diff options
author | Luke Leighton <lkcl@samba.org> | 2000-01-08 15:29:56 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 2000-01-08 15:29:56 +0000 |
commit | 6ff1caf26e0c72243f73b31a13837477447bf690 (patch) | |
tree | 45781fd9c6cc99f626e5644652e7791c21a27e07 /source | |
parent | 34adb1fd5cf9bba89a380a0b42408ea06574b3ac (diff) | |
download | samba-6ff1caf26e0c72243f73b31a13837477447bf690.tar.gz |
split ntlmssp coding/decoding off into separate module, including headers.
Diffstat (limited to 'source')
-rw-r--r-- | source/Makefile.in | 1 | ||||
-rw-r--r-- | source/include/ntdomain.h | 12 | ||||
-rw-r--r-- | source/include/proto.h | 27 | ||||
-rw-r--r-- | source/include/rpc_dce.h | 100 | ||||
-rw-r--r-- | source/include/rpc_ntlmssp.h | 131 | ||||
-rw-r--r-- | source/rpc_parse/parse_ntlmssp.c | 434 | ||||
-rw-r--r-- | source/rpc_parse/parse_rpc.c | 406 | ||||
-rw-r--r-- | source/rpc_server/srv_pipe_noauth.c | 1 | ||||
-rw-r--r-- | source/rpc_server/srv_pipe_ntlmssp.c | 6 | ||||
-rw-r--r-- | source/rpc_server/srv_pipe_srv.c | 5 |
10 files changed, 614 insertions, 509 deletions
diff --git a/source/Makefile.in b/source/Makefile.in index f5ad262061c..c71ebb1278f 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -160,6 +160,7 @@ RPC_PARSE_OBJ1 = rpc_parse/parse_lsa.o \ RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o \ rpc_parse/parse_prs.o \ + rpc_parse/parse_ntlmssp.o \ rpc_parse/parse_misc.o \ rpc_parse/parse_creds.o \ rpc_parse/parse_sec.o \ diff --git a/source/include/ntdomain.h b/source/include/ntdomain.h index c2f6ca6bdb1..dd91341ee2c 100644 --- a/source/include/ntdomain.h +++ b/source/include/ntdomain.h @@ -28,6 +28,9 @@ /* dce/rpc support */ #include "rpc_dce.h" +/* dce/rpc authentication support */ +#include "rpc_ntlmssp.h" + /* miscellaneous structures / defines */ #include "rpc_misc.h" @@ -124,14 +127,17 @@ struct cli_connection; typedef struct cli_auth_fns { + /* these three will do for now. they *should* match with server-side */ BOOL (*create_bind_req)(struct cli_connection *, prs_struct *, uint32, RPC_IFACE *, RPC_IFACE *); BOOL (*decode_bind_resp)(struct cli_connection *, prs_struct *); BOOL (*create_bind_cont)(struct cli_connection *, prs_struct *, uint32); + /* creates an authenticated PDU */ BOOL (*cli_create_pdu)(struct cli_connection *, uint8, prs_struct *, int, int*, prs_struct *, uint8 *); + /* decodes an authenticated PDU */ BOOL (*cli_decode_pdu)(struct cli_connection *, prs_struct *, int, int); @@ -139,9 +145,15 @@ typedef struct cli_auth_fns typedef struct srv_auth_fns { + BOOL (*api_is_auth)(RPC_HDR_AUTH*); + + /* state-based authentication: one to decode, one to generate */ BOOL (*api_auth_chk)(rpcsrv_struct *, enum RPC_PKT_TYPE); BOOL (*api_auth_gen)(rpcsrv_struct *, prs_struct *, enum RPC_PKT_TYPE); + + /* decodes an authenticated PDU */ BOOL (*api_decode_pdu)(rpcsrv_struct *); + /* creates an authenticated PDU */ BOOL (*api_create_pdu)(rpcsrv_struct *, uint32, prs_struct *); } srv_auth_fns; diff --git a/source/include/proto.h b/source/include/proto.h index f75d1f3984c..b807eaf855f 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -2869,6 +2869,33 @@ BOOL make_sam_account_info(SAM_ACCOUNT_INFO *info, char *user_name, BOOL net_io_r_sam_sync(char *desc, uint8 sess_key[16], NET_R_SAM_SYNC *r_s, prs_struct *ps, int depth); +/*The following definitions come from rpc_parse/parse_ntlmssp.c */ + +BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai); +BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav, + char *signature, uint32 msg_type); +BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav, + char *signature, uint32 msg_type); +BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth); +BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg, + uint32 neg_flgs, + fstring myname, fstring domain); +BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth); +BOOL make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl, + uint32 neg_flags, + uint8 challenge[8]); +BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth); +BOOL make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp, + uchar lm_resp[24], + uchar *nt_resp, size_t nt_len, + char *domain, char *user, char *wks, + uint32 neg_flags); +BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth); +BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num); +BOOL make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, + uint32 ver, uint32 crc32, uint32 seq_num); +BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth); + /*The following definitions come from rpc_parse/parse_prs.c */ void prs_debug(prs_struct *ps, int depth, char *desc, char *fn_name); diff --git a/source/include/rpc_dce.h b/source/include/rpc_dce.h index 52544ac6422..7ad145db822 100644 --- a/source/include/rpc_dce.h +++ b/source/include/rpc_dce.h @@ -45,36 +45,6 @@ enum RPC_PKT_TYPE #define RPC_FLG_LAST 0x02 #define RPC_FLG_NOCALL 0x20 -/* NTLMSSP message types */ -enum NTLM_MESSAGE_TYPE -{ - NTLMSSP_NEGOTIATE = 1, - NTLMSSP_CHALLENGE = 2, - NTLMSSP_AUTH = 3, - NTLMSSP_UNKNOWN = 4 -}; - -/* NTLMSSP negotiation flags */ -#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001 -#define NTLMSSP_NEGOTIATE_OEM 0x00000002 -#define NTLMSSP_REQUEST_TARGET 0x00000004 -#define NTLMSSP_NEGOTIATE_SIGN 0x00000010 -#define NTLMSSP_NEGOTIATE_SEAL 0x00000020 -#define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080 -#define NTLMSSP_NEGOTIATE_00000100 0x00000100 -#define NTLMSSP_NEGOTIATE_NTLM 0x00000200 -#define NTLMSSP_NEGOTIATE_00000400 0x00000400 -#define NTLMSSP_NEGOTIATE_00001000 0x00001000 -#define NTLMSSP_NEGOTIATE_00002000 0x00002000 -#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000 -#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000 -#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000 -#define NTLMSSP_NEGOTIATE_128 0x20000000 -#define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000 - -/* NTLMSSP signature version */ -#define NTLMSSP_SIGN_VERSION 0x01 - /* RPC_IFACE */ typedef struct rpc_iface_info @@ -226,75 +196,5 @@ typedef struct rpc_hdr_ba_info } RPC_HDR_BA; -/* RPC_AUTH_NTLMSSP_VERIFIER */ -typedef struct rpc_auth_ntlmssp_verif_info -{ - fstring signature; /* "NTLMSSP" */ - uint32 msg_type; /* NTLMSSP_MESSAGE_TYPE (1,2,3) */ - -} RPC_AUTH_NTLMSSP_VERIFIER; - -/* this is TEMPORARILY coded up as a specific structure */ -/* this structure comes after the bind request */ -/* RPC_AUTH_NTLMSSP_NEG */ -typedef struct rpc_auth_ntlmssp_neg_info -{ - uint32 neg_flgs; /* 0x0000 b2b3 */ - - STRHDR hdr_myname; /* offset is against START of this structure */ - STRHDR hdr_domain; /* offset is against START of this structure */ - - fstring myname; /* calling workstation's name */ - fstring domain; /* calling workstations's domain */ - -} RPC_AUTH_NTLMSSP_NEG; - -/* this is TEMPORARILY coded up as a specific structure */ -/* this structure comes after the bind acknowledgement */ -/* RPC_AUTH_NTLMSSP_CHAL */ -typedef struct rpc_auth_ntlmssp_chal_info -{ - uint32 unknown_1; /* 0x0000 0000 */ - uint32 unknown_2; /* 0x0000 0028 */ - uint32 neg_flags; /* 0x0000 82b1 */ - - uint8 challenge[8]; /* ntlm challenge */ - uint8 reserved [8]; /* zeros */ - -} RPC_AUTH_NTLMSSP_CHAL; - - -/* RPC_AUTH_NTLMSSP_RESP */ -typedef struct rpc_auth_ntlmssp_resp_info -{ - STRHDR hdr_lm_resp; /* LM response (NULL or 24 bytes) */ - STRHDR hdr_nt_resp; /* NT response (NULL, 24 or variable-length) */ - STRHDR hdr_domain; - STRHDR hdr_usr; - STRHDR hdr_wks; - STRHDR hdr_sess_key; /* NULL unless negotiated */ - uint32 neg_flags; /* 0x0000 82b1 */ - - fstring sess_key; - fstring wks; - fstring user; - fstring domain; - fstring nt_resp; - fstring lm_resp; - -} RPC_AUTH_NTLMSSP_RESP; - - -/* attached to the end of encrypted rpc requests and responses */ -/* RPC_AUTH_NTLMSSP_CHK */ -typedef struct rpc_auth_ntlmssp_chk_info -{ - uint32 ver; /* 0x0000 0001 */ - uint32 reserved; - uint32 crc32; /* checksum using 0xEDB8 8320 as a polynomial */ - uint32 seq_num; - -} RPC_AUTH_NTLMSSP_CHK; - #endif /* _DCE_RPC_H */ diff --git a/source/include/rpc_ntlmssp.h b/source/include/rpc_ntlmssp.h new file mode 100644 index 00000000000..7ac6ce71b53 --- /dev/null +++ b/source/include/rpc_ntlmssp.h @@ -0,0 +1,131 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + SMB parameters and setup + Copyright (C) Andrew Tridgell 1992-1997 + Copyright (C) Luke Kenneth Casson Leighton 1996-1997 + Copyright (C) Paul Ashton 1997 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#ifndef _RPC_NTLMSSP_H /* RPC_NTLMSSP_H */ +#define RPC_NTLMSSP_H + +#include "rpc_misc.h" /* this only pulls in STRHDR */ + +/* NTLMSSP message types */ +enum NTLM_MESSAGE_TYPE +{ + NTLMSSP_NEGOTIATE = 1, + NTLMSSP_CHALLENGE = 2, + NTLMSSP_AUTH = 3, + NTLMSSP_UNKNOWN = 4 +}; + +/* NTLMSSP negotiation flags */ +#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001 +#define NTLMSSP_NEGOTIATE_OEM 0x00000002 +#define NTLMSSP_REQUEST_TARGET 0x00000004 +#define NTLMSSP_NEGOTIATE_SIGN 0x00000010 +#define NTLMSSP_NEGOTIATE_SEAL 0x00000020 +#define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080 +#define NTLMSSP_NEGOTIATE_00000100 0x00000100 +#define NTLMSSP_NEGOTIATE_NTLM 0x00000200 +#define NTLMSSP_NEGOTIATE_00000400 0x00000400 +#define NTLMSSP_NEGOTIATE_00001000 0x00001000 +#define NTLMSSP_NEGOTIATE_00002000 0x00002000 +#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000 +#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000 +#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000 +#define NTLMSSP_NEGOTIATE_128 0x20000000 +#define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000 + +/* NTLMSSP signature version */ +#define