2 Unix SMB/Netbios implementation.
4 handle NLTMSSP, client server side parsing
6 Copyright (C) Andrew Tridgell 2001
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2005
8 Copyright (C) Stefan Metzmacher 2005
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "auth/ntlmssp/ntlmssp.h"
26 #include "auth/ntlmssp/msrpc_parse.h"
27 #include "librpc/gen_ndr/ndr_dcerpc.h"
28 #include "auth/credentials/credentials.h"
29 #include "auth/gensec/gensec.h"
30 #include "auth/gensec/gensec_proto.h"
31 #include "auth/auth.h"
32 #include "auth/ntlm/auth_proto.h"
33 #include "param/param.h"
36 * Callbacks for NTLMSSP - for both client and server operating modes
40 static const struct ntlmssp_callbacks
{
41 enum ntlmssp_role role
;
42 enum ntlmssp_message_type command
;
43 NTSTATUS (*sync_fn
)(struct gensec_security
*gensec_security
,
44 TALLOC_CTX
*out_mem_ctx
,
45 DATA_BLOB in
, DATA_BLOB
*out
);
46 } ntlmssp_callbacks
[] = {
48 .role
= NTLMSSP_CLIENT
,
49 .command
= NTLMSSP_INITIAL
,
50 .sync_fn
= ntlmssp_client_initial
,
52 .role
= NTLMSSP_SERVER
,
53 .command
= NTLMSSP_NEGOTIATE
,
54 .sync_fn
= ntlmssp_server_negotiate
,
56 .role
= NTLMSSP_CLIENT
,
57 .command
= NTLMSSP_CHALLENGE
,
58 .sync_fn
= ntlmssp_client_challenge
,
60 .role
= NTLMSSP_SERVER
,
61 .command
= NTLMSSP_AUTH
,
62 .sync_fn
= ntlmssp_server_auth
,
68 * Print out the NTLMSSP flags for debugging
69 * @param neg_flags The flags from the packet
72 void debug_ntlmssp_flags(uint32_t neg_flags
)
74 DEBUG(3,("Got NTLMSSP neg_flags=0x%08x\n", neg_flags
));
76 if (neg_flags
& NTLMSSP_NEGOTIATE_UNICODE
)
77 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_UNICODE\n"));
78 if (neg_flags
& NTLMSSP_NEGOTIATE_OEM
)
79 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_OEM\n"));
80 if (neg_flags
& NTLMSSP_REQUEST_TARGET
)
81 DEBUGADD(4, (" NTLMSSP_REQUEST_TARGET\n"));
82 if (neg_flags
& NTLMSSP_NEGOTIATE_SIGN
)
83 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_SIGN\n"));
84 if (neg_flags
& NTLMSSP_NEGOTIATE_SEAL
)
85 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_SEAL\n"));
86 if (neg_flags
& NTLMSSP_NEGOTIATE_DATAGRAM_STYLE
)
87 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_DATAGRAM_STYLE\n"));
88 if (neg_flags
& NTLMSSP_NEGOTIATE_LM_KEY
)
89 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_LM_KEY\n"));
90 if (neg_flags
& NTLMSSP_NEGOTIATE_NETWARE
)
91 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_NETWARE\n"));
92 if (neg_flags
& NTLMSSP_NEGOTIATE_NTLM
)
93 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_NTLM\n"));
94 if (neg_flags
& NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED
)
95 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED\n"));
96 if (neg_flags
& NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED
)
97 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED\n"));
98 if (neg_flags
& NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
)
99 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL\n"));
100 if (neg_flags
& NTLMSSP_NEGOTIATE_ALWAYS_SIGN
)
101 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_ALWAYS_SIGN\n"));
102 if (neg_flags
& NTLMSSP_CHAL_ACCEPT_RESPONSE
)
103 DEBUGADD(4, (" NTLMSSP_CHAL_ACCEPT_RESPONSE\n"));
