summaryrefslogtreecommitdiff
path: root/source
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>2000-01-08 15:29:56 +0000
committerLuke Leighton <lkcl@samba.org>2000-01-08 15:29:56 +0000
commit6ff1caf26e0c72243f73b31a13837477447bf690 (patch)
tree45781fd9c6cc99f626e5644652e7791c21a27e07 /source
parent34adb1fd5cf9bba89a380a0b42408ea06574b3ac (diff)
downloadsamba-6ff1caf26e0c72243f73b31a13837477447bf690.tar.gz
split ntlmssp coding/decoding off into separate module, including headers.
Diffstat (limited to 'source')
-rw-r--r--source/Makefile.in1
-rw-r--r--source/include/ntdomain.h12
-rw-r--r--source/include/proto.h27
-rw-r--r--source/include/rpc_dce.h100
-rw-r--r--source/include/rpc_ntlmssp.h131
-rw-r--r--source/rpc_parse/parse_ntlmssp.c434
-rw-r--r--source/rpc_parse/parse_rpc.c406
-rw-r--r--source/rpc_server/srv_pipe_noauth.c1
-rw-r--r--source/rpc_server/srv_pipe_ntlmssp.c6
-rw-r--r--source/rpc_server/srv_pipe_srv.c5
10 files changed, 614 insertions, 509 deletions
diff --git a/source/Makefile.in b/source/Makefile.in
index f5ad262061c..c71ebb1278f 100644
--- a/source/Makefile.in
+++ b/source/Makefile.in
@@ -160,6 +160,7 @@ RPC_PARSE_OBJ1 = rpc_parse/parse_lsa.o \
RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o \
rpc_parse/parse_prs.o \
+ rpc_parse/parse_ntlmssp.o \
rpc_parse/parse_misc.o \
rpc_parse/parse_creds.o \
rpc_parse/parse_sec.o \
diff --git a/source/include/ntdomain.h b/source/include/ntdomain.h
index c2f6ca6bdb1..dd91341ee2c 100644
--- a/source/include/ntdomain.h
+++ b/source/include/ntdomain.h
@@ -28,6 +28,9 @@
/* dce/rpc support */
#include "rpc_dce.h"
+/* dce/rpc authentication support */
+#include "rpc_ntlmssp.h"
+
/* miscellaneous structures / defines */
#include "rpc_misc.h"
@@ -124,14 +127,17 @@ struct cli_connection;
typedef struct cli_auth_fns
{
+ /* these three will do for now. they *should* match with server-side */
BOOL (*create_bind_req)(struct cli_connection *, prs_struct *,
uint32, RPC_IFACE *, RPC_IFACE *);
BOOL (*decode_bind_resp)(struct cli_connection *, prs_struct *);
BOOL (*create_bind_cont)(struct cli_connection *, prs_struct *,
uint32);
+ /* creates an authenticated PDU */
BOOL (*cli_create_pdu)(struct cli_connection *, uint8,
prs_struct *, int, int*,
prs_struct *, uint8 *);
+ /* decodes an authenticated PDU */
BOOL (*cli_decode_pdu)(struct cli_connection *, prs_struct *,
int, int);
@@ -139,9 +145,15 @@ typedef struct cli_auth_fns
typedef struct srv_auth_fns
{
+ BOOL (*api_is_auth)(RPC_HDR_AUTH*);
+
+ /* state-based authentication: one to decode, one to generate */
BOOL (*api_auth_chk)(rpcsrv_struct *, enum RPC_PKT_TYPE);
BOOL (*api_auth_gen)(rpcsrv_struct *, prs_struct *, enum RPC_PKT_TYPE);
+
+ /* decodes an authenticated PDU */
BOOL (*api_decode_pdu)(rpcsrv_struct *);
+ /* creates an authenticated PDU */
BOOL (*api_create_pdu)(rpcsrv_struct *, uint32, prs_struct *);
} srv_auth_fns;
diff --git a/source/include/proto.h b/source/include/proto.h
index f75d1f3984c..b807eaf855f 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -2869,6 +2869,33 @@ BOOL make_sam_account_info(SAM_ACCOUNT_INFO *info, char *user_name,
BOOL net_io_r_sam_sync(char *desc, uint8 sess_key[16],
NET_R_SAM_SYNC *r_s, prs_struct *ps, int depth);
+/*The following definitions come from rpc_parse/parse_ntlmssp.c */
+
+BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai);
+BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav,
+ char *signature, uint32 msg_type);
+BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav,
+ char *signature, uint32 msg_type);
+BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth);
+BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
+ uint32 neg_flgs,
+ fstring myname, fstring domain);
+BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth);
+BOOL make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl,
+ uint32 neg_flags,
