Fixed GetComputerNameExA calls. #3815

This commit is contained in:
akallabeth 2017-02-24 21:58:08 +01:00
parent 689d2696d2
commit 705c0c1e12
3 changed files with 195 additions and 118 deletions

View File

@ -252,13 +252,24 @@ void settings_load_hkey_local_machine(rdpSettings* settings)
BOOL settings_get_computer_name(rdpSettings* settings)
{
DWORD nSize = MAX_COMPUTERNAME_LENGTH + 1;
CHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD nSize = 0;
CHAR* computerName;
if (GetComputerNameExA(ComputerNameNetBIOS, NULL, &nSize))
return FALSE;
computerName = calloc(nSize, sizeof(CHAR));
if (!computerName)
return FALSE;
if (!GetComputerNameExA(ComputerNameNetBIOS, computerName, &nSize))
return FALSE;
settings->ComputerName = _strdup(computerName);
if (nSize > MAX_COMPUTERNAME_LENGTH)
computerName[MAX_COMPUTERNAME_LENGTH] = '\0';
settings->ComputerName = computerName;
if (!settings->ComputerName)
return FALSE;
@ -592,7 +603,6 @@ rdpSettings* freerdp_settings_new(DWORD flags)
goto out_fail;
settings->ActionScript = _strdup("~/.config/freerdp/action.sh");
return settings;
out_fail:
free(settings->HomePath);

View File

@ -47,20 +47,34 @@ int ntlm_SetContextWorkstation(NTLM_CONTEXT* context, char* Workstation)
{
int status;
char* ws = Workstation;
CHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD nSize = sizeof(computerName) / sizeof(CHAR);
DWORD nSize = 0;
CHAR* computerName;
if (!Workstation)
{
if (GetComputerNameExA(ComputerNameNetBIOS, NULL, &nSize))
return -1;
computerName = calloc(nSize, sizeof(CHAR));
if (!computerName)
return -1;
if (!GetComputerNameExA(ComputerNameNetBIOS, computerName, &nSize))
return -1;
ws = _strdup(computerName);
if (nSize > MAX_COMPUTERNAME_LENGTH)
computerName[MAX_COMPUTERNAME_LENGTH] = '\0';
ws = computerName;
if (!ws)
return -1;
}
context->Workstation.Buffer = NULL;
status = ConvertToUnicode(CP_UTF8, 0, ws, -1, &context->Workstation.Buffer, 0);
if (!Workstation)
free(ws);
@ -69,7 +83,6 @@ int ntlm_SetContextWorkstation(NTLM_CONTEXT* context, char* Workstation)
context->Workstation.Length = (USHORT)(status - 1);
context->Workstation.Length *= 2;
return 1;
}
@ -82,13 +95,14 @@ int ntlm_SetContextServicePrincipalNameW(NTLM_CONTEXT* context, LPWSTR ServicePr
return 1;
}
context->ServicePrincipalName.Length = (USHORT) (_wcslen(ServicePrincipalName) * 2);
context->ServicePrincipalName.Length = (USHORT)(_wcslen(ServicePrincipalName) * 2);
context->ServicePrincipalName.Buffer = (PWSTR) malloc(context->ServicePrincipalName.Length + 2);
if (!context->ServicePrincipalName.Buffer)
return -1;
CopyMemory(context->ServicePrincipalName.Buffer, ServicePrincipalName, context->ServicePrincipalName.Length + 2);
CopyMemory(context->ServicePrincipalName.Buffer, ServicePrincipalName,
context->ServicePrincipalName.Length + 2);
return 1;
}
@ -96,7 +110,8 @@ int ntlm_SetContextServicePrincipalNameA(NTLM_CONTEXT* context, char* ServicePri
{
int status;
context->ServicePrincipalName.Buffer = NULL;
status = ConvertToUnicode(CP_UTF8, 0, ServicePrincipalName, -1, &context->ServicePrincipalName.Buffer, 0);
