oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Build ntlmv2 answer buffer.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19480 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-12-20 20:02:01 +00:00
parent cf5e2e451d
commit 6b7ecbef09
1 changed files with 47 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
lib/gssapi/ntlm/init_sec_context.c
View File

@@ -187,6 +187,7 @@ _gss_ntlm_init_sec_context
ctx->flags = type2.flags; ctx->flags = type2.flags;
/* XXX check that type2.targetinfo matches `target_name<6D> */ /* XXX check that type2.targetinfo matches `target_name<6D> */
/* XXX check verify targetinfo buffer */
memset(&type3, 0, sizeof(type3)); memset(&type3, 0, sizeof(type3));
@@ -195,7 +196,11 @@ _gss_ntlm_init_sec_context
type3.targetname = type2.targetname; type3.targetname = type2.targetname;
type3.ws = rk_UNCONST("workstation"); type3.ws = rk_UNCONST("workstation");
{ /*
* NTLM Version 1 if no targetinfo buffer.
*/
if (type2.targetinfo.length == 0) {
struct ntlm_buf key; struct ntlm_buf key;
struct ntlm_buf sessionkey; struct ntlm_buf sessionkey;
unsigned char challange[8]; unsigned char challange[8];
@@ -242,6 +247,8 @@ _gss_ntlm_init_sec_context
ret = heim_ntlm_build_ntlm1_master(key.data, key.length, ret = heim_ntlm_build_ntlm1_master(key.data, key.length,
&sessionkey, &sessionkey,
&type3.sessionkey); &type3.sessionkey);
memset(key.data, 0, key.length);
free(key.data);
if (ret) { if (ret) {
if (type3.lm.data) if (type3.lm.data)
free(type3.lm.data); free(type3.lm.data);
@@ -269,8 +276,46 @@ _gss_ntlm_init_sec_context
ctx->sessionkey.length, ctx->sessionkey.length,
ctx->sessionkey.data); ctx->sessionkey.data);
} else {
struct ntlm_buf key;
struct ntlm_buf sessionkey;
unsigned char ntlmv2[16];
/* verify infotarget */
heim_ntlm_nt_key(ctx->password, &key);
memset(ctx->password, 0, strlen(ctx->password));
ret = heim_ntlm_calculate_ntlm2(key.data, key.length,
ctx->username,
name->domain,
type2.challange,
&type2.targetinfo,
ntlmv2,
&type3.ntlm);
memset(key.data, 0, key.length); memset(key.data, 0, key.length);
free(key.data); free(key.data);
if (ret) {
_gss_ntlm_delete_sec_context(minor_status,
context_handle, NULL);
*minor_status = ret;
return GSS_S_FAILURE;
}
ret = heim_ntlm_build_ntlm1_master(ntlmv2, sizeof(ntlmv2),
&sessionkey,
&type3.sessionkey);
memset(ntlmv2, 0, sizeof(ntlmv2));
if (ret) {
_gss_ntlm_delete_sec_context(minor_status,
context_handle, NULL);
*minor_status = ret;
return GSS_S_FAILURE;
}
/* set session key in ctx */
free(sessionkey.data);
} }
ret = heim_ntlm_encode_type3(&type3, &data); ret = heim_ntlm_encode_type3(&type3, &data);
@@ -289,7 +334,7 @@ _gss_ntlm_init_sec_context
if (actual_mech_type) if (actual_mech_type)
*actual_mech_type = GSS_NTLM_MECHANISM; *actual_mech_type = GSS_NTLM_MECHANISM;
if (ret_flags) if (ret_flags)
*ret_flags = ctx->flags; *ret_flags = 0;
if (time_rec) if (time_rec)
*time_rec = GSS_C_INDEFINITE; *time_rec = GSS_C_INDEFINITE;