oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Return session key for the NTLMv2 case too

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19533 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-12-28 14:40:46 +00:00
parent a06a8d8e14
commit 98e01a4744
1 changed files with 45 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
kdc/digest.c
View File

@@ -864,6 +864,7 @@ _kdc_do_digest(krb5_context context,
case choice_DigestReqInner_ntlmRequest: { case choice_DigestReqInner_ntlmRequest: {
krb5_principal clientprincipal; krb5_principal clientprincipal;
unsigned char sessionkey[16];
unsigned char challange[8]; unsigned char challange[8];
uint32_t flags; uint32_t flags;
Key *key = NULL; Key *key = NULL;
@@ -938,7 +939,6 @@ _kdc_do_digest(krb5_context context,
/* check if this is NTLMv2 */ /* check if this is NTLMv2 */
if (ireq.u.ntlmRequest.ntlm.length != 24) { if (ireq.u.ntlmRequest.ntlm.length != 24) {
unsigned char masterkey[16];
struct ntlm_buf infotarget, answer; struct ntlm_buf infotarget, answer;
char *targetname; char *targetname;
@@ -967,7 +967,7 @@ _kdc_do_digest(krb5_context context,
challange, challange,
&answer, &answer,
&infotarget, &infotarget,
masterkey); sessionkey);
free(targetname); free(targetname);
if (ret) { if (ret) {
krb5_set_error_string(context, "NTLM v2 verify failed"); krb5_set_error_string(context, "NTLM v2 verify failed");
@@ -978,6 +978,7 @@ _kdc_do_digest(krb5_context context,
free(infotarget.data); free(infotarget.data);
/* */ /* */
} else { } else {
struct ntlm_buf answer; struct ntlm_buf answer;
@@ -1029,53 +1030,55 @@ _kdc_do_digest(krb5_context context,
} }
free(answer.data); free(answer.data);
if (ireq.u.ntlmRequest.sessionkey) { {
unsigned char sessionkey[MD4_DIGEST_LENGTH];
unsigned char masterkey[MD4_DIGEST_LENGTH];
MD4_CTX ctx; MD4_CTX ctx;
RC4_KEY rc4;
size_t len;
if ((flags & NTLM_NEG_KEYEX) == 0) {
krb5_set_error_string(context,
"NTLM client failed to neg key "
"exchange but still sent key");
goto out;
}
len = ireq.u.ntlmRequest.sessionkey->length;
if (len != sizeof(masterkey)){
krb5_set_error_string(context,
"NTLM master key wrong length: %lu",
(unsigned long)len);
goto out;
}
MD4_Init(&ctx); MD4_Init(&ctx);
MD4_Update(&ctx, MD4_Update(&ctx,
key->key.keyvalue.data, key->key.keyvalue.length); key->key.keyvalue.data, key->key.keyvalue.length);
MD4_Final(sessionkey, &ctx); MD4_Final(sessionkey, &ctx);
}
}
RC4_set_key(&rc4, sizeof(sessionkey), sessionkey); if (ireq.u.ntlmRequest.sessionkey) {
unsigned char masterkey[MD4_DIGEST_LENGTH];
RC4(&rc4, sizeof(masterkey), RC4_KEY rc4;
ireq.u.ntlmRequest.sessionkey->data, size_t len;
masterkey);
memset(&rc4, 0, sizeof(rc4)); if ((flags & NTLM_NEG_KEYEX) == 0) {
krb5_set_error_string(context,
r.u.ntlmResponse.sessionkey = "NTLM client failed to neg key "
malloc(sizeof(*r.u.ntlmResponse.sessionkey)); "exchange but still sent key");
if (r.u.ntlmResponse.sessionkey == NULL) { goto out;
krb5_set_error_string(context, "out of memory"); }
goto out;
} len = ireq.u.ntlmRequest.sessionkey->length;
if (len != sizeof(masterkey)){
ret = krb5_data_copy(r.u.ntlmResponse.sessionkey, krb5_set_error_string(context,
masterkey, sizeof(masterkey)); "NTLM master key wrong length: %lu",
if (ret) { (unsigned long)len);
krb5_set_error_string(context, "out of memory"); goto out;
goto out; }
}
RC4_set_key(&rc4, sizeof(sessionkey), sessionkey);
RC4(&rc4, sizeof(masterkey),
ireq.u.ntlmRequest.sessionkey->data,
masterkey);
memset(&rc4, 0, sizeof(rc4));
r.u.ntlmResponse.sessionkey =
malloc(sizeof(*r.u.ntlmResponse.sessionkey));
if (r.u.ntlmResponse.sessionkey == NULL) {
krb5_set_error_string(context, "out of memory");
goto out;
}
ret = krb5_data_copy(r.u.ntlmResponse.sessionkey,
masterkey, sizeof(masterkey));
if (ret) {
krb5_set_error_string(context, "out of memory");
goto out;
} }
} }