export heim_ntlm_free_buf, start doxygen documenation
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22041 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -1,5 +1,8 @@
|
||||
2007-07-17 Love H<>rnquist <20>strand <lha@it.su.se>
|
||||
|
||||
* ntlm.c: Use unsigned char * as argument to HMAC_Update to please
|
||||
OpenSSL and gcc.
|
||||
|
||||
* test_ntlm.c: more verbose what we are testing.
|
||||
|
||||
2007-07-10 Love H<>rnquist <20>strand <lha@it.su.se>
|
||||
|
||||
@@ -6,7 +6,7 @@ lib_LTLIBRARIES = libheimntlm.la
|
||||
|
||||
include_HEADERS = heimntlm.h heimntlm-protos.h
|
||||
|
||||
libheimntlm_la_SOURCES = ntlm.c
|
||||
libheimntlm_la_SOURCES = ntlm.c doxygen.c
|
||||
|
||||
libheimntlm_la_LDFLAGS = -version-info 1:0:1
|
||||
|
||||
|
||||
65
lib/ntlm/doxygen.c
Normal file
65
lib/ntlm/doxygen.c
Normal file
@@ -0,0 +1,65 @@
|
||||
/*
|
||||
* Copyright (c) 2007 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#include "krb5_locl.h"
|
||||
RCSID("$Id$");
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
|
||||
/*! \mainpage Heimdal NTLM library
|
||||
*
|
||||
* \section intro Introduction
|
||||
*
|
||||
* Heimdal libheimntlm library is a implementation of the NTLM
|
||||
* protocol, both version 1 and 2. It also support transport
|
||||
* encryption and integrity checking.
|
||||
*
|
||||
* NTLM is a protocol for mutual authentication, its still used in
|
||||
* many protocol where Kerberos is not support, one example is
|
||||
* EAP/X802.1x mechanism LEAP from Microsoft and Cisco.
|
||||
*
|
||||
* This is a support library for the core protocol, its used in
|
||||
* Heimdal to implement and GSS-API mechanism. There is also support
|
||||
* in the KDC to do remote digest authenticiation, this to allow
|
||||
* services to authenticate users w/o direct access to the users ntlm
|
||||
* hashes (same as Kerberos arcfour enctype hashes).
|
||||
*
|
||||
* More information about the NTLM protocol can found here
|
||||
* http://davenport.sourceforge.net/ntlm.html .
|
||||
*
|
||||
* The Heimdal projects web page: http://www.h5l.org/
|
||||
*/
|
||||
|
||||
/** @defgroup ntlm_core Heimdal NTLM library */
|
||||
@@ -73,8 +73,16 @@ static const unsigned char ntlmsigature[8] = "NTLMSSP\x00";
|
||||
#define CHECK(f, e) \
|
||||
do { ret = f ; if (ret != (e)) { ret = EINVAL; goto out; } } while(0)
|
||||
|
||||
static void
|
||||
_ntlm_free_buf(struct ntlm_buf *p)
|
||||
/**
|
||||
* heim_ntlm_free_buf frees the ntlm buffer
|
||||
*
|
||||
* @param p buffer to be freed
|
||||
*
|
||||
* @ingroup ntlm_core
|
||||
*/
|
||||
|
||||
void
|
||||
heim_ntlm_free_buf(struct ntlm_buf *p)
|
||||
{
|
||||
if (p->data)
|
||||
free(p->data);
|
||||
@@ -96,7 +104,7 @@ ascii2ucs2le(const char *string, int up, struct ntlm_buf *buf)
|
||||
buf->length = len * 2;
|
||||
buf->data = malloc(buf->length);
|
||||
if (buf->data == NULL && len != 0) {
|
||||
_ntlm_free_buf(buf);
|
||||
heim_ntlm_free_buf(buf);
|
||||
return ENOMEM;
|
||||
}
|
||||
|
||||
@@ -104,7 +112,7 @@ ascii2ucs2le(const char *string, int up, struct ntlm_buf *buf)
|
||||
for (i = 0; i < len; i++) {
|
||||
unsigned char t = (unsigned char)string[i];
|
||||
if (t & 0x80) {
|
||||
_ntlm_free_buf(buf);
|
||||
heim_ntlm_free_buf(buf);
|
||||
return EINVAL;
|
||||
}
|
||||
if (up)
|
||||
@@ -201,7 +209,7 @@ put_string(krb5_storage *sp, int ucs2, const char *s)
|
||||
|
||||
CHECK(krb5_storage_write(sp, buf.data, buf.length), buf.length);
|
||||
if (ucs2)
|
||||
_ntlm_free_buf(&buf);
|
||||
heim_ntlm_free_buf(&buf);
|
||||
ret = 0;
|
||||
out:
|
||||
return ret;
|
||||
@@ -235,8 +243,12 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
/**
|
||||
* heim_ntlm_free_targetinfo frees the ntlm_targetinfo message
|
||||
*
|
||||
* @param ti targetinfo to be freed
|
||||
*
|
||||
* @ingroup ntlm_core
|
||||
*/
|
||||
|
||||
void
|
||||
@@ -260,6 +272,20 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
/**
|
||||
* heim_ntlm_encode_targetinfo encodes a ntlm_targetinfo buffer.
|
||||
*
|
||||
* @param ti the ntlm_targetinfo message to encode.
|
||||
* @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message).
|
||||
* @param data is the return buffer with the encoed message, shoumd be
|
||||
* freed with heim_ntlm_free_buf().
|
||||
*
|
||||
* @return In case of success 0 is return, an errors, a errno in what
|
||||
* went wrong.
