add targetinfo and comerr error codes
This commit is contained in:
Love Hornquist Astrand
@@ -8,7 +8,9 @@ lib_LTLIBRARIES = libheimntlm.la
|
|||||||
|
|
||||||
include_HEADERS = heimntlm.h heimntlm-protos.h
|
include_HEADERS = heimntlm.h heimntlm-protos.h
|
||||||
|
|
||||||
libheimntlm_la_SOURCES = ntlm.c heimntlm.h
|
dist_libheimntlm_la_SOURCES = ntlm.c heimntlm.h
|
||||||
|
|
||||||
|
nodist_libheimntlm_la_SOURCES = ntlm_err.c
|
||||||
|
|
||||||
libheimntlm_la_LDFLAGS = -version-info 1:0:1
|
libheimntlm_la_LDFLAGS = -version-info 1:0:1
|
||||||
|
|
||||||
@@ -25,8 +27,7 @@ libheimntlm_la_LIBADD = \
|
|||||||
$(srcdir)/heimntlm-protos.h:
|
$(srcdir)/heimntlm-protos.h:
|
||||||
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h
|
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h
|
||||||
|
|
||||||
$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h
|
$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h ntlm_err.h
|
||||||
|
|
||||||
|
|
||||||
TESTS = test_ntlm
|
TESTS = test_ntlm
|
||||||
|
|
||||||
@@ -34,4 +35,9 @@ check_PROGRAMS = test_ntlm
|
|||||||
|
|
||||||
LDADD = libheimntlm.la $(LIB_roken)
|
LDADD = libheimntlm.la $(LIB_roken)
|
||||||
|
|
||||||
EXTRA_DIST = version-script.map
|
EXTRA_DIST = version-script.map ntlm_err.et
|
||||||
|
|
||||||
|
CLEANFILES = \
|
||||||
|
ntlm_err.c ntlm_err.h
|
||||||
|
|
||||||
|
ntlm_err.h: ntlm_err.et
|
||||||
|
|||||||
@@ -46,14 +46,16 @@ struct ntlm_buf {
|
|||||||
};
|
};
|
||||||
|
|
||||||
#define NTLM_NEG_UNICODE 0x00000001
|
#define NTLM_NEG_UNICODE 0x00000001
|
||||||
#define NTLM_NEG_OEM 0x00000002
|
#define NTLM_NEG_OEM 0x00000002
|
||||||
#define NTLM_NEG_TARGET 0x00000004
|
#define NTLM_NEG_TARGET 0x00000004
|
||||||
#define NTLM_MBZ9 0x00000008
|
#define NTLM_MBZ9 0x00000008
|
||||||
|
|
||||||
#define NTLM_NEG_SIGN 0x00000010
|
#define NTLM_NEG_SIGN 0x00000010
|
||||||
#define NTLM_NEG_SEAL 0x00000020
|
#define NTLM_NEG_SEAL 0x00000020
|
||||||
#define NTLM_NEG_DATAGRAM 0x00000040
|
#define NTLM_NEG_DATAGRAM 0x00000040
|
||||||
#define NTLM_NEG_LM_KEY 0x00000080
|
#define NTLM_NEG_LM_KEY 0x00000080
|
||||||
|
#define NTLM_NEG_NTLM 0x00000200
|
||||||
|
#define NTLM_NEG_ANONYMOUS 0x00000800
|
||||||
|
|
||||||
#define NTLM_MBZ8 0x00000100
|
#define NTLM_MBZ8 0x00000100
|
||||||
#define NTLM_NEG_NTLM 0x00000200
|
#define NTLM_NEG_NTLM 0x00000200
|
||||||
@@ -61,12 +63,13 @@ struct ntlm_buf {
|
|||||||
#define NTLM_MBZ7 0x00000800 /* anon ? */
|
#define NTLM_MBZ7 0x00000800 /* anon ? */
|
||||||
|
|
||||||
#define NTLM_OEM_SUPPLIED_DOMAIN 0x00001000
|
#define NTLM_OEM_SUPPLIED_DOMAIN 0x00001000
|
||||||
#define NTLM_OEM_SUPPLIED_WORKSTAION 0x00002000
|
#define NTLM_OEM_SUPPLIED_WORKSTATION 0x00002000
|
||||||
#define NTLM_MBZ6 0x00004000 /* local call ? */
|
#define NTLM_MBZ6 0x00004000 /* local call ? */
|
||||||
#define NTLM_NEG_ALWAYS_SIGN 0x00008000
|
#define NTLM_NEG_ALWAYS_SIGN 0x00008000
|
||||||
|
|
||||||
#define NTLM_TARGET_DOMAIN 0x00010000
|
#define NTLM_TARGET_DOMAIN 0x00010000
|
||||||
#define NTLM_TARGET_SERVER 0x00020000
|
#define NTLM_TARGET_SERVER 0x00020000
|
||||||
|
|
||||||
#define NTLM_TARGET_SHARE 0x00040000
|
#define NTLM_TARGET_SHARE 0x00040000
|
||||||
#define NTLM_NEG_NTLM2_SESSION 0x00080000
|
#define NTLM_NEG_NTLM2_SESSION 0x00080000
|
||||||
#define NTLM_NEG_NTLM2 0x00080000
|
#define NTLM_NEG_NTLM2 0x00080000
|
||||||
@@ -84,18 +87,23 @@ struct ntlm_buf {
|
|||||||
#define NTLM_MBZ1 0x10000000
|
#define NTLM_MBZ1 0x10000000
|
||||||
#define NTLM_ENC_128 0x20000000
|
#define NTLM_ENC_128 0x20000000
|
||||||
#define NTLM_NEG_KEYEX 0x40000000
|
#define NTLM_NEG_KEYEX 0x40000000
|
||||||
#define NTLM_NEGOTIATE_56 0x80000000
|
#define NTLM_ENC_56 0x80000000
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Struct for the NTLM target info, the strings is assumed to be in
|
* Struct for the NTLM target info, the strings is assumed to be in
|
||||||
* UTF8. When filled in by the library it should be freed with
|
* UTF8. When filled in by the library it should be freed with
|
||||||
* heim_ntlm_free_targetinfo().