+ uint8 challenge[8]);
+BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth);
+BOOL make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
+ uchar lm_resp[24],
+ uchar *nt_resp, size_t nt_len,
+ char *domain, char *user, char *wks,
+ uint32 neg_flags);
+BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth);
+BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num);
+BOOL make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
+ uint32 ver, uint32 crc32, uint32 seq_num);
+BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth);
+
/*The following definitions come from rpc_parse/parse_prs.c */
void prs_debug(prs_struct *ps, int depth, char *desc, char *fn_name);
diff --git a/source/include/rpc_dce.h b/source/include/rpc_dce.h
index 52544ac6422..7ad145db822 100644
--- a/source/include/rpc_dce.h
+++ b/source/include/rpc_dce.h
@@ -45,36 +45,6 @@ enum RPC_PKT_TYPE
#define RPC_FLG_LAST 0x02
#define RPC_FLG_NOCALL 0x20
-/* NTLMSSP message types */
-enum NTLM_MESSAGE_TYPE
-{
- NTLMSSP_NEGOTIATE = 1,
- NTLMSSP_CHALLENGE = 2,
- NTLMSSP_AUTH = 3,
- NTLMSSP_UNKNOWN = 4
-};
-
-/* NTLMSSP negotiation flags */
-#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
-#define NTLMSSP_NEGOTIATE_OEM 0x00000002
-#define NTLMSSP_REQUEST_TARGET 0x00000004
-#define NTLMSSP_NEGOTIATE_SIGN 0x00000010
-#define NTLMSSP_NEGOTIATE_SEAL 0x00000020
-#define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080
-#define NTLMSSP_NEGOTIATE_00000100 0x00000100
-#define NTLMSSP_NEGOTIATE_NTLM 0x00000200
-#define NTLMSSP_NEGOTIATE_00000400 0x00000400
-#define NTLMSSP_NEGOTIATE_00001000 0x00001000
-#define NTLMSSP_NEGOTIATE_00002000 0x00002000
-#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000
-#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000
-#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000
-#define NTLMSSP_NEGOTIATE_128 0x20000000
-#define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000
-
-/* NTLMSSP signature version */
-#define NTLMSSP_SIGN_VERSION 0x01
-
/* RPC_IFACE */
typedef struct rpc_iface_info
@@ -226,75 +196,5 @@ typedef struct rpc_hdr_ba_info
} RPC_HDR_BA;
-/* RPC_AUTH_NTLMSSP_VERIFIER */
-typedef struct rpc_auth_ntlmssp_verif_info
-{
- fstring signature; /* "NTLMSSP" */
- uint32 msg_type; /* NTLMSSP_MESSAGE_TYPE (1,2,3) */
-
-} RPC_AUTH_NTLMSSP_VERIFIER;
-
-/* this is TEMPORARILY coded up as a specific structure */
-/* this structure comes after the bind request */
-/* RPC_AUTH_NTLMSSP_NEG */
-typedef struct rpc_auth_ntlmssp_neg_info
-{
- uint32 neg_flgs; /* 0x0000 b2b3 */
-
- STRHDR hdr_myname; /* offset is against START of this structure */
- STRHDR hdr_domain; /* offset is against START of this structure */
-
- fstring myname; /* calling workstation's name */
- fstring domain; /* calling workstations's domain */
-
-} RPC_AUTH_NTLMSSP_NEG;
-
-/* this is TEMPORARILY coded up as a specific structure */
-/* this structure comes after the bind acknowledgement */
-/* RPC_AUTH_NTLMSSP_CHAL */
-typedef struct rpc_auth_ntlmssp_chal_info
-{
- uint32 unknown_1; /* 0x0000 0000 */
- uint32 unknown_2; /* 0x0000 0028 */
- uint32 neg_flags; /* 0x0000 82b1 */
-
- uint8 challenge[8]; /* ntlm challenge */
- uint8 reserved [8]; /* zeros */
-
-} RPC_AUTH_NTLMSSP_CHAL;
-
-
-/* RPC_AUTH_NTLMSSP_RESP */
-typedef struct rpc_auth_ntlmssp_resp_info
-{
- STRHDR hdr_lm_resp; /* LM response (NULL or 24 bytes) */
- STRHDR hdr_nt_resp; /* NT response (NULL, 24 or variable-length) */
- STRHDR hdr_domain;
- STRHDR hdr_usr;
- STRHDR hdr_wks;
- STRHDR hdr_sess_key; /* NULL unless negotiated */
- uint32 neg_flags; /* 0x0000 82b1 */
-
- fstring sess_key;
- fstring wks;
- fstring user;
- fstring domain;
- fstring nt_resp;
- fstring lm_resp;
-
-} RPC_AUTH_NTLMSSP_RESP;
-
-
-/* attached to the end of encrypted rpc requests and responses */
-/* RPC_AUTH_NTLMSSP_CHK */
-typedef struct rpc_auth_ntlmssp_chk_info
