2 Unix SMB/Netbios implementation.
4 handle NLTMSSP, client server side parsing
6 Copyright (C) Andrew Tridgell 2001
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2005
8 Copyright (C) Stefan Metzmacher 2005
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 #include "auth/auth.h"
27 #include "auth/ntlmssp/ntlmssp.h"
28 #include "auth/ntlmssp/msrpc_parse.h"
29 #include "librpc/gen_ndr/ndr_dcerpc.h"
32 * Callbacks for NTLMSSP - for both client and server operating modes
36 static const struct ntlmssp_callbacks
{
37 enum ntlmssp_role role
;
38 enum ntlmssp_message_type command
;
39 NTSTATUS (*sync_fn
)(struct gensec_security
*gensec_security
,
40 TALLOC_CTX
*out_mem_ctx
,
41 DATA_BLOB in
, DATA_BLOB
*out
);
42 } ntlmssp_callbacks
[] = {
44 .role
= NTLMSSP_CLIENT
,
45 .command
= NTLMSSP_INITIAL
,
46 .sync_fn
= ntlmssp_client_initial
,
48 .role
= NTLMSSP_SERVER
,
49 .command
= NTLMSSP_NEGOTIATE
,
50 .sync_fn
= ntlmssp_server_negotiate
,
52 .role
= NTLMSSP_CLIENT
,
53 .command
= NTLMSSP_CHALLENGE
,
54 .sync_fn
= ntlmssp_client_challenge
,
56 .role
= NTLMSSP_SERVER
,
57 .command
= NTLMSSP_AUTH
,
58 .sync_fn
= ntlmssp_server_auth
,
64 * Print out the NTLMSSP flags for debugging
65 * @param neg_flags The flags from the packet
68 void debug_ntlmssp_flags(uint32_t neg_flags
)
70 DEBUG(3,("Got NTLMSSP neg_flags=0x%08x\n", neg_flags
));
72 if (neg_flags
& NTLMSSP_NEGOTIATE_UNICODE
)
73 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_UNICODE\n"));
74 if (neg_flags
& NTLMSSP_NEGOTIATE_OEM
)
75 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_OEM\n"));
76 if (neg_flags
& NTLMSSP_REQUEST_TARGET
)
77 DEBUGADD(4, (" NTLMSSP_REQUEST_TARGET\n"));
78 if (neg_flags
& NTLMSSP_NEGOTIATE_SIGN
)
79 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_SIGN\n"));
80 if (neg_flags
& NTLMSSP_NEGOTIATE_SEAL
)
81 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_SEAL\n"));
82 if (neg_flags
& NTLMSSP_NEGOTIATE_DATAGRAM_STYLE
)
83 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_DATAGRAM_STYLE\n"));
84 if (neg_flags
& NTLMSSP_NEGOTIATE_LM_KEY
)
85 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_LM_KEY\n"));
86 if (neg_flags
& NTLMSSP_NEGOTIATE_NETWARE
)
87 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_NETWARE\n"));
88 if (neg_flags
& NTLMSSP_NEGOTIATE_NTLM
)
89 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_NTLM\n"));
90 if (neg_flags
& NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED
)
91 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED\n"));
92 if (neg_flags
& NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED
)
93 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED\n"));
94 if (neg_flags
& NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
)
95 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL\n"));
96 if (neg_flags
& NTLMSSP_NEGOTIATE_ALWAYS_SIGN
)
97 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_ALWAYS_SIGN\n"));
98 if (neg_flags
& NTLMSSP_CHAL_ACCEPT_RESPONSE
)
99 DEBUGADD(4, (" NTLMSSP_CHAL_ACCEPT_RESPONSE\n"));
100 if (neg_flags
