add targetinfo and comerr error codes

lib/ntlm/Makefile.am

@@ -8,7 +8,9 @@ lib_LTLIBRARIES = libheimntlm.la
 
 include_HEADERS = heimntlm.h heimntlm-protos.h
 
-libheimntlm_la_SOURCES	= ntlm.c heimntlm.h
+dist_libheimntlm_la_SOURCES = ntlm.c heimntlm.h
+
+nodist_libheimntlm_la_SOURCES = ntlm_err.c
 
 libheimntlm_la_LDFLAGS = -version-info 1:0:1
 
@@ -25,8 +27,7 @@ libheimntlm_la_LIBADD = \
 $(srcdir)/heimntlm-protos.h:
 	cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h
 
-$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h
-
+$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h ntlm_err.h
 
 TESTS = test_ntlm
 
@@ -34,4 +35,9 @@ check_PROGRAMS = test_ntlm
 
 LDADD = libheimntlm.la $(LIB_roken)
 
-EXTRA_DIST = version-script.map
+EXTRA_DIST = version-script.map ntlm_err.et
+
+CLEANFILES = \
+	ntlm_err.c ntlm_err.h
+
+ntlm_err.h: ntlm_err.et

lib/ntlm/heimntlm.h

@@ -54,6 +54,8 @@ struct ntlm_buf {
 #define NTLM_NEG_SEAL			0x00000020
 #define NTLM_NEG_DATAGRAM               0x00000040
 #define NTLM_NEG_LM_KEY                 0x00000080
+#define NTLM_NEG_NTLM			0x00000200
+#define NTLM_NEG_ANONYMOUS              0x00000800
 
 #define NTLM_MBZ8			0x00000100
 #define NTLM_NEG_NTLM			0x00000200
@@ -61,12 +63,13 @@ struct ntlm_buf {
 #define NTLM_MBZ7			0x00000800 /* anon ? */
 
 #define NTLM_OEM_SUPPLIED_DOMAIN	0x00001000
-#define NTLM_OEM_SUPPLIED_WORKSTAION	0x00002000
+#define NTLM_OEM_SUPPLIED_WORKSTATION	0x00002000
 #define NTLM_MBZ6			0x00004000 /* local call ? */
 #define NTLM_NEG_ALWAYS_SIGN		0x00008000
 
 #define NTLM_TARGET_DOMAIN		0x00010000
 #define NTLM_TARGET_SERVER		0x00020000
+
 #define NTLM_TARGET_SHARE		0x00040000
 #define NTLM_NEG_NTLM2_SESSION		0x00080000
 #define NTLM_NEG_NTLM2			0x00080000
@@ -84,18 +87,23 @@ struct ntlm_buf {
 #define NTLM_MBZ1			0x10000000
 #define NTLM_ENC_128			0x20000000
 #define NTLM_NEG_KEYEX			0x40000000
-#define NTLM_NEGOTIATE_56		0x80000000
+#define NTLM_ENC_56			0x80000000
 
 /**
  * Struct for the NTLM target info, the strings is assumed to be in
  * UTF8.  When filled in by the library it should be freed with
  * heim_ntlm_free_targetinfo().
  */
+
+#define NTLM_TI_AV_FLAG_GUEST		0x00000001
+
 struct ntlm_targetinfo {
     char *servername; /**< */
     char *domainname; /**< */
     char *dnsdomainname; /**< */
     char *dnsservername; /**< */
+    char *dnstreename; /**< */
+    uint32_t avflags; /**< */
 };
 
 /**
@@ -121,7 +129,7 @@ struct ntlm_type2 {
     uint32_t flags; /**< */
     char *targetname; /**< */
     struct ntlm_buf targetinfo; /**< */
-    unsigned char challange[8]; /**< */
+    unsigned char challenge[8]; /**< */
     uint32_t context[2]; /**< */
     uint32_t os[2]; /**< */
 };
@@ -143,6 +151,7 @@ struct ntlm_type3 {
     uint32_t os[2]; /**< */
 };
 
+#include <ntlm_err.h>
 #include <heimntlm-protos.h>
 
 #endif /* NTLM_NTLM_H */

lib/ntlm/ntlm_err.et

@@ -0,0 +1,24 @@
+#
+# Error messages for the ntlm library
+#
+# This might look like a com_err file, but is not
+#
+
+error_table ntlm
+
+prefix HNTLM_ERR
+error_code DECODE,		"Failed to decode packet"
+error_code INVALID_LENGTH,	"Input length invalid"
+error_code CRYPTO,		"Failed crypto primitive"
+error_code RAND,		"Random generator failed"
+error_code AUTH,		"NTLM authentication failed"
+error_code TIME_SKEW,		"Client time skewed to server"
+error_code OEM,			"Client set OEM string"
+error_code MISSING_NAME_SEPARATOR, "missing @ or \ in name"
+error_code MISSING_BUFFER, 	"missing expected buffer"
+error_code INVALID_APOP, 	"Invalid APOP response"
+error_code INVALID_CRAM_MD5, 	"Invalid CRAM-MD5 response"
+error_code INVALID_DIGEST_MD5, 	"Invalid DIGEST-MD5 response"
+error_code INVALID_DIGEST_MD5_RSPAUTH, 	"Invalid DIGEST-MD5 rspauth"
+
+end

lib/ntlm/test_ntlm.c

@@ -84,7 +84,7 @@ test_parse(void)
     flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
     type2.flags = flags;
 
