openvpn/ntlm.c

   1 /*
   2  *  ntlm proxy support for OpenVPN
   3  *
   4  *  Copyright (C) 2004 William Preston
   5  *
   6  *  This program is free software; you can redistribute it and/or modify
   7  *  it under the terms of the GNU General Public License as published by
   8  *  the Free Software Foundation; either version 2 of the License, or
   9  *  (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU General Public License
  17  *  along with this program (see the file COPYING included with this
  18  *  distribution); if not, write to the Free Software Foundation, Inc.,
  19  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  20  */
  21
  22 #ifdef WIN32
  23 #include "config-win32.h"
  24 #else
  25 #include "config.h"
  26 #endif
  27
  28 #include "syshead.h"
  29
  30 #if NTLM
  31
  32 #include "common.h"
  33 #include "buffer.h"
  34 #include "misc.h"
  35 #include "socket.h"
  36 #include "fdmisc.h"
  37 #include "proxy.h"
  38 #include "ntlm.h"
  39 #include "base64.h"
  40 #include "crypto.h"
  41
  42 #include "memdbg.h"
  43
  44 static void
  45 create_des_keys(const unsigned char *hash, unsigned char *key)
  46 {
  47   key[0] = hash[0];
  48   key[1] = ((hash[0]&1)<<7)|(hash[1]>>1);
  49   key[2] = ((hash[1]&3)<<6)|(hash[2]>>2);
  50   key[3] = ((hash[2]&7)<<5)|(hash[3]>>3);
  51   key[4] = ((hash[3]&15)<<4)|(hash[4]>>4);
  52   key[5] = ((hash[4]&31)<<3)|(hash[5]>>5);
  53   key[6] = ((hash[5]&63)<<2)|(hash[6]>>6);
  54   key[7] = ((hash[6]&127)<<1);
  55   des_set_odd_parity((des_cblock *)key);
  56 }
  57
  58 static void
  59 gen_md4_hash (const char* data, int data_len, char *result)
  60 {
  61   /* result is 16 byte md4 hash */
  62
  63   MD4_CTX c;
  64   char md[16];
  65
  66   MD4_Init (&c);
  67   MD4_Update (&c, data, data_len);
  68   MD4_Final ((unsigned char *)md, &c);
  69
  70   memcpy (result, md, 16);
  71 }
  72
  73 static int
  74 unicodize (char *dst, const char *src)
  75 {
  76   /* not really unicode... */
  77   int i = 0;
  78   do
  79     {
  80       dst[i++] = *src;
  81       dst[i++] = 0;
  82     }
  83   while (*src++);
  84
  85   return i;
  86 }
  87
  88 const char *
  89 ntlm_phase_1 (const struct http_proxy_info *p, struct gc_arena *gc)
  90 {
  91   struct buffer out = alloc_buf_gc (96, gc);
  92   /* try a minimal NTLM handshake
  93    *
  94    * http://davenport.sourceforge.net/ntlm.html
  95    *
  96    * This message contains only the NTLMSSP signature,
  97    * the NTLM message type,
  98    * and the minimal set of flags (Negotiate NTLM and Negotiate OEM).
  99    *
 100    */
 101   buf_printf (&out, "%s", "TlRMTVNTUAABAAAAAgIAAA==");
 102   return (BSTR (&out));
 103 }
 104
 105 const char *
 106 ntlm_phase_3 (const struct http_proxy_info *p, const char *phase_2, struct gc_arena *gc)
 107 {
 108   char pwbuf[sizeof (p->up.password) * 2]; /* for unicode password */
 109   char buf2[128]; /* decoded reply from proxy */
 110   char phase3[146];
 111
 112   char md4_hash[21];
 113   char challenge[8], response[24];
 114   int i, ret_val, buflen;
 115   des_cblock key1, key2, key3;
 116   des_key_schedule sched1, sched2, sched3;
 117
 118   /* try a minimal NTLM handshake
 119    *
 120    * http://davenport.sourceforge.net/ntlm.html
 121    *
 122    */
 123   ASSERT (strlen (p->up.username) > 0);
 124   ASSERT (strlen (p->up.password) > 0);
 125
 126   /* fill 1st 16 bytes with md4 hash, disregard terminating null */
 127   gen_md4_hash (pwbuf, unicodize (pwbuf, p->up.password) - 2, md4_hash);
 128
 129   /* pad to 21 bytes */
 130   memset (md4_hash + 16, 0, 5);
 131
 132   ret_val = base64_decode( phase_2, (void *)buf2);
 133   /* we can be sure that phase_2 is less than 128
 134    * therefore buf2 needs to be (3/4 * 128) */
 135
 136   /* extract the challenge from bytes 24-31 */
 137   for (i=0; i<8; i++)
 138   {
 139     challenge[i] = buf2[i+24];
 140   }
 141
 142   create_des_keys ((unsigned char *)md4_hash, key1);
 143   des_set_key_unchecked ((des_cblock *)key1, sched1);
 144   des_ecb_encrypt ((des_cblock *)challenge, (des_cblock *)response, sched1, DES_ENCRYPT);
 145
 146   create_des_keys ((unsigned char *)&(md4_hash[7]), key2);
 147   des_set_key_unchecked ((des_cblock *)key2, sched2);
 148   des_ecb_encrypt ((des_cblock *)challenge, (des_cblock *)&(response[8]), sched2, DES_ENCRYPT);
 149
 150   create_des_keys ((unsigned char *)&(md4_hash[14]), key3);
 151   des_set_key_unchecked ((des_cblock *)key3, sched3);
 152   des_ecb_encrypt ((des_cblock *)challenge, (des_cblock *)&(response[16]), sched3, DES_ENCRYPT);
 153
 154   /* clear reply */
 155   memset (phase3, 0, sizeof (phase3));
 156
 157   strcpy (phase3, "NTLMSSP\0");
 158   phase3[8] = 3; /* type 3 */
 159
 160   buflen = 0x58 + strlen (p->up.username);
 161   if (buflen > (int) sizeof (phase3))
 162     buflen = sizeof (phase3);
 163
 164   phase3[0x10] = buflen; /* lm not used */
 165   phase3[0x20] = buflen; /* default domain (i.e. proxy's domain) */
 166   phase3[0x30] = buflen; /* no workstation name supplied */
 167   phase3[0x38] = buflen; /* no session key */
 168
 169   phase3[0x14] = 24; /* ntlm response is 24 bytes long */
 170   phase3[0x16] = phase3[0x14];
 171   phase3[0x18] = 0x40; /* ntlm offset */
 172   memcpy (&(phase3[0x40]), response, 24);
 173
 174
 175   phase3[0x24] = strlen (p->up.username); /* username in ascii */
 176   phase3[0x26] = phase3[0x24];
 177   phase3[0x28] = 0x58;
 178   strncpy (&(phase3[0x58]), p->up.username, sizeof (phase3) - 0x58);
 179
 180   phase3[0x3c] = 0x02; /* negotiate oem */
 181   phase3[0x3d] = 0x02; /* negotiate ntlm */
 182
 183   return ((const char *)make_base64_string2 ((unsigned char *)phase3, buflen, gc));
 184 }
 185
 186 #else
 187 static void dummy(void) {}
 188 #endif