& NTLMSSP_CHAL_NON_NT_SESSION_KEY
)
101 DEBUGADD(4, (" NTLMSSP_CHAL_NON_NT_SESSION_KEY\n"));
102 if (neg_flags
& NTLMSSP_NEGOTIATE_NTLM2
)
103 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_NTLM2\n"));
104 if (neg_flags
& NTLMSSP_CHAL_TARGET_INFO
)
105 DEBUGADD(4, (" NTLMSSP_CHAL_TARGET_INFO\n"));
106 if (neg_flags
& NTLMSSP_NEGOTIATE_128
)
107 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_128\n"));
108 if (neg_flags
& NTLMSSP_NEGOTIATE_KEY_EXCH
)
109 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_KEY_EXCH\n"));
110 if (neg_flags
& NTLMSSP_NEGOTIATE_56
)
111 DEBUGADD(4, (" NTLMSSP_NEGOTIATE_56\n"));
114 static NTSTATUS
gensec_ntlmssp_magic(struct gensec_security
*gensec_security
,
115 const DATA_BLOB
*first_packet
)
117 if (first_packet
->length
> 8 && memcmp("NTLMSSP\0", first_packet
->data
, 8) == 0) {
120 return NT_STATUS_INVALID_PARAMETER
;
124 static NTSTATUS
gensec_ntlmssp_update_find(struct gensec_ntlmssp_state
*gensec_ntlmssp_state
,
125 const DATA_BLOB input
, uint32_t *idx
)
127 struct gensec_security
*gensec_security
= gensec_ntlmssp_state
->gensec_security
;
128 uint32_t ntlmssp_command
;
131 if (gensec_ntlmssp_state
->expected_state
== NTLMSSP_DONE
) {
132 /* We are strict here because other modules, which we
133 * don't fully control (such as GSSAPI) are also
134 * strict, but are tested less often */
136 DEBUG(1, ("Called NTLMSSP after state machine was 'done'\n"));
137 return NT_STATUS_INVALID_PARAMETER
;
141 switch (gensec_ntlmssp_state
->role
) {
143 ntlmssp_command
= NTLMSSP_INITIAL
;
146 if (gensec_security
->want_features
& GENSEC_FEATURE_DATAGRAM_MODE
) {
147 /* 'datagram' mode - no neg packet */
148 ntlmssp_command
= NTLMSSP_NEGOTIATE
;
150 /* This is normal in SPNEGO mech negotiation fallback */
151 DEBUG(2, ("Failed to parse NTLMSSP packet: zero length\n"));
152 return NT_STATUS_INVALID_PARAMETER
;
157 if (!msrpc_parse(gensec_ntlmssp_state
,
161 DEBUG(1, ("Failed to parse NTLMSSP packet, could not extract NTLMSSP command\n"));
162 dump_data(2, input
.data
, input
.length
);
163 return NT_STATUS_INVALID_PARAMETER
;
167 if (ntlmssp_command
!= gensec_ntlmssp_state
->expected_state
) {
168 DEBUG(2, ("got NTLMSSP command %u, expected %u\n", ntlmssp_command
, gensec_ntlmssp_state
->expected_state
));
169 return NT_STATUS_INVALID_PARAMETER
;
172 for (i
=0; i
< ARRAY_SIZE(ntlmssp_callbacks
); i
++) {
173 if (ntlmssp_callbacks
[i
].role
== gensec_ntlmssp_state
->role
&&
174 ntlmssp_callbacks
[i
].command
== ntlmssp_command
) {
180 DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n",
181 gensec_ntlmssp_state
->role
, ntlmssp_command
));
183 return NT_STATUS_INVALID_PARAMETER
;
187 * Next state function for the wrapped NTLMSSP state machine
189 * @param gensec_security GENSEC state, initialised to NTLMSSP
190 * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
191 * @param in The request, as a DATA_BLOB
192 * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
193 * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
194 * or NT_STATUS_OK if the user is authenticated.