-{
- uint32 ver; /* 0x0000 0001 */
- uint32 reserved;
- uint32 crc32; /* checksum using 0xEDB8 8320 as a polynomial */
- uint32 seq_num;
-
-} RPC_AUTH_NTLMSSP_CHK;
-
#endif /* _DCE_RPC_H */
diff --git a/source/include/rpc_ntlmssp.h b/source/include/rpc_ntlmssp.h
new file mode 100644
index 00000000000..7ac6ce71b53
--- /dev/null
+++ b/source/include/rpc_ntlmssp.h
@@ -0,0 +1,131 @@
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _RPC_NTLMSSP_H /* RPC_NTLMSSP_H */
+#define RPC_NTLMSSP_H
+
+#include "rpc_misc.h" /* this only pulls in STRHDR */
+
+/* NTLMSSP message types */
+enum NTLM_MESSAGE_TYPE
+{
+ NTLMSSP_NEGOTIATE = 1,
+ NTLMSSP_CHALLENGE = 2,
+ NTLMSSP_AUTH = 3,
+ NTLMSSP_UNKNOWN = 4
+};
+
+/* NTLMSSP negotiation flags */
+#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
+#define NTLMSSP_NEGOTIATE_OEM 0x00000002
+#define NTLMSSP_REQUEST_TARGET 0x00000004
+#define NTLMSSP_NEGOTIATE_SIGN 0x00000010
+#define NTLMSSP_NEGOTIATE_SEAL 0x00000020
+#define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080
+#define NTLMSSP_NEGOTIATE_00000100 0x00000100
+#define NTLMSSP_NEGOTIATE_NTLM 0x00000200
+#define NTLMSSP_NEGOTIATE_00000400 0x00000400
+#define NTLMSSP_NEGOTIATE_00001000 0x00001000
+#define NTLMSSP_NEGOTIATE_00002000 0x00002000
+#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000
+#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000
+#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000
+#define NTLMSSP_NEGOTIATE_128 0x20000000
+#define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000
+
+/* NTLMSSP signature version */
+#define NTLMSSP_SIGN_VERSION 0x01
+
+
+/* RPC_AUTH_NTLMSSP_VERIFIER */
+typedef struct rpc_auth_ntlmssp_verif_info
+{
+ fstring signature; /* "NTLMSSP" */
+ uint32 msg_type; /* NTLMSSP_MESSAGE_TYPE (1,2,3) */
+
+} RPC_AUTH_NTLMSSP_VERIFIER;
+
+/* this is TEMPORARILY coded up as a specific structure */
+/* this structure comes after the bind request */
+/* RPC_AUTH_NTLMSSP_NEG */
+typedef struct rpc_auth_ntlmssp_neg_info
+{
+ uint32 neg_flgs; /* 0x0000 b2b3 */
+
+ STRHDR hdr_myname; /* offset is against START of this structure */
+ STRHDR hdr_domain; /* offset is against START of this structure */
+
+ fstring myname; /* calling workstation's name */
+ fstring domain; /* calling workstations's domain */
+
+} RPC_AUTH_NTLMSSP_NEG;
+
+/* this is TEMPORARILY coded up as a specific structure */
+/* this structure comes after the bind acknowledgement */
+/* RPC_AUTH_NTLMSSP_CHAL */
+typedef struct rpc_auth_ntlmssp_chal_info
+{
+ uint32 unknown_1; /* 0x0000 0000 */
+ uint32 unknown_2; /* 0x0000 0028 */
+ uint32 neg_flags; /* 0x0000 82b1 */
+
+ uint8 challenge[8]; /* ntlm challenge */
+ uint8 reserved [8]; /* zeros */
+
+} RPC_AUTH_NTLMSSP_CHAL;
+
+
+/* RPC_AUTH_NTLMSSP_RESP */
+typedef struct rpc_auth_ntlmssp_resp_info
+{
+ STRHDR hdr_lm_resp; /* LM response (NULL or 24 bytes) */
+ STRHDR hdr_nt_resp; /* NT response (NULL, 24 or variable-length) */
+ STRHDR hdr_domain;
+ STRHDR hdr_usr;
+ STRHDR hdr_wks;
+ STRHDR hdr_sess_key; /* NULL unless negotiated */
+ uint32 neg_flags; /* 0x0000 82b1 */
+
+ fstring sess_key;
+ fstring wks;
+ fstring user;
+ fstring domain;
+ fstring nt_resp;
+ fstring lm_resp;
+
+} RPC_AUTH_NTLMSSP_RESP;
+
+
+/* attached to the end of encrypted rpc requests and responses */
+/* RPC_AUTH_NTLMSSP_CHK */
+typedef struct rpc_auth_ntlmssp_chk_info
+{
+ uint32 ver; /* 0x0000 0001 */
+ uint32 reserved;
+ uint32 crc32; /* checksum using 0xEDB8 8320 as a polynomial */
+ uint32 seq_num;
+
+} RPC_AUTH_NTLMSSP_CHK;
+
+#endif /* RPC_NTLMSSP_H */
+
diff --git a/source/rpc_parse/parse_ntlmssp.c b/source/rpc_parse/parse_ntlmssp.c
new file mode 100644
index 00000000000..2b063b8b36f
--- /dev/null
+++ b/source/rpc_parse/parse_ntlmssp.c
@@ -0,0 +1,434 @@
+
+/*
+ * Unix SMB/Netbios implementation.
+ * Version 1.9.