NTLMSSP_SIGN_VERSION 0x01 + + +/* RPC_AUTH_NTLMSSP_VERIFIER */ +typedef struct rpc_auth_ntlmssp_verif_info +{ + fstring signature; /* "NTLMSSP" */ + uint32 msg_type; /* NTLMSSP_MESSAGE_TYPE (1,2,3) */ + +} RPC_AUTH_NTLMSSP_VERIFIER; + +/* this is TEMPORARILY coded up as a specific structure */ +/* this structure comes after the bind request */ +/* RPC_AUTH_NTLMSSP_NEG */ +typedef struct rpc_auth_ntlmssp_neg_info +{ + uint32 neg_flgs; /* 0x0000 b2b3 */ + + STRHDR hdr_myname; /* offset is against START of this structure */ + STRHDR hdr_domain; /* offset is against START of this structure */ + + fstring myname; /* calling workstation's name */ + fstring domain; /* calling workstations's domain */ + +} RPC_AUTH_NTLMSSP_NEG; + +/* this is TEMPORARILY coded up as a specific structure */ +/* this structure comes after the bind acknowledgement */ +/* RPC_AUTH_NTLMSSP_CHAL */ +typedef struct rpc_auth_ntlmssp_chal_info +{ + uint32 unknown_1; /* 0x0000 0000 */ + uint32 unknown_2; /* 0x0000 0028 */ + uint32 neg_flags; /* 0x0000 82b1 */ + + uint8 challenge[8]; /* ntlm challenge */ + uint8 reserved [8]; /* zeros */ + +} RPC_AUTH_NTLMSSP_CHAL; + + +/* RPC_AUTH_NTLMSSP_RESP */ +typedef struct rpc_auth_ntlmssp_resp_info +{ + STRHDR hdr_lm_resp; /* LM response (NULL or 24 bytes) */ + STRHDR hdr_nt_resp; /* NT response (NULL, 24 or variable-length) */ + STRHDR hdr_domain; + STRHDR hdr_usr; + STRHDR hdr_wks; + STRHDR hdr_sess_key; /* NULL unless negotiated */ + uint32 neg_flags; /* 0x0000 82b1 */ + + fstring sess_key; + fstring wks; + fstring user; + fstring domain; + fstring nt_resp; + fstring lm_resp; + +} RPC_AUTH_NTLMSSP_RESP; + + +/* attached to the end of encrypted rpc requests and responses */ +/* RPC_AUTH_NTLMSSP_CHK */ +typedef struct rpc_auth_ntlmssp_chk_info +{ + uint32 ver; /* 0x0000 0001 */ + uint32 reserved; + uint32 crc32; /* checksum using 0xEDB8 8320 as a polynomial */ + uint32 seq_num; + +} RPC_AUTH_NTLMSSP_CHK; + +#endif /* RPC_NTLMSSP_H */ + diff --git a/source/rpc_parse/parse_ntlmssp.c b/source/rpc_parse/parse_ntlmssp.c new file mode 100644 index 00000000000..2b063b8b36f --- /dev/null +++ b/source/rpc_parse/parse_ntlmssp.c @@ -0,0 +1,434 @@ + +/* + * Unix SMB/Netbios implementation. + * Version 1.9. + * RPC Pipe client / server routines + * Copyright (C) Andrew Tridgell 1992-1999, + * Copyright (C) Luke Kenneth Casson Leighton 1996-1999, + * Copyright (C) Paul Ashton 1997-1999. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +#include "includes.h" + +extern int DEBUGLEVEL; + + +/******************************************************************* +checks an RPC_HDR_AUTH structure. +********************************************************************/ +BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai) +{ + return (rai->auth_type == 0x0a && rai->auth_level == 0x06); +} + +/******************************************************************* +checks an RPC_AUTH_NTLMSSP_VERIFIER structure. +********************************************************************/ +BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav, + char *signature, uint32 msg_type) +{ + return (strequal(rav->signature, signature) && rav->msg_type == msg_type); +} + +/******************************************************************* +creates an RPC_AUTH_NTLMSSP_VERIFIER structure. +********************************************************************/ +BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav, + char *signature, uint32 msg_type) +{ + if (rav == NULL) return False; + + fstrcpy(rav->signature, signature); /* "NTLMSSP" */ + rav->msg_type = msg_type; /* NTLMSSP_MESSAGE_TYPE */ + + return True; +} + +/******************************************************************* +reads or writes an RPC_AUTH_NTLMSSP_VERIFIER structure. +********************************************************************/ +BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth) +{ + if (rav == NULL) return False; + + prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier"); + depth++; + + prs_string("signature", ps, depth, rav->signature, 0, sizeof(rav->signature)); /* "NTLMSSP" */ + prs_uint32("msg_type ", ps, depth, &(rav->msg_type )); /* NTLMSSP_MESSAGE_TYPE */ + + return True; +} + +/******************************************************************* +creates an RPC_AUTH_NTLMSSP_NEG structure. +********************************************************************/ +BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg, + uint32 neg_flgs, + fstring myname, fstring domain) +{ + int len_myname = strlen(myname); + int len_domain = strlen(domain); + + if (neg == NULL) return False; + + neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */ + + make_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname); + make_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20); + + fstrcpy(neg->myname, myname); + fstrcpy(neg->domain, domain); + + return