197 static NTSTATUS
gensec_ntlmssp_update(struct gensec_security
*gensec_security
,
198 TALLOC_CTX
*out_mem_ctx
,
199 const DATA_BLOB input
, DATA_BLOB
*out
)
201 struct gensec_ntlmssp_state
*gensec_ntlmssp_state
= gensec_security
->private_data
;
205 *out
= data_blob(NULL
, 0);
208 /* if the caller doesn't want to manage/own the memory,
209 we can put it on our context */
210 out_mem_ctx
= gensec_ntlmssp_state
;
213 status
= gensec_ntlmssp_update_find(gensec_ntlmssp_state
, input
, &i
);
214 NT_STATUS_NOT_OK_RETURN(status
);
216 status
= ntlmssp_callbacks
[i
].sync_fn(gensec_security
, out_mem_ctx
, input
, out
);
217 NT_STATUS_NOT_OK_RETURN(status
);
223 * Return the NTLMSSP master session key
225 * @param gensec_ntlmssp_state NTLMSSP State
228 NTSTATUS
gensec_ntlmssp_session_key(struct gensec_security
*gensec_security
,
229 DATA_BLOB
*session_key
)
231 struct gensec_ntlmssp_state
*gensec_ntlmssp_state
= gensec_security
->private_data
;
233 if (!gensec_ntlmssp_state
->session_key
.data
) {
234 return NT_STATUS_NO_USER_SESSION_KEY
;
236 *session_key
= gensec_ntlmssp_state
->session_key
;
241 void ntlmssp_handle_neg_flags(struct gensec_ntlmssp_state
*gensec_ntlmssp_state
,
242 uint32_t neg_flags
, BOOL allow_lm
)
244 if (neg_flags
& NTLMSSP_NEGOTIATE_UNICODE
) {
245 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_NEGOTIATE_UNICODE
;
246 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_OEM
;
247 gensec_ntlmssp_state
->unicode
= True
;
249 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_UNICODE
;
250 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_NEGOTIATE_OEM
;
251 gensec_ntlmssp_state
->unicode
= False
;
254 if ((neg_flags
& NTLMSSP_NEGOTIATE_LM_KEY
) && allow_lm
&& !gensec_ntlmssp_state
->use_ntlmv2
) {
255 /* other end forcing us to use LM */
256 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_NEGOTIATE_LM_KEY
;
257 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_NTLM2
;
259 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_LM_KEY
;
262 if (neg_flags
& NTLMSSP_NEGOTIATE_ALWAYS_SIGN
) {
263 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_NEGOTIATE_ALWAYS_SIGN
;
266 if (!(neg_flags
& NTLMSSP_NEGOTIATE_SIGN
)) {
267 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_SIGN
;
270 if (!(neg_flags
& NTLMSSP_NEGOTIATE_SEAL
)) {
271 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_SEAL
;
274 if (!(neg_flags
& NTLMSSP_NEGOTIATE_NTLM2
)) {
275 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_NTLM2
;
278 if (!(neg_flags
& NTLMSSP_NEGOTIATE_128
)) {
279 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_128
;
282 if (!(neg_flags
& NTLMSSP_NEGOTIATE_56
)) {
283 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_56
;
286 if (!(neg_flags
& NTLMSSP_NEGOTIATE_KEY_EXCH
)) {
287 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_NEGOTIATE_KEY_EXCH
;
290 /* Woop Woop - unknown flag for Windows compatibility...
291 What does this really do ? JRA. */
292 if (!(neg_flags
& NTLMSSP_UNKNOWN_02000000
)) {
293 gensec_ntlmssp_state
->neg_flags
&= ~NTLMSSP_UNKNOWN_02000000
;
296 if ((neg_flags
& NTLMSSP_REQUEST_TARGET
)) {
297 gensec_ntlmssp_state
->neg_flags
|= NTLMSSP_REQUEST_TARGET
;
303 Weaken NTLMSSP keys to cope with down-level clients and servers.
305 We probably should have some parameters to control this, but as
306 it only occours for LM_KEY connections, and this is controlled
307 by the client lanman auth/lanman auth parameters, it isn't too bad.
310 DATA_BLOB
ntlmssp_weakend_key(struct gensec_ntlmssp_state
*gensec_ntlmssp_state
,
313 DATA_BLOB weakened_key
= data_blob_talloc(mem_ctx
,
314 gensec_ntlmssp_state
->session_key
.data
,
315 gensec_ntlmssp_state
->session_key
.length
);
316 /* Nothing to weaken. We certainly don't want to 'extend' the length... */
317 if (weakened_key
.length
< 16) {
318 /* perhaps there was no key? */
322 /* Key weakening not performed on the master key for NTLM2
323 and does not occour for NTLM1. Therefore we only need
324 to do this for the LM_KEY.