|
* heim_ntlm_free_targetinfo().
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#define NTLM_TI_AV_FLAG_GUEST 0x00000001
|
||||||
|
|
||||||
struct ntlm_targetinfo {
|
struct ntlm_targetinfo {
|
||||||
char *servername; /**< */
|
char *servername; /**< */
|
||||||
char *domainname; /**< */
|
char *domainname; /**< */
|
||||||
char *dnsdomainname; /**< */
|
char *dnsdomainname; /**< */
|
||||||
char *dnsservername; /**< */
|
char *dnsservername; /**< */
|
||||||
|
char *dnstreename; /**< */
|
||||||
|
uint32_t avflags; /**< */
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -121,7 +129,7 @@ struct ntlm_type2 {
|
|||||||
uint32_t flags; /**< */
|
uint32_t flags; /**< */
|
||||||
char *targetname; /**< */
|
char *targetname; /**< */
|
||||||
struct ntlm_buf targetinfo; /**< */
|
struct ntlm_buf targetinfo; /**< */
|
||||||
unsigned char challange[8]; /**< */
|
unsigned char challenge[8]; /**< */
|
||||||
uint32_t context[2]; /**< */
|
uint32_t context[2]; /**< */
|
||||||
uint32_t os[2]; /**< */
|
uint32_t os[2]; /**< */
|
||||||
};
|
};
|
||||||
@@ -143,6 +151,7 @@ struct ntlm_type3 {
|
|||||||
uint32_t os[2]; /**< */
|
uint32_t os[2]; /**< */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
#include <ntlm_err.h>
|
||||||
#include <heimntlm-protos.h>
|
#include <heimntlm-protos.h>
|
||||||
|
|
||||||
#endif /* NTLM_NTLM_H */
|
#endif /* NTLM_NTLM_H */
|
||||||
|
|||||||
708
lib/ntlm/ntlm.c
708
lib/ntlm/ntlm.c
File diff suppressed because it is too large
Load Diff
24
lib/ntlm/ntlm_err.et
Normal file
24
lib/ntlm/ntlm_err.et
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
#
|
||||||
|
# Error messages for the ntlm library
|
||||||
|
#
|
||||||
|
# This might look like a com_err file, but is not
|
||||||
|
#
|
||||||
|
|
||||||
|
error_table ntlm
|
||||||
|
|
||||||
|
prefix HNTLM_ERR
|
||||||
|
error_code DECODE, "Failed to decode packet"
|
||||||
|
error_code INVALID_LENGTH, "Input length invalid"
|
||||||
|
error_code CRYPTO, "Failed crypto primitive"
|
||||||
|
error_code RAND, "Random generator failed"
|
||||||
|
error_code AUTH, "NTLM authentication failed"
|
||||||
|
error_code TIME_SKEW, "Client time skewed to server"
|
||||||
|
error_code OEM, "Client set OEM string"
|
||||||
|
error_code MISSING_NAME_SEPARATOR, "missing @ or \ in name"
|
||||||
|
error_code MISSING_BUFFER, "missing expected buffer"
|
||||||
|
error_code INVALID_APOP, "Invalid APOP response"
|
||||||
|
error_code INVALID_CRAM_MD5, "Invalid CRAM-MD5 response"
|
||||||
|
error_code INVALID_DIGEST_MD5, "Invalid DIGEST-MD5 response"
|
||||||
|
error_code INVALID_DIGEST_MD5_RSPAUTH, "Invalid DIGEST-MD5 rspauth"
|
||||||
|
|
||||||
|
end
|
||||||
@@ -84,7 +84,7 @@ test_parse(void)
|
|||||||
flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
|
flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
|
||||||
type2.flags = flags;
|
type2.flags = flags;
|
||||||
|
|
||||||
memset(type2.challange, 0x7f, sizeof(type2.challange));
|
memset(type2.challenge, 0x7f, sizeof(type2.challenge));
|
||||||
type2.targetname = rk_UNCONST(target);
|
type2.targetname = rk_UNCONST(target);
|
||||||
type2.targetinfo.data = NULL;
|
type2.targetinfo.data = NULL;
|
||||||