True; +} + +/******************************************************************* +reads or writes an RPC_AUTH_NTLMSSP_NEG structure. + +*** lkclXXXX HACK ALERT! *** + +********************************************************************/ +BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth) +{ + int start_offset = ps->offset; + if (neg == NULL) return False; + + prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg"); + depth++; + + prs_uint32("neg_flgs ", ps, depth, &(neg->neg_flgs)); + + if (ps->io) + { + uint32 old_offset; + + /* reading */ + + ZERO_STRUCTP(neg); + + smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth); + smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth); + + old_offset = ps->offset; + + ps->offset = neg->hdr_myname .buffer + start_offset - 12; + prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname ))); + old_offset += neg->hdr_myname .str_str_len; + + ps->offset = neg->hdr_domain .buffer + start_offset - 12; + prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain ))); + old_offset += neg->hdr_domain .str_str_len; + + ps->offset = old_offset; + } + else + { + /* writing */ + smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth); + smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth); + + prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname ))); + prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain ))); + } + + return True; +} + +/******************************************************************* +creates an RPC_AUTH_NTLMSSP_CHAL structure. +********************************************************************/ +BOOL make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl, + uint32 neg_flags, + uint8 challenge[8]) +{ + if (chl == NULL) return False; + + chl->unknown_1 = 0x0; + chl->unknown_2 = 0x00000028; + chl->neg_flags = neg_flags; /* 0x0082b1 */ + + memcpy(chl->challenge, challenge, sizeof(chl->challenge)); + bzero (chl->reserved , sizeof(chl->reserved)); + + return True; +} + +/******************************************************************* +reads or writes an RPC_AUTH_NTLMSSP_CHAL structure. +********************************************************************/ +BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth) +{ + if (chl == NULL) return False; + + prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal"); + depth++; + + prs_uint32("unknown_1", ps, depth, &(chl->unknown_1)); /* 0x0000 0000 */ + prs_uint32("unknown_2", ps, depth, &(chl->unknown_2)); /* 0x0000 b2b3 */ + prs_uint32("neg_flags", ps, depth, &(chl->neg_flags)); /* 0x0000 82b1 */ + + prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge)); + prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved )); + + return True; +} + +/******************************************************************* +creates an RPC_AUTH_NTLMSSP_RESP structure. + +*** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) *** +*** lkclXXXX the actual offset is at the start of the auth verifier *** + +********************************************************************/ +BOOL make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp, + uchar lm_resp[24], + uchar *nt_resp, size_t nt_len, + char *domain, char *user, char *wks, + uint32 neg_flags) +{ + uint32 offset; + int dom_len = strlen(domain); + int wks_len = strlen(wks ); + int usr_len = strlen(user ); + int lm_len = nt_len != 0 ? (lm_resp != NULL ? 24 : 0) : 1; + + DEBUG(5,("make_rpc_auth_ntlmssp_resp\n")); + + if (rsp == NULL) return False; + +#ifdef DEBUG_PASSWORD + DEBUG(100,("lm_resp\n")); + if (lm_resp != NULL) + { + dump_data(100, lm_resp, lm_len); + } + DEBUG(100,("nt_resp\n")); + if (nt_resp != NULL) + { + dump_data(100, nt_resp, nt_len); + } +#endif + + DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n", + domain, user, wks, neg_flags)); + + offset = 0x40; + + if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE)) + { + dom_len *= 2; + wks_len *= 2; + usr_len *= 2; + } + + make_str_hdr(&rsp->hdr_domain , dom_len, dom_len, offset); + offset += dom_len; + + make_str_hdr(&rsp->hdr_usr , usr_len, usr_len, offset); + offset += usr_len; + + make_str_hdr(&rsp->hdr_wks , wks_len, wks_len, offset); + offset += wks_len; + + make_str_hdr(&rsp->hdr_lm_resp, lm_len , lm_len , offset); + offset += lm_len; + + make_str_hdr(&rsp->hdr_nt_resp, nt_len , nt_len , offset); + offset += nt_len; + + make_str_hdr(&rsp->hdr_sess_key, 0, 0, offset); + + rsp->neg_flags = neg_flags; + + if (lm_resp != NULL && lm_len != 1) + { + memcpy(rsp->lm_resp, lm_resp, lm_len); + } + else + { + rsp->lm_resp[0] = 0; + } + if (nt_resp != NULL) + { + memcpy(rsp->nt_resp, nt_resp, nt_len); + } + else + { + rsp->nt_resp[0] = 