diff options
author | Simo Sorce <simo@redhat.com> | 2014-04-06 23:26:44 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-05-04 17:21:06 -0400 |
commit | 3b15e749eac2c47376f86ff94b9bf6f6ad1a157a (patch) | |
tree | 8217eff2871e587fa49d9ee19c0e845f08dd3437 | |
parent | 2c3e9cb83b4a87ee5f792c35ecf3dbc366eb766f (diff) | |
download | gss-ntlmssp-3b15e749eac2c47376f86ff94b9bf6f6ad1a157a.tar.gz gss-ntlmssp-3b15e749eac2c47376f86ff94b9bf6f6ad1a157a.tar.xz gss-ntlmssp-3b15e749eac2c47376f86ff94b9bf6f6ad1a157a.zip |
Check netbios computer and domain name when needed
MS-NLMP 3.1.5.1.2 says a client must fail to communicate if NTLMv2
is used, Integrity or Confidentiality are required and NetBIOS Computer
or Domain Name are not present in the Challenge message from the server.
-rw-r--r-- | src/gss_sec_ctx.c | 7 | ||||
-rw-r--r-- | src/ntlm.c | 9 | ||||
-rw-r--r-- | src/ntlm.h | 3 |
3 files changed, 15 insertions, 4 deletions
diff --git a/src/gss_sec_ctx.c b/src/gss_sec_ctx.c index b152d97..171bf16 100644 --- a/src/gss_sec_ctx.c +++ b/src/gss_sec_ctx.c @@ -70,6 +70,7 @@ uint32_t gssntlm_init_sec_context(uint32_t *minor_status, uint8_t sec_req; bool key_exch; bool add_mic = false; + bool protect; ctx = (struct gssntlm_ctx *)(*context_handle); @@ -399,6 +400,8 @@ uint32_t gssntlm_init_sec_context(uint32_t *minor_status, in_flags &= ~NTLMSSP_NEGOTIATE_DATAGRAM; } + protect = in_flags & (NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_SEAL); + if (ctx->gss_flags & GSS_C_ANON_FLAG) { /* Anonymous auth, empty responses */ memset(&nt_chal_resp, 0, sizeof(nt_chal_resp)); @@ -445,7 +448,7 @@ uint32_t gssntlm_init_sec_context(uint32_t *minor_status, cb.data = input_chan_bindings->application_data.value; } - retmin = ntlm_process_target_info(ctx->ntlm, + retmin = ntlm_process_target_info(ctx->ntlm, protect, &target_info, server_name, &cb, &client_target_info, @@ -600,7 +603,7 @@ uint32_t gssntlm_init_sec_context(uint32_t *minor_status, } } - if (in_flags & (NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_SEAL)) { + if (protect) { retmin = ntlm_signseal_keys(in_flags, true, &ctx->exported_session_key, &ctx->send.sign_key, @@ -796,7 +796,7 @@ done: return ret; } -int ntlm_process_target_info(struct ntlm_ctx *ctx, +int ntlm_process_target_info(struct ntlm_ctx *ctx, bool protect, struct ntlm_buffer *in, const char *server, struct ntlm_buffer *unhashed_cb, @@ -825,6 +825,13 @@ int ntlm_process_target_info(struct ntlm_ctx *ctx, &av_flags, &srv_time, NULL, NULL); if (ret) goto done; + if (protect && + (!nb_computer_name || nb_computer_name[0] == '\0' || + !nb_domain_name || nb_domain_name[0] == '\0')) { + ret = EINVAL; + goto done; + } + if (server && av_target_name) { if (strcasecmp(server, av_target_name) != 0) { ret = EINVAL; @@ -536,6 +536,7 @@ int ntlm_decode_target_info(struct ntlm_ctx *ctx, struct ntlm_buffer *buffer, * @brief A utility function to process a target_info structure * * @param ctx The ntlm context + * @param protect Set if signing or sealing has been requested * @param in A ntlm_buffer containing the received info * @param server The Client Supplied Server Name if available * @param unhashed_cb A ntlm_buffer with channel binding data @@ -547,7 +548,7 @@ int ntlm_decode_target_info(struct ntlm_ctx *ctx, struct ntlm_buffer *buffer, * * @return 0 if everyting parses correctly, or an error code */ -int ntlm_process_target_info(struct ntlm_ctx *ctx, +int ntlm_process_target_info(struct ntlm_ctx *ctx, bool protect, struct ntlm_buffer *in, const char *server, struct ntlm_buffer *unhashed_cb, |