|
||||
*
|
||||
* @ingroup ntlm_core
|
||||
*/
|
||||
|
||||
int
|
||||
heim_ntlm_encode_targetinfo(struct ntlm_targetinfo *ti,
|
||||
int ucs2,
|
||||
@@ -307,8 +333,12 @@ heim_ntlm_decode_targetinfo(struct ntlm_buf *data, int ucs2,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* encoder/decoder type1 messages
|
||||
/**
|
||||
* heim_ntlm_free_type1 frees the ntlm_type1 message
|
||||
*
|
||||
* @param data message to be freed
|
||||
*
|
||||
* @ingroup ntlm_core
|
||||
*/
|
||||
|
||||
void
|
||||
@@ -435,8 +465,12 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* encoder/decoder type 2 messages
|
||||
/**
|
||||
* heim_ntlm_free_type2 frees the ntlm_type2 message
|
||||
*
|
||||
* @param data message to be freed
|
||||
*
|
||||
* @ingroup ntlm_core
|
||||
*/
|
||||
|
||||
void
|
||||
@@ -444,7 +478,7 @@ heim_ntlm_free_type2(struct ntlm_type2 *data)
|
||||
{
|
||||
if (data->targetname)
|
||||
free(data->targetname);
|
||||
_ntlm_free_buf(&data->targetinfo);
|
||||
heim_ntlm_free_buf(&data->targetinfo);
|
||||
memset(data, 0, sizeof(*data));
|
||||
}
|
||||
|
||||
@@ -562,22 +596,26 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* encoder/decoder type 2 messages
|
||||
/**
|
||||
* heim_ntlm_free_type3 frees the ntlm_type3 message
|
||||
*
|
||||
* @param data message to be freed
|
||||
*
|
||||
* @ingroup ntlm_core
|
||||
*/
|
||||
|
||||
void
|
||||
heim_ntlm_free_type3(struct ntlm_type3 *data)
|
||||
{
|
||||
_ntlm_free_buf(&data->lm);
|
||||
_ntlm_free_buf(&data->ntlm);
|
||||
heim_ntlm_free_buf(&data->lm);
|
||||
heim_ntlm_free_buf(&data->ntlm);
|
||||
if (data->targetname)
|
||||
free(data->targetname);
|
||||
if (data->username)
|
||||
free(data->username);
|
||||
if (data->ws)
|
||||
free(data->ws);
|
||||
_ntlm_free_buf(&data->sessionkey);
|
||||
heim_ntlm_free_buf(&data->sessionkey);
|
||||
memset(data, 0, sizeof(*data));
|
||||
}
|
||||
|
||||
@@ -784,13 +822,13 @@ heim_ntlm_nt_key(const char *password, struct ntlm_buf *key)
|
||||
|
||||
ret = ascii2ucs2le(password, 0, &buf);
|
||||
if (ret) {
|
||||
_ntlm_free_buf(key);
|
||||
heim_ntlm_free_buf(key);
|
||||
return ret;
|
||||
}
|
||||
MD4_Init(&ctx);
|
||||
MD4_Update(&ctx, buf.data, buf.length);
|
||||
MD4_Final(key->data, &ctx);
|
||||
_ntlm_free_buf(&buf);
|
||||
heim_ntlm_free_buf(&buf);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -849,8 +887,8 @@ heim_ntlm_build_ntlm1_master(void *key, size_t len,
|
||||
master->length = MD4_DIGEST_LENGTH;
|
||||
master->data = malloc(master->length);
|
||||
if (master->data == NULL) {
|
||||
_ntlm_free_buf(master);
|
||||
_ntlm_free_buf(session);
|
||||
heim_ntlm_free_buf(master);
|
||||
heim_ntlm_free_buf(session);
|
||||
return EINVAL;
|
||||
}
|
||||
|
||||
@@ -866,8 +904,8 @@ heim_ntlm_build_ntlm1_master(void *key, size_t len,
|
||||
}
|
||||
|
||||
if (RAND_bytes(session->data, session->length) != 1) {
|
||||
_ntlm_free_buf(master);
|
||||
_ntlm_free_buf(session);
|
||||
heim_ntlm_free_buf(master);
|
||||
heim_ntlm_free_buf(session);
|
||||
return EINVAL;
|
||||
}
|
||||
|
||||
@@ -1110,13 +1148,13 @@ heim_ntlm_verify_ntlm2(const void *key, size_t len,
|
||||
HMAC_CTX_cleanup(&c);
|
||||
|
||||
if (memcmp(serveranswer, clientanswer, 16) != 0) {
|
||||
_ntlm_free_buf(infotarget);
|
||||
heim_ntlm_free_buf(infotarget);
|
||||
return EINVAL;
|
||||
}
|
||||
|
||||
return 0;
|
||||
out:
|
||||
_ntlm_free_buf(infotarget);
|
||||
heim_ntlm_free_buf(infotarget);
|
||||
if (sp)
|
||||
krb5_storage_free(sp);
|
||||
return ret;
|
||||
|
||||
@@ -14,6 +14,7 @@ HEIMDAL_NTLM_1.0 {
|
||||
heim_ntlm_encode_type1;
|
||||
heim_ntlm_encode_type2;
|
||||
heim_ntlm_encode_type3;
|
||||
heim_ntlm_free_buf;
|
||||
heim_ntlm_free_targetinfo;
|
||||
heim_ntlm_free_type1;
|
||||
heim_ntlm_free_type2;
|
||||
|
||||
Reference in New Issue
Block a user