summaryrefslogtreecommitdiffstats
path: root/src/ntlm.c
Commit message (Collapse)AuthorAgeFilesLines
* Add support for setting CBT in the clientSimo Sorce2014-05-041-1/+9
|
* Return target_info from ntlm_decode_auth_msgSimo Sorce2014-05-041-0/+22
| | | | | | | | | The target_info structure embedded in the NT Response message in NTLMv2 contains information needed to establish if the client has sent a valid MIC. So we need to extract and return it if the caller requested it. Also moves some wire structures definitions in common to be able to reuse them.
* Make MIC conditional on integrity being requestedSimo Sorce2014-05-041-1/+1
| | | | | If integrity is requested by any party then the MIC, if requested by the server will be generated, otherwise it will not be.
* Compute MIC in the client when requestedSimo Sorce2014-05-041-1/+4
|
* Add function to verify MICsSimo Sorce2014-05-041-46/+0
|
* Augment target_info processing with a utilitySimo Sorce2014-05-041-0/+68
| | | | | | | | | Thi re-encoded the target_info structure at the client side adding additional provisions of MS-NLMP 3.1.5.2.1 That is: - generate indication that a MIC is requested by the server - add ClientSuppliedTargetName data
* Add internal facility to override standard versionSimo Sorce2014-05-041-8/+19
| | | | This is useufl to use test vetors w/o altering them
* Change input parameter to be constSimo Sorce2014-05-041-1/+1
| | | | It is never and should never be touched so const char * is better.
* Do not send LM Response on auth to modern serversSimo Sorce2014-05-041-10/+13
| | | | | | | | | | | If a server send a target_info field in a challenge message it means it does not need nor want a LM Response. See also MS-NLMP 3.1.5.1.2 The authenticate message must alwyas send a lm_chalresp and a nt_chalresp fields in the header but they will be simply zero length, yet the payload pointer must point to the valid payload area. (Windows server fail authentication if the LM Response buffer offset is zero).
* Fix missing assignments in ntlm_decode_target_infoSimo Sorce2014-05-041-2/+4
| | | | | | Missed to see that the server set timestamp and flags. This was preventing MICs from being generated from the client among other things.
* Fix epoch valueSimo Sorce2014-04-121-1/+1
| | | | It was off by a factor of 10
* Fix segfault in init context.Simo Sorce2014-01-261-4/+9
| | | | | | | | | | | The init context function was improperly initializing the ctx variable (too late) when some early error conditions can happen. Therefore passing to the delete context function a random memory address it would then try to free. This wuld cause a SEGFAULT in most cases. Additionally unfortunately iconv_close() does not follow good practices and blindignly dereferences data, even if the passed in pointer is NULL. So add a check before calling.
* Add support for NTLMv1 Signing and SealingSimo Sorce2013-10-231-17/+0
| | | | Including tests to verify conformance to MS-NLMP
* Basic implementation of accept_sec_contextSimo Sorce2013-08-181-2/+8
| | | | For now works only for satndalone server with access to a password file.
* Fix message type checkSimo Sorce2013-07-281-4/+0
|
* Fix target_info length calculationSimo Sorce2013-07-281-10/+10
| | | | | The size of the AV filed itself was missing for each field resulting in a shorter than needed buffer size.
* Implement credential handlingSimo Sorce2013-07-181-0/+20
|
* NTLM Crypto functionsSimo Sorce2013-07-181-28/+0
| | | | Adds crypto function helpers needed by NTLM authentication
* Initial NTLM message parsing librarySimo Sorce2013-07-161-0/+1387
Implements functions to encode/decode NTLMSSP packets
generated by cgit (git 2.34.1) at 2024-09-24 10:51:40 +0000