status = ConvertToUnicode(CP_UTF8, 0, ServicePrincipalName, -1,
&context->ServicePrincipalName.Buffer, 0);
if (status <= 0)
return -1;
@ -108,16 +123,28 @@ int ntlm_SetContextServicePrincipalNameA(NTLM_CONTEXT* context, char* ServicePri
int ntlm_SetContextTargetName(NTLM_CONTEXT* context, char* TargetName)
{
int status;
CHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD nSize = sizeof(computerName) / sizeof(CHAR);
char* name = TargetName;
DWORD nSize = 0;
CHAR* computerName = NULL;
if (!name)
{
if (!GetComputerNameExA(ComputerNameDnsHostname, computerName, &nSize))
if (GetComputerNameExA(ComputerNameNetBIOS, NULL, &nSize))
return -1;
name = _strdup(computerName);
computerName = calloc(nSize, sizeof(CHAR));
if (!computerName)
return -1;
if (!GetComputerNameExA(ComputerNameNetBIOS, computerName, &nSize))
return -1;
if (nSize > MAX_COMPUTERNAME_LENGTH)
computerName[MAX_COMPUTERNAME_LENGTH] = '\0';
name = computerName;
if (!name)
return -1;
@ -131,6 +158,7 @@ int ntlm_SetContextTargetName(NTLM_CONTEXT* context, char* TargetName)
{
if (!TargetName)
free(name);
return -1;
}
@ -150,7 +178,6 @@ NTLM_CONTEXT* ntlm_ContextNew()
DWORD dwSize;
DWORD dwValue;
NTLM_CONTEXT* context;
context = (NTLM_CONTEXT*) calloc(1, sizeof(NTLM_CONTEXT));
if (!context)
@ -173,13 +200,16 @@ NTLM_CONTEXT* ntlm_ContextNew()
if (RegQueryValueEx(hKey, _T("UseMIC"), NULL, &dwType, (BYTE*) &dwValue, &dwSize) == ERROR_SUCCESS)
context->UseMIC = dwValue ? 1 : 0;
if (RegQueryValueEx(hKey, _T("SendVersionInfo"), NULL, &dwType, (BYTE*) &dwValue, &dwSize) == ERROR_SUCCESS)
if (RegQueryValueEx(hKey, _T("SendVersionInfo"), NULL, &dwType, (BYTE*) &dwValue,
&dwSize) == ERROR_SUCCESS)
context->SendVersionInfo = dwValue ? 1 : 0;
if (RegQueryValueEx(hKey, _T("SendSingleHostData"), NULL, &dwType, (BYTE*) &dwValue, &dwSize) == ERROR_SUCCESS)
if (RegQueryValueEx(hKey, _T("SendSingleHostData"), NULL, &dwType, (BYTE*) &dwValue,
&dwSize) == ERROR_SUCCESS)
context->SendSingleHostData = dwValue ? 1 : 0;
if (RegQueryValueEx(hKey, _T("SendWorkstationName"), NULL, &dwType, (BYTE*) &dwValue, &dwSize) == ERROR_SUCCESS)
if (RegQueryValueEx(hKey, _T("SendWorkstationName"), NULL, &dwType, (BYTE*) &dwValue,
&dwSize) == ERROR_SUCCESS)
context->SendWorkstationName = dwValue ? 1 : 0;
if (RegQueryValueEx(hKey, _T("WorkstationName"), NULL, &dwType, NULL, &dwSize) == ERROR_SUCCESS)
@ -188,7 +218,7 @@ NTLM_CONTEXT* ntlm_ContextNew()
if (!workstation)
{
free (context);
free(context);
return NULL;
}
@ -213,11 +243,13 @@ NTLM_CONTEXT* ntlm_ContextNew()
* but enabling it in WinPR breaks TS Gateway at this point
*/
context->SuppressExtendedProtection = FALSE;
status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("System\\CurrentControlSet\\Control\\LSA"), 0, KEY_READ | KEY_WOW64_64KEY, &hKey);
status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("System\\CurrentControlSet\\Control\\LSA"), 0,
KEY_READ | KEY_WOW64_64KEY, &hKey);
if (status == ERROR_SUCCESS)
{
