| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
| |
Gets the target_info structure from the NT Response (if any is available)
and extract the av_flags.
If the appropriate flag is set verify the MIC previously extracted.
|
|
|
|
|
|
|
|
|
| |
The target_info structure embedded in the NT Response message in NTLMv2
contains information needed to establish if the client has sent a valid
MIC. So we need to extract and return it if the caller requested it.
Also moves some wire structures definitions in common to be able to
reuse them.
|
|
|
|
|
| |
If integrity is requested by any party then the MIC, if requested by the
server will be generated, otherwise it will not be.
|
| |
|
|
|
|
|
| |
Target_info can be optional, but it conflicts with channel bindings being
requesed.
|
| |
|
|
|
|
|
| |
If the client allows only 128bit security but the server does not offer
it, then fail the authentication.
|
|
|
|
|
|
|
|
|
|
|
| |
If a server send a target_info field in a challenge message it means
it does not need nor want a LM Response.
See also MS-NLMP 3.1.5.1.2
The authenticate message must alwyas send a lm_chalresp and a nt_chalresp
fields in the header but they will be simply zero length, yet the payload
pointer must point to the valid payload area. (Windows server fail
authentication if the LM Response buffer offset is zero).
|
|
|
|
|
| |
MS-NLMP 3.1.5.1.1 recommends to set the extended session security flag
if LM authentication is not going to be used.
|
|
|
|
|
|
|
| |
The calling application may want to check what flags were actually
negotiated.
Spnego also depends on the mechanism properly returning flags when
integrity is negotiated for MIC purposes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The init context function was improperly initializing the ctx variable (too
late) when some early error conditions can happen. Therefore passing to the
delete context function a random memory address it would then try to free.
This wuld cause a SEGFAULT in most cases.
Additionally unfortunately iconv_close() does not follow good practices and
blindignly dereferences data, even if the passed in pointer is NULL.
So add a check before calling.
|
|
|
|
|
| |
The Export format version is set to 0.1
Long term keys are not exported.
|
|
|
|
|
|
|
|
| |
Free RC4 state if any
Free workstations tring if any
Also make sure to safely zero the struct before freeing to avoid leaking any
key material.
|
|
|
|
|
| |
There is no need to copy creds around, they are always available
or retrievable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In NTLMSSP connectionless mode applications are supposed to provide the
sequence number, however GSSAPI's get_mic and verify_mic functions do
not allow to pass an explicit sequence number.
Allow to override the context sequence numbers using a custom oid and
implemnting gss_set_sec_context_option()
Allows the operation only if the context is in connectionless mode.
|
|
|
|
|
| |
This needs a new GSSAPI flag, for now grab a number and define
GSS_C_DATAGRAM_FLAG ourselves.
|
|
|
|
|
|
|
|
|
| |
Fix segafult in NTOWFv2. When domain is NULL it is just omitted from the
NTOWFv2 computation.
Fix segfault in accept_sec_context, just make dom_name be an empty string.
Fix also memory leaks.
|
|
|
|
| |
Also add source and target names to the context.
|
|
|
|
| |
For now works only for satndalone server with access to a password file.
|
|
|
|
| |
Also stop associating it with th creds struct.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Check Maxlife for challenge response messages.
Also add a Maximum lifetime for the context itself based on the
same challene/response maximum life.
According to MS-NLMP MaxLifetime is 36h on modern Windows OSs, use
the same for now.
|
| |
|
|
Implements init sec context and basic mechanism initialization.
|