type2.targetinfo.length = 0;
|
type2.targetinfo.length = 0;
|
||||||
@@ -118,7 +118,7 @@ test_parse(void)
|
|||||||
heim_ntlm_nt_key(password, &key);
|
heim_ntlm_nt_key(password, &key);
|
||||||
|
|
||||||
heim_ntlm_calculate_ntlm1(key.data, key.length,
|
heim_ntlm_calculate_ntlm1(key.data, key.length,
|
||||||
type2.challange,
|
type2.challenge,
|
||||||
&type3.ntlm);
|
&type3.ntlm);
|
||||||
free(key.data);
|
free(key.data);
|
||||||
}
|
}
|
||||||
@@ -157,7 +157,7 @@ test_parse(void)
|
|||||||
flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
|
flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
|
||||||
type2.flags = flags;
|
type2.flags = flags;
|
||||||
|
|
||||||
memset(type2.challange, 0x7f, sizeof(type2.challange));
|
memset(type2.challenge, 0x7f, sizeof(type2.challenge));
|
||||||
type2.targetname = rk_UNCONST(target);
|
type2.targetname = rk_UNCONST(target);
|
||||||
type2.targetinfo.data = "\x00\x00";
|
type2.targetinfo.data = "\x00\x00";
|
||||||
type2.targetinfo.length = 2;
|
type2.targetinfo.length = 2;
|
||||||
@@ -186,7 +186,7 @@ test_keys(void)
|
|||||||
*password = "test1234",
|
*password = "test1234",
|
||||||
*target = "TESTNT";
|
*target = "TESTNT";
|
||||||
const unsigned char
|
const unsigned char
|
||||||
serverchallange[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c";
|
serverchallenge[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c";
|
||||||
struct ntlm_buf infotarget, infotarget2, answer, key;
|
struct ntlm_buf infotarget, infotarget2, answer, key;
|
||||||
unsigned char ntlmv2[16], ntlmv2_1[16];
|
unsigned char ntlmv2[16], ntlmv2_1[16];
|
||||||
int ret;
|
int ret;
|
||||||
@@ -209,7 +209,7 @@ test_keys(void)
|
|||||||
key.length,
|
key.length,
|
||||||
username,
|
username,
|
||||||
target,
|
target,
|
||||||
serverchallange,
|
serverchallenge,
|
||||||
&infotarget,
|
&infotarget,
|
||||||
ntlmv2,
|
ntlmv2,
|
||||||
&answer);
|
&answer);
|
||||||
@@ -221,7 +221,7 @@ test_keys(void)
|
|||||||
username,
|
username,
|
||||||
target,
|
target,
|
||||||
0,
|
0,
|
||||||
serverchallange,
|
serverchallenge,
|
||||||
&answer,
|
&answer,
|
||||||
&infotarget2,
|
&infotarget2,
|
||||||
ntlmv2_1);
|
ntlmv2_1);
|
||||||
@@ -261,7 +261,7 @@ test_ntlm2_session_resp(void)
|
|||||||
|
|
||||||
const unsigned char client_nonce[8] =
|
const unsigned char client_nonce[8] =
|
||||||
"\xff\xff\xff\x00\x11\x22\x33\x44";
|
"\xff\xff\xff\x00\x11\x22\x33\x44";
|
||||||
const unsigned char server_challange[8] =
|
const unsigned char server_challenge[8] =
|
||||||
"\x01\x23\x45\x67\x89\xab\xcd\xef";
|
"\x01\x23\x45\x67\x89\xab\xcd\xef";
|
||||||
|
|
||||||
const unsigned char ntlm_hash[16] =
|
const unsigned char ntlm_hash[16] =
|
||||||
@@ -269,7 +269,7 @@ test_ntlm2_session_resp(void)
|
|||||||
"\x1d\x33\xb7\x48\x5a\x2e\xd8\x08";
|
"\x1d\x33\xb7\x48\x5a\x2e\xd8\x08";
|
||||||
|
|
||||||
ret = heim_ntlm_calculate_ntlm2_sess(client_nonce,
|
ret = heim_ntlm_calculate_ntlm2_sess(client_nonce,
|
||||||
server_challange,
|
server_challenge,
|
||||||
ntlm_hash,
|
ntlm_hash,
|
||||||
&lm,
|
&lm,
|
||||||
&ntlm);
|
&ntlm);
|
||||||
@@ -288,10 +288,45 @@ test_ntlm2_session_resp(void)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