0; + } + + if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE)) + { + ascii_to_unibuf(rsp->domain, domain, sizeof(rsp->domain)-2); + ascii_to_unibuf(rsp->user , user , sizeof(rsp->user )-2); + ascii_to_unibuf(rsp->wks , wks , sizeof(rsp->wks )-2); + } + else + { + fstrcpy(rsp->domain, domain); + fstrcpy(rsp->user , user ); + fstrcpy(rsp->wks , wks ); + } + rsp->sess_key[0] = 0; + + return True; +} + +/******************************************************************* +reads or writes an RPC_AUTH_NTLMSSP_RESP structure. + +*** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) *** +*** lkclXXXX the actual offset is at the start of the auth verifier *** + +********************************************************************/ +BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth) +{ + if (rsp == NULL) return False; + + prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp"); + depth++; + + if (ps->io) + { + uint32 old_offset; + + /* reading */ + + ZERO_STRUCTP(rsp); + + smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth); + smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth); + smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth); + smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth); + smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth); + smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth); + + prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */ + + old_offset = ps->offset; + + ps->offset = rsp->hdr_domain .buffer + 0xc; + prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain ))); + old_offset += rsp->hdr_domain .str_str_len; + + ps->offset = rsp->hdr_usr .buffer + 0xc; + prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user ))); + old_offset += rsp->hdr_usr .str_str_len; + + ps->offset = rsp->hdr_wks .buffer + 0xc; + prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks ))); + old_offset += rsp->hdr_wks .str_str_len; + + ps->offset = rsp->hdr_lm_resp .buffer + 0xc; + prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp ))); + old_offset += rsp->hdr_lm_resp .str_str_len; + + ps->offset = rsp->hdr_nt_resp .buffer + 0xc; + prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp ))); + old_offset += rsp->hdr_nt_resp .str_str_len; + + if (rsp->hdr_sess_key.str_str_len != 0) + { + ps->offset = rsp->hdr_sess_key.buffer + 0x10; + old_offset += rsp->hdr_sess_key.str_str_len; + prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key))); + } + + ps->offset = old_offset; + } + else + { + /* writing */ + smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth); + smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth); + smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth); + smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth); + smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth); + smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth); + + prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */ + + prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain ))); + prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user ))); + prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks ))); + prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp ))); + prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp ))); + prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key))); + } + + return True; +} + +/******************************************************************* +checks an RPC_AUTH_NTLMSSP_CHK structure. +********************************************************************/ +BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num) +{ + if (chk == NULL) + { + return False; + } + + if (chk->crc32 != crc32 || + chk->ver != NTLMSSP_SIGN_VERSION || + chk->seq_num != seq_num) + { + DEBUG(5,("verify failed - crc %x ver %x seq %d\n", + crc32, NTLMSSP_SIGN_VERSION, seq_num)); + DEBUG(5,("verify expect - crc %x ver %x seq %d\n", + chk->crc32, chk->ver, chk->seq_num)); + return False; + } + return True; +} + +/******************************************************************* +creates an RPC_AUTH_NTLMSSP_CHK structure. +********************************************************************/ +BOOL make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, + uint32 ver, uint32 crc32, uint32 seq_num) +{ + if (chk == NULL) return False; + + chk->ver = ver ; + chk->reserved = 0x0; + chk->crc32 = crc32 ; + chk->seq_num = seq_num ; + + return True; +} + +/******************************************************************* +reads or writes an RPC_AUTH_NTLMSSP_CHK structure. +********************************************************************/ +BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth) +{ + if (chk == NULL) return False; + + prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk"); + depth++; + + prs_uint32("ver ", ps, depth, &(chk->ver )); + prs_uint32("reserved", ps, depth, &(chk->reserved)); + prs_uint32("crc32 ", ps, depth, &(chk->crc32 )); + prs_uint32("seq_num ", ps, depth, &(chk->seq_num )); + + return True; +} + diff --git a/source/rpc_parse/parse_rpc.c b/source/rpc_parse/parse_rpc.c index 16636159c0c..8b26575ed12 100644 --- a/source/rpc_parse/parse_rpc.c +++ b/source/rpc_parse/parse_rpc.c @@ -593,14 +593,6 @@ BOOL smb_io_rpc_hdr_autha(char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int de } /******************************************************************* -checks an RPC_HDR_AUTH structure. -********************************************************************/ -BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai) -{ - return (rai->auth_type == 0x0a && rai->auth_level == 0x06); -} - -/******************************************************************* creates an RPC_HDR_AUTH structure. ********************************************************************/ BOOL make_rpc_hdr_auth(RPC_HDR_AUTH *rai, @@ -640,401 +632,3 @@ BOOL smb_io_rpc_hdr_auth(char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int dept return True; } -/******************************************************************* -checks an RPC_AUTH_NTLMSSP_VERIFIER structure. -********************************************************************/ -BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav, - char *signature, uint32 msg_type) -{ - return (strequal(rav->signature, signature) && rav->msg_type == msg_type); - - return True; -} - -/******************************************************************* -creates an RPC_AUTH_NTLMSSP_VERIFIER structure. -********************************************************************/ -BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav, - char *signature, uint32 msg_type) -{ - if (rav == NULL) return False; - - fstrcpy(rav->signature, signature); /* "NTLMSSP" */ - rav->msg_type = msg_type; /* NTLMSSP_MESSAGE_TYPE */ - - return True; -} - -/******************************************************************* -reads or writes an RPC_AUTH_NTLMSSP_VERIFIER structure. -********************************************************************/ -BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth) -{ - if (rav == NULL) return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier"); - depth++; - - prs_string("signature", ps, depth, rav->signature, 0, sizeof(rav->signature)); /* "NTLMSSP" */ - prs_uint32("msg_type ", ps, depth, &(rav->msg_type )); /* NTLMSSP_MESSAGE_TYPE */ - - return True; -} - -/******************************************************************* -creates an RPC_AUTH_NTLMSSP_NEG structure. -********************************************************************/ -BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg, - uint32 neg_flgs, - fstring myname, fstring domain) -{ - int len_myname = strlen(myname); - int len_domain = strlen(domain); - - if (neg == NULL) return False; - - neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */ - - make_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname); - make_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20); - - fstrcpy(neg->myname, myname); - fstrcpy(neg->domain, domain); - - return True; -} - -/******************************************************************* -reads or writes an RPC_AUTH_NTLMSSP_NEG structure. - -*** lkclXXXX HACK ALERT! *** - -********************************************************************/ -BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth) -{ - int start_offset = ps->offset; - if (neg == NULL) return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg"); - depth++; - - prs_uint32("neg_flgs ", ps, depth, &(neg->neg_flgs)); - - if (ps->io) - { - uint32 old_offset; - - /* reading */ - - ZERO_STRUCTP(neg); - - smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth); - smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth); - - old_offset = ps->offset; - - ps->offset = neg->hdr_myname .buffer + start_offset - 12; - prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname ))); - old_offset += neg->hdr_myname .str_str_len; - - ps->offset = neg->hdr_domain .buffer + start_offset - 12; - prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain ))); - old_offset += neg->hdr_domain .str_str_len; - - ps->offset = old_offset; - } - else - { - /* writing */ - smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth); - smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth); - - prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname ))); - prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain ))); - } - - return True; -} - -/******************************************************************* -creates an RPC_AUTH_NTLMSSP_CHAL structure. -********************************************************************/ -BOOL make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl, - uint32 