNUSED, const unsigned char *raw_password, size_t size, const char **error_r) @@ -797,8 +770,6 @@ static const struct password_scheme builtin_schemes[] = { NULL, plain_md5_generate }, { "LDAP-MD5", PW_ENCODING_BASE64, MD5_RESULTLEN, NULL, plain_md5_generate }, - { "LANMAN", PW_ENCODING_HEX, LM_HASH_SIZE, NULL, lm_generate }, - { "NTLM", PW_ENCODING_HEX, NTLMSSP_HASH_SIZE, NULL, ntlm_generate }, { "OTP", PW_ENCODING_NONE, 0, otp_verify, otp_generate }, { "PBKDF2", PW_ENCODING_NONE, 0, pbkdf2_verify, pbkdf2_generate }, }; diff --git a/src/auth/test-libpassword.c b/src/auth/test-libpassword.c index 21cffae964..114daf68e6 100644 --- a/src/auth/test-libpassword.c +++ b/src/auth/test-libpassword.c @@ -100,8 +100,6 @@ static void test_password_schemes(void) test_password_scheme("PLAIN-MD4", "{PLAIN-MD4}db346d691d7acc4dc2625db19f9e3f52", "test"); test_password_scheme("MD5", "{MD5}$1$wmyrgRuV$kImF6.9MAFQNHe23kq5vI/", "test"); test_password_scheme("SHA1", "{SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M=", "test"); - test_password_scheme("LANMAN", "{LANMAN}01fc5a6be7bc6929aad3b435b51404ee", "test"); - test_password_scheme("NTLM", "{NTLM}0cb6948805f797bf2a82807973b89537", "test"); test_password_scheme("SMD5", "{SMD5}JTu1KRwptKZJg/RLd+6Vn5GUd0M=", "test"); test_password_scheme("LDAP-MD5", "{LDAP-MD5}CY9rzUYh03PK3k6DJie09g==", "test"); test_password_scheme("SHA256", "{SHA256}n4bQgYhMfWWaL+qgxVrQFaO/TxsrC4Is0V1sFbDwCgg=", "test"); diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c index 8d0d680f85..7362d5b384 100644 --- a/src/auth/test-mech.c +++ b/src/auth/test-mech.c @@ -26,7 +26,6 @@ extern const struct mech_module mech_digest_md5; extern const struct mech_module mech_dovecot_token; extern const struct mech_module mech_external; extern const struct mech_module mech_login; -extern const struct mech_module mech_ntlm; extern const struct mech_module mech_oauthbearer; extern const struct mech_module mech_otp; extern const struct mech_module mech_plain; @@ -402,42 +401,10 @@ static void test_mechs(void) i_unlink("auth-token-secret.dat"); } -static void test_ntlm(void) -{ - static struct auth_request_handler handler = { - .callback = auth_client_request_mock_callback, - .reply_callback = request_handler_reply_mock_callback, - .reply_continue_callback = request_handler_reply_continue_mock_callback, - .verify_plain_continue_callback = verify_plain_continue_mock_callback, - }; - - const struct mech_module *mech = &mech_ntlm; - test_begin("test ntlm"); - struct auth_request *req = mech->auth_new(); - global_auth_settings->realms_arr = t_strsplit("example.com", " "); - req->set = global_auth_settings; - req->fields.service = "login"; - req->handler = &handler; - req->mech_event = event_create(NULL); - req->event = event_create(NULL); - req->mech = mech; - req->state = AUTH_REQUEST_STATE_MECH_CONTINUE; - auth_request_state_count[AUTH_REQUEST_STATE_MECH_CONTINUE] = 1; - mech->auth_initial(req, UCHAR_LEN("NTLMSSP\x00\x01\x00\x00\x00\x00\x02\x00\x00""AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")); - mech->auth_continue(req, UCHAR_LEN("NTLMSSP\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00""AA\x00\x00\x41\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00""orange""\x00")); - test_assert(req->failed == TRUE); - test_assert(req->passdb_success == FALSE); - event_unref(&req->mech_event); - event_unref(&req->event); - mech->auth_free(req); - test_end(); -} - int main(void) { static void (*const test_functions[])(void) = { test_mechs, - test_ntlm, NULL }; diff --git a/src/doveadm/Makefile.am b/src/doveadm/Makefile.am index 570f7ac6ff..21276b6c90 100644 --- a/src/doveadm/Makefile.am +++ b/src/doveadm/Makefile.am @@ -36,7 +36,6 @@ AM_CPPFLAGS = \ cmd_pw_libs = \ ../auth/libpassword.la \ - ../lib-ntlm/libntlm.la \ ../lib-otp/libotp.la libs = \ diff --git a/src/lib-ntlm/Makefile.am b/src/lib-ntlm/Makefile.am deleted file mode 100644 index 182af53b39..0000000000 --- a/src/lib-ntlm/Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ -noinst_LTLIBRARIES = libntlm.la - -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/lib - -libntlm_la_SOURCES = \ - ntlm-des.c \ - ntlm-encrypt.c \ - ntlm-message.c - -noinst_HEADERS = \ - ntlm.h \ - ntlm-types.h \ - ntlm-flags.h \ - ntlm-des.h \ - ntlm-encrypt.h \ - ntlm-message.h diff --git a/src/lib-ntlm/ntlm-des.c b/src/lib-ntlm/ntlm-des.c deleted file mode 100644 index 89d206adc3..0000000000 --- a/src/lib-ntlm/ntlm-des.c +++ /dev/null @@ -1,595 +0,0 @@ -/* - * Implementation of DES encryption for NTLM - * - * Copyright 1997-2005 Simon Tatham. - * - * This software is released under the MIT license. - */ - -#include "lib.h" -#include "ntlm-des.h" - -/* - * Description of DES - * ------------------ - * - * Unlike the description in FIPS 46, I'm going to use _sensible_ indices: - * bits in an n-bit word are numbered from 0 at the LSB to n-1 at the MSB. - * And S-boxes are indexed by six consecutive bits, not by the outer two - * followed by the middle four. - * - * The DES encryption routine requires a 64-bit input, and a key schedule K - * containing 16 48-bit elements. - * - * First the input is permuted by the initial permutation IP. - * Then the input is split into 32-bit words L and R. (L is the MSW.) - * Next, 16 rounds. In each round: - * (L, R) <- (R, L xor f(R, K[i])) - * Then the pre-output words L and R are swapped. - * Then L and R are glued back together into a 64-bit word. (L is the MSW, - * again, but since we just swapped them, the MSW is the R that came out - * of the last round.) - * The 64-bit output block is permuted by the inverse of IP and returned. - * - * Decryption is identical except that the elements of K are used in the - * opposite order. (This wouldn't work if that word swap didn't happen.) - * - * The function f, used in each round, accepts a 32-bit word R and a - * 48-bit key block K. It produces a 32-bit output. - * - * First R is expanded to 48 bits using the bit-selection function E. - * The resulting 48-bit block is XORed with the key block K to produce - * a 48-bit block X. - * This block X is split into eight groups of 6 bits. Each group of 6 - * bits is then looked up in one of the eight S-boxes