oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

pass on GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG, save the session master key

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19438 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-12-19 15:30:44 +00:00
parent edfb0d4719
commit ace0210c49
1 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
lib/gssapi/ntlm/init_sec_context.c
View File

@@ -117,6 +117,7 @@ _gss_ntlm_init_sec_context
krb5_error_code ret; krb5_error_code ret;
struct ntlm_type1 type1; struct ntlm_type1 type1;
struct ntlm_buf data; struct ntlm_buf data;
uint32_t flags = 0;
ctx = calloc(1, sizeof(*ctx)); ctx = calloc(1, sizeof(*ctx));
if (ctx == NULL) { if (ctx == NULL) {
@@ -132,9 +133,16 @@ _gss_ntlm_init_sec_context
return GSS_S_FAILURE; return GSS_S_FAILURE;
} }
if (req_flags & GSS_C_CONF_FLAG)
flags |= NTLM_NEG_SEAL;
if (req_flags & GSS_C_INTEG_FLAG)
flags |= NTLM_NEG_SIGN;
else
flags |= NTLM_NEG_ALWAYS_SIGN;
memset(&type1, 0, sizeof(type1)); memset(&type1, 0, sizeof(type1));
type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_NTLM; type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_NTLM | flags;
type1.domain = name->domain; type1.domain = name->domain;
type1.hostname = NULL; type1.hostname = NULL;
type1.os[0] = 0; type1.os[0] = 0;
@@ -169,6 +177,8 @@ _gss_ntlm_init_sec_context
return GSS_S_FAILURE; return GSS_S_FAILURE;
} }
ctx->flags = type2.flags;
/* XXX check that type2.targetinfo matches `target_name<6D> */ /* XXX check that type2.targetinfo matches `target_name<6D> */
memset(&type3, 0, sizeof(type3)); memset(&type3, 0, sizeof(type3));
@@ -180,6 +190,7 @@ _gss_ntlm_init_sec_context
{ {
struct ntlm_buf key; struct ntlm_buf key;
struct ntlm_buf sessionkey;
heim_ntlm_nt_key(ctx->password, &key); heim_ntlm_nt_key(ctx->password, &key);
memset(ctx->password, 0, strlen(ctx->password)); memset(ctx->password, 0, strlen(ctx->password));
@@ -188,6 +199,7 @@ _gss_ntlm_init_sec_context
&type3.ntlm); &type3.ntlm);
ret = heim_ntlm_build_ntlm1_master(key.data, key.length, ret = heim_ntlm_build_ntlm1_master(key.data, key.length,
&sessionkey,
&type3.sessionkey); &type3.sessionkey);
if (ret) { if (ret) {
_gss_ntlm_delete_sec_context(minor_status,context_handle,NULL); _gss_ntlm_delete_sec_context(minor_status,context_handle,NULL);
@@ -195,6 +207,20 @@ _gss_ntlm_init_sec_context
return GSS_S_FAILURE; return GSS_S_FAILURE;
} }
ret = krb5_data_copy(&ctx->sessionkey,
sessionkey.data, sessionkey.length);
free(sessionkey.data);
if (ret) {
_gss_ntlm_delete_sec_context(minor_status,context_handle,NULL);
*minor_status = ret;
return GSS_S_FAILURE;
}
ctx->status |= STATUS_SESSIONKEY;
RC4_set_key(&ctx->crypto.key,
ctx->sessionkey.length,
ctx->sessionkey.data);
memset(key.data, 0, key.length); memset(key.data, 0, key.length);
free(key.data); free(key.data);
} }