search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
This commit was manufactured by cvs2svn to create branch 'SAMBA_TNG'.
[Samba.git] / source / rpc_parse / parse_ntlmssp.c
blobbf102f844559eb57ddecf2c5a88de43ff983d4d1
1
2 /*
3 * Unix SMB/Netbios implementation.
4 * Version 1.9.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-2000,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24
25 #include "includes.h"
26
27 extern int DEBUGLEVEL;
28
29
30 /*******************************************************************
31 checks an RPC_HDR_AUTH structure.
32 ********************************************************************/
33 BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai)
34 {
35 return (rai->auth_type == 0x0a && rai->auth_level == 0x06);
36 }
37
38 /*******************************************************************
39 creates an RPC_AUTH_NTLMSSP_NEG structure.
40 ********************************************************************/
41 BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
42 uint32 neg_flgs,
43 fstring myname, fstring domain)
44 {
45 int len_myname = strlen(myname);
46 int len_domain = strlen(domain);
47
48 if (neg == NULL) return False;
49
50 neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */
51
52 make_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname);
53 make_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20);
54
55 fstrcpy(neg->myname, myname);
56 fstrcpy(neg->domain, domain);
57
58 return True;
59 }
60
61 /*******************************************************************
62 reads or writes an RPC_AUTH_NTLMSSP_NEG structure.
63
64 *** lkclXXXX HACK ALERT! ***
65
66 ********************************************************************/
67 BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth)
68 {
69 int start_offset = ps->offset;
70 if (neg == NULL) return False;
71
72 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg");
73 depth++;
74
75 prs_uint32("neg_flgs ", ps, depth, &(neg->neg_flgs));
76
77 if (ps->io)
78 {
79 uint32 old_offset;
80
81 /* reading */
82
83 ZERO_STRUCTP(neg);
84
85 smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
86 smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
87
88 old_offset = ps->offset;
89
90 ps->offset = neg->hdr_myname .buffer + start_offset - 12;
91 prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname )));
92 old_offset += neg->hdr_myname .str_str_len;
93
94 ps->offset = neg->hdr_domain .buffer + start_offset - 12;
95 prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain )));
96 old_offset += neg->hdr_domain .str_str_len;
97
98 ps->offset = old_offset;
99 }
100 else
101 {
102 /* writing */
103 smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
104 smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
105
106 prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname )));
107 prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain )));
108 }
109
110 return True;
111 }
112
113 /*******************************************************************
114 creates an RPC_AUTH_NTLMSSP_CHAL structure.
115 ********************************************************************/
116 BOOL make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl,
117 uint32 neg_flags,
118 uint8 challenge[8])
119 {
120 if (chl == NULL) return False;
121
122 chl->unknown_1 = 0x0;
123 chl->unknown_2 = 0x00000028;
124 chl->neg_flags = neg_flags; /* 0x0082b1 */
125
126 memcpy(chl->challenge, challenge, sizeof(chl->challenge));
127 bzero (chl->reserved , sizeof(chl->reserved));
128
129 return True;
130 }
131
132 /*******************************************************************
133 reads or writes an RPC_AUTH_NTLMSSP_CHAL structure.
134 ********************************************************************/
135 BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth)
136 {
137 if (chl == NULL) return False;
138
139 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal");
140 depth++;
141
142 prs_uint32("unknown_1", ps, depth, &(chl->unknown_1)); /* 0x0000 0000 */
143 prs_uint32("unknown_2", ps, depth, &(chl->unknown_2)); /* 0x0000 b2b3 */
144 prs_uint32("neg_flags", ps, depth, &(chl->neg_flags)); /* 0x0000 82b1 */
145
146 prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge));
147 prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved ));
148
149 return True;
150 }
151
152 /*******************************************************************
153 creates an RPC_AUTH_NTLMSSP_RESP structure.