to convert - * it to 4 bits. These eight groups of 4 bits are glued back - * together to produce a 32-bit preoutput block. - * The preoutput block is permuted using the permutation P and returned. - * - * Key setup maps a 64-bit key word into a 16x48-bit key schedule. Although - * the approved input format for the key is a 64-bit word, eight of the - * bits are discarded, so the actual quantity of key used is 56 bits. - * - * First the input key is converted to two 28-bit words C and D using - * the bit-selection function PC1. - * Then 16 rounds of key setup occur. In each round, C and D are each - * rotated left by either 1 or 2 bits (depending on which round), and - * then converted into a key schedule element using the bit-selection - * function PC2. - * - * That's the actual algorithm. Now for the tedious details: all those - * painful permutations and lookup tables. - * - * IP is a 64-to-64 bit permutation. Its output contains the following - * bits of its input (listed in order MSB to LSB of output). - * - * 6 14 22 30 38 46 54 62 4 12 20 28 36 44 52 60 - * 2 10 18 26 34 42 50 58 0 8 16 24 32 40 48 56 - * 7 15 23 31 39 47 55 63 5 13 21 29 37 45 53 61 - * 3 11 19 27 35 43 51 59 1 9 17 25 33 41 49 57 - * - * E is a 32-to-48 bit selection function. Its output contains the following - * bits of its input (listed in order MSB to LSB of output). - * - * 0 31 30 29 28 27 28 27 26 25 24 23 24 23 22 21 20 19 20 19 18 17 16 15 - * 16 15 14 13 12 11 12 11 10 9 8 7 8 7 6 5 4 3 4 3 2 1 0 31 - * - * The S-boxes are arbitrary table-lookups each mapping a 6-bit input to a - * 4-bit output. In other words, each S-box is an array[64] of 4-bit numbers. - * The S-boxes are listed below. The first S-box listed is applied to the - * most significant six bits of the block X; the last one is applied to the - * least significant. - * - * 14 0 4 15 13 7 1 4 2 14 15 2 11 13 8 1 - * 3 10 10 6 6 12 12 11 5 9 9 5 0 3 7 8 - * 4 15 1 12 14 8 8 2 13 4 6 9 2 1 11 7 - * 15 5 12 11 9 3 7 14 3 10 10 0 5 6 0 13 - * - * 15 3 1 13 8 4 14 7 6 15 11 2 3 8 4 14 - * 9 12 7 0 2 1 13 10 12 6 0 9 5 11 10 5 - * 0 13 14 8 7 10 11 1 10 3 4 15 13 4 1 2 - * 5 11 8 6 12 7 6 12 9 0 3 5 2 14 15 9 - * - * 10 13 0 7 9 0 14 9 6 3 3 4 15 6 5 10 - * 1 2 13 8 12 5 7 14 11 12 4 11 2 15 8 1 - * 13 1 6 10 4 13 9 0 8 6 15 9 3 8 0 7 - * 11 4 1 15 2 14 12 3 5 11 10 5 14 2 7 12 - * - * 7 13 13 8 14 11 3 5 0 6 6 15 9 0 10 3 - * 1 4 2 7 8 2 5 12 11 1 12 10 4 14 15 9 - * 10 3 6 15 9 0 0 6 12 10 11 1 7 13 13 8 - * 15 9 1 4 3 5 14 11 5 12 2 7 8 2 4 14 - * - * 2 14 12 11 4 2 1 12 7 4 10 7 11 13 6 1 - * 8 5 5 0 3 15 15 10 13 3 0 9 14 8 9 6 - * 4 11 2 8 1 12 11 7 10 1 13 14 7 2 8 13 - * 15 6 9 15 12 0 5 9 6 10 3 4 0 5 14 3 - * - * 12 10 1 15 10 4 15 2 9 7 2 12 6 9 8 5 - * 0 6 13 1 3 13 4 14 14 0 7 11 5 3 11 8 - * 9 4 14 3 15 2 5 12 2 9 8 5 12 15 3 10 - * 7 11 0 14 4 1 10 7 1 6 13 0 11 8 6 13 - * - * 4 13 11 0 2 11 14 7 15 4 0 9 8 1 13 10 - * 3 14 12 3 9 5 7 12 5 2 10 15 6 8 1 6 - * 1 6 4 11 11 13 13 8 12 1 3 4 7 10 14 7 - * 10 9 15 5 6 0 8 15 0 14 5 2 9 3 2 12 - * - * 13 1 2 15 8 13 4 8 6 10 15 3 11 7 1 4 - * 10 12 9 5 3 6 14 11 5 0 0 14 12 9 7 2 - * 7 2 11 1 4 14 1 7 9 4 12 10 14 8 2 13 - * 0 15 6 12 10 9 13 0 15 3 3 5 5 6 8 11 - * - * P is a 32-to-32 bit permutation. Its output contains the following - * bits of its input (listed in order MSB to LSB of output). - * - * 16 25 12 11 3 20 4 15 31 17 9 6 27 14 1 22 - * 30 24 8 18 0 5 29 23 13 19 2 26 10 21 28 7 - * - * PC1 is a 64-to-56 bit selection function. Its output is in two words, - * C and D. The word C contains the following bits of its input (listed - * in order MSB to LSB of output). - * - * 7 15 23 31 39 47 55 63 6 14 22 30 38 46 - * 54 62 5 13 21 29 37 45 53 61 4 12 20 28 - * - * And the word D contains these bits. - * - * 1 9 17 25 33 41 49 57 2 10 18 26 34 42 - * 50 58 3 11 19 27 35 43 51 59 36 44 52 60 - * - * PC2 is a 56-to-48 bit selection function. Its input is in two words, - * C and D. These are treated as one 56-bit word (with C more significant, - * so that bits 55 to 28 of the word are bits 27 to 0 of C, and bits 27 to - * 0 of the word are bits 27 to 0 of D). The output contains the following - * bits of this 56-bit input word (listed in order MSB to LSB of output). - * - * 42 39 45 32 55 51 53 28 41 50 35 46 33 37 44 52 30 48 40 49 29 36 43 54 - * 15 4 25 19 9 1 26 16 5 11 23 8 12 7 17 0 22 3 10 14 6 20 27 24 - */ - -/* - * Implementation details - * ---------------------- - * - * If you look at the code in this module, you'll find it looks - * nothing _like_ the above algorithm. Here I explain the - * differences... - * - * Key setup has not been heavily optimised here. We are not - * concerned with key agility: we aren't codebreakers. We don't - * mind a little delay (and it really is a little one; it may be a - * factor of five or so slower than it could be but it's still not - * an appreciable length of time) while setting up. The only tweaks - * in the key setup are ones which change the format of the key - * schedule to speed up the actual encryption. I'll describe those - * below. - * - * The first and most obvious optimization is the S-boxes. Since - * each S-box always targets the same four bits in the final 32-bit - * word, so the output from (for example) S-box 0 must always be - * shifted left 28 bits, we can store the already-shifted outputs - * in the lookup tables. This reduces lookup-and-shift to lookup, - * so the S-box step is now just a question of ORing together eight - * table lookups. - * - * The permutation P is just a bit order change; it's invariant - * with respect to OR, in that P(x)|P(y) = P(x|y). Therefore, we - * can apply P to every entry of the S-box tables and then we don't - * have to do it in the code of f(). This yields a set of tables - * which might be called SP-boxes. - * - * The bit-selection function E is our next target. Note that E is - * immediately followed by the operation of splitting into 6-bit - * chunks. Examining the 6-bit chunks coming out of E we notice - * they're all contiguous within the word (speaking cyclically - - * the end two wrap round); so we can extract those bit strings - * individually rather than