if (RegQueryValueEx(hKey, _T("SuppressExtendedProtection"), NULL, &dwType, (BYTE*) &dwValue, &dwSize) == ERROR_SUCCESS)
if (RegQueryValueEx(hKey, _T("SuppressExtendedProtection"), NULL, &dwType, (BYTE*) &dwValue,
&dwSize) == ERROR_SUCCESS)
context->SuppressExtendedProtection = dwValue ? 1 : 0;
RegCloseKey(hKey);
@ -253,16 +285,17 @@ void ntlm_ContextFree(NTLM_CONTEXT* context)
free(context);
}
SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal,
SEC_WCHAR* pszPackage,
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
SSPI_CREDENTIALS* credentials;
SEC_WINNT_AUTH_IDENTITY* identity;
if ((fCredentialUse != SECPKG_CRED_OUTBOUND) &&
(fCredentialUse != SECPKG_CRED_INBOUND) &&
(fCredentialUse != SECPKG_CRED_BOTH))
(fCredentialUse != SECPKG_CRED_INBOUND) &&
(fCredentialUse != SECPKG_CRED_BOTH))
{
return SEC_E_INVALID_PARAMETER;
}
@ -285,16 +318,17 @@ SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal,
SEC_CHAR* pszPackage,
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
SSPI_CREDENTIALS* credentials;
SEC_WINNT_AUTH_IDENTITY* identity;
if ((fCredentialUse != SECPKG_CRED_OUTBOUND) &&
(fCredentialUse != SECPKG_CRED_INBOUND) &&
(fCredentialUse != SECPKG_CRED_BOTH))
(fCredentialUse != SECPKG_CRED_INBOUND) &&
(fCredentialUse != SECPKG_CRED_BOTH))
{
return SEC_E_INVALID_PARAMETER;
}
@ -333,7 +367,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_FreeCredentialsHandle(PCredHandle phCredential)
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesW(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesW(PCredHandle phCredential,
ULONG ulAttribute, void* pBuffer)
{
if (ulAttribute == SECPKG_CRED_ATTR_NAMES)
{
@ -343,7 +378,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesW(PCredHandle phCredent
return SEC_E_UNSUPPORTED_FUNCTION;
}
SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesA(PCredHandle phCredential,
ULONG ulAttribute, void* pBuffer)
{
return ntlm_QueryCredentialsAttributesW(phCredential, ulAttribute, pBuffer);
}
@ -351,9 +387,10 @@ SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesA(PCredHandle phCredent
/**
* @see http://msdn.microsoft.com/en-us/library/windows/desktop/aa374707
*/
SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(PCredHandle phCredential,
PCtxtHandle phContext,
PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
{
NTLM_CONTEXT* context;
SECURITY_STATUS status;
@ -462,10 +499,11 @@ SECURITY_STATUS SEC_ENTRY ntlm_ImpersonateSecurityContext(PCtxtHandle phContext)
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(PCredHandle phCredential,
PCtxtHandle phContext,
SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
NTLM_CONTEXT* context;
SECURITY_STATUS status;
@ -577,10 +615,11 @@ SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(PCredHandle phCredenti
/**
* @see http://msdn.microsoft.com/en-us/library/windows/desktop/aa375512%28v=vs.85%29.aspx
*/
SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextA(PCredHandle phCredential,
PCtxtHandle phContext,
SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
SECURITY_STATUS status;
SEC_WCHAR* pszTargetNameW = NULL;