104 if (neg_flags
& NTLMSSP_CHAL_NON_NT_SESSION_KEY
)
105 DEBUGADD(4, (" NTLMSSP_CHAL_NON_NT_SESSION_KEY\n"));
106 if (neg_flags
& NTLMSSP_NEGOTIATE_NTLM2
)
107 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_NTLM2\n"));
108 if (neg_flags
& NTLMSSP_CHAL_TARGET_INFO
)
109 DEBUGADD(4, (" NTLMSSP_CHAL_TARGET_INFO\n"));
110 if (neg_flags
& NTLMSSP_NEGOTIATE_128
)
111 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_128\n"));
112 if (neg_flags
& NTLMSSP_NEGOTIATE_KEY_EXCH
)
113 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_KEY_EXCH\n"));
114 if (neg_flags
& NTLMSSP_NEGOTIATE_56
)
115 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_56\n"));
118 static NTSTATUS
gensec_ntlmssp_magic(struct gensec_security
*gensec_security
,
119 const DATA_BLOB
*first_packet
)
121 if (first_packet
->length
> 8 && memcmp("NTLMSSP\0", first_packet
->data
, 8) == 0) {
124 return NT_STATUS_INVALID_PARAMETER
;
128 static NTSTATUS
gensec_ntlmssp_update_find(struct gensec_ntlmssp_state
*gensec_ntlmssp_state
,
129 const DATA_BLOB input
, uint32_t *idx
)
131 struct gensec_security
*gensec_security
= gensec_ntlmssp_state
->gensec_security
;
132 uint32_t ntlmssp_command
;
135 if (gensec_ntlmssp_state
->expected_state
== NTLMSSP_DONE
) {
136 /* We are strict here because other modules, which we
137 * don't fully control (such as GSSAPI) are also
138 * strict, but are tested less often */
140 DEBUG(1, ("Called NTLMSSP after state machine was 'done'\n"));
141 return NT_STATUS_INVALID_PARAMETER
;
145 switch (gensec_ntlmssp_state
->role
) {
147 ntlmssp_command
= NTLMSSP_INITIAL
;
150 if (gensec_security
->want_features
& GENSEC_FEATURE_DATAGRAM_MODE
) {
151 /* 'datagram' mode - no neg packet */
152 ntlmssp_command
= NTLMSSP_NEGOTIATE
;
154 /* This is normal in SPNEGO mech negotiation fallback */
155 DEBUG(2, ("Failed to parse NTLMSSP packet: zero length\n"));
156 return NT_STATUS_INVALID_PARAMETER
;
161 if (!msrpc_parse(gensec_ntlmssp_state
,
162 lp_iconv_convenience(gensec_security
->lp_ctx
),
166 DEBUG(1, ("Failed to parse NTLMSSP packet, could not extract NTLMSSP command\n"));
167 dump_data(2, input
.data
, input
.length
);
168 return NT_STATUS_INVALID_PARAMETER
;
172 if (ntlmssp_command
!= gensec_ntlmssp_state
->expected_state
) {
173 DEBUG(2, ("got NTLMSSP command %u, expected %u\n", ntlmssp_command
, gensec_ntlmssp_state
->expected_state
));
174 return NT_STATUS_INVALID_PARAMETER
;
177 for (i
=0; i
< ARRAY_SIZE(ntlmssp_callbacks
); i
++) {
178 if (ntlmssp_callbacks
[i
].role
== gensec_ntlmssp_state
->role
&&
179 ntlmssp_callbacks
[i
].command
== ntlmssp_command
) {
185 DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n",
186 gensec_ntlmssp_state
->role
, ntlmssp_command
));
188 return NT_STATUS_INVALID_PARAMETER
;
192 * Next state function for the wrapped NTLMSSP state machine
194 * @param gensec_security GENSEC state, initialised to NTLMSSP
195 * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
196 * @param in The request, as a DATA_BLOB
197 * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
198 * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
199 * or NT_STATUS_OK if the user is authenticated.