explicitly running E. This would yield - * code such as - * - * y |= SPboxes[0][ (rotl(R, 5) ^ top6bitsofK) & 0x3F ]; - * t |= SPboxes[1][ (rotl(R,11) ^ next6bitsofK) & 0x3F ]; - * - * and so on; and the key schedule preparation would have to - * provide each 6-bit chunk separately. - * - * Really we'd like to XOR in the key schedule element before - * looking up bit strings in R. This we can't do, naively, because - * the 6-bit strings we want overlap. But look at the strings: - * - * 3322222222221111111111 - * bit 10987654321098765432109876543210 - * - * box0 XXXXX X - * box1 XXXXXX - * box2 XXXXXX - * box3 XXXXXX - * box4 XXXXXX - * box5 XXXXXX - * box6 XXXXXX - * box7 X XXXXX - * - * The bit strings we need to XOR in for boxes 0, 2, 4 and 6 don't - * overlap with each other. Neither do the ones for boxes 1, 3, 5 - * and 7. So we could provide the key schedule in the form of two - * words that we can separately XOR into R, and then every S-box - * index is available as a (cyclically) contiguous 6-bit substring - * of one or the other of the results. - * - * The comments in Eric Young's libdes implementation point out - * that two of these bit strings require a rotation (rather than a - * simple shift) to extract. It's unavoidable that at least _one_ - * must do; but we can actually run the whole inner algorithm (all - * 16 rounds) rotated one bit to the left, so that what the `real' - * DES description sees as L=0x80000001 we see as L=0x00000003. - * This requires rotating all our SP-box entries one bit to the - * left, and rotating each word of the key schedule elements one to - * the left, and rotating L and R one bit left just after IP and - * one bit right again just before FP. And in each round we convert - * a rotate into a shift, so we've saved a few per cent. - * - * That's about it for the inner loop; the SP-box tables as listed - * below are what I've described here (the original S value, - * shifted to its final place in the input to P, run through P, and - * then rotated one bit left). All that remains is to optimise the - * initial permutation IP. - * - * IP is not an arbitrary permutation. It has the nice property - * that if you take any bit number, write it in binary (6 bits), - * permute those 6 bits and invert some of them, you get the final - * position of that bit. Specifically, the bit whose initial - * position is given (in binary) as fedcba ends up in position - * AcbFED (where a capital letter denotes the inverse of a bit). - * - * We have the 64-bit data in two 32-bit words L and R, where bits - * in L are those with f=1 and bits in R are those with f=0. We - * note that we can do a simple transformation: suppose we exchange - * the bits with f=1,c=0 and the bits with f=0,c=1. This will cause - * the bit fedcba to be in position cedfba - we've `swapped' bits c - * and f in the position of each bit! - * - * Better still, this transformation is easy. In the example above, - * bits in L with c=0 are bits 0x0F0F0F0F, and those in R with c=1 - * are 0xF0F0F0F0. So we can do - * - * difference = ((R >> 4) ^ L) & 0x0F0F0F0F - * R ^= (difference << 4) - * L ^= difference - * - * to perform the swap. Let's denote this by bitswap(4,0x0F0F0F0F). - * Also, we can invert the bit at the top just by exchanging L and - * R. So in a few swaps and a few of these bit operations we can - * do: - * - * Initially the position of bit fedcba is fedcba - * Swap L with R to make it Fedcba - * Perform bitswap( 4,0x0F0F0F0F) to make it cedFba - * Perform bitswap(16,0x0000FFFF) to make it ecdFba - * Swap L with R to make it EcdFba - * Perform bitswap( 2,0x33333333) to make it bcdFEa - * Perform bitswap( 8,0x00FF00FF) to make it dcbFEa - * Swap L with R to make it DcbFEa - * Perform bitswap( 1,0x55555555) to make it acbFED - * Swap L with R to make it AcbFED - * - * (In the actual code the four swaps are implicit: R and L are - * simply used the other way round in the first, second and last - * bitswap operations.) - * - * The final permutation is just the inverse of IP, so it can be - * performed by a similar set of operations. - */ - -struct des_context { - uint32_t k0246[16], k1357[16]; -}; - -#define rotl(x, c) ( (x << c) | (x >> (32-c)) ) -#define rotl28(x, c) ( ( (x << c) | (x >> (28-c)) ) & 0x0FFFFFFF) - -static uint32_t bitsel(uint32_t * input, const int *bitnums, int size) -{ - uint32_t ret = 0; - while (size-- > 0) { - int bitpos = *bitnums++; - ret <<= 1; - if (bitpos >= 0) - ret |= 1 & (input[bitpos / 32] >> (bitpos % 32)); - } - return ret; -} - -static inline void des_key_setup(uint32_t key_msw, uint32_t key_lsw, - struct des_context *sched) -{ - /* Tables are modified to work with 56-bit key */ - static const int PC1_Cbits[] = { - 6, 13, 20, 27, 34, 41, 48, 55, 5, 12, 19, 26, 33, 40, - 47, 54, 4, 11, 18, 25, 32, 39, 46, 53, 3, 10, 17, 24 - }; - static const int PC1_Dbits[] = { - 0, 7, 14, 21, 28, 35, 42, 49, 1, 8, 15, 22, 29, 36, - 43, 50, 2, 9, 16, 23, 30, 37, 44, 51, 31, 38, 45, 52 - }; - /* - * The bit numbers in the two lists below don't correspond to - * the ones in the above description of PC2, because in the - * above description C and D are concatenated so `bit 28' means - * bit 0 of C. In this implementation we're using the standard - * `bitsel' function above and C is in the second word, so bit - * 0 of C is addressed by writing `32' here. - */ - static const int PC2_0246[] = { - 49, 36, 59, 55, -1, -1, 37, 41, 48, 56, 34, 52, -1, -1, 15, 4, - 25, 19, 9, 1, -1, -1, 12, 7, 17, 0, 22, 3, -1, -1, 46, 43 - }; - static const int PC2_1357[] = { - -1, -1, 57, 32, 45, 54, 39, 50, -1, -1, 44, 53, 33, 40, 47, 58, - -1, -1, 26, 16, 5, 11, 23, 8, -1, -1, 10, 14, 6, 20, 27, 24 - }; - static const int leftshifts[] = { - 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 - }; - - uint32_t C, D; - uint32_t buf[2]; - int i; - - buf[0] = key_lsw; - buf[1] = key_msw; - - C = bitsel(buf, PC1_Cbits, 28); - D = bitsel(buf, PC1_Dbits, 28); - - for (i = 0; i < 16; i++) { - C = rotl28(C, leftshifts[i]); - D = rotl28(D, leftshifts[i]); - buf[0] = D; - buf[1] = C; - sched->k0246[i] = bitsel(buf, PC2_0246, 32); - sched->k1357[i] = bitsel(buf, PC2_1357, 32); - } -} - -static