@ -592,10 +631,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextA(PCredHandle phCredenti
}
status = ntlm_InitializeSecurityContextW(phCredential, phContext, pszTargetNameW, fContextReq,
Reserved1, TargetDataRep, pInput, Reserved2, phNewContext, pOutput, pfContextAttr, ptsExpiry);
Reserved1, TargetDataRep, pInput, Reserved2, phNewContext, pOutput, pfContextAttr, ptsExpiry);
free(pszTargetNameW);
return status;
}
@ -632,7 +669,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(PCtxtHandle phContext)
/* http://msdn.microsoft.com/en-us/library/windows/desktop/aa379337/ */
SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute,
void* pBuffer)
{
NTLM_CONTEXT* context;
@ -663,23 +701,27 @@ SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, UL
context->UseSamFileDatabase = FALSE;
credentials = context->credentials;
ZeroMemory(AuthIdentity, sizeof(SecPkgContext_AuthIdentity));
UserA = AuthIdentity->User;
if (credentials->identity.UserLength > 0) {
if (credentials->identity.UserLength > 0)
{
status = ConvertFromUnicode(CP_UTF8, 0,
(WCHAR *)credentials->identity.User,
credentials->identity.UserLength, &UserA, 256, NULL,
NULL);
(WCHAR*)credentials->identity.User,
credentials->identity.UserLength, &UserA, 256, NULL,
NULL);
if (status <= 0)
return SEC_E_INTERNAL_ERROR;
}
DomainA = AuthIdentity->Domain;
if (credentials->identity.DomainLength > 0) {
if (credentials->identity.DomainLength > 0)
{
status = ConvertFromUnicode(CP_UTF8, 0,
(WCHAR *)credentials->identity.Domain,
credentials->identity.DomainLength, &DomainA, 256,
NULL, NULL);
(WCHAR*)credentials->identity.Domain,
credentials->identity.DomainLength, &DomainA, 256,
NULL, NULL);
if (status <= 0)
return SEC_E_INTERNAL_ERROR;
@ -689,16 +731,15 @@ SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, UL
}
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_NTPROOF_VALUE)
{
BYTE *blob;
SecBuffer *ntproof, *target;
ntproof = (SecBuffer *)pBuffer;
BYTE* blob;
SecBuffer* ntproof, *target;
ntproof = (SecBuffer*)pBuffer;
target = &context->ChallengeTargetInfo;
if (!sspi_SecBufferAlloc(ntproof, 36 + target->cbBuffer))
return (SEC_E_INSUFFICIENT_MEMORY);
blob = (BYTE *)ntproof->pvBuffer;
blob = (BYTE*)ntproof->pvBuffer;
/* Server challenge. */
CopyMemory(blob, context->ServerChallenge, 8);
/* Response version. */
@ -713,74 +754,65 @@ SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, UL
/* Reserved 4B. */
/* Server name. */
CopyMemory(&blob[36], target->pvBuffer, target->cbBuffer);
return (SEC_E_OK);
}
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_RANDKEY)
{
SecBuffer *randkey;
SecBuffer* randkey;
randkey = (SecBuffer*) pBuffer;
randkey = (SecBuffer *) pBuffer;
if (!sspi_SecBufferAlloc(randkey, 16))
return (SEC_E_INSUFFICIENT_MEMORY);
CopyMemory(randkey->pvBuffer, context->EncryptedRandomSessionKey, 16);
return (SEC_E_OK);
}
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_MIC)
{
SecBuffer *mic;
NTLM_AUTHENTICATE_MESSAGE *message;
mic = (SecBuffer *) pBuffer;
SecBuffer* mic;
NTLM_AUTHENTICATE_MESSAGE* message;