154
155 *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
156 *** lkclXXXX the actual offset is at the start of the auth verifier ***
157
158 ********************************************************************/
159 BOOL make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
160 uchar lm_resp[24],
161 uchar *nt_resp, size_t nt_len,
162 char *domain, char *user, char *wks,
163 uint32 neg_flags)
164 {
165 uint32 offset;
166 int dom_len = strlen(domain);
167 int wks_len = strlen(wks );
168 int usr_len = strlen(user );
169 int lm_len = nt_len != 0 ? (lm_resp != NULL ? 24 : 0) : 1;
170
171 DEBUG(5,("make_rpc_auth_ntlmssp_resp\n"));
172
173 if (rsp == NULL) return False;
174
175 #ifdef DEBUG_PASSWORD
176 DEBUG(100,("lm_resp\n"));
177 if (lm_resp != NULL)
178 {
179 dump_data(100, lm_resp, lm_len);
180 }
181 DEBUG(100,("nt_resp\n"));
182 if (nt_resp != NULL)
183 {
184 dump_data(100, nt_resp, nt_len);
185 }
186 #endif
187
188 DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n",
189 domain, user, wks, neg_flags));
190
191 offset = 0x40;
192
193 if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
194 {
195 dom_len *= 2;
196 wks_len *= 2;
197 usr_len *= 2;
198 }
199
200 make_str_hdr(&rsp->hdr_domain , dom_len, dom_len, offset);
201 offset += dom_len;
202
203 make_str_hdr(&rsp->hdr_usr , usr_len, usr_len, offset);
204 offset += usr_len;
205
206 make_str_hdr(&rsp->hdr_wks , wks_len, wks_len, offset);
207 offset += wks_len;
208
209 make_str_hdr(&rsp->hdr_lm_resp, lm_len , lm_len , offset);
210 offset += lm_len;
211
212 make_str_hdr(&rsp->hdr_nt_resp, nt_len , nt_len , offset);
213 offset += nt_len;
214
215 make_str_hdr(&rsp->hdr_sess_key, 0, 0, offset);
216
217 rsp->neg_flags = neg_flags;
218
219 if (lm_resp != NULL && lm_len != 1)
220 {
221 memcpy(rsp->lm_resp, lm_resp, lm_len);
222 }
223 else
224 {
225 rsp->lm_resp[0] = 0;
226 }
227 if (nt_resp != NULL)
228 {
229 memcpy(rsp->nt_resp, nt_resp, nt_len);
230 }
231 else
232 {
233 rsp->nt_resp[0] = 0;
234 }
235
236 if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
237 {
238 ascii_to_unibuf(rsp->domain, domain, sizeof(rsp->domain)-2);
239 ascii_to_unibuf(rsp->user , user , sizeof(rsp->user )-2);
240 ascii_to_unibuf(rsp->wks , wks , sizeof(rsp->wks )-2);
241 }
242 else
243 {
244 fstrcpy(rsp->domain, domain);
245 fstrcpy(rsp->user , user );
246 fstrcpy(rsp->wks , wks );
247 }
248 rsp->sess_key[0] = 0;
249
250 return True;
251 }
252
253 /*******************************************************************
254 reads or writes an RPC_AUTH_NTLMSSP_RESP structure.
255
256 *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
257 *** lkclXXXX the actual offset is at the start of the auth verifier ***
258
259 ********************************************************************/
260 BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth)
261 {
262 if (rsp == NULL) return False;
263
264 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp");
265 depth++;
266
267 if (ps->io)
268 {
269 uint32 old_offset;
270
271 /* reading */
272
273 ZERO_STRUCTP(rsp);
274
275 smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
276 smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
277 smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
278 smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth);
279 smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth);
280 smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth);
281
282 prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
283
284 old_offset = ps->offset;
285
286 ps->offset = rsp->hdr_domain .buffer + 0xc;
287 prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
288 old_offset += rsp->hdr_domain .str_str_len;
289
290 ps->offset = rsp->hdr_usr .buffer + 0xc;
291 prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
292 old_offset += rsp->hdr_usr .str_str_len;
293
294 ps->offset = rsp->hdr_wks .buffer + 0xc;
295 prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
296 old_offset += rsp->hdr_wks .str_str_len;
297
298 ps->offset = rsp->hdr_lm_resp .buffer + 0xc;
299 prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
300 old_offset += rsp->hdr_lm_resp .str_str_len;
301
302 ps->offset = rsp->hdr_nt_resp .buffer + 0xc;
303 prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
304 old_offset += rsp->hdr_nt_resp .str_str_len;
305
306 if (rsp->hdr_sess_key.str_str_len != 0)
307 {
308 ps->offset = rsp->hdr_sess_key.buffer + 0x10;
309 old_offset += rsp->hdr_sess_key.str_str_len;
310 prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
311 }
312
313 ps->offset = old_offset;
314 }
315 else
316 {
317 /* writing */
318 smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
319 smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
320 smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
321 smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth);
322 smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth);
323 smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth);
324
325 prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
326
327 prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
328 prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
329 prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
330 prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
331 prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
332 prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
333 }
334
335 return True;
336 }
337
338 /*******************************************************************
339 checks an RPC_AUTH_NTLMSSP_CHK structure.
340 ********************************************************************/
341 BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num)
342 {
343 if (chk == NULL)
344 {
345 return False;
346 }
347
348 if (chk->crc32 != crc32 ||
349 chk->ver != NTLMSSP_SIGN_VERSION ||
350 chk->seq_num != seq_num)
351 {
352 DEBUG(5,("verify failed - crc %x ver %x seq %d\n",
353 crc32, NTLMSSP_SIGN_VERSION, seq_num));
354 DEBUG(5,("verify expect - crc %x ver %x seq %d\n",
355 chk->crc32, chk->ver, chk->seq_num));
356 return False;
357 }
358 return True;
359 }
360
361 /*******************************************************************
362 creates an RPC_AUTH_NTLMSSP_CHK structure.
363 ********************************************************************/
364 BOOL make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
365 uint32 ver, uint32 crc32, uint32 seq_num)
366 {
367 if (chk == NULL) return False;
368
369 chk->ver = ver ;
370 chk->reserved = 0x0;
371 chk->crc32 = crc32 ;
372 chk->seq_num = seq_num ;
373
374 return True;
375 }
376
377 /*******************************************************************
378 reads or writes an RPC_AUTH_NTLMSSP_CHK structure.
379 ********************************************************************/
380 BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth)
381 {
382 if (chk == NULL) return False;
383
384 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk");
385 depth++;
386
387 prs_uint32("ver ", ps, depth, &(chk->ver ));
388 prs_uint32("reserved", ps, depth, &(chk->reserved));
389 prs_uint32("crc32 ", ps, depth, &(chk->crc32 ));
390 prs_uint32("seq_num ", ps, depth, &(chk->seq_num ));
391
392 return True;
393 }
394
Samba GIT mirror