+ * RPC Pipe client / server routines
+ * Copyright (C) Andrew Tridgell 1992-1999,
+ * Copyright (C) Luke Kenneth Casson Leighton 1996-1999,
+ * Copyright (C) Paul Ashton 1997-1999.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+
+#include "includes.h"
+
+extern int DEBUGLEVEL;
+
+
+/*******************************************************************
+checks an RPC_HDR_AUTH structure.
+********************************************************************/
+BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai)
+{
+ return (rai->auth_type == 0x0a && rai->auth_level == 0x06);
+}
+
+/*******************************************************************
+checks an RPC_AUTH_NTLMSSP_VERIFIER structure.
+********************************************************************/
+BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav,
+ char *signature, uint32 msg_type)
+{
+ return (strequal(rav->signature, signature) && rav->msg_type == msg_type);
+}
+
+/*******************************************************************
+creates an RPC_AUTH_NTLMSSP_VERIFIER structure.
+********************************************************************/
+BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav,
+ char *signature, uint32 msg_type)
+{
+ if (rav == NULL) return False;
+
+ fstrcpy(rav->signature, signature); /* "NTLMSSP" */
+ rav->msg_type = msg_type; /* NTLMSSP_MESSAGE_TYPE */
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes an RPC_AUTH_NTLMSSP_VERIFIER structure.
+********************************************************************/
+BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth)
+{
+ if (rav == NULL) return False;
+
+ prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier");
+ depth++;
+
+ prs_string("signature", ps, depth, rav->signature, 0, sizeof(rav->signature)); /* "NTLMSSP" */
+ prs_uint32("msg_type ", ps, depth, &(rav->msg_type )); /* NTLMSSP_MESSAGE_TYPE */
+
+ return True;
+}
+
+/*******************************************************************
+creates an RPC_AUTH_NTLMSSP_NEG structure.
+********************************************************************/
+BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
+ uint32 neg_flgs,
+ fstring myname, fstring domain)
+{
+ int len_myname = strlen(myname);
+ int len_domain = strlen(domain);
+
+ if (neg == NULL) return False;
+
+ neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */
+
+ make_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname);
+ make_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20);
+
+ fstrcpy(neg->myname, myname);
+ fstrcpy(neg->domain, domain);
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes an RPC_AUTH_NTLMSSP_NEG structure.
+
+*** lkclXXXX HACK ALERT! ***
+
+********************************************************************/
+BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth)
+{
+ int start_offset = ps->offset;
+ if (neg == NULL) return False;
+
+ prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg");
+ depth++;
+
+ prs_uint32("neg_flgs ", ps, depth, &(neg->neg_flgs));
+
+ if (ps->io)
+ {
+ uint32 old_offset;
+
+ /* reading */
+
+ ZERO_STRUCTP(neg);
+
+ smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
+ smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
+
+ old_offset = ps->offset;
+
+ ps->offset = neg->hdr_myname .buffer + start_offset - 12;
+ prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname )));
+ old_offset += neg->hdr_myname .str_str_len;
+
+ ps->offset = neg->hdr_domain .buffer + start_offset - 12;
+ prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain )));
+ old_offset += neg->hdr_domain .str_str_len;
+
+ ps->offset = old_offset;
+ }
+ else
+ {
+ /* writing */
+ smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
+ smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
+
+ prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname )));
+ prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain )));
+ }
+
+ return True;
+}
+
+/*******************************************************************
+creates an RPC_AUTH_NTLMSSP_CHAL structure.
+********************************************************************/
+BOOL make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl,
+ uint32 neg_flags,
+ uint8 challenge[8])
+{
+ if (chl == NULL) return False;
+
+ chl->unknown_1 = 0x0;
+ chl->unknown_2 = 0x00000028;
+ chl->neg_flags = neg_flags; /* 0x0082b1 */
+
+ memcpy(chl->challenge, challenge, sizeof(chl->challenge));
+ bzero (chl->reserved , sizeof(chl->reserved));
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes an RPC_AUTH_NTLMSSP_CHAL structure.
+********************************************************************/
+BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth)
+{
+ if (chl == NULL) return False;
+
+ prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal");
+ depth++;
+
+ prs_uint32("unknown_1", ps, depth, &(chl->unknown_1)); /* 0x0000 0000 */
+ prs_uint32("unknown_2", ps, depth, &(chl->unknown_2)); /* 0x0000 b2b3 */
+ prs_uint32("neg_flags", ps, depth, &(chl->neg_flags)); /* 0x0000 82b1 */
+
+ prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge));
+ prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved ));
+
+ return True;
+}
+
+/*******************************************************************
+creates an RPC_AUTH_NTLMSSP_RESP structure.
