Handle more NTLM attributes
This patch adds the management of more NTLM attributes. Sponsored by: Wheel Systems (http://www.wheelsystems.com)
This commit is contained in:
parent
3e19791bb7
commit
a971f9e4bc
@ -999,8 +999,13 @@ extern "C" {
|
||||
#define SECPKG_ATTR_AUTH_NTLM_HASH 1003
|
||||
#define SECPKG_ATTR_AUTH_NTLM_MESSAGE 1100
|
||||
#define SECPKG_ATTR_AUTH_NTLM_TIMESTAMP 1101
|
||||
#define SECPKG_ATTR_AUTH_NTLM_CLIENT_CHALLENGE 1102
|
||||
#define SECPKG_ATTR_AUTH_NTLM_SERVER_CHALLENGE 1103
|
||||
#define SECPKG_ATTR_AUTH_NTLM_CLIENT_CHALLENGE 1102
|
||||
#define SECPKG_ATTR_AUTH_NTLM_SERVER_CHALLENGE 1103
|
||||
#define SECPKG_ATTR_AUTH_NTLM_NTPROOF_VALUE 1104
|
||||
#define SECPKG_ATTR_AUTH_NTLM_RANDKEY 1105
|
||||
#define SECPKG_ATTR_AUTH_NTLM_MIC 1106
|
||||
#define SECPKG_ATTR_AUTH_NTLM_MIC_VALUE 1107
|
||||
|
||||
|
||||
struct _SecPkgContext_AuthIdentity
|
||||
{
|
||||
|
@ -685,6 +685,90 @@ SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, UL
|
||||
|
||||
return SEC_E_OK;
|
||||
}
|
||||
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_NTPROOF_VALUE)
|
||||
{
|
||||
BYTE *blob;
|
||||
SecBuffer *ntproof, *target;
|
||||
|
||||
ntproof = (SecBuffer *)pBuffer;
|
||||
target = &context->ChallengeTargetInfo;
|
||||
|
||||
if (!sspi_SecBufferAlloc(ntproof, 36 + target->cbBuffer))
|
||||
return (SEC_E_INSUFFICIENT_MEMORY);
|
||||
|
||||
blob = (BYTE *)ntproof->pvBuffer;
|
||||
/* Server challenge. */
|
||||
CopyMemory(blob, context->ServerChallenge, 8);
|
||||
/* Response version. */
|
||||
blob[8] = 1;
|
||||
/* Highest response version understood by the client. */
|
||||
blob[9] = 1;
|
||||
/* Reserved 6B. */
|
||||
/* Time. */
|
||||
CopyMemory(&blob[16], context->Timestamp, 8);
|
||||
/* Client challenge. */
|
||||
CopyMemory(&blob[24], context->ClientChallenge, 8);
|
||||
/* Reserved 4B. */
|
||||
/* Server name. */
|
||||
CopyMemory(&blob[36], target->pvBuffer, target->cbBuffer);
|
||||
|
||||
return (SEC_E_OK);
|
||||
}
|
||||
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_RANDKEY)
|
||||
{
|
||||
SecBuffer *randkey;
|
||||
|
||||
randkey = (SecBuffer *) pBuffer;
|
||||
if (!sspi_SecBufferAlloc(randkey, 16))
|
||||
return (SEC_E_INSUFFICIENT_MEMORY);
|
||||
|
||||
CopyMemory(randkey->pvBuffer, context->EncryptedRandomSessionKey, 16);
|
||||
|
||||
return (SEC_E_OK);
|
||||
}
|
||||
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_MIC)
|
||||
{
|
||||
SecBuffer *mic;
|
||||
NTLM_AUTHENTICATE_MESSAGE *message;
|
||||
|
||||
mic = (SecBuffer *) pBuffer;
|
||||
message = &context->AUTHENTICATE_MESSAGE;
|
||||
|
||||
if (!sspi_SecBufferAlloc(mic, 16))
|
||||
return (SEC_E_INSUFFICIENT_MEMORY);
|
||||
|
||||
CopyMemory(mic->pvBuffer, message->MessageIntegrityCheck, 16);
|
||||
|
||||
return (SEC_E_OK);
|
||||
}
|
||||
else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_MIC_VALUE)
|
||||
{
|
||||
BYTE *blob;
|
||||
SecBuffer *micvalue;
|
||||
ULONG msgSize = context->NegotiateMessage.cbBuffer + context->ChallengeMessage.cbBuffer +
|
||||
context->AuthenticateMessage.cbBuffer;
|
||||
|
||||
micvalue = (SecBuffer *) pBuffer;
|
||||
|
||||
if (!sspi_SecBufferAlloc(micvalue, msgSize))
|
||||
return (SEC_E_INSUFFICIENT_MEMORY);
|
||||
|
||||
blob = (BYTE *) micvalue->pvBuffer;
|
||||
|
||||
CopyMemory(blob, context->NegotiateMessage.pvBuffer, context->NegotiateMessage.cbBuffer);
|
||||
blob += context->NegotiateMessage.cbBuffer;
|
||||
|
||||
CopyMemory(blob, context->ChallengeMessage.pvBuffer, context->ChallengeMessage.cbBuffer);
|
||||
blob += context->ChallengeMessage.cbBuffer;
|
||||
|
||||
CopyMemory(blob, context->AuthenticateMessage.pvBuffer, context->AuthenticateMessage.cbBuffer);
|
||||
|
||||
blob += context->MessageIntegrityCheckOffset;
|
||||
ZeroMemory(blob, 16);
|
||||
|
||||
return (SEC_E_OK);
|
||||
}
|
||||
|
||||
|
||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user