mic = (SecBuffer*) pBuffer;
message = &context->AUTHENTICATE_MESSAGE;
if (!sspi_SecBufferAlloc(mic, 16))
return (SEC_E_INSUFFICIENT_MEMORY);
CopyMemory(mic->pvBuffer, message->MessageIntegrityCheck, 16);
return (SEC_E_OK);
}
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_MIC_VALUE)
{
BYTE *blob;
SecBuffer *micvalue;
BYTE* blob;
SecBuffer* micvalue;
ULONG msgSize = context->NegotiateMessage.cbBuffer + context->ChallengeMessage.cbBuffer +
context->AuthenticateMessage.cbBuffer;
micvalue = (SecBuffer *) pBuffer;
context->AuthenticateMessage.cbBuffer;
micvalue = (SecBuffer*) pBuffer;
if (!sspi_SecBufferAlloc(micvalue, msgSize))
return (SEC_E_INSUFFICIENT_MEMORY);
blob = (BYTE *) micvalue->pvBuffer;
blob = (BYTE*) micvalue->pvBuffer;
CopyMemory(blob, context->NegotiateMessage.pvBuffer, context->NegotiateMessage.cbBuffer);
blob += context->NegotiateMessage.cbBuffer;
CopyMemory(blob, context->ChallengeMessage.pvBuffer, context->ChallengeMessage.cbBuffer);
blob += context->ChallengeMessage.cbBuffer;
CopyMemory(blob, context->AuthenticateMessage.pvBuffer, context->AuthenticateMessage.cbBuffer);
blob += context->MessageIntegrityCheckOffset;
ZeroMemory(blob, 16);
return (SEC_E_OK);
}
return SEC_E_UNSUPPORTED_FUNCTION;
}
SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute,
void* pBuffer)
{
return ntlm_QueryContextAttributesW(phContext, ulAttribute, pBuffer);
}
SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer, ULONG cbBuffer)
SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute,
void* pBuffer, ULONG cbBuffer)
{
NTLM_CONTEXT* context;
@ -809,7 +841,6 @@ SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesW(PCtxtHandle phContext, ULON
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_SAM_FILE)
{
const char* filename = (char*) pBuffer;
free(context->SamFile);
context->SamFile = NULL;
@ -833,22 +864,28 @@ SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesW(PCtxtHandle phContext, ULON
if (AuthNtlmMessage->type == 1)
{
sspi_SecBufferFree(&context->NegotiateMessage);
if (!sspi_SecBufferAlloc(&context->NegotiateMessage, AuthNtlmMessage->length))
return SEC_E_INSUFFICIENT_MEMORY;
CopyMemory(context->NegotiateMessage.pvBuffer, AuthNtlmMessage->buffer, AuthNtlmMessage->length);
}
else if (AuthNtlmMessage->type == 2)
{
sspi_SecBufferFree(&context->ChallengeMessage);
if (!sspi_SecBufferAlloc(&context->ChallengeMessage, AuthNtlmMessage->length))
return SEC_E_INSUFFICIENT_MEMORY;
CopyMemory(context->ChallengeMessage.pvBuffer, AuthNtlmMessage->buffer, AuthNtlmMessage->length);
}
else if (AuthNtlmMessage->type == 3)
{
sspi_SecBufferFree(&context->AuthenticateMessage);
if (!sspi_SecBufferAlloc(&context->AuthenticateMessage, AuthNtlmMessage->length))
return SEC_E_INSUFFICIENT_MEMORY;
CopyMemory(context->AuthenticateMessage.pvBuffer, AuthNtlmMessage->buffer, AuthNtlmMessage->length);
}
@ -870,7 +907,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesW(PCtxtHandle phContext, ULON
}
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_CLIENT_CHALLENGE)
{