+
+*** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
+*** lkclXXXX the actual offset is at the start of the auth verifier ***
+
+********************************************************************/
+BOOL make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
+ uchar lm_resp[24],
+ uchar *nt_resp, size_t nt_len,
+ char *domain, char *user, char *wks,
+ uint32 neg_flags)
+{
+ uint32 offset;
+ int dom_len = strlen(domain);
+ int wks_len = strlen(wks );
+ int usr_len = strlen(user );
+ int lm_len = nt_len != 0 ? (lm_resp != NULL ? 24 : 0) : 1;
+
+ DEBUG(5,("make_rpc_auth_ntlmssp_resp\n"));
+
+ if (rsp == NULL) return False;
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("lm_resp\n"));
+ if (lm_resp != NULL)
+ {
+ dump_data(100, lm_resp, lm_len);
+ }
+ DEBUG(100,("nt_resp\n"));
+ if (nt_resp != NULL)
+ {
+ dump_data(100, nt_resp, nt_len);
+ }
+#endif
+
+ DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n",
+ domain, user, wks, neg_flags));
+
+ offset = 0x40;
+
+ if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
+ {
+ dom_len *= 2;
+ wks_len *= 2;
+ usr_len *= 2;
+ }
+
+ make_str_hdr(&rsp->hdr_domain , dom_len, dom_len, offset);
+ offset += dom_len;
+
+ make_str_hdr(&rsp->hdr_usr , usr_len, usr_len, offset);
+ offset += usr_len;
+
+ make_str_hdr(&rsp->hdr_wks , wks_len, wks_len, offset);
+ offset += wks_len;
+
+ make_str_hdr(&rsp->hdr_lm_resp, lm_len , lm_len , offset);
+ offset += lm_len;
+
+ make_str_hdr(&rsp->hdr_nt_resp, nt_len , nt_len , offset);
+ offset += nt_len;
+
+ make_str_hdr(&rsp->hdr_sess_key, 0, 0, offset);
+
+ rsp->neg_flags = neg_flags;
+
+ if (lm_resp != NULL && lm_len != 1)
+ {
+ memcpy(rsp->lm_resp, lm_resp, lm_len);
+ }
+ else
+ {
+ rsp->lm_resp[0] = 0;
+ }
+ if (nt_resp != NULL)
+ {
+ memcpy(rsp->nt_resp, nt_resp, nt_len);
+ }
+ else
+ {
+ rsp->nt_resp[0] = 0;
+ }
+
+ if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
+ {
+ ascii_to_unibuf(rsp->domain, domain, sizeof(rsp->domain)-2);
+ ascii_to_unibuf(rsp->user , user , sizeof(rsp->user )-2);
+ ascii_to_unibuf(rsp->wks , wks , sizeof(rsp->wks )-2);
+ }
+ else
+ {
+ fstrcpy(rsp->domain, domain);
+ fstrcpy(rsp->user , user );
+ fstrcpy(rsp->wks , wks );
+ }
+ rsp->sess_key[0] = 0;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes an RPC_AUTH_NTLMSSP_RESP structure.
+
+*** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
+*** lkclXXXX the actual offset is at the start of the auth verifier ***
+
+********************************************************************/
+BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth)
+{
+ if (rsp == NULL) return False;
+
+ prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp");
+ depth++;
+
+ if (ps->io)
+ {
+ uint32 old_offset;
+
+ /* reading */
+
+ ZERO_STRUCTP(rsp);
+
+ smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
+ smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
+ smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
+ smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth);
+ smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth);
+ smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth);
+
+ prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
+
+ old_offset = ps->offset;
+
+ ps->offset = rsp->hdr_domain .buffer + 0xc;
+ prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
+ old_offset += rsp->hdr_domain .str_str_len;
+
+ ps->offset = rsp->hdr_usr .buffer + 0xc;
+ prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
+ old_offset += rsp->hdr_usr .str_str_len;
+
+ ps->offset = rsp->hdr_wks .buffer + 0xc;
+ prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
+ old_offset += rsp->hdr_wks .str_str_len;
+
+ ps->offset = rsp->hdr_lm_resp .buffer + 0xc;
+ prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
+ old_offset += rsp->hdr_lm_resp .str_str_len;
+
+ ps->offset = rsp->hdr_nt_resp .buffer + 0xc;
+ prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
+ old_offset += rsp->hdr_nt_resp .str_str_len;
+
+ if (rsp->hdr_sess_key.str_str_len != 0)
+ {
+ ps->offset = rsp->hdr_sess_key.buffer + 0x10;
+ old_offset += rsp->hdr_sess_key.str_str_len;
+ prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
+ }
+
+ ps->offset = old_offset;
+ }
+ else
+ {
+ /* writing */
+ smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
+ smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
+ smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
+ smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth);
+ smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth);
+ smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth);
+
+ prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
+
+ prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
+ prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
+ prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
+ prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
+ prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
+ prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
+ }
+
+ return True;
+}
+
+/*******************************************************************
+checks an RPC_AUTH_NTLMSSP_CHK structure.
+********************************************************************/
+BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num)
+{
+ if (chk == NULL)
+ {
+ return False;
+ }
+
+ if (chk->crc32 != crc32 ||
+ chk->ver != NTLMSSP_SIGN_VERSION ||
+ chk->seq_num != seq_num)
+ {
+ DEBUG(5,("verify failed - crc %x ver %x seq %d\n",
+ crc32, NTLMSSP_SIGN_VERSION, seq_num));
+ DEBUG(5,("verify expect - crc %x ver %x seq %d\n",
+ chk->crc32, chk->ver, chk->seq_num));
+ return False;
+ }
+ return True;
+}
+
+/*******************************************************************
+creates an RPC_AUTH_NTLMSSP_CHK structure.