neg_flags, - uint8 challenge[8]) -{ - if (chl == NULL) return False; - - chl->unknown_1 = 0x0; - chl->unknown_2 = 0x00000028; - chl->neg_flags = neg_flags; /* 0x0082b1 */ - - memcpy(chl->challenge, challenge, sizeof(chl->challenge)); - bzero (chl->reserved , sizeof(chl->reserved)); - - return True; -} - -/******************************************************************* -reads or writes an RPC_AUTH_NTLMSSP_CHAL structure. -********************************************************************/ -BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth) -{ - if (chl == NULL) return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal"); - depth++; - - prs_uint32("unknown_1", ps, depth, &(chl->unknown_1)); /* 0x0000 0000 */ - prs_uint32("unknown_2", ps, depth, &(chl->unknown_2)); /* 0x0000 b2b3 */ - prs_uint32("neg_flags", ps, depth, &(chl->neg_flags)); /* 0x0000 82b1 */ - - prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge)); - prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved )); - - return True; -} - -/******************************************************************* -creates an RPC_AUTH_NTLMSSP_RESP structure. - -*** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) *** -*** lkclXXXX the actual offset is at the start of the auth verifier *** - -********************************************************************/ -BOOL make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp, - uchar lm_resp[24], - uchar *nt_resp, size_t nt_len, - char *domain, char *user, char *wks, - uint32 neg_flags) -{ - uint32 offset; - int dom_len = strlen(domain); - int wks_len = strlen(wks ); - int usr_len = strlen(user ); - int lm_len = nt_len != 0 ? (lm_resp != NULL ? 24 : 0) : 1; - - DEBUG(5,("make_rpc_auth_ntlmssp_resp\n")); - - if (rsp == NULL) return False; - -#ifdef DEBUG_PASSWORD - DEBUG(100,("lm_resp\n")); - if (lm_resp != NULL) - { - dump_data(100, lm_resp, lm_len); - } - DEBUG(100,("nt_resp\n")); - if (nt_resp != NULL) - { - dump_data(100, nt_resp, nt_len); - } -#endif - - DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n", - domain, user, wks, neg_flags)); - - offset = 0x40; - - if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE)) - { - dom_len *= 2; - wks_len *= 2; - usr_len *= 2; - } - - make_str_hdr(&rsp->hdr_domain , dom_len, dom_len, offset); - offset += dom_len; - - make_str_hdr(&rsp->hdr_usr , usr_len, usr_len, offset); - offset += usr_len; - - make_str_hdr(&rsp->hdr_wks , wks_len, wks_len, offset); - offset += wks_len; - - make_str_hdr(&rsp->hdr_lm_resp, lm_len , lm_len , offset); - offset += lm_len; - - make_str_hdr(&rsp->hdr_nt_resp, nt_len , nt_len , offset); - offset += nt_len; - - make_str_hdr(&rsp->hdr_sess_key, 0, 0, offset); - - rsp->neg_flags = neg_flags; - - if (lm_resp != NULL && lm_len != 1) - { - memcpy(rsp->lm_resp, lm_resp, lm_len); - } - else - { - rsp->lm_resp[0] = 0; - } - if (nt_resp != NULL) - { - memcpy(rsp->nt_resp, nt_resp, nt_len); - } - else - { - rsp->nt_resp[0] = 0; - } - - if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE)) - { - ascii_to_unibuf(rsp->domain, domain, sizeof(rsp->domain)-2); - ascii_to_unibuf(rsp->user , user , sizeof(rsp->user )-2); - ascii_to_unibuf(rsp->wks , wks , sizeof(rsp->wks )-2); - } - else - { - fstrcpy(rsp->domain, domain); - fstrcpy(rsp->user , user ); - fstrcpy(rsp->wks , wks ); - } - rsp->sess_key[0] = 0; - - return True; -} - -/******************************************************************* -reads or writes an RPC_AUTH_NTLMSSP_RESP structure. - -*** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) *** -*** lkclXXXX the actual offset is at the start of the auth verifier *** - -********************************************************************/ -BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth) -{ - if (rsp == NULL) return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp"); - depth++; - - if (ps->io) - { - uint32 old_offset; - - /* reading */ - - ZERO_STRUCTP(rsp); - - smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth); - smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth); - smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth); - smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth); - smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth); - smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth); - - prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */ - - old_offset = ps->offset; - - ps->offset = rsp->hdr_domain .buffer + 0xc; - prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain ))); - old_offset += rsp->hdr_domain .str_str_len; - - ps->offset = rsp->hdr_usr .buffer + 0xc; - prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user ))); - old_offset += rsp->hdr_usr .str_str_len; - - ps->offset = rsp->hdr_wks .buffer + 