-    memset(type2.challange, 0x7f, sizeof(type2.challange));
+    memset(type2.challenge, 0x7f, sizeof(type2.challenge));
     type2.targetname = rk_UNCONST(target);
     type2.targetinfo.data = NULL;
     type2.targetinfo.length = 0;
@@ -118,7 +118,7 @@ test_parse(void)
 	heim_ntlm_nt_key(password, &key);
 
 	heim_ntlm_calculate_ntlm1(key.data, key.length,
-				  type2.challange,
+				  type2.challenge,
 				  &type3.ntlm);
 	free(key.data);
     }
@@ -157,7 +157,7 @@ test_parse(void)
     flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
     type2.flags = flags;
 
-    memset(type2.challange, 0x7f, sizeof(type2.challange));
+    memset(type2.challenge, 0x7f, sizeof(type2.challenge));
     type2.targetname = rk_UNCONST(target);
     type2.targetinfo.data = "\x00\x00";
     type2.targetinfo.length = 2;
@@ -186,7 +186,7 @@ test_keys(void)
 	*password = "test1234",
 	*target = "TESTNT";
     const unsigned char
-	serverchallange[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c";
+	serverchallenge[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c";
     struct ntlm_buf infotarget, infotarget2, answer, key;
     unsigned char ntlmv2[16], ntlmv2_1[16];
     int ret;
@@ -209,7 +209,7 @@ test_keys(void)
 				    key.length,
 				    username,
 				    target,
-				    serverchallange,
+				    serverchallenge,
 				    &infotarget,
 				    ntlmv2,
 				    &answer);
@@ -221,7 +221,7 @@ test_keys(void)
 				 username,
 				 target,
 				 0,
-				 serverchallange,
+				 serverchallenge,
 				 &answer,
 				 &infotarget2,
 				 ntlmv2_1);
@@ -261,7 +261,7 @@ test_ntlm2_session_resp(void)
 
     const unsigned char client_nonce[8] =
 	"\xff\xff\xff\x00\x11\x22\x33\x44";
-    const unsigned char server_challange[8] =
+    const unsigned char server_challenge[8] =
 	"\x01\x23\x45\x67\x89\xab\xcd\xef";
 
     const unsigned char ntlm_hash[16] =
@@ -269,7 +269,7 @@ test_ntlm2_session_resp(void)
 	"\x1d\x33\xb7\x48\x5a\x2e\xd8\x08";
 
     ret = heim_ntlm_calculate_ntlm2_sess(client_nonce,
-					 server_challange,
+					 server_challenge,
 					 ntlm_hash,
 					 &lm,
 					 &ntlm);
@@ -288,10 +288,45 @@ test_ntlm2_session_resp(void)
     return 0;
 }
 
+static int
+test_targetinfo(void)
+{
+    struct ntlm_targetinfo ti;
+    struct ntlm_buf buf;
+    const char *dnsservername = "dnsservername";
+    int ret;
+
+    memset(&ti, 0, sizeof(ti));
+
+    ti.dnsservername = rk_UNCONST(dnsservername);
+    ti.avflags = 1;
+    ret = heim_ntlm_encode_targetinfo(&ti, 1, &buf);
+    if (ret)
+	return ret;
+
+    memset(&ti, 0, sizeof(ti));
+
+    ret = heim_ntlm_decode_targetinfo(&buf, 1, &ti);
+    if (ret)
+	return ret;
+
+    if (ti.dnsservername == NULL ||
+	strcmp(ti.dnsservername, dnsservername) != 0)
+	errx(1, "ti.dnshostname != %s", dnsservername);
+    if (ti.avflags != 1)
+	errx(1, "ti.avflags != 1");
+
+    heim_ntlm_free_targetinfo(&ti);
+
+    return 0;
+}
+
+static int verbose_flag = 0;
 static int version_flag = 0;
 static int help_flag	= 0;
 
 static struct getargs args[] = {
+    {"verbose",	0,	arg_flag,	&verbose_flag, "verbose printing", NULL },
     {"version",	0,	arg_flag,	&version_flag, "print version", NULL },
     {"help",	0,	arg_flag,	&help_flag,  NULL, NULL }
 };
@@ -325,12 +360,21 @@ main(int argc, char **argv)
     argc -= optind;
     argv += optind;
 
+    if (verbose_flag)
 	printf("test_parse\n");
+
     ret += test_parse();
+    if (verbose_flag)
 	printf("test_keys\n");
+
     ret += test_keys();
+    if (verbose_flag)
 	printf("test_ntlm2_session_resp\n");
     ret += test_ntlm2_session_resp();
 
-    return 0;
+    if (verbose_flag)
+	printf("test_targetinfo\n");
+    ret += test_targetinfo();
+
+    return ret;
 }

lib/ntlm/version-script.map

@@ -3,6 +3,7 @@
 HEIMDAL_NTLM_1.0 {
 	global:
 		heim_ntlm_build_ntlm1_master;
+		heim_ntlm_calculate_lm2;
 		heim_ntlm_calculate_ntlm1;
 		heim_ntlm_calculate_ntlm2;
 		heim_ntlm_calculate_ntlm2_sess;
@@ -22,6 +23,8 @@ HEIMDAL_NTLM_1.0 {
 		heim_ntlm_nt_key;
 		heim_ntlm_ntlmv2_key;
 		heim_ntlm_verify_ntlm2;
+		heim_ntlm_unparse_flags;
+		initialize_ntlm_error_table_r;
 	local:
 		*;
 };