+********************************************************************/
+BOOL make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
+ uint32 ver, uint32 crc32, uint32 seq_num)
+{
+ if (chk == NULL) return False;
+
+ chk->ver = ver ;
+ chk->reserved = 0x0;
+ chk->crc32 = crc32 ;
+ chk->seq_num = seq_num ;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes an RPC_AUTH_NTLMSSP_CHK structure.
+********************************************************************/
+BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth)
+{
+ if (chk == NULL) return False;
+
+ prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk");
+ depth++;
+
+ prs_uint32("ver ", ps, depth, &(chk->ver ));
+ prs_uint32("reserved", ps, depth, &(chk->reserved));
+ prs_uint32("crc32 ", ps, depth, &(chk->crc32 ));
+ prs_uint32("seq_num ", ps, depth, &(chk->seq_num ));
+
+ return True;
+}
+
diff --git a/source/rpc_parse/parse_rpc.c b/source/rpc_parse/parse_rpc.c
index 16636159c0c..8b26575ed12 100644
--- a/source/rpc_parse/parse_rpc.c
+++ b/source/rpc_parse/parse_rpc.c
@@ -593,14 +593,6 @@ BOOL smb_io_rpc_hdr_autha(char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int de
}
/*******************************************************************
-checks an RPC_HDR_AUTH structure.
-********************************************************************/
-BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai)
-{
- return (rai->auth_type == 0x0a && rai->auth_level == 0x06);
-}
-
-/*******************************************************************
creates an RPC_HDR_AUTH structure.
********************************************************************/
BOOL make_rpc_hdr_auth(RPC_HDR_AUTH *rai,
@@ -640,401 +632,3 @@ BOOL smb_io_rpc_hdr_auth(char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int dept
return True;
}
-/*******************************************************************
-checks an RPC_AUTH_NTLMSSP_VERIFIER structure.
-********************************************************************/
-BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav,
- char *signature, uint32 msg_type)
-{
- return (strequal(rav->signature, signature) && rav->msg_type == msg_type);
-
- return True;
-}
-
-/*******************************************************************
-creates an RPC_AUTH_NTLMSSP_VERIFIER structure.
-********************************************************************/
-BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav,
- char *signature, uint32 msg_type)
-{
- if (rav == NULL) return False;
-
- fstrcpy(rav->signature, signature); /* "NTLMSSP" */
- rav->msg_type = msg_type; /* NTLMSSP_MESSAGE_TYPE */
-
- return True;
-}
-
-/*******************************************************************
-reads or writes an RPC_AUTH_NTLMSSP_VERIFIER structure.
-********************************************************************/
-BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth)
-{
- if (rav == NULL) return False;
-
- prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier");
- depth++;
-
- prs_string("signature", ps, depth, rav->signature, 0, sizeof(rav->signature)); /* "NTLMSSP" */
- prs_uint32("msg_type ", ps, depth, &(rav->msg_type )); /* NTLMSSP_MESSAGE_TYPE */
-
- return True;
-}
-
-/*******************************************************************
-creates an RPC_AUTH_NTLMSSP_NEG structure.
-********************************************************************/
-BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
- uint32 neg_flgs,
- fstring myname, fstring domain)
-{
- int len_myname = strlen(myname);
- int len_domain = strlen(domain);
-
- if (neg == NULL) return False;
-
- neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */
-
- make_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname);
- make_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20);
-
- fstrcpy(neg->myname, myname);
- fstrcpy(neg->domain, domain);
-
- return True;
-}
-
-/*******************************************************************
-reads or writes an RPC_AUTH_NTLMSSP_NEG structure.
-
-*** lkclXXXX HACK ALERT! ***
-
-********************************************************************/
-BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth)
-{
- int start_offset = ps->offset;
- if (neg == NULL) return False;
-
- prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg");
- depth++;
-
- prs_uint32("neg_flgs ", ps, depth, &(neg->neg_flgs));
-
- if (ps->io)
- {
- uint32 old_offset;
-
- /* reading */
-
- ZERO_STRUCTP(neg);
-
- smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
- smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
-
- old_offset = ps->offset;
-
- ps->offset = neg->hdr_myname .buffer + start_offset - 12;
- prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname )));
- old_offset += neg->hdr_myname .str_str_len;
-
- ps->offset = neg->hdr_domain .buffer + start_offset - 12;
- prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain )));
- old_offset += neg->hdr_domain .str_str_len;
-
- ps->offset = old_offset;
- }
- else
- {
- /* writing */
- smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
- smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
-
- prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname )));
- prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain )));
- }
-
- return True;
-}
-
-/*******************************************************************
-creates an RPC_AUTH_NTLMSSP_CHAL structure.