SecPkgContext_AuthNtlmClientChallenge* AuthNtlmClientChallenge = (SecPkgContext_AuthNtlmClientChallenge*) pBuffer;
SecPkgContext_AuthNtlmClientChallenge* AuthNtlmClientChallenge =
(SecPkgContext_AuthNtlmClientChallenge*) pBuffer;
if (cbBuffer < sizeof(SecPkgContext_AuthNtlmClientChallenge))
return SEC_E_INVALID_PARAMETER;
@ -880,7 +918,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesW(PCtxtHandle phContext, ULON
}
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_SERVER_CHALLENGE)
{
SecPkgContext_AuthNtlmServerChallenge* AuthNtlmServerChallenge = (SecPkgContext_AuthNtlmServerChallenge*) pBuffer;
SecPkgContext_AuthNtlmServerChallenge* AuthNtlmServerChallenge =
(SecPkgContext_AuthNtlmServerChallenge*) pBuffer;
if (cbBuffer < sizeof(SecPkgContext_AuthNtlmServerChallenge))
return SEC_E_INVALID_PARAMETER;
@ -892,7 +931,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesW(PCtxtHandle phContext, ULON
return SEC_E_UNSUPPORTED_FUNCTION;
}
SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer, ULONG cbBuffer)
SECURITY_STATUS SEC_ENTRY ntlm_SetContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute,
void* pBuffer, ULONG cbBuffer)
{
return ntlm_SetContextAttributesW(phContext, ulAttribute, pBuffer, cbBuffer);
}
@ -902,7 +942,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_RevertSecurityContext(PCtxtHandle phContext)
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
int index;
int length;
@ -944,6 +985,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
CopyMemory(data, data_buffer->pvBuffer, length);
/* Compute the HMAC-MD5 hash of ConcatenationOf(seq_num,data) using the client signing key */
hmac = winpr_HMAC_New();
if (hmac && winpr_HMAC_Init(hmac, WINPR_MD_MD5, context->SendSigningKey, WINPR_MD5_DIGEST_LENGTH))
{
Data_Write_UINT32(&value, SeqNo);
@ -988,7 +1030,8 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage,
ULONG MessageSeqNo, PULONG pfQOP)
{
int index;
int length;
@ -1038,6 +1081,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
/* Compute the HMAC-MD5 hash of ConcatenationOf(seq_num,data) using the client signing key */
hmac = winpr_HMAC_New();
if (hmac && winpr_HMAC_Init(hmac, WINPR_MD_MD5, context->RecvSigningKey, WINPR_MD5_DIGEST_LENGTH))
{
Data_Write_UINT32(&value, SeqNo);
@ -1052,6 +1096,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
free(data);
return SEC_E_INSUFFICIENT_MEMORY;
}
#ifdef WITH_DEBUG_NTLM
WLog_DBG(TAG, "Encrypted Data Buffer (length = %d)", length);
winpr_HexDump(TAG, WLOG_DEBUG, data, length);
@ -1081,12 +1126,14 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle phContext, ULONG fQOP,
PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
return SEC_E_UNSUPPORTED_FUNCTION;
}
SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage,
ULONG MessageSeqNo, PULONG pfQOP)
{
return SEC_E_UNSUPPORTED_FUNCTION;
}
@ -1165,13 +1212,13 @@ const SecPkgInfoA NTLM_SecPkgInfoA =
"NTLM Security Package" /* Comment */
};
WCHAR NTLM_SecPkgInfoW_Name[] = { 'N','T','L','M','\0' };
WCHAR NTLM_SecPkgInfoW_Name[] = { 'N', 'T', 'L', 'M', '\0' };