const uint32_t SPboxes[8][64] = { - {0x01010400, 0x00000000, 0x00010000, 0x01010404, - 0x01010004, 0x00010404, 0x00000004, 0x00010000, - 0x00000400, 0x01010400, 0x01010404, 0x00000400, - 0x01000404, 0x01010004, 0x01000000, 0x00000004, - 0x00000404, 0x01000400, 0x01000400, 0x00010400, - 0x00010400, 0x01010000, 0x01010000, 0x01000404, - 0x00010004, 0x01000004, 0x01000004, 0x00010004, - 0x00000000, 0x00000404, 0x00010404, 0x01000000, - 0x00010000, 0x01010404, 0x00000004, 0x01010000, - 0x01010400, 0x01000000, 0x01000000, 0x00000400, - 0x01010004, 0x00010000, 0x00010400, 0x01000004, - 0x00000400, 0x00000004, 0x01000404, 0x00010404, - 0x01010404, 0x00010004, 0x01010000, 0x01000404, - 0x01000004, 0x00000404, 0x00010404, 0x01010400, - 0x00000404, 0x01000400, 0x01000400, 0x00000000, - 0x00010004, 0x00010400, 0x00000000, 0x01010004}, - - {0x80108020, 0x80008000, 0x00008000, 0x00108020, - 0x00100000, 0x00000020, 0x80100020, 0x80008020, - 0x80000020, 0x80108020, 0x80108000, 0x80000000, - 0x80008000, 0x00100000, 0x00000020, 0x80100020, - 0x00108000, 0x00100020, 0x80008020, 0x00000000, - 0x80000000, 0x00008000, 0x00108020, 0x80100000, - 0x00100020, 0x80000020, 0x00000000, 0x00108000, - 0x00008020, 0x80108000, 0x80100000, 0x00008020, - 0x00000000, 0x00108020, 0x80100020, 0x00100000, - 0x80008020, 0x80100000, 0x80108000, 0x00008000, - 0x80100000, 0x80008000, 0x00000020, 0x80108020, - 0x00108020, 0x00000020, 0x00008000, 0x80000000, - 0x00008020, 0x80108000, 0x00100000, 0x80000020, - 0x00100020, 0x80008020, 0x80000020, 0x00100020, - 0x00108000, 0x00000000, 0x80008000, 0x00008020, - 0x80000000, 0x80100020, 0x80108020, 0x00108000}, - - {0x00000208, 0x08020200, 0x00000000, 0x08020008, - 0x08000200, 0x00000000, 0x00020208, 0x08000200, - 0x00020008, 0x08000008, 0x08000008, 0x00020000, - 0x08020208, 0x00020008, 0x08020000, 0x00000208, - 0x08000000, 0x00000008, 0x08020200, 0x00000200, - 0x00020200, 0x08020000, 0x08020008, 0x00020208, - 0x08000208, 0x00020200, 0x00020000, 0x08000208, - 0x00000008, 0x08020208, 0x00000200, 0x08000000, - 0x08020200, 0x08000000, 0x00020008, 0x00000208, - 0x00020000, 0x08020200, 0x08000200, 0x00000000, - 0x00000200, 0x00020008, 0x08020208, 0x08000200, - 0x08000008, 0x00000200, 0x00000000, 0x08020008, - 0x08000208, 0x00020000, 0x08000000, 0x08020208, - 0x00000008, 0x00020208, 0x00020200, 0x08000008, - 0x08020000, 0x08000208, 0x00000208, 0x08020000, - 0x00020208, 0x00000008, 0x08020008, 0x00020200}, - - {0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802080, 0x00800081, 0x00800001, 0x00002001, - 0x00000000, 0x00802000, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00800080, 0x00800001, - 0x00000001, 0x00002000, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002001, 0x00002080, - 0x00800081, 0x00000001, 0x00002080, 0x00800080, - 0x00002000, 0x00802080, 0x00802081, 0x00000081, - 0x00800080, 0x00800001, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00000000, 0x00802000, - 0x00002080, 0x00800080, 0x00800081, 0x00000001, - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802081, 0x00000081, 0x00000001, 0x00002000, - 0x00800001, 0x00002001, 0x00802080, 0x00800081, - 0x00002001, 0x00002080, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002000, 0x00802080}, - - {0x00000100, 0x02080100, 0x02080000, 0x42000100, - 0x00080000, 0x00000100, 0x40000000, 0x02080000, - 0x40080100, 0x00080000, 0x02000100, 0x40080100, - 0x42000100, 0x42080000, 0x00080100, 0x40000000, - 0x02000000, 0x40080000, 0x40080000, 0x00000000, - 0x40000100, 0x42080100, 0x42080100, 0x02000100, - 0x42080000, 0x40000100, 0x00000000, 0x42000000, - 0x02080100, 0x02000000, 0x42000000, 0x00080100, - 0x00080000, 0x42000100, 0x00000100, 0x02000000, - 0x40000000, 0x02080000, 0x42000100, 0x40080100, - 0x02000100, 0x40000000, 0x42080000, 0x02080100, - 0x40080100, 0x00000100, 0x02000000, 0x42080000, - 0x42080100, 0x00080100, 0x42000000, 0x42080100, - 0x02080000, 0x00000000, 0x40080000, 0x42000000, - 0x00080100, 0x02000100, 0x40000100, 0x00080000, - 0x00000000, 0x40080000, 0x02080100, 0x40000100}, - - {0x20000010, 0x20400000, 0x00004000, 0x20404010, - 0x20400000, 0x00000010, 0x20404010, 0x00400000, - 0x20004000, 0x00404010, 0x00400000, 0x20000010, - 0x00400010, 0x20004000, 0x20000000, 0x00004010, - 0x00000000, 0x00400010, 0x20004010, 0x00004000, - 0x00404000, 0x20004010, 0x00000010, 0x20400010, - 0x20400010, 0x00000000, 0x00404010, 0x20404000, - 0x00004010, 0x00404000, 0x20404000, 0x20000000, - 0x20004000, 0x00000010, 0x20400010, 0x00404000, - 0x20404010, 0x00400000, 0x00004010, 0x20000010, - 0x00400000, 0x20004000, 0x20000000, 0x00004010, - 0x20000010, 0x20404010, 0x00404000, 0x20400000, - 0x00404010, 0x20404000, 0x00000000, 0x20400010, - 0x00000010, 0x00004000, 0x20400000, 0x00404010, - 0x00004000, 0x00400010, 0x20004010, 0x00000000, - 0x20404000, 0x20000000, 0x00400010, 0x20004010}, - - {0x00200000, 0x04200002, 0x04000802, 0x00000000, - 0x00000800, 0x04000802, 0x00200802, 0x04200800, - 0x04200802, 0x00200000, 0x00000000, 0x04000002, - 0x00000002, 0x04000000, 0x04200002, 0x00000802, - 0x04000800, 0x00200802, 0x00200002, 0x04000800, - 0x04000002, 0x04200000, 0x04200800, 0x00200002, - 0x04200000, 0x00000800, 0x00000802, 0x04200802, - 0x00200800, 0x00000002, 0x04000000, 0x00200800, - 0x04000000, 0x00200800, 0x00200000, 0x04000802, - 0x04000802, 0x04200002, 0x04200002, 0x00000002, - 0x00200002, 0x04000000, 0x04000800, 0x00200000, - 0x04200800, 0x00000802, 0x00200802, 0x04200800, - 0x00000802, 0x04000002, 0x04200802, 0x04200000, - 0x00200800, 0x00000000, 0x00000002, 0x04200802, - 0x00000000, 0x00200802, 0x04200000, 0x00000800, - 0x04000002, 0x04000800, 0x00000800, 0x00200002}, - - {0x10001040, 0x00001000, 0x00040000, 0x10041040, - 0x10000000, 0x10001040, 0x00000040, 0x10000000, - 0x00040040, 0x10040000, 0x10041040, 0x00041000, - 0x10041000, 0x00041040, 0x00001000, 0x00000040, - 0x10040000, 0x10000040, 0x10001000, 0x00001040, - 0x00041000, 0x00040040, 0x10040040, 0x10041000, - 0x00001040, 0x00000000, 0x00000000, 0x10040040, - 0x10000040, 0x10001000, 0x00041040, 0x00040000, - 0x00041040, 0x00040000, 0x10041000, 0x00001000, - 0x00000040, 0x10040040, 0x00001000, 0x00041040, - 0x10001000, 0x00000040, 