test_targetinfo(void)
|
||||||
|
{
|
||||||
|
struct ntlm_targetinfo ti;
|
||||||
|
struct ntlm_buf buf;
|
||||||
|
const char *dnsservername = "dnsservername";
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
memset(&ti, 0, sizeof(ti));
|
||||||
|
|
||||||
|
ti.dnsservername = rk_UNCONST(dnsservername);
|
||||||
|
ti.avflags = 1;
|
||||||
|
ret = heim_ntlm_encode_targetinfo(&ti, 1, &buf);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
|
||||||
|
memset(&ti, 0, sizeof(ti));
|
||||||
|
|
||||||
|
ret = heim_ntlm_decode_targetinfo(&buf, 1, &ti);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
|
||||||
|
if (ti.dnsservername == NULL ||
|
||||||
|
strcmp(ti.dnsservername, dnsservername) != 0)
|
||||||
|
errx(1, "ti.dnshostname != %s", dnsservername);
|
||||||
|
if (ti.avflags != 1)
|
||||||
|
errx(1, "ti.avflags != 1");
|
||||||
|
|
||||||
|
heim_ntlm_free_targetinfo(&ti);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int verbose_flag = 0;
|
||||||
static int version_flag = 0;
|
static int version_flag = 0;
|
||||||
static int help_flag = 0;
|
static int help_flag = 0;
|
||||||
|
|
||||||
static struct getargs args[] = {
|
static struct getargs args[] = {
|
||||||
|
{"verbose", 0, arg_flag, &verbose_flag, "verbose printing", NULL },
|
||||||
{"version", 0, arg_flag, &version_flag, "print version", NULL },
|
{"version", 0, arg_flag, &version_flag, "print version", NULL },
|
||||||
{"help", 0, arg_flag, &help_flag, NULL, NULL }
|
{"help", 0, arg_flag, &help_flag, NULL, NULL }
|
||||||
};
|
};
|
||||||
@@ -325,12 +360,21 @@ main(int argc, char **argv)
|
|||||||
argc -= optind;
|
argc -= optind;
|
||||||
argv += optind;
|
argv += optind;
|
||||||
|
|
||||||
printf("test_parse\n");
|
if (verbose_flag)
|
||||||
|
printf("test_parse\n");
|
||||||
|
|
||||||
ret += test_parse();
|
ret += test_parse();
|
||||||
printf("test_keys\n");
|
if (verbose_flag)
|
||||||
|
printf("test_keys\n");
|
||||||
|
|
||||||
ret += test_keys();
|
ret += test_keys();
|
||||||
printf("test_ntlm2_session_resp\n");
|
if (verbose_flag)
|
||||||
|
printf("test_ntlm2_session_resp\n");
|
||||||
ret += test_ntlm2_session_resp();
|
ret += test_ntlm2_session_resp();
|
||||||
|
|
||||||
return 0;
|
if (verbose_flag)
|
||||||
|
printf("test_targetinfo\n");
|
||||||
|
ret += test_targetinfo();
|
||||||
|
|
||||||
|
return ret;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@
|
|||||||
HEIMDAL_NTLM_1.0 {
|
HEIMDAL_NTLM_1.0 {
|
||||||
global:
|
global:
|
||||||
heim_ntlm_build_ntlm1_master;
|
heim_ntlm_build_ntlm1_master;
|
||||||
|
heim_ntlm_calculate_lm2;
|
||||||
heim_ntlm_calculate_ntlm1;
|
heim_ntlm_calculate_ntlm1;
|
||||||
heim_ntlm_calculate_ntlm2;
|
heim_ntlm_calculate_ntlm2;
|
||||||
heim_ntlm_calculate_ntlm2_sess;
|
heim_ntlm_calculate_ntlm2_sess;
|
||||||
@@ -22,6 +23,8 @@ HEIMDAL_NTLM_1.0 {
|
|||||||
heim_ntlm_nt_key;
|
heim_ntlm_nt_key;
|
||||||
heim_ntlm_ntlmv2_key;
|
heim_ntlm_ntlmv2_key;
|
||||||
heim_ntlm_verify_ntlm2;
|
heim_ntlm_verify_ntlm2;
|
||||||
|
heim_ntlm_unparse_flags;
|
||||||
|
initialize_ntlm_error_table_r;
|
||||||
local:
|
local:
|
||||||
*;
|
*;
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user