0xc; - prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks ))); - old_offset += rsp->hdr_wks .str_str_len; - - ps->offset = rsp->hdr_lm_resp .buffer + 0xc; - prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp ))); - old_offset += rsp->hdr_lm_resp .str_str_len; - - ps->offset = rsp->hdr_nt_resp .buffer + 0xc; - prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp ))); - old_offset += rsp->hdr_nt_resp .str_str_len; - - if (rsp->hdr_sess_key.str_str_len != 0) - { - ps->offset = rsp->hdr_sess_key.buffer + 0x10; - old_offset += rsp->hdr_sess_key.str_str_len; - prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key))); - } - - ps->offset = old_offset; - } - else - { - /* writing */ - smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth); - smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth); - smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth); - smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth); - smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth); - smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth); - - prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */ - - prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain ))); - prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user ))); - prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks ))); - prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp ))); - prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp ))); - prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key))); - } - - return True; -} - -/******************************************************************* -checks an RPC_AUTH_NTLMSSP_CHK structure. -********************************************************************/ -BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num) -{ - if (chk == NULL) - { - return False; - } - - if (chk->crc32 != crc32 || - chk->ver != NTLMSSP_SIGN_VERSION || - chk->seq_num != seq_num) - { - DEBUG(5,("verify failed - crc %x ver %x seq %d\n", - crc32, NTLMSSP_SIGN_VERSION, seq_num)); - DEBUG(5,("verify expect - crc %x ver %x seq %d\n", - chk->crc32, chk->ver, chk->seq_num)); - return False; - } - return True; -} - -/******************************************************************* -creates an RPC_AUTH_NTLMSSP_CHK structure. -********************************************************************/ -BOOL make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, - uint32 ver, uint32 crc32, uint32 seq_num) -{ - if (chk == NULL) return False; - - chk->ver = ver ; - chk->reserved = 0x0; - chk->crc32 = crc32 ; - chk->seq_num = seq_num ; - - return True; -} - -/******************************************************************* -reads or writes an RPC_AUTH_NTLMSSP_CHK structure. -********************************************************************/ -BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth) -{ - if (chk == NULL) return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk"); - depth++; - - prs_uint32("ver ", ps, depth, &(chk->ver )); - prs_uint32("reserved", ps, depth, &(chk->reserved)); - prs_uint32("crc32 ", ps, depth, &(chk->crc32 )); - prs_uint32("seq_num ", ps, depth, &(chk->seq_num )); - - return True; -} - diff --git a/source/rpc_server/srv_pipe_noauth.c b/source/rpc_server/srv_pipe_noauth.c index 190ab37f303..305957defb4 100644 --- a/source/rpc_server/srv_pipe_noauth.c +++ b/source/rpc_server/srv_pipe_noauth.c @@ -177,6 +177,7 @@ static BOOL api_noauth_decode_pdu(rpcsrv_struct *l) srv_auth_fns noauth_fns = { + NULL, api_noauth_auth_chk, api_noauth_auth_gen, api_noauth_decode_pdu, diff --git a/source/rpc_server/srv_pipe_ntlmssp.c b/source/rpc_server/srv_pipe_ntlmssp.c index 9405b452326..d5d1da0304a 100644 --- a/source/rpc_server/srv_pipe_ntlmssp.c +++ b/source/rpc_server/srv_pipe_ntlmssp.c @@ -606,8 +606,14 @@ static BOOL api_ntlmssp_decode_pdu(rpcsrv_struct *l) return True; } +static BOOL api_ntlmssp_hdr_chk(RPC_HDR_AUTH *auth_info) +{ + return rpc_hdr_ntlmssp_auth_chk(auth_info); +} + srv_auth_fns ntlmssp_fns = { + api_ntlmssp_hdr_chk, api_ntlmssp_auth_chk, api_ntlmssp_auth_gen, api_ntlmssp_decode_pdu, diff --git a/source/rpc_server/srv_pipe_srv.c b/source/rpc_server/srv_pipe_srv.c index e1f2b1d9988..fe514bdb866 100644 --- a/source/rpc_server/srv_pipe_srv.c +++ b/source/rpc_server/srv_pipe_srv.c @@ -226,15 +226,14 @@ static BOOL srv_pipe_bind_and_alt_req(rpcsrv_struct *l, if (l->hdr.auth_len != 0) { RPC_HDR_AUTH auth_info; + extern srv_auth_fns ntlmssp_fns; /* decode the authentication verifier */ smb_io_rpc_hdr_auth ("", &auth_info , &l->data_i, 0); if (l->data_i.offset == 0) return False; - if (rpc_hdr_ntlmssp_auth_chk(&(auth_info))) + if (ntlmssp_fns.api_is_auth(&(auth_info))) { - extern srv_auth_fns ntlmssp_fns; - l->auth = &ntlmssp_fns; l->auth_info = (void*)malloc(sizeof(ntlmssp_auth_struct)); if (l->auth_info == NULL) |