2 Unix SMB/Netbios implementation.
4 handle NLTMSSP, client server side parsing
6 Copyright (C) Andrew Tridgell 2001
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2005
8 Copyright (C) Stefan Metzmacher 2005
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "auth/ntlmssp/ntlmssp.h"
26 #include "../libcli/auth/libcli_auth.h"
27 #include "librpc/gen_ndr/ndr_dcerpc.h"
28 #include "auth/gensec/gensec.h"
29 #include "auth/gensec/gensec_proto.h"
32 * Callbacks for NTLMSSP - for both client and server operating modes
36 static const struct ntlmssp_callbacks
{
37 enum ntlmssp_role role
;
38 enum ntlmssp_message_type command
;
39 NTSTATUS (*sync_fn
)(struct gensec_security
*gensec_security
,
40 TALLOC_CTX
*out_mem_ctx
,
41 DATA_BLOB in
, DATA_BLOB
*out
);
42 } ntlmssp_callbacks
[] = {
44 .role
= NTLMSSP_CLIENT
,
45 .command
= NTLMSSP_INITIAL
,
46 .sync_fn
= ntlmssp_client_initial
,
48 .role
= NTLMSSP_SERVER
,
49 .command
= NTLMSSP_NEGOTIATE
,
50 .sync_fn
= gensec_ntlmssp_server_negotiate
,
52 .role
= NTLMSSP_CLIENT
,
53 .command
= NTLMSSP_CHALLENGE
,
54 .sync_fn
= ntlmssp_client_challenge
,
56 .role
= NTLMSSP_SERVER
,
57 .command
= NTLMSSP_AUTH
,
58 .sync_fn
= gensec_ntlmssp_server_auth
,
63 static NTSTATUS
gensec_ntlmssp_magic(struct gensec_security
*gensec_security
,
64 const DATA_BLOB
*first_packet
)
66 if (first_packet
->length
> 8 && memcmp("NTLMSSP\0", first_packet
->data
, 8) == 0) {
69 return NT_STATUS_INVALID_PARAMETER
;
73 static NTSTATUS
gensec_ntlmssp_update_find(struct ntlmssp_state
*ntlmssp_state
,
74 const DATA_BLOB input
, uint32_t *idx
)
76 struct gensec_ntlmssp_context
*gensec_ntlmssp
=
77 talloc_get_type_abort(ntlmssp_state
->callback_private
,
78 struct gensec_ntlmssp_context
);
79 struct gensec_security
*gensec_security
= gensec_ntlmssp
->gensec_security
;
80 uint32_t ntlmssp_command
;
83 if (ntlmssp_state
->expected_state
== NTLMSSP_DONE
) {
84 /* We are strict here because other modules, which we
85 * don't fully control (such as GSSAPI) are also
86 * strict, but are tested less often */
88 DEBUG(1, ("Called NTLMSSP after state machine was 'done'\n"));
89 return NT_STATUS_INVALID_PARAMETER
;
93 switch (ntlmssp_state
->role
) {
95 ntlmssp_command
= NTLMSSP_INITIAL
;
98 if (gensec_security
->want_features
& GENSEC_FEATURE_DATAGRAM_MODE
) {
99 /* 'datagram' mode - no neg packet */
100 ntlmssp_command
= NTLMSSP_NEGOTIATE
;
102 /* This is normal in SPNEGO mech negotiation fallback */
103 DEBUG(2, ("Failed to parse NTLMSSP packet: zero length\n"));
104 return NT_STATUS_INVALID_PARAMETER
;
109 if (!msrpc_parse(ntlmssp_state
,
113 DEBUG(1, ("Failed to parse NTLMSSP packet, could not extract NTLMSSP command\n"));
114 dump_data(2, input
.data
, input
.length
);
115 return NT_STATUS_INVALID_PARAMETER
;
119 if (ntlmssp_command
!= ntlmssp_state
->expected_state
) {
120 DEBUG(2, ("got NTLMSSP command %u, expected %u\n", ntlmssp_command
, ntlmssp_state
->expected_state
));
121 return NT_STATUS_INVALID_PARAMETER
;
124 for (i
=0; i
< ARRAY_SIZE(ntlmssp_callbacks
); i
++) {
125 if (ntlmssp_callbacks
[i
].role
== ntlmssp_state
->role
&&
126 ntlmssp_callbacks
[i
].command
== ntlmssp_command
) {
132 DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n",
133 ntlmssp_state
->role
, ntlmssp_command
));
135 return NT_STATUS_INVALID_PARAMETER
;
139 * Next state function for the wrapped NTLMSSP state machine
141 * @param gensec_security GENSEC state, initialised to NTLMSSP
142 * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
143 * @param in The request, as a DATA_BLOB
144 * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
145 * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
146 * or NT_STATUS_OK if the user is authenticated.
