Handle more NTLM attributes

This patch adds the management of more NTLM attributes. Sponsored by: Wheel Systems (http://www.wheelsystems.com)
2016-01-20 22:21:05 +01:00 · 2016-01-20 22:21:05 +01:00 · a971f9e4bc
parent 3e19791bb7
commit a971f9e4bc
2 changed files with 91 additions and 2 deletions
--- a/winpr/include/winpr/sspi.h
+++ b/winpr/include/winpr/sspi.h
@ -999,8 +999,13 @@ extern "C" {
 #define SECPKG_ATTR_AUTH_NTLM_HASH			1003
 #define SECPKG_ATTR_AUTH_NTLM_MESSAGE			1100
 #define SECPKG_ATTR_AUTH_NTLM_TIMESTAMP			1101
-#define SECPKG_ATTR_AUTH_NTLM_CLIENT_CHALLENGE		1102
-#define SECPKG_ATTR_AUTH_NTLM_SERVER_CHALLENGE		1103
+#define SECPKG_ATTR_AUTH_NTLM_CLIENT_CHALLENGE	1102
+#define SECPKG_ATTR_AUTH_NTLM_SERVER_CHALLENGE	1103
+#define SECPKG_ATTR_AUTH_NTLM_NTPROOF_VALUE		1104
+#define SECPKG_ATTR_AUTH_NTLM_RANDKEY			1105
+#define SECPKG_ATTR_AUTH_NTLM_MIC				1106
+#define SECPKG_ATTR_AUTH_NTLM_MIC_VALUE			1107
+

 struct _SecPkgContext_AuthIdentity
 {
--- a/winpr/libwinpr/sspi/NTLM/ntlm.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm.c
@ -685,6 +685,90 @@ SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, UL

 		return SEC_E_OK;
 	}
+	else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_NTPROOF_VALUE)
+	{
+		BYTE *blob;
+		SecBuffer *ntproof, *target;
+
+		ntproof = (SecBuffer *)pBuffer;
+		target = &context->ChallengeTargetInfo;
+
+		if (!sspi_SecBufferAlloc(ntproof, 36 + target->cbBuffer))
+			return (SEC_E_INSUFFICIENT_MEMORY);
+
+		blob = (BYTE *)ntproof->pvBuffer;
+		/* Server challenge. */
+		CopyMemory(blob, context->ServerChallenge, 8);
+		/* Response version. */
+		blob[8] = 1;
+		/* Highest response version understood by the client. */
+		blob[9] = 1;
+		/* Reserved 6B. */
+		/* Time. */
+		CopyMemory(&blob[16], context->Timestamp, 8);
+		/* Client challenge. */
+		CopyMemory(&blob[24], context->ClientChallenge, 8);
+		/* Reserved 4B. */
+		/* Server name. */
+		CopyMemory(&blob[36], target->pvBuffer, target->cbBuffer);
+
+		return (SEC_E_OK);
+	}
+	else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_RANDKEY)
+	{
+		SecBuffer *randkey;
+
+		randkey = (SecBuffer *) pBuffer;
+		if (!sspi_SecBufferAlloc(randkey, 16))
+			return (SEC_E_INSUFFICIENT_MEMORY);
+
+		CopyMemory(randkey->pvBuffer, context->EncryptedRandomSessionKey, 16);
+
+		return (SEC_E_OK);
+	}
+	else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_MIC)
+	{
+		SecBuffer *mic;
+		NTLM_AUTHENTICATE_MESSAGE *message;
+
+		mic = (SecBuffer *) pBuffer;
+		message = &context->AUTHENTICATE_MESSAGE;
+
+		if (!sspi_SecBufferAlloc(mic, 16))
+			return (SEC_E_INSUFFICIENT_MEMORY);
+
+		CopyMemory(mic->pvBuffer, message->MessageIntegrityCheck, 16);
+
+		return (SEC_E_OK);
+	}
+	else if (ulAttribute == SECPKG_ATTR_AUTH_NTLM_MIC_VALUE)
+	{
+		BYTE *blob;
+		SecBuffer *micvalue;
+		ULONG msgSize = context->NegotiateMessage.cbBuffer + context->ChallengeMessage.cbBuffer +
+						context->AuthenticateMessage.cbBuffer;
+
+		micvalue = (SecBuffer *) pBuffer;
+
+		if (!sspi_SecBufferAlloc(micvalue, msgSize))
+			return (SEC_E_INSUFFICIENT_MEMORY);
+
+		blob = (BYTE *) micvalue->pvBuffer;
+
+		CopyMemory(blob, context->NegotiateMessage.pvBuffer, context->NegotiateMessage.cbBuffer);
+		blob += context->NegotiateMessage.cbBuffer;
+
+		CopyMemory(blob, context->ChallengeMessage.pvBuffer, context->ChallengeMessage.cbBuffer);
+		blob += context->ChallengeMessage.cbBuffer;
+
+		CopyMemory(blob, context->AuthenticateMessage.pvBuffer,	context->AuthenticateMessage.cbBuffer);
+
+		blob += context->MessageIntegrityCheckOffset;
+		ZeroMemory(blob, 16);
+
+		return (SEC_E_OK);
+	}
+

 	return SEC_E_UNSUPPORTED_FUNCTION;
 }