-********************************************************************/
-BOOL make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl,
- uint32 neg_flags,
- uint8 challenge[8])
-{
- if (chl == NULL) return False;
-
- chl->unknown_1 = 0x0;
- chl->unknown_2 = 0x00000028;
- chl->neg_flags = neg_flags; /* 0x0082b1 */
-
- memcpy(chl->challenge, challenge, sizeof(chl->challenge));
- bzero (chl->reserved , sizeof(chl->reserved));
-
- return True;
-}
-
-/*******************************************************************
-reads or writes an RPC_AUTH_NTLMSSP_CHAL structure.
-********************************************************************/
-BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth)
-{
- if (chl == NULL) return False;
-
- prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal");
- depth++;
-
- prs_uint32("unknown_1", ps, depth, &(chl->unknown_1)); /* 0x0000 0000 */
- prs_uint32("unknown_2", ps, depth, &(chl->unknown_2)); /* 0x0000 b2b3 */
- prs_uint32("neg_flags", ps, depth, &(chl->neg_flags)); /* 0x0000 82b1 */
-
- prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge));
- prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved ));
-
- return True;
-}
-
-/*******************************************************************
-creates an RPC_AUTH_NTLMSSP_RESP structure.
-
-*** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
-*** lkclXXXX the actual offset is at the start of the auth verifier ***
-
-********************************************************************/
-BOOL make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
- uchar lm_resp[24],
- uchar *nt_resp, size_t nt_len,
- char *domain, char *user, char *wks,
- uint32 neg_flags)
-{
- uint32 offset;
- int dom_len = strlen(domain);
- int wks_len = strlen(wks );
- int usr_len = strlen(user );
- int lm_len = nt_len != 0 ? (lm_resp != NULL ? 24 : 0) : 1;
-
- DEBUG(5,("make_rpc_auth_ntlmssp_resp\n"));
-
- if (rsp == NULL) return False;
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("lm_resp\n"));
- if (lm_resp != NULL)
- {
- dump_data(100, lm_resp, lm_len);
- }
- DEBUG(100,("nt_resp\n"));
- if (nt_resp != NULL)
- {
- dump_data(100, nt_resp, nt_len);
- }
-#endif
-
- DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n",
- domain, user, wks, neg_flags));
-
- offset = 0x40;
-
- if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
- {
- dom_len *= 2;
- wks_len *= 2;
- usr_len *= 2;
- }
-
- make_str_hdr(&rsp->hdr_domain , dom_len, dom_len, offset);
- offset += dom_len;
-
- make_str_hdr(&rsp->hdr_usr , usr_len, usr_len, offset);
- offset += usr_len;
-
- make_str_hdr(&rsp->hdr_wks , wks_len, wks_len, offset);
- offset += wks_len;
-
- make_str_hdr(&rsp->hdr_lm_resp, lm_len , lm_len , offset);
- offset += lm_len;
-
- make_str_hdr(&rsp->hdr_nt_resp, nt_len , nt_len , offset);
- offset += nt_len;
-
- make_str_hdr(&rsp->hdr_sess_key, 0, 0, offset);
-
- rsp->neg_flags = neg_flags;
-
- if (lm_resp != NULL && lm_len != 1)
- {
- memcpy(rsp->lm_resp, lm_resp, lm_len);
- }
- else
- {
- rsp->lm_resp[0] = 0;
- }
- if (nt_resp != NULL)
- {
- memcpy(rsp->nt_resp, nt_resp, nt_len);
- }
- else
- {
- rsp->nt_resp[0] = 0;
- }
-
- if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
- {
- ascii_to_unibuf(rsp->domain, domain, sizeof(rsp->domain)-2);
- ascii_to_unibuf(rsp->user , user , sizeof(rsp->user )-2);
- ascii_to_unibuf(rsp->wks , wks , sizeof(rsp->wks )-2);
- }
- else
- {
- fstrcpy(rsp->domain, domain);
- fstrcpy(rsp->user , user );
- fstrcpy(rsp->wks , wks );
- }
- rsp->sess_key[0] = 0;
-
- return True;
-}
-
-/*******************************************************************
-reads or writes an RPC_AUTH_NTLMSSP_RESP structure.
-
-*** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
-*** lkclXXXX the actual offset is at the start of the auth verifier ***
-
-********************************************************************/
-BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth)
-{
- if (rsp == NULL) return False;
-
- prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp");
- depth++;
-
- if (ps->io)
- {
- uint32 old_offset;
-
- /* reading */
-
- ZERO_STRUCTP(rsp);
-
- smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
- smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
- smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
- smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth);
- smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth);
- smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth);
-
- prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
-
- old_offset = ps->offset;
-
- ps->offset = rsp->hdr_domain .buffer + 0xc;
- prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
- old_offset += rsp->hdr_domain .str_str_len;
-
- ps->offset = rsp->hdr_usr .buffer + 0xc;
- prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
- old_offset += rsp->hdr_usr .str_str_len;
-
- ps->offset = rsp->hdr_wks .buffer + 0xc;
- prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
- old_offset += rsp->hdr_wks .str_str_len;
-
- ps->offset = rsp->hdr_lm_resp .buffer + 0xc;
- prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
- old_offset += rsp->hdr_lm_resp .str_str_len;
-
- ps->offset = rsp->hdr_nt_resp .buffer + 0xc;
- prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
- old_offset += rsp->hdr_nt_resp .str_str_len;
-
- if (rsp->hdr_sess_key.str_str_len != 0)
- {
- ps->offset = rsp->hdr_sess_key.buffer + 0x10;
- old_offset += rsp->hdr_sess_key.str_str_len;
- prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
- }
-
- ps->offset = old_offset;
- }
- else
- {
- /* writing */
- smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
- smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
- smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
- smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth);
- smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth);
- smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth);
-
- prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
-
- prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
- prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
- prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
- prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
- prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
- prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
- }
-
- return True;
-}
-
-/*******************************************************************
-checks an RPC_AUTH_NTLMSSP_CHK structure.