149 static NTSTATUS
gensec_ntlmssp_update(struct gensec_security
*gensec_security
,
150 TALLOC_CTX
*out_mem_ctx
,
151 const DATA_BLOB input
, DATA_BLOB
*out
)
153 struct gensec_ntlmssp_context
*gensec_ntlmssp
=
154 talloc_get_type_abort(gensec_security
->private_data
,
155 struct gensec_ntlmssp_context
);
156 struct ntlmssp_state
*ntlmssp_state
= gensec_ntlmssp
->ntlmssp_state
;
160 *out
= data_blob(NULL
, 0);
163 /* if the caller doesn't want to manage/own the memory,
164 we can put it on our context */
165 out_mem_ctx
= ntlmssp_state
;
168 status
= gensec_ntlmssp_update_find(ntlmssp_state
, input
, &i
);
169 NT_STATUS_NOT_OK_RETURN(status
);
171 status
= ntlmssp_callbacks
[i
].sync_fn(gensec_security
, out_mem_ctx
, input
, out
);
172 NT_STATUS_NOT_OK_RETURN(status
);
178 * Return the NTLMSSP master session key
180 * @param ntlmssp_state NTLMSSP State
183 NTSTATUS
gensec_ntlmssp_session_key(struct gensec_security
*gensec_security
,
184 DATA_BLOB
*session_key
)
186 struct gensec_ntlmssp_context
*gensec_ntlmssp
=
187 talloc_get_type_abort(gensec_security
->private_data
,
188 struct gensec_ntlmssp_context
);
189 struct ntlmssp_state
*ntlmssp_state
= gensec_ntlmssp
->ntlmssp_state
;
191 if (ntlmssp_state
->expected_state
!= NTLMSSP_DONE
) {
192 return NT_STATUS_NO_USER_SESSION_KEY
;
195 if (!ntlmssp_state
->session_key
.data
) {
196 return NT_STATUS_NO_USER_SESSION_KEY
;
198 *session_key
= ntlmssp_state
->session_key
;
203 static bool gensec_ntlmssp_have_feature(struct gensec_security
*gensec_security
,
206 struct gensec_ntlmssp_context
*gensec_ntlmssp
=
207 talloc_get_type_abort(gensec_security
->private_data
,
208 struct gensec_ntlmssp_context
);
209 struct ntlmssp_state
*ntlmssp_state
= gensec_ntlmssp
->ntlmssp_state
;
211 if (feature
& GENSEC_FEATURE_SIGN
) {
212 if (!ntlmssp_state
->session_key
.length
) {
215 if (ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_SIGN
) {
219 if (feature
& GENSEC_FEATURE_SEAL
) {
220 if (!ntlmssp_state
->session_key
.length
) {
223 if (ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_SEAL
) {
227 if (feature
& GENSEC_FEATURE_SESSION_KEY
) {
228 if (ntlmssp_state
->session_key
.length
) {
232 if (feature
& GENSEC_FEATURE_DCE_STYLE
) {
235 if (feature
& GENSEC_FEATURE_ASYNC_REPLIES
) {
236 if (ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_NTLM2
) {
243 NTSTATUS
gensec_ntlmssp_start(struct gensec_security
*gensec_security
)
245 struct gensec_ntlmssp_context
*gensec_ntlmssp
;
246 struct ntlmssp_state
*ntlmssp_state
;
248 gensec_ntlmssp
= talloc_zero(gensec_security
,
249 struct gensec_ntlmssp_context
);
250 if (!gensec_ntlmssp
) {
251 return NT_STATUS_NO_MEMORY
;
254 gensec_ntlmssp
->gensec_security
= gensec_security
;
256 ntlmssp_state
= talloc_zero(gensec_ntlmssp
,
257 struct ntlmssp_state
);
258 if (!ntlmssp_state
) {
259 return NT_STATUS_NO_MEMORY
;
262 ntlmssp_state
->callback_private
= gensec_ntlmssp
;
264 gensec_ntlmssp
->ntlmssp_state
= ntlmssp_state
;
266 gensec_security
->private_data
= gensec_ntlmssp
;
270 static const char *gensec_ntlmssp_oids
[] = {
275 static const struct gensec_security_ops gensec_ntlmssp_security_ops
= {
277 .sasl_name
= GENSEC_SASL_NAME_NTLMSSP
, /* "NTLM" */
278 .auth_type
= DCERPC_AUTH_TYPE_NTLMSSP
,
279 .oid
= gensec_ntlmssp_oids
,
280 .client_start
= gensec_ntlmssp_client_start
,
281 .server_start
= gensec_ntlmssp_server_start
,
282 .magic
= gensec_ntlmssp_magic
,
283 .update
= gensec_ntlmssp_update
,
284 .sig_size
= gensec_ntlmssp_sig_size
,
285 .sign_packet
= gensec_ntlmssp_sign_packet
,
286 .check_packet
= gensec_ntlmssp_check_packet
,
287 .seal_packet
= gensec_ntlmssp_seal_packet
,
288 .unseal_packet
= gensec_ntlmssp_unseal_packet
,
289 .wrap
= gensec_ntlmssp_wrap
,
290 .unwrap
= gensec_ntlmssp_unwrap
,
291 .session_key
= gensec_ntlmssp_session_key
,
292 .session_info
= gensec_ntlmssp_session_info
,
293 .have_feature
= gensec_ntlmssp_have_feature
,
295 .priority
= GENSEC_NTLMSSP
299 _PUBLIC_ NTSTATUS
gensec_ntlmssp_init(void)
303 ret
= gensec_register(&gensec_ntlmssp_security_ops
);
304 if (!NT_STATUS_IS_OK(ret
)) {
305 DEBUG(0,("Failed to register '%s' gensec backend!\n",
306 gensec_ntlmssp_security_ops
.name
));