202 static NTSTATUS
gensec_ntlmssp_update(struct gensec_security
*gensec_security
,
203 TALLOC_CTX
*out_mem_ctx
,
204 const DATA_BLOB input
, DATA_BLOB
*out
)
206 struct gensec_ntlmssp_state
*gensec_ntlmssp_state
= (struct gensec_ntlmssp_state
*)gensec_security
->private_data
;
210 *out
= data_blob(NULL
, 0);
213 /* if the caller doesn't want to manage/own the memory,
214 we can put it on our context */
215 out_mem_ctx
= gensec_ntlmssp_state
;
218 status
= gensec_ntlmssp_update_find(gensec_ntlmssp_state
, input
, &i
);
219 NT_STATUS_NOT_OK_RETURN(status
);
221 status
= ntlmssp_callbacks
[i
].sync_fn(gensec_security
, out_mem_ctx
, input
, out
);
222 NT_STATUS_NOT_OK_RETURN(status
);
228 * Return the NTLMSSP master session key
230 * @param gensec_ntlmssp_state NTLMSSP State
233 NTSTATUS
gensec_ntlmssp_session_key(struct gensec_security
*gensec_security
,
234 DATA_BLOB
*session_key
)
236 struct gensec_ntlmssp_state
*gensec_ntlmssp_state
= (struct gensec_ntlmssp_state
*)gensec_security
->private_data
;
238 if (!gensec_ntlmssp_state
->session_key
.data
) {
239 return NT_STATUS_NO_USER_SESSION_KEY
;
241 *session_key
= gensec_ntlmssp_state
->session_key
;
246 void ntlmssp_handle_neg_flags(struct gensec_ntlmssp_state
*gensec_ntlmssp_state
,
247 uint32_t neg_flags
, bool allow_lm
)
249 if (neg_flags
& NTLMSSP_NEGOTIATE_UNICODE
) {
250 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_NEGOTIATE_UNICODE
;
251 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_OEM
;
252 gensec_ntlmssp_state
->unicode
= true;
254 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_UNICODE
;
255 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_NEGOTIATE_OEM
;
256 gensec_ntlmssp_state
->unicode
= false;
259 if ((neg_flags
& NTLMSSP_NEGOTIATE_LM_KEY
) && allow_lm
&& !gensec_ntlmssp_state
->use_ntlmv2
) {
260 /* other end forcing us to use LM */
261 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_NEGOTIATE_LM_KEY
;
262 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_NTLM2
;
264 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_LM_KEY
;
267 if (!(neg_flags
& NTLMSSP_NEGOTIATE_ALWAYS_SIGN
)) {
268 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_ALWAYS_SIGN
;
271 if (!(neg_flags
& NTLMSSP_NEGOTIATE_SIGN
)) {
272 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_SIGN
;
275 if (!(neg_flags
& NTLMSSP_NEGOTIATE_SEAL
)) {
276 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_SEAL
;
279 if (!(neg_flags
& NTLMSSP_NEGOTIATE_NTLM2
)) {
280 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_NTLM2
;
283 if (!(neg_flags
& NTLMSSP_NEGOTIATE_128
)) {
284 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_128
;
287 if (!(neg_flags
& NTLMSSP_NEGOTIATE_56
)) {
288 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_56
;
291 if (!(neg_flags
& NTLMSSP_NEGOTIATE_KEY_EXCH
)) {
292 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_KEY_EXCH
;
295 /* Woop Woop - unknown flag for Windows compatibility...
296 What does this really do ? JRA. */
297 if (!(neg_flags
& NTLMSSP_UNKNOWN_02000000
)) {
298 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_UNKNOWN_02000000
;
301 if ((neg_flags
& NTLMSSP_REQUEST_TARGET
)) {
302 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_REQUEST_TARGET
;
308 Weaken NTLMSSP keys to cope with down-level clients and servers.
310 We probably should have some parameters to control this, but as
311 it only occours for LM_KEY connections, and this is controlled
312 by the client lanman auth/lanman auth parameters, it isn't too bad.
315 DATA_BLOB
ntlmssp_weakend_key(struct gensec_ntlmssp_state
*gensec_ntlmssp_state
,
318 DATA_BLOB weakened_key
= data_blob_talloc(mem_ctx
,
319 gensec_ntlmssp_state
->session_key
.data
,
320 gensec_ntlmssp_state
->session_key
.length
);
321 /* Nothing to weaken. We certainly don't want to 'extend' the length... */
322 if (weakened_key
.length
< 16) {
323 /* perhaps there was no key? */
327 /* Key weakening not performed on the master key for NTLM2
328 and does not occour for NTLM1. Therefore we only need
329 to do this for the LM_KEY.
