2 * Copyright (c) 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "ntlm/ntlm.h"
43 _gss_ntlm_allocate_ctx(OM_uint32
*minor_status
, ntlm_ctx
*ctx
)
47 *ctx
= calloc(1, sizeof(**ctx
));
49 (*ctx
)->server
= &ntlmsspi_kdc_digest
;
51 maj_stat
= (*(*ctx
)->server
->nsi_init
)(minor_status
, &(*ctx
)->ictx
);
52 if (maj_stat
!= GSS_S_COMPLETE
)
55 return GSS_S_COMPLETE
;
63 _gss_ntlm_accept_sec_context
64 (OM_uint32
* minor_status
,
65 gss_ctx_id_t
* context_handle
,
66 const gss_cred_id_t acceptor_cred_handle
,
67 const gss_buffer_t input_token_buffer
,
68 const gss_channel_bindings_t input_chan_bindings
,
69 gss_name_t
* src_name
,
71 gss_buffer_t output_token
,
72 OM_uint32
* ret_flags
,
74 gss_cred_id_t
* delegated_cred_handle
81 output_token
->value
= NULL
;
82 output_token
->length
= 0;
86 if (context_handle
== NULL
)
89 if (input_token_buffer
== GSS_C_NO_BUFFER
)
93 *src_name
= GSS_C_NO_NAME
;
95 *mech_type
= GSS_C_NO_OID
;
100 if (delegated_cred_handle
)
101 *delegated_cred_handle
= GSS_C_NO_CREDENTIAL
;
103 if (*context_handle
== GSS_C_NO_CONTEXT
) {
104 struct ntlm_type1 type1
;
105 OM_uint32 major_status
;
109 major_status
= _gss_ntlm_allocate_ctx(minor_status
, &ctx
);
112 *context_handle
= (gss_ctx_id_t
)ctx
;
114 /* check if the mechs is allowed by remote service */
115 major_status
= (*ctx
->server
->nsi_probe
)(minor_status
, ctx
->ictx
, NULL
);
117 _gss_ntlm_delete_sec_context(minor_status
, context_handle
, NULL
);
121 data
.data
= input_token_buffer
->value
;
122 data
.length
= input_token_buffer
->length
;
124 ret
= heim_ntlm_decode_type1(&data
, &type1
);
126 _gss_ntlm_delete_sec_context(minor_status
, context_handle
, NULL
);
128 return GSS_S_FAILURE
;
131 if ((type1
.flags
& NTLM_NEG_UNICODE
) == 0) {
132 heim_ntlm_free_type1(&type1
);
133 _gss_ntlm_delete_sec_context(minor_status
, context_handle
, NULL
);
134 *minor_status
= EINVAL
;
135 return GSS_S_FAILURE
;
138 if (type1
.flags
& NTLM_NEG_SIGN
)
139 ctx
->gssflags
|= GSS_C_CONF_FLAG
;
140 if (type1
.flags
& NTLM_NEG_SIGN
)
141 ctx
->gssflags
|= GSS_C_INTEG_FLAG
;
143 major_status
= (*ctx
->server
->nsi_type2
)(minor_status
,
150 heim_ntlm_free_type1(&type1
);
151 if (major_status
!= GSS_S_COMPLETE
) {
153 _gss_ntlm_delete_sec_context(&junk
, context_handle
, NULL
);
157 output_token
->value
= malloc(out
.length
);
158 if (output_token
->value
== NULL
) {
160 _gss_ntlm_delete_sec_context(&junk
, context_handle
, NULL
);
161 *minor_status
= ENOMEM
;
162 return GSS_S_FAILURE
;
164 memcpy(output_token
->value
, out
.data
, out
.length
);
165 output_token
->length
= out
.length
;
167 ctx
->flags
= retflags
;
169 return GSS_S_CONTINUE_NEEDED
;
172 struct ntlm_type3 type3
;
173 struct ntlm_buf session
;
175 ctx
= (ntlm_ctx
)*context_handle
;
177 data
.data
= input_token_buffer
->value
;
178 data
.length
= input_token_buffer
->length
;
180 ret
= heim_ntlm_decode_type3(&data
, 1, &type3
);
182 _gss_ntlm_delete_sec_context(minor_status
, context_handle
, NULL
);
184 return GSS_S_FAILURE
;
187 maj_stat
= (*ctx
->server
->nsi_type3
)(minor_status
,
192 heim_ntlm_free_type3(&type3
);
193 _gss_ntlm_delete_sec_context(minor_status
, context_handle
, NULL
);
198 ntlm_name n
= calloc(1, sizeof(*n
));
200 n
->user
= strdup(type3
.username
);
201 n
->domain
= strdup(type3
.targetname
);
203 if (n
== NULL
|| n
->user
== NULL
|| n
->domain
== NULL
) {
204 heim_ntlm_free_type3(&type3
);
205 _gss_ntlm_delete_sec_context(minor_status
,
206 context_handle
, NULL
);
209 *src_name
= (gss_name_t
)n
;
212 heim_ntlm_free_type3(&type3
);
214 ret
= krb5_data_copy(&ctx
->sessionkey
,
215 session
.data
, session
.length
);
217 _gss_ntlm_delete_sec_context(minor_status
, context_handle
, NULL
);
219 return GSS_S_FAILURE
;
222 if (session
.length
!= 0) {
224 ctx
->status
|= STATUS_SESSIONKEY
;
226 if (ctx
->flags
& NTLM_NEG_NTLM2_SESSION
) {
227 _gss_ntlm_set_key(&ctx
->u
.v2
.send
, 1,
228 (ctx
->flags
& NTLM_NEG_KEYEX
),
229 ctx
->sessionkey
.data
,
230 ctx
->sessionkey
.length
);
231 _gss_ntlm_set_key(&ctx
->u
.v2
.recv
, 0,
232 (ctx
->flags
& NTLM_NEG_KEYEX
),
233 ctx
->sessionkey
.data
,
234 ctx
->sessionkey
.length
);
236 RC4_set_key(&ctx
->u
.v1
.crypto_send
.key
,
237 ctx
->sessionkey
.length
,
238 ctx
->sessionkey
.data
);
239 RC4_set_key(&ctx
->u
.v1
.crypto_recv
.key
,
240 ctx
->sessionkey
.length
,
241 ctx
->sessionkey
.data
);
246 *mech_type
= GSS_NTLM_MECHANISM
;
248 *time_rec
= GSS_C_INDEFINITE
;
250 ctx
->status
|= STATUS_OPEN
;
253 *ret_flags
= ctx
->gssflags
;
255 return GSS_S_COMPLETE
;