0x10000040, 0x10040000, - 0x10040040, 0x10000000, 0x00040000, 0x10001040, - 0x00000000, 0x10041040, 0x00040040, 0x10000040, - 0x10040000, 0x10001000, 0x10001040, 0x00000000, - 0x10041040, 0x00041000, 0x00041000, 0x00001040, - 0x00001040, 0x00040040, 0x10000000, 0x10041000} -}; - -#define f(R, K0246, K1357) (\ - s0246 = R ^ K0246, \ - s1357 = R ^ K1357, \ - s0246 = rotl(s0246, 28), \ - SPboxes[0] [(s0246 >> 24) & 0x3F] | \ - SPboxes[1] [(s1357 >> 24) & 0x3F] | \ - SPboxes[2] [(s0246 >> 16) & 0x3F] | \ - SPboxes[3] [(s1357 >> 16) & 0x3F] | \ - SPboxes[4] [(s0246 >> 8) & 0x3F] | \ - SPboxes[5] [(s1357 >> 8) & 0x3F] | \ - SPboxes[6] [(s0246 ) & 0x3F] | \ - SPboxes[7] [(s1357 ) & 0x3F]) - -#define bitswap(L, R, n, mask) (\ - swap = mask & ( (R >> n) ^ L ), \ - R ^= swap << n, \ - L ^= swap) - -/* Initial permutation */ -#define IP(L, R) (\ - bitswap(R, L, 4, 0x0F0F0F0F), \ - bitswap(R, L, 16, 0x0000FFFF), \ - bitswap(L, R, 2, 0x33333333), \ - bitswap(L, R, 8, 0x00FF00FF), \ - bitswap(R, L, 1, 0x55555555)) - -/* Final permutation */ -#define FP(L, R) (\ - bitswap(R, L, 1, 0x55555555), \ - bitswap(L, R, 8, 0x00FF00FF), \ - bitswap(L, R, 2, 0x33333333), \ - bitswap(R, L, 16, 0x0000FFFF), \ - bitswap(R, L, 4, 0x0F0F0F0F)) - -static void -des_encipher(uint32_t *output, uint32_t L, uint32_t R, - struct des_context *sched) -{ - uint32_t swap, s0246, s1357; - - IP(L, R); - - L = rotl(L, 1); - R = rotl(R, 1); - - L ^= f(R, sched->k0246[0], sched->k1357[0]); - R ^= f(L, sched->k0246[1], sched->k1357[1]); - L ^= f(R, sched->k0246[2], sched->k1357[2]); - R ^= f(L, sched->k0246[3], sched->k1357[3]); - L ^= f(R, sched->k0246[4], sched->k1357[4]); - R ^= f(L, sched->k0246[5], sched->k1357[5]); - L ^= f(R, sched->k0246[6], sched->k1357[6]); - R ^= f(L, sched->k0246[7], sched->k1357[7]); - L ^= f(R, sched->k0246[8], sched->k1357[8]); - R ^= f(L, sched->k0246[9], sched->k1357[9]); - L ^= f(R, sched->k0246[10], sched->k1357[10]); - R ^= f(L, sched->k0246[11], sched->k1357[11]); - L ^= f(R, sched->k0246[12], sched->k1357[12]); - R ^= f(L, sched->k0246[13], sched->k1357[13]); - L ^= f(R, sched->k0246[14], sched->k1357[14]); - R ^= f(L, sched->k0246[15], sched->k1357[15]); - - L = rotl(L, 31); - R = rotl(R, 31); - - swap = L; - L = R; - R = swap; - - FP(L, R); - - output[0] = L; - output[1] = R; -} - -#define GET_32BIT_MSB_FIRST(cp) \ - ((unsigned long) be32_to_cpu_unaligned(cp)) - -#define PUT_32BIT_MSB_FIRST(cp, value) \ - cpu32_to_be_unaligned((value), (cp)) - -static inline void -des_cbc_encrypt(unsigned char *dest, const unsigned char *src, - struct des_context *sched) -{ - uint32_t out[2], L, R; - - L = GET_32BIT_MSB_FIRST(src); - R = GET_32BIT_MSB_FIRST(src + 4); - des_encipher(out, L, R, sched); - PUT_32BIT_MSB_FIRST(dest, out[0]); - PUT_32BIT_MSB_FIRST(dest + 4, out[1]); -} - -void deshash(unsigned char *dst, const unsigned char *key, - const unsigned char *src) -{ - struct des_context ctx; - - des_key_setup(GET_32BIT_MSB_FIRST(key) >> 8, - GET_32BIT_MSB_FIRST(key + 3), &ctx); - - des_cbc_encrypt(dst, src, &ctx); -} diff --git a/src/lib-ntlm/ntlm-des.h b/src/lib-ntlm/ntlm-des.h deleted file mode 100644 index 6a84c9a966..0000000000 --- a/src/lib-ntlm/ntlm-des.h +++ /dev/null @@ -1,7 +0,0 @@ -#ifndef NTLM_DES_H -#define NTLM_DES_H - -void deshash(unsigned char *dst, const unsigned char *key, - const unsigned char *src); - -#endif diff --git a/src/lib-ntlm/ntlm-encrypt.c b/src/lib-ntlm/ntlm-encrypt.c deleted file mode 100644 index 067846969e..0000000000 --- a/src/lib-ntlm/ntlm-encrypt.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * NTLM and NTLMv2 hash generation. - * - * Copyright (c) 2004 Andrey Panin - * - * This software is released under the MIT license. - */ - -#include "lib.h" -#include "buffer.h" -#include "compat.h" -#include "safe-memset.h" -#include "md4.h" -#include "md5.h" -#include "hmac.h" -#include "ntlm.h" -#include "ntlm-des.h" - -#include - -static unsigned char * -t_unicode_str(const char *src, bool ucase, size_t *size) -{ - buffer_t *wstr; - - wstr = buffer_create_dynamic(unsafe_data_stack_pool, 32); - for ( ; *src != '\0'; src++) { - buffer_append_c(wstr, ucase ? i_toupper(*src) : *src); - buffer_append_c(wstr, '\0'); - } - - *size = wstr->used; - return buffer_free_without_data(&wstr); -} - -void lm_hash(const char *passwd, unsigned char hash[LM_HASH_SIZE]) -{ - static const unsigned char lm_magic[8] = "KGS!@#$%"; - unsigned char buffer[14]; - unsigned int i; - - i_zero(&buffer); - memcpy(buffer, passwd, I_MIN(sizeof(buffer), strlen(passwd))); - - for (i = 0; i < sizeof(buffer); i++) - buffer[i] = i_toupper(buffer[i]); - - deshash(hash, buffer, lm_magic); - deshash(hash + 8, buffer + 7, lm_magic); - - safe_memset(buffer, 0, sizeof(buffer)); -} - -void ntlm_v1_hash(const char *passwd, unsigned char hash[NTLMSSP_HASH_SIZE]) -{ - size_t len; - void *wpwd = t_unicode_str(passwd, FALSE, &len); - - md4_get_digest(wpwd, len, hash); - - safe_memset(wpwd, 0, len); -} - -static void -hmac_md5_ucs2le_string_ucase(struct hmac_context *ctx, const char *str) -{ - size_t len; - unsigned char *wstr = t_unicode_str(str, TRUE, &len); - - hmac_update(ctx, wstr, len); -} - -static void ATTR_NULL(2) -ntlm_v2_hash(const char *user, const char *target, - const unsigned char *hash_v1, - unsigned char hash[NTLMSSP_V2_HASH_SIZE]) -{ - struct hmac_context ctx; - - hmac_init(&ctx, hash_v1, NTLMSSP_HASH_SIZE, &hash_method_md5); - hmac_md5_ucs2le_string_ucase(&ctx, user); - if (target != NULL) - hmac_md5_ucs2le_string_ucase(&ctx, target); - hmac_final(&ctx, hash); -} - -void -ntlmssp_v1_response(const unsigned char *hash, - const unsigned char *challenge, - unsigned char response[NTLMSSP_RESPONSE_SIZE]) -{ - unsigned char des_hash[NTLMSSP_DES_KEY_LENGTH * 3]; - - memcpy(des_hash, hash, NTLMSSP_HASH_SIZE); - memset(des_hash + NTLMSSP_HASH_SIZE, 0, - sizeof(des_hash) - NTLMSSP_HASH_SIZE); - - deshash(response, des_hash, challenge); - deshash(response + 8, des_hash + 7, challenge); - deshash(response + 16, des_hash + 14, challenge); - - safe_memset(des_hash, 0, sizeof(des_hash)); -} - -void -ntlmssp2_response(const unsigned char *hash, - const unsigned char *server_challenge, - const unsigned char *client_challenge, - unsigned char response[NTLMSSP_RESPONSE_SIZE]) -{ - struct md5_context ctx; - unsigned char session_hash[MD5_RESULTLEN]; - - md5_init(&ctx); - md5_update(&ctx, server_challenge, NTLMSSP_CHALLENGE_SIZE); - md5_update(&ctx, client_challenge, NTLMSSP_CHALLENGE_SIZE); - md5_final(&ctx, session_hash); - - ntlmssp_v1_response(hash, session_hash, response); -} - -void -ntlmssp_v2_response(const char *user, const char *target, - const unsigned char *hash_v1, - const unsigned char *challenge, - const unsigned char *blob, size_t blob_size, - unsigned char response[NTLMSSP_V2_RESPONSE_SIZE]) -{ - struct hmac_context ctx; - unsigned char hash[NTLMSSP_V2_HASH_SIZE]; - - ntlm_v2_hash(user, target, hash_v1, hash); - - hmac_init(&ctx, hash, NTLMSSP_V2_HASH_SIZE, &hash_method_md5); - hmac_update(&ctx, challenge, NTLMSSP_CHALLENGE_SIZE); - hmac_update(&ctx, blob, blob_size); - hmac_final(&ctx, response); - - safe_memset(hash, 0, sizeof(hash)); -} diff --git a/src/lib-ntlm/ntlm-encrypt.h b/src/lib-ntlm/ntlm-encrypt.h deleted file mode 100644 index fe3b1b93e3..0000000000 --- a/src/lib-ntlm/ntlm-encrypt.h +++ /dev/null @@ -1,23 +0,0 @@ -#ifndef NTLM_ENCRYPT_H -#define NTLM_ENCRYPT_H - -void lm_hash(const char *passwd, unsigned char hash[LM_HASH_SIZE]); -void ntlm_v1_hash(const char *passwd, unsigned char hash[NTLMSSP_HASH_SIZE]); - -void ntlmssp_v1_response(const unsigned char *hash, - const unsigned char *challenge, - unsigned char response[NTLMSSP_RESPONSE_SIZE]); - -void ntlmssp2_response( const unsigned char *hash, - const unsigned char *server_challenge, - const unsigned char *client_challenge, - unsigned char response[NTLMSSP_RESPONSE_SIZE]); - -void ntlmssp_v2_response(const char *user, const char *target, - const unsigned char *hash_v1, - const unsigned char *challenge, - const unsigned char *blob, size_t blob_size, - unsigned char response[NTLMSSP_V2_RESPONSE_SIZE]) - ATTR_NULL(2); - -#endif diff --git a/src/lib-ntlm/ntlm-flags.h b/src/lib-ntlm/ntlm-flags.h deleted file mode 100644 index 577ca12ef7..0000000000 --- a/src/lib-ntlm/ntlm-flags.h +++ /dev/null @@ -1,137 +0,0 @@ -/* - * NTLM message flags. - * - * Copyright (c) 2004 Andrey Panin - * - * This software is released under the MIT license. - */ - -#ifndef NTLM_FLAGS_H -#define NTLM_FLAGS_H - -/* - * Indicates that Unicode strings are supported for use in security - * buffer data. - */ -#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001 - -/* - * Indicates that OEM strings are supported for use in security buffer data. - */ -#define NTLMSSP_NEGOTIATE_OEM 0x00000002 - -/* - * Requests that the server's authentication realm be included in the - * Type 2 message. - */ -#define NTLMSSP_REQUEST_TARGET 0x00000004 - -/* - * Specifies that authenticated communication between the client and server - * should carry a digital signature (message integrity). - */ -#define NTLMSSP_NEGOTIATE_SIGN 0x00000010 - -/* - * Specifies that authenticated communication between the client and server - * should be encrypted (message confidentiality). - */ -#define NTLMSSP_NEGOTIATE_SEAL 0x00000020 - -/* - * Indicates that datagram authentication is being used. - */ -#define NTLMSSP_NEGOTIATE_DATAGRAM 0x00000040 - -/* - * Indicates that the LAN Manager session key should be - * used for signing and sealing authenticated communications. - */ -#define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080 - -/* - * Indicates that NTLM authentication is being used. - */ -#define NTLMSSP_NEGOTIATE_NTLM 0x00000200 - -/* - * Sent by the client in the Type 1 message to indicate that the name of the - * domain in which the client workstation has membership is included in the - * message. This is used by the server to determine whether the client is - * eligible for local authentication. - */ -#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x00001000 - -/* - * Sent by the client in the Type 1 message to indicate that the client - * workstation's name is included in the message. This is used by the server - * to determine whether the client is eligible for local authentication. - */ -#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x00002000 - -/* - * Sent by the server to indicate that the server and client are on the same - * machine. Implies that the client may use the established local credentials - * for authentication instead of calculating a response to the challenge. - */ -#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x00004000 - -/* - * Indicates that authenticated communication between the client and server - * should be signed with a "dummy" signature. - */ -#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000 - -/* - * Sent by the server in the Type 2 message to indicate that the target - * authentication realm is a domain. - */ -#define NTLMSSP_TARGET_TYPE_DOMAIN 0x00010000 - -/* - * Sent by the server in the Type 2 message to indicate that the target - * authentication realm is a server. - */ -#define NTLMSSP_TARGET_TYPE_SERVER 0x00020000 - -/* - * Sent by the server in the Type 2 message to indicate that the target - * authentication realm is a share. Presumably, this is for share-level - * authentication. Usage is unclear. - */ -#define NTLMSSP_TARGET_TYPE_SHARE 0x00040000 - -/* - * Indicates that the NTLM2 signing and sealing scheme should be used for - * protecting authenticated communications. Note that this refers to a - * particular session security scheme, and is not related to the use of - * NTLMv2 authentication. - */ -#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000 - -/* - * Sent by the server in the Type 2 message to indicate that it is including - * a Target Information block in the message. The Target Information block - * is used in the calculation of the NTLMv2 response. - */ -#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000 - -/* - * Indicates that 128-bit encryption is supported. - */ -#define NTLMSSP_NEGOTIATE_128 0x20000000 - -/* - * Indicates that the client will provide an encrypted master session key in - * the "Session Key" field of the Type 3 message. This is used in signing and - * sealing, and is RC4-encrypted using the previous session key as the - * encryption key. - */ -#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE 0x40000000 - -/* - * Indicates that 56-bit encryption is supported. - */ -#define NTLMSSP_NEGOTIATE_56 0x80000000 - -#endif diff --git a/src/lib-ntlm/ntlm-message.c b/src/lib-ntlm/ntlm-message.c deleted file mode 100644 index d1aef0f6a0..0000000000 --- a/src/lib-ntlm/ntlm-message.c +++ /dev/null @@ -1,266 +0,0 @@ -/* - * NTLM message handling. - * - * Copyright (c) 2004 Andrey Panin - * - * This software is released under the MIT license. - */ - -#include "lib.h" -#include "str.h" -#include "buffer.h" -#include "hostpid.h" -#include "randgen.h" - -#include "ntlm.h" -#include "ntlm-message.h" - -#include -#include - -const char *ntlmssp_t_str_i(const void *message, struct ntlmssp_buffer *buffer, - bool unicode) -{ - unsigned int len = le16_to_cpu(buffer->length); - const char *p = CONST_PTR_OFFSET(message, le32_to_cpu(buffer->offset)); - string_t *str; - - if (unicode) - len /= sizeof(ucs2le_t); - - str = t_str_new(len); - - while (len-- > 0) { - str_append_c(str, *p & 0x7f); - p += unicode ? sizeof(ucs2le_t) : 1; - } - - return str_c(str); -} - -static unsigned int append_string(buffer_t *buf, const char *str, - bool ucase, bool unicode) -{ - unsigned int length = 0; - - for ( ; *str != '\0'; str++) { - buffer_append_c(buf, ucase ? i_toupper(*str) : *str); - if (unicode) { - buffer_append_c(buf, 0); - length++; - } - length++; - } - - return length; -} - -static void ntlmssp_append_string(buffer_t *buf, size_t buffer_offset, - const char *str, bool unicode) -{ - struct ntlmssp_buffer buffer; - unsigned int length; - - buffer.offset = cpu32_to_le(buf->used); - - length = append_string(buf, str, FALSE, unicode); - - buffer.length = cpu16_to_le(length); - buffer.space = cpu16_to_le(length); - buffer_write(buf, buffer_offset, &buffer, sizeof(buffer)); -} - -static void ntlmssp_append_target_info(buffer_t *buf, size_t buffer_offset, ...) -{ - struct ntlmssp_v2_target_info info; - struct ntlmssp_buffer buffer; - va_list args; - unsigned int length, total_length = 0; - int type; - - buffer.offset = cpu32_to_le(buf->used); - - va_start(args, buffer_offset); - - do { - const char *data; - type = va_arg(args, int); - - i_zero(&info); - info.type = cpu16_to_le(type); - - switch (type) { - case NTPLMSSP_V2_TARGET_END: - buffer_append(buf, &info, sizeof(info)); - length = sizeof(info); - break; - case NTPLMSSP_V2_TARGET_SERVER: - case NTPLMSSP_V2_TARGET_DOMAIN: - case NTPLMSSP_V2_TARGET_FQDN: - case NTPLMSSP_V2_TARGET_DNS: - data = va_arg(args, const char *); - info.length = cpu16_to_le(strlen(data) * - sizeof(ucs2le_t)); - buffer_append(buf, &info, sizeof(info)); - length = append_string(buf, data, FALSE, TRUE) + - sizeof(info); - break; - default: - i_panic("Invalid NTLM target info block type " - "%u", type); - } - - total_length += length; - - } while (type != NTPLMSSP_V2_TARGET_END); - - va_end(args); - - buffer.length = cpu16_to_le(total_length); - buffer.space = cpu16_to_le(total_length); - buffer_write(buf, buffer_offset, &buffer, sizeof(buffer)); -} - -static inline uint32_t ntlmssp_flags(uint32_t client_flags) -{ - uint32_t flags = NTLMSSP_NEGOTIATE_NTLM | - NTLMSSP_NEGOTIATE_TARGET_INFO; - - if ((client_flags & NTLMSSP_NEGOTIATE_UNICODE) != 0) - flags |= NTLMSSP_NEGOTIATE_UNICODE; - else - flags |= NTLMSSP_NEGOTIATE_OEM; - - if ((client_flags & NTLMSSP_NEGOTIATE_NTLM2) != 0) - flags |= NTLMSSP_NEGOTIATE_NTLM2; - - if ((client_flags & NTLMSSP_REQUEST_TARGET) != 0) - flags |= NTLMSSP_REQUEST_TARGET | NTLMSSP_TARGET_TYPE_SERVER; - - return flags; -} - -const struct ntlmssp_challenge * -ntlmssp_create_challenge(pool_t pool, const struct ntlmssp_request *request, - size_t *size) -{ - buffer_t *buf; - uint32_t flags = ntlmssp_flags(le32_to_cpu(request->flags)); - bool unicode = (flags & NTLMSSP_NEGOTIATE_UNICODE) != 0; - struct ntlmssp_challenge c; - - buf = buffer_create_dynamic(pool, sizeof(struct ntlmssp_challenge)); - - i_zero(&c); - c.magic = cpu64_to_le(NTLMSSP_MAGIC); - c.type = cpu32_to_le(NTLMSSP_MSG_TYPE2); - c.flags = cpu32_to_le(flags); - random_fill(c.challenge, sizeof(c.challenge)); - - buffer_write(buf, 0, &c, sizeof(c)); - - if ((flags & NTLMSSP_TARGET_TYPE_SERVER) != 0) - ntlmssp_append_string(buf, - offsetof(struct ntlmssp_challenge, target_name), - my_hostname, unicode); - - ntlmssp_append_target_info(buf, offsetof(struct ntlmssp_challenge, - target_info), - NTPLMSSP_V2_TARGET_FQDN, my_hostname, - NTPLMSSP_V2_TARGET_END); - - *size = buf->used; - return buffer_free_without_data(&buf); -} - -static bool ntlmssp_check_buffer(const struct ntlmssp_buffer *buffer, - size_t data_size, const char **error) -{ - if (data_size < sizeof(*buffer)) { - *error = "data_size is smaller than buffer header"; - return FALSE; - } - - uint32_t offset = le32_to_cpu(buffer->offset); - uint16_t length = le16_to_cpu(buffer->length); - uint16_t space = le16_to_cpu(buffer->space); - - /* Empty buffer is ok */ - if (length == 0 && space == 0) - return TRUE; - - if (length > data_size) { - *error = "buffer length out of bounds"; - return FALSE; - } - - if (offset >= data_size) { - *error = "buffer offset out of bounds"; - return FALSE; - } - - if (offset + space > data_size) { - *error = "buffer end out of bounds"; - return FALSE; - } - - return TRUE; -} - -bool ntlmssp_check_request(const struct ntlmssp_request *request, - size_t data_size, const char **error) -{ - uint32_t flags; - - if (data_size < sizeof(struct ntlmssp_request)) { - *error = "request too short"; - return FALSE; - } - - if (le64_to_cpu(request->magic) != NTLMSSP_MAGIC) { - *error = "signature mismatch"; - return FALSE; - } - - if (le32_to_cpu(request->type) != NTLMSSP_MSG_TYPE1) { - *error = "message type mismatch"; - return FALSE; - } - - flags = le32_to_cpu(request->flags); - - if ((flags & NTLMSSP_NEGOTIATE_NTLM) == 0) { - *error = "client doesn't advertise NTLM support"; - return FALSE; - } - - return TRUE; -} - -bool ntlmssp_check_response(const struct ntlmssp_response *response, - size_t data_size, const char **error) -{ - if (data_size < sizeof(struct ntlmssp_response)) { - *error = "response too short"; - return FALSE; - } - - if (le64_to_cpu(response->magic) != NTLMSSP_MAGIC) { - *error = "signature mismatch"; - return FALSE; - } - - if (le32_to_cpu(response->type) != NTLMSSP_MSG_TYPE3) { - *error = "message type mismatch"; - return FALSE; - } - - if (!ntlmssp_check_buffer(&response->lm_response, data_size, error) || - !ntlmssp_check_buffer(&response->ntlm_response, data_size, error) || - !ntlmssp_check_buffer(&response->domain, data_size, error) || - !ntlmssp_check_buffer(&response->user, data_size, error) || - !ntlmssp_check_buffer(&response->workstation, data_size, error)) - return FALSE; - - return TRUE; -} diff --git a/src/lib-ntlm/ntlm-message.h b/src/lib-ntlm/ntlm-message.h deleted file mode 100644 index fcfb13eb6c..0000000000 --- a/src/lib-ntlm/ntlm-message.h +++ /dev/null @@ -1,13 +0,0 @@ -#ifndef NTLM_MESSAGE_H -#define NTLM_MESSAGE_H - -const struct ntlmssp_challenge * -ntlmssp_create_challenge(pool_t pool, const struct ntlmssp_request *request, - size_t *size); - -bool ntlmssp_check_request(const struct ntlmssp_request *request, - size_t data_size, const char **error); -bool ntlmssp_check_response(const struct ntlmssp_response *response, - size_t data_size, const char **error); - -#endif diff --git a/src/lib-ntlm/ntlm-types.h b/src/lib-ntlm/ntlm-types.h deleted file mode 100644 index 9b4d67cf42..0000000000 --- a/src/lib-ntlm/ntlm-types.h +++ /dev/null @@ -1,130 +0,0 @@ -/* - * NTLM data structures. - * - * Copyright (c) 2004 Andrey Panin - * - * This software is released under the MIT license. - */ - -#ifndef NTLM_TYPES_H -#define NTLM_TYPES_H - -#define NTLMSSP_MAGIC 0x005053534d4c544eULL - -#define NTLMSSP_MSG_TYPE1 1 -#define NTLMSSP_MSG_TYPE2 2 -#define NTLMSSP_MSG_TYPE3 3 - -#define NTLMSSP_DES_KEY_LENGTH 7 - -#define NTLMSSP_CHALLENGE_SIZE 8 - -#define LM_HASH_SIZE 16 -#define LM_RESPONSE_SIZE 24 - -#define NTLMSSP_HASH_SIZE 16 -#define NTLMSSP_RESPONSE_SIZE 24 - -#define NTLMSSP_V2_HASH_SIZE 16 -#define NTLMSSP_V2_RESPONSE_SIZE 16 - - -typedef uint16_t ucs2le_t; - -struct ntlmssp_buffer { - uint16_t length; /* length of the buffer */ - uint16_t space; /* space allocated space for buffer */ - uint32_t offset; /* data offset from the start of the message */ -}; - -typedef struct ntlmssp_buffer ntlmssp_buffer_t; - - -/* - * - */ -struct ntlmssp_message { - uint64_t magic; /* NTLMSSP\0 */ - uint32_t type; /* Should be 1 */ -}; - -/* - * Type 1 message, client sends it to start NTLM authentication sequence. - */ -struct ntlmssp_request { - uint64_t magic; /* NTLMSSP\0 */ - uint32_t type; /* Should be 1 */ - uint32_t flags; /* Flags */ - ntlmssp_buffer_t domain; /* Domain name (optional) */ - ntlmssp_buffer_t workstation; /* Workstation name (optional) */ - /* Start of the data block */ -}; - -/* - * The Type 2 message is sent by the server to the client in response to - * the client's Type 1 message. It serves to complete the negotiation of - * options with the client, and also provides a challenge to the client. - */ -struct ntlmssp_challenge { - uint64_t magic; /* NTLMSSP\0 */ - uint32_t type; /* Should be 2 */ - ntlmssp_buffer_t target_name; /* Name of authentication target */ - uint32_t flags; /* Flags */ - uint8_t challenge[NTLMSSP_CHALLENGE_SIZE]; /* Server challenge */ - uint32_t context[2]; /* Local authentication context handle */ - ntlmssp_buffer_t target_info; /* Target information block (for NTLMv2) */ - /* Start of the data block */ -}; - -/* - * The Type 3 message is the final step in authentication. This message - * contains the client's responses to the Type 2 challenge, which demonstrate - * that the client has knowledge of the account password without sending the - * password directly. The Type 3 message also indicates the domain and username - * of the authenticating account, as well as the client workstation name. - */ -struct ntlmssp_response { - uint64_t magic; /* NTLMSSP\0 */ - uint32_t type; /* Should be 3 */ - ntlmssp_buffer_t lm_response; /* LM/LMv2 response */ - ntlmssp_buffer_t ntlm_response; /* NTLM/NTLMv2 response */ - ntlmssp_buffer_t domain; /* Domain name */ - ntlmssp_buffer_t user; /* User name */ - ntlmssp_buffer_t workstation; /* Workstation name */ - ntlmssp_buffer_t session_key; /* Session key (optional */ - uint32_t flags; /* Flags (optional) */ - /* Start of the data block */ -}; - -/* - * NTLMv2 Target Information Block item. - */ -struct ntlmssp_v2_target_info { - uint16_t type; /* Data type (see below) */ - uint16_t length; /* Length of content field */ - /* Content (always in ucs2-le) */ -}; - -/* - * NTLMv2 Target Information Block item data type. - */ -enum { - NTPLMSSP_V2_TARGET_END = 0, /* End of list */ - NTPLMSSP_V2_TARGET_SERVER, /* NetBIOS server name */ - NTPLMSSP_V2_TARGET_DOMAIN, /* NT Domain NetBIOS name */ - NTPLMSSP_V2_TARGET_FQDN, /* Fully qualified host name */ - NTPLMSSP_V2_TARGET_DNS /* DNS domain name */ -}; - -/* - * NTLMv2 Authentication data blob. - */ -struct ntlmssp_v2_blob { - uint32_t magic; /* Should be 0x01010000 */ - uint32_t reserved; /* Always 0 */ - uint64_t timestamp; /* Timestamp */ - uint32_t unknown; /* Unknown something */ - /* Target Information Block */ -}; - -#endif diff --git a/src/lib-ntlm/ntlm.h b/src/lib-ntlm/ntlm.h deleted file mode 100644 index 2220bc05c6..0000000000 --- a/src/lib-ntlm/ntlm.h +++ /dev/null @@ -1,36 +0,0 @@ -#ifndef NTLM_H -#define NTLM_H - -#include - -#include "byteorder.h" -#include "ntlm-types.h" -#include "ntlm-flags.h" -#include "ntlm-encrypt.h" -#include "ntlm-message.h" - -#define ntlmssp_buffer_data(message, buffer) \ - ntlmssp_buffer_data_i((message), &message->buffer) - -static inline const void * -ntlmssp_buffer_data_i(void *message, struct ntlmssp_buffer *buffer) -{ - return CONST_PTR_OFFSET(message, le32_to_cpu(buffer->offset)); -} - -#define ntlmssp_buffer_length(message, buffer) \ - ntlmssp_buffer_length_i(&message->buffer) - -static inline unsigned int -ntlmssp_buffer_length_i(struct ntlmssp_buffer *buffer) -{ - return le16_to_cpu(buffer->length); -} - -#define ntlmssp_t_str(message, buffer, unicode) \ - ntlmssp_t_str_i((message), &(message)->buffer, (unicode)) - -const char *ntlmssp_t_str_i(const void *message, struct ntlmssp_buffer *buffer, - bool unicode); - -#endif