331 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_LM_KEY
) {
332 /* LM key doesn't support 128 bit crypto, so this is
333 * the best we can do. If you negotiate 128 bit, but
334 * not 56, you end up with 40 bit... */
335 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_56
) {
336 weakened_key
.data
[7] = 0xa0;
337 weakened_key
.length
= 8;
338 } else { /* forty bits */
339 weakened_key
.data
[5] = 0xe5;
340 weakened_key
.data
[6] = 0x38;
341 weakened_key
.data
[7] = 0xb0;
342 weakened_key
.length
= 8;
348 static bool gensec_ntlmssp_have_feature(struct gensec_security
*gensec_security
,
351 struct gensec_ntlmssp_state
*gensec_ntlmssp_state
= (struct gensec_ntlmssp_state
*)gensec_security
->private_data
;
352 if (feature
& GENSEC_FEATURE_SIGN
) {
353 if (!gensec_ntlmssp_state
->session_key
.length
) {
356 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_SIGN
) {
360 if (feature
& GENSEC_FEATURE_SEAL
) {
361 if (!gensec_ntlmssp_state
->session_key
.length
) {
364 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_SEAL
) {
368 if (feature
& GENSEC_FEATURE_SESSION_KEY
) {
369 if (gensec_ntlmssp_state
->session_key
.length
) {
373 if (feature
& GENSEC_FEATURE_DCE_STYLE
) {
376 if (feature
& GENSEC_FEATURE_ASYNC_REPLIES
) {
377 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_NTLM2
) {
384 NTSTATUS
gensec_ntlmssp_start(struct gensec_security
*gensec_security
)
386 struct gensec_ntlmssp_state
*gensec_ntlmssp_state
;
388 gensec_ntlmssp_state
= talloc_zero(gensec_security
, struct gensec_ntlmssp_state
);
389 if (!gensec_ntlmssp_state
) {
390 return NT_STATUS_NO_MEMORY
;
393 gensec_ntlmssp_state
->gensec_security
= gensec_security
;
394 gensec_ntlmssp_state
->auth_context
= NULL
;
395 gensec_ntlmssp_state
->server_info
= NULL
;
397 gensec_security
->private_data
= gensec_ntlmssp_state
;
401 static const char *gensec_ntlmssp_oids
[] = {
406 static const struct gensec_security_ops gensec_ntlmssp_security_ops
= {
409 .auth_type
= DCERPC_AUTH_TYPE_NTLMSSP
,
410 .oid
= gensec_ntlmssp_oids
,
411 .client_start
= gensec_ntlmssp_client_start
,
412 .server_start
= gensec_ntlmssp_server_start
,
413 .magic
= gensec_ntlmssp_magic
,
414 .update
= gensec_ntlmssp_update
,
415 .sig_size
= gensec_ntlmssp_sig_size
,
416 .sign_packet
= gensec_ntlmssp_sign_packet
,
417 .check_packet
= gensec_ntlmssp_check_packet
,
418 .seal_packet
= gensec_ntlmssp_seal_packet
,
419 .unseal_packet
= gensec_ntlmssp_unseal_packet
,
420 .wrap
= gensec_ntlmssp_wrap
,
421 .unwrap
= gensec_ntlmssp_unwrap
,
422 .session_key
= gensec_ntlmssp_session_key
,
423 .session_info
= gensec_ntlmssp_session_info
,
424 .have_feature
= gensec_ntlmssp_have_feature
,
426 .priority
= GENSEC_NTLMSSP
430 _PUBLIC_ NTSTATUS
gensec_ntlmssp_init(void)
436 ret
= gensec_register(&gensec_ntlmssp_security_ops
);
437 if (!NT_STATUS_IS_OK(ret
)) {
438 DEBUG(0,("Failed to register '%s' gensec backend!\n",
439 gensec_ntlmssp_security_ops
.name
));