326 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_LM_KEY
) {
327 /* LM key doesn't support 128 bit crypto, so this is
328 * the best we can do. If you negotiate 128 bit, but
329 * not 56, you end up with 40 bit... */
330 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_56
) {
331 weakened_key
.data
[7] = 0xa0;
332 weakened_key
.length
= 8;
333 } else { /* forty bits */
334 weakened_key
.data
[5] = 0xe5;
335 weakened_key
.data
[6] = 0x38;
336 weakened_key
.data
[7] = 0xb0;
337 weakened_key
.length
= 8;
343 static BOOL
gensec_ntlmssp_have_feature(struct gensec_security
*gensec_security
,
346 struct gensec_ntlmssp_state
*gensec_ntlmssp_state
= gensec_security
->private_data
;
347 if (feature
& GENSEC_FEATURE_SIGN
) {
348 if (!gensec_ntlmssp_state
->session_key
.length
) {
351 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_SIGN
) {
355 if (feature
& GENSEC_FEATURE_SEAL
) {
356 if (!gensec_ntlmssp_state
->session_key
.length
) {
359 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_SEAL
) {
363 if (feature
& GENSEC_FEATURE_SESSION_KEY
) {
364 if (gensec_ntlmssp_state
->session_key
.length
) {
368 if (feature
& GENSEC_FEATURE_DCE_STYLE
) {
371 if (feature
& GENSEC_FEATURE_ASYNC_REPLIES
) {
372 if (gensec_ntlmssp_state
->neg_flags
& NTLMSSP_NEGOTIATE_NTLM2
) {
379 NTSTATUS
gensec_ntlmssp_start(struct gensec_security
*gensec_security
)
381 struct gensec_ntlmssp_state
*gensec_ntlmssp_state
;
383 gensec_ntlmssp_state
= talloc_zero(gensec_security
, struct gensec_ntlmssp_state
);
384 if (!gensec_ntlmssp_state
) {
385 return NT_STATUS_NO_MEMORY
;
388 gensec_ntlmssp_state
->gensec_security
= gensec_security
;
389 gensec_ntlmssp_state
->auth_context
= NULL
;
390 gensec_ntlmssp_state
->server_info
= NULL
;
392 gensec_security
->private_data
= gensec_ntlmssp_state
;
396 static const char *gensec_ntlmssp_oids
[] = {
401 static const struct gensec_security_ops gensec_ntlmssp_security_ops
= {
404 .auth_type
= DCERPC_AUTH_TYPE_NTLMSSP
,
405 .oid
= gensec_ntlmssp_oids
,
406 .client_start
= gensec_ntlmssp_client_start
,
407 .server_start
= gensec_ntlmssp_server_start
,
408 .magic
= gensec_ntlmssp_magic
,
409 .update
= gensec_ntlmssp_update
,
410 .sig_size
= gensec_ntlmssp_sig_size
,
411 .sign_packet
= gensec_ntlmssp_sign_packet
,
412 .check_packet
= gensec_ntlmssp_check_packet
,
413 .seal_packet
= gensec_ntlmssp_seal_packet
,
414 .unseal_packet
= gensec_ntlmssp_unseal_packet
,
415 .wrap
= gensec_ntlmssp_wrap
,
416 .unwrap
= gensec_ntlmssp_unwrap
,
417 .session_key
= gensec_ntlmssp_session_key
,
418 .session_info
= gensec_ntlmssp_session_info
,
419 .have_feature
= gensec_ntlmssp_have_feature
,
421 .order
= GENSEC_NTLMSSP
425 NTSTATUS
gensec_ntlmssp_init(void)
431 ret
= gensec_register(&gensec_ntlmssp_security_ops
);
432 if (!NT_STATUS_IS_OK(ret
)) {
433 DEBUG(0,("Failed to register '%s' gensec backend!\n",
434 gensec_ntlmssp_security_ops
.name
));