| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
This structure keeps the crypto state closer to the crypto routines.
|
| |
|
|
|
| |
Avoids the look of magic numbers everywhere, and give some useful
context to the code reader
|
| | |
|
| |
|
|
|
| |
At LM_COMPAT_LEVEL 0 there is no exteded security and initial
sealing keys are 8 byte long.
|
| |
|
|
| |
ntlm_unseal should be symmetric to ntlm_seal
|
| |
|
|
|
|
| |
NTLMSSP_REQUEST_NON_NT_SESSION_KEY is not in itself incompatble with
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY, although it is only used
is Extended Security is not Negotiated.
|
| |
|
|
|
| |
This is needed when NTLMSSP_NEGOTIATE_LM_KEY is used at lower,
LM_COMPTE_LEVEL (eg, level 0) by a client and NTLMv1 auth.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Uses the fully qualified name and falls back to simple user name and
calls getpwnam_r() to resolve a local name. If the user is not known
to the nsswitch subsystme it returns a failure.
|
| |
|
|
|
|
|
| |
In the GSS_C_ACCEPT (acceptor/server) case we would end up segfalting
if no name was provided. Instead allow a null desired_name and load
the default server name if none is passed in, just like
gss_accept_sec_context() does i this case.
|
| |
|
|
|
| |
Just discard the const and silence the warnings, where safe;
rework assignments were possible.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As agreed with MIT people, add an inquire mechanism that serves 2 roles.
On the one hand, if the spnego mechanism makes this call at all it means
it is recent enough to support forcing the mechlistMIC on if we create
an Authenticate message MIC. So remove the environment variable and
instead depend on the SPNEGO layer to call this function before the
Authenticate token is generated (usually right after the Negotiate token
has been produced).
On the other hand if this function has been called assume SPNEGO will
call again right after the authenticate message has been genrated to
know whether the mechlistMIC needs to be added.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The environment variable NTLMSSP_ENABLE_MIC will enable setting the MIC if
requested by the server when it is set to '1'.
It is disabled by default because it works only with a patched SPNEGO library
that will always set the mechlistMIC on the authenticate packet if we report
that integrity is enabled.
If the libray is unpatched it has also been observed that Firefox will go in
an infinite authentication loop while it keeps trying to make requests that are
always denied.
|
| |
|
|
|
|
|
|
| |
MS-NLMP prescribes in 3.2.5.1.1 that the server should send the
NetbIOS Domain name if joined to a domain or the NetBIOS computer
name if standalone. Never the DNS computer name.
Also do not add a target_name entry in the target_info field, it is
not required and Windows does not do that.
|
| |
|
|
|
|
| |
MS-NLMP 3.1.5.1.2 says a client must fail to communicate if NTLMv2
is used, Integrity or Confidentiality are required and NetBIOS Computer
or Domain Name are not present in the Challenge message from the server.
|
| |
|
|
|
|
|
|
|
|
| |
These are necessary by spec (MS-NLMP 3.1.5.1.2) if the server
sends a target_info field in the challenge message, which we do.
Uses environment variables NETBIOS_COMPUTER_NAME and NETBIOS_DOMAIN_NAME
to set NetBIOS data. If they are not available the server name truncated
to the first '.' (if any) will be used and the domain is set to the
generic "WORKGROUP" name.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Gets the target_info structure from the NT Response (if any is available)
and extract the av_flags.
If the appropriate flag is set verify the MIC previously extracted.
|
| |
|
|
|
|
|
|
|
| |
The target_info structure embedded in the NT Response message in NTLMv2
contains information needed to establish if the client has sent a valid
MIC. So we need to extract and return it if the caller requested it.
Also moves some wire structures definitions in common to be able to
reuse them.
|
| |
|
|
|
| |
If integrity is requested by any party then the MIC, if requested by the
server will be generated, otherwise it will not be.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Target_info can be optional, but it conflicts with channel bindings being
requesed.
|
| |
|
|
|
|
|
|
|
| |
Thi re-encoded the target_info structure at the client side adding
additional provisions of MS-NLMP 3.1.5.2.1
That is:
- generate indication that a MIC is requested by the server
- add ClientSuppliedTargetName data
|
| |
|
|
| |
This is useufl to use test vetors w/o altering them
|
| | |
|
| |
|
|
|
|
|
| |
The calculation was right but some unnecessary assignments were left
from a previous version.
Also make the length computation more obvious.
|
| |
|
|
|
|
| |
wire_lm_response is just the same thing as wire_ntlm_response, the
only difference is how cli_chal is defined but it is not important
from a usage p[oint of view.
|
| |
|
|
| |
It is never and should never be touched so const char * is better.
|
| |
|
|
|
| |
If the client allows only 128bit security but the server does not offer
it, then fail the authentication.
|
| |
|
|
|
|
|
|
|
|
|
| |
If a server send a target_info field in a challenge message it means
it does not need nor want a LM Response.
See also MS-NLMP 3.1.5.1.2
The authenticate message must alwyas send a lm_chalresp and a nt_chalresp
fields in the header but they will be simply zero length, yet the payload
pointer must point to the valid payload area. (Windows server fail
authentication if the LM Response buffer offset is zero).
|
| |
|
|
|
| |
MS-NLMP 3.1.5.1.1 recommends to set the extended session security flag
if LM authentication is not going to be used.
|
| |
|
|
|
|
| |
Missed to see that the server set timestamp and flags.
This was preventing MICs from being generated from the client among other
things.
|
| |
|
|
|
|
|
| |
The calling application may want to check what flags were actually
negotiated.
Spnego also depends on the mechanism properly returning flags when
integrity is negotiated for MIC purposes.
|
| | |
|
| |
|
|
| |
It was off by a factor of 10
|
| |
|
|
|
|
|
|
|
|
|
| |
The init context function was improperly initializing the ctx variable (too
late) when some early error conditions can happen. Therefore passing to the
delete context function a random memory address it would then try to free.
This wuld cause a SEGFAULT in most cases.
Additionally unfortunately iconv_close() does not follow good practices and
blindignly dereferences data, even if the passed in pointer is NULL.
So add a check before calling.
|
| | |
|
| | |
|
| |
|
|
| |
Easier to use from clients this way.
|
| | |
|
| |
|
|
|
| |
The Export format version is set to 0.1
Long term keys are not exported.
|
| | |
|
| |
|
|
|
| |
This makes it much easier to export/import the crypto state.
In preparation for implemeting import/export of context.
|