WCHAR NTLM_SecPkgInfoW_Comment[] =
{
'N','T','L','M',' ',
'S','e','c','u','r','i','t','y',' ',
'P','a','c','k','a','g','e','\0'
'N', 'T', 'L', 'M', ' ',
'S', 'e', 'c', 'u', 'r', 'i', 't', 'y', ' ',
'P', 'a', 'c', 'k', 'a', 'g', 'e', '\0'
};
const SecPkgInfoW NTLM_SecPkgInfoW =

View File

@ -90,11 +90,11 @@ void ntlm_print_av_pair_list(NTLM_AV_PAIR* pAvPairList)
while (ntlm_av_pair_get_id(pAvPair) != MsvAvEOL)
{
WLog_INFO(TAG, "\t%s AvId: %"PRIu16" AvLen: %"PRIu16"",
AV_PAIR_STRINGS[ntlm_av_pair_get_id(pAvPair)],
ntlm_av_pair_get_id(pAvPair),
ntlm_av_pair_get_len(pAvPair));
AV_PAIR_STRINGS[ntlm_av_pair_get_id(pAvPair)],
ntlm_av_pair_get_id(pAvPair),
ntlm_av_pair_get_len(pAvPair));
winpr_HexDump(TAG, WLOG_INFO, ntlm_av_pair_get_value_pointer(pAvPair),
ntlm_av_pair_get_len(pAvPair));
ntlm_av_pair_get_len(pAvPair));
pAvPair = ntlm_av_pair_get_next_pointer(pAvPair);
}
}
@ -141,7 +141,8 @@ NTLM_AV_PAIR* ntlm_av_pair_get(NTLM_AV_PAIR* pAvPairList, NTLM_AV_ID AvId)
return NULL;
}
NTLM_AV_PAIR* ntlm_av_pair_add(NTLM_AV_PAIR* pAvPairList, NTLM_AV_ID AvId, PBYTE Value, UINT16 AvLen)
NTLM_AV_PAIR* ntlm_av_pair_add(NTLM_AV_PAIR* pAvPairList, NTLM_AV_ID AvId, PBYTE Value,
UINT16 AvLen)
{
NTLM_AV_PAIR* pAvPair;
pAvPair = ntlm_av_pair_get(pAvPairList, MsvAvEOL);
@ -167,8 +168,8 @@ NTLM_AV_PAIR* ntlm_av_pair_add_copy(NTLM_AV_PAIR* pAvPairList, NTLM_AV_PAIR* pAv
CopyMemory(&pAvPairCopy->AvId, &pAvPair->AvId, 2);
CopyMemory(&pAvPairCopy->AvLen, &pAvPair->AvLen, 2);
CopyMemory(ntlm_av_pair_get_value_pointer(pAvPairCopy),
ntlm_av_pair_get_value_pointer(pAvPair),
ntlm_av_pair_get_len (pAvPair));
ntlm_av_pair_get_value_pointer(pAvPair),
ntlm_av_pair_get_len(pAvPair));
return pAvPairCopy;
}
@ -176,13 +177,25 @@ int ntlm_get_target_computer_name(PUNICODE_STRING pName, COMPUTER_NAME_FORMAT ty
{
char* name;
int status;
CHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD nSize = sizeof(computerName) / sizeof(CHAR);
DWORD nSize = 0;
CHAR* computerName;
if (!GetComputerNameExA(type, computerName, &nSize))
if (GetComputerNameExA(ComputerNameNetBIOS, NULL, &nSize))
return -1;
name = _strdup(computerName);
computerName = calloc(nSize, sizeof(CHAR));
if (!computerName)
return -1;
if (!GetComputerNameExA(ComputerNameNetBIOS, computerName, &nSize))
return -1;
if (nSize > MAX_COMPUTERNAME_LENGTH)
computerName[MAX_COMPUTERNAME_LENGTH] = '\0';
name = computerName;
if (!name)
return -1;
@ -210,7 +223,6 @@ void ntlm_free_unicode_string(PUNICODE_STRING string)
if (string->Length > 0)
{
free(string->Buffer);
string->Buffer = NULL;
string->Length = 0;
string->MaximumLength = 0;
@ -262,7 +274,6 @@ void ntlm_compute_channel_bindings(NTLM_CONTEXT* context)
BYTE* ChannelBindingToken;
UINT32 ChannelBindingTokenLength;
SEC_CHANNEL_BINDINGS* ChannelBindings;
ZeroMemory(context->ChannelBindingsHash, WINPR_MD5_DIGEST_LENGTH);
ChannelBindings = context->Bindings.Bindings;
@ -280,17 +291,22 @@ void ntlm_compute_channel_bindings(NTLM_CONTEXT* context)
if (!ntlm_md5_update_uint32_be(md5, ChannelBindings->dwInitiatorAddrType))
goto out;