-********************************************************************/
-BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num)
-{
- if (chk == NULL)
- {
- return False;
- }
-
- if (chk->crc32 != crc32 ||
- chk->ver != NTLMSSP_SIGN_VERSION ||
- chk->seq_num != seq_num)
- {
- DEBUG(5,("verify failed - crc %x ver %x seq %d\n",
- crc32, NTLMSSP_SIGN_VERSION, seq_num));
- DEBUG(5,("verify expect - crc %x ver %x seq %d\n",
- chk->crc32, chk->ver, chk->seq_num));
- return False;
- }
- return True;
-}
-
-/*******************************************************************
-creates an RPC_AUTH_NTLMSSP_CHK structure.
-********************************************************************/
-BOOL make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
- uint32 ver, uint32 crc32, uint32 seq_num)
-{
- if (chk == NULL) return False;
-
- chk->ver = ver ;
- chk->reserved = 0x0;
- chk->crc32 = crc32 ;
- chk->seq_num = seq_num ;
-
- return True;
-}
-
-/*******************************************************************
-reads or writes an RPC_AUTH_NTLMSSP_CHK structure.
-********************************************************************/
-BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth)
-{
- if (chk == NULL) return False;
-
- prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk");
- depth++;
-
- prs_uint32("ver ", ps, depth, &(chk->ver ));
- prs_uint32("reserved", ps, depth, &(chk->reserved));
- prs_uint32("crc32 ", ps, depth, &(chk->crc32 ));
- prs_uint32("seq_num ", ps, depth, &(chk->seq_num ));
-
- return True;
-}
-
diff --git a/source/rpc_server/srv_pipe_noauth.c b/source/rpc_server/srv_pipe_noauth.c
index 190ab37f303..305957defb4 100644
--- a/source/rpc_server/srv_pipe_noauth.c
+++ b/source/rpc_server/srv_pipe_noauth.c
@@ -177,6 +177,7 @@ static BOOL api_noauth_decode_pdu(rpcsrv_struct *l)
srv_auth_fns noauth_fns =
{
+ NULL,
api_noauth_auth_chk,
api_noauth_auth_gen,
api_noauth_decode_pdu,
diff --git a/source/rpc_server/srv_pipe_ntlmssp.c b/source/rpc_server/srv_pipe_ntlmssp.c
index 9405b452326..d5d1da0304a 100644
--- a/source/rpc_server/srv_pipe_ntlmssp.c
+++ b/source/rpc_server/srv_pipe_ntlmssp.c
@@ -606,8 +606,14 @@ static BOOL api_ntlmssp_decode_pdu(rpcsrv_struct *l)
return True;
}
+static BOOL api_ntlmssp_hdr_chk(RPC_HDR_AUTH *auth_info)
+{
+ return rpc_hdr_ntlmssp_auth_chk(auth_info);
+}
+
srv_auth_fns ntlmssp_fns =
{
+ api_ntlmssp_hdr_chk,
api_ntlmssp_auth_chk,
api_ntlmssp_auth_gen,
api_ntlmssp_decode_pdu,
diff --git a/source/rpc_server/srv_pipe_srv.c b/source/rpc_server/srv_pipe_srv.c
index e1f2b1d9988..fe514bdb866 100644
--- a/source/rpc_server/srv_pipe_srv.c
+++ b/source/rpc_server/srv_pipe_srv.c
@@ -226,15 +226,14 @@ static BOOL srv_pipe_bind_and_alt_req(rpcsrv_struct *l,
if (l->hdr.auth_len != 0)
{
RPC_HDR_AUTH auth_info;
+ extern srv_auth_fns ntlmssp_fns;
/* decode the authentication verifier */
smb_io_rpc_hdr_auth ("", &auth_info , &l->data_i, 0);
if (l->data_i.offset == 0) return False;
- if (rpc_hdr_ntlmssp_auth_chk(&(auth_info)))
+ if (ntlmssp_fns.api_is_auth(&(auth_info)))
{
- extern srv_auth_fns ntlmssp_fns;
-
l->auth = &ntlmssp_fns;
l->auth_info = (void*)malloc(sizeof(ntlmssp_auth_struct));
if (l->auth_info == NULL)
View Lorry Controller Status