if (!ntlm_md5_update_uint32_be(md5, ChannelBindings->cbInitiatorLength))
goto out;
if (!ntlm_md5_update_uint32_be(md5, ChannelBindings->dwAcceptorAddrType))
goto out;
if (!ntlm_md5_update_uint32_be(md5, ChannelBindings->cbAcceptorLength))
goto out;
if (!ntlm_md5_update_uint32_be(md5, ChannelBindings->cbApplicationDataLength))
goto out;
if (!winpr_Digest_Update(md5, (void*) ChannelBindingToken, ChannelBindingTokenLength))
goto out;
if (!winpr_Digest_Final(md5, context->ChannelBindingsHash, WINPR_MD5_DIGEST_LENGTH))
goto out;
@ -348,7 +364,7 @@ int ntlm_construct_challenge_target_info(NTLM_CONTEXT* context)
AvPairsCount = 5;
AvPairsLength = NbDomainName.Length + NbComputerName.Length +
DnsDomainName.Length + DnsComputerName.Length + 8;
DnsDomainName.Length + DnsComputerName.Length + 8;
length = ntlm_av_pair_list_size(AvPairsCount, AvPairsLength);
if (!sspi_SecBufferAlloc(&context->ChallengeTargetInfo, length))
@ -358,9 +374,12 @@ int ntlm_construct_challenge_target_info(NTLM_CONTEXT* context)
AvPairListSize = (ULONG) context->ChallengeTargetInfo.cbBuffer;
ntlm_av_pair_list_init(pAvPairList);
ntlm_av_pair_add(pAvPairList, MsvAvNbDomainName, (PBYTE) NbDomainName.Buffer, NbDomainName.Length);
ntlm_av_pair_add(pAvPairList, MsvAvNbComputerName, (PBYTE) NbComputerName.Buffer, NbComputerName.Length);
ntlm_av_pair_add(pAvPairList, MsvAvDnsDomainName, (PBYTE) DnsDomainName.Buffer, DnsDomainName.Length);
ntlm_av_pair_add(pAvPairList, MsvAvDnsComputerName, (PBYTE) DnsComputerName.Buffer, DnsComputerName.Length);
ntlm_av_pair_add(pAvPairList, MsvAvNbComputerName, (PBYTE) NbComputerName.Buffer,
NbComputerName.Length);
ntlm_av_pair_add(pAvPairList, MsvAvDnsDomainName, (PBYTE) DnsDomainName.Buffer,
DnsDomainName.Length);
ntlm_av_pair_add(pAvPairList, MsvAvDnsComputerName, (PBYTE) DnsComputerName.Buffer,
DnsComputerName.Length);
ntlm_av_pair_add(pAvPairList, MsvAvTimestamp, context->Timestamp, sizeof(context->Timestamp));
ntlm_free_unicode_string(&NbDomainName);
ntlm_free_unicode_string(&NbComputerName);
@ -467,6 +486,7 @@ int ntlm_construct_authenticate_target_info(NTLM_CONTEXT* context)
if (!sspi_SecBufferAlloc(&context->AuthenticateTargetInfo, size))
return -1;
AuthenticateTargetInfo = (NTLM_AV_PAIR*) context->AuthenticateTargetInfo.pvBuffer;
ntlm_av_pair_list_init(AuthenticateTargetInfo);
@ -498,7 +518,7 @@ int ntlm_construct_authenticate_target_info(NTLM_CONTEXT* context)
if (context->SendSingleHostData)
{
ntlm_av_pair_add(AuthenticateTargetInfo, MsvAvSingleHost,
(PBYTE) &context->SingleHostData, context->SingleHostData.Size);
(PBYTE) &context->SingleHostData, context->SingleHostData.Size);
}
if (!context->SuppressExtendedProtection)
@ -508,8 +528,8 @@ int ntlm_construct_authenticate_target_info(NTLM_CONTEXT* context)
if (context->ServicePrincipalName.Length > 0)
{
ntlm_av_pair_add(AuthenticateTargetInfo, MsvAvTargetName,
(PBYTE) context->ServicePrincipalName.Buffer,
context->ServicePrincipalName.Length);
(PBYTE) context->ServicePrincipalName.Buffer,
context->ServicePrincipalName.Length);
}
}