libwinpr-sspi: cleanup NTLM messages
This commit is contained in:
Marc-André Moreau
parent
4a5bd8584a
commit
ff586504e7
@ -99,7 +99,7 @@ void ntlm_print_av_pair_list(NTLM_AV_PAIR* pAvPairList)
|
||||
ULONG ntlm_av_pair_list_size(ULONG AvPairsCount, ULONG AvPairsValueLength)
|
||||
{
|
||||
/* size of headers + value lengths + terminating MsvAvEOL AV_PAIR */
|
||||
return (AvPairsCount + 1) * sizeof(NTLM_AV_PAIR) + AvPairsValueLength;
|
||||
return ((AvPairsCount + 1) * 4) + AvPairsValueLength;
|
||||
}
|
||||
|
||||
PBYTE ntlm_av_pair_get_value_pointer(NTLM_AV_PAIR* pAvPair)
|
||||
|
||||
@ -339,8 +339,11 @@ void ntlm_compute_ntlm_v2_response(NTLM_CONTEXT* context)
|
||||
BYTE nt_proof_str[16];
|
||||
SecBuffer ntlm_v2_temp;
|
||||
SecBuffer ntlm_v2_temp_chal;
|
||||
PSecBuffer TargetInfo;
|
||||
|
||||
sspi_SecBufferAlloc(&ntlm_v2_temp, context->ChallengeTargetInfo.cbBuffer + 28);
|
||||
TargetInfo = &context->ChallengeTargetInfo;
|
||||
|
||||
sspi_SecBufferAlloc(&ntlm_v2_temp, TargetInfo->cbBuffer + 28);
|
||||
|
||||
ZeroMemory(ntlm_v2_temp.pvBuffer, ntlm_v2_temp.cbBuffer);
|
||||
blob = (BYTE*) ntlm_v2_temp.pvBuffer;
|
||||
@ -378,7 +381,7 @@ void ntlm_compute_ntlm_v2_response(NTLM_CONTEXT* context)
|
||||
CopyMemory(&blob[8], context->Timestamp, 8); /* Timestamp (8 bytes) */
|
||||
CopyMemory(&blob[16], context->ClientChallenge, 8); /* ClientChallenge (8 bytes) */
|
||||
/* Reserved3 (4 bytes) */
|
||||
CopyMemory(&blob[28], context->ChallengeTargetInfo.pvBuffer, context->ChallengeTargetInfo.cbBuffer);
|
||||
CopyMemory(&blob[28], TargetInfo->pvBuffer, TargetInfo->cbBuffer);
|
||||
|
||||
#ifdef WITH_DEBUG_NTLM
|
||||
printf("NTLMv2 Response Temp Blob\n");
|
||||
|
||||
@ -192,44 +192,46 @@ SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buf
|
||||
{
|
||||
wStream* s;
|
||||
int length;
|
||||
NTLM_NEGOTIATE_MESSAGE message;
|
||||
NTLM_NEGOTIATE_MESSAGE* message;
|
||||
|
||||
message = &context->NEGOTIATE_MESSAGE;
|
||||
ZeroMemory(message, sizeof(NTLM_NEGOTIATE_MESSAGE));
|
||||
|
||||
ZeroMemory(&message, sizeof(message));
|
||||
s = Stream_New(buffer->pvBuffer, buffer->cbBuffer);
|
||||
|
||||
ntlm_read_message_header(s, (NTLM_MESSAGE_HEADER*) &message);
|
||||
ntlm_read_message_header(s, (NTLM_MESSAGE_HEADER*) message);
|
||||
|
||||
if (!ntlm_validate_message_header(s, (NTLM_MESSAGE_HEADER*) &message, MESSAGE_TYPE_NEGOTIATE))
|
||||
if (!ntlm_validate_message_header(s, (NTLM_MESSAGE_HEADER*) message, MESSAGE_TYPE_NEGOTIATE))
|
||||
{
|
||||
Stream_Free(s, FALSE);
|
||||
return SEC_E_INVALID_TOKEN;
|
||||
}
|
||||
|
||||
Stream_Read_UINT32(s, message.NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
Stream_Read_UINT32(s, message->NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
|
||||
if (!((message.NegotiateFlags & NTLMSSP_REQUEST_TARGET) &&
|
||||
(message.NegotiateFlags & NTLMSSP_NEGOTIATE_NTLM) &&
|
||||
(message.NegotiateFlags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) &&
|
||||
(message.NegotiateFlags & NTLMSSP_NEGOTIATE_UNICODE)))
|
||||
if (!((message->NegotiateFlags & NTLMSSP_REQUEST_TARGET) &&
|
||||
(message->NegotiateFlags & NTLMSSP_NEGOTIATE_NTLM) &&
|
||||
(message->NegotiateFlags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) &&
|
||||
(message->NegotiateFlags & NTLMSSP_NEGOTIATE_UNICODE)))
|
||||
{
|
||||
Stream_Free(s, FALSE);
|
||||
return SEC_E_INVALID_TOKEN;
|
||||
}
|
||||
|
||||
context->NegotiateFlags = message.NegotiateFlags;
|
||||
context->NegotiateFlags = message->NegotiateFlags;
|
||||
|
||||
/* only set if NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED is set */
|
||||
|
||||
/* DomainNameFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.DomainName));
|
||||
ntlm_read_message_fields(s, &(message->DomainName));
|
||||
|
||||
/* only set if NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED is set */
|
||||
|
||||
/* WorkstationFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.Workstation));
|
||||
ntlm_read_message_fields(s, &(message->Workstation));
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_read_version_info(s, &(message.Version)); /* Version (8 bytes) */
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_read_version_info(s, &(message->Version)); /* Version (8 bytes) */
|
||||
|
||||
length = Stream_Position(s);
|
||||
buffer->cbBuffer = length;
|
||||
@ -243,10 +245,10 @@ SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buf
|
||||
winpr_HexDump(context->NegotiateMessage.pvBuffer, context->NegotiateMessage.cbBuffer);
|
||||
printf("\n");
|
||||
|
||||
ntlm_print_negotiate_flags(message.NegotiateFlags);
|
||||
ntlm_print_negotiate_flags(message->NegotiateFlags);
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message.Version));
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message->Version));
|
||||
#endif
|
||||
|
||||
context->state = NTLM_STATE_CHALLENGE;
|
||||
@ -260,58 +262,60 @@ SECURITY_STATUS ntlm_write_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer bu
|
||||
{
|
||||
wStream* s;
|
||||
int length;
|
||||
NTLM_NEGOTIATE_MESSAGE message;
|
||||
NTLM_NEGOTIATE_MESSAGE* message;
|
||||
|
||||
message = &context->NEGOTIATE_MESSAGE;
|
||||
ZeroMemory(message, sizeof(NTLM_NEGOTIATE_MESSAGE));
|
||||
|
||||
ZeroMemory(&message, sizeof(message));
|
||||
s = Stream_New(buffer->pvBuffer, buffer->cbBuffer);
|
||||
|
||||
ntlm_populate_message_header((NTLM_MESSAGE_HEADER*) &message, MESSAGE_TYPE_NEGOTIATE);
|
||||
ntlm_populate_message_header((NTLM_MESSAGE_HEADER*) message, MESSAGE_TYPE_NEGOTIATE);
|
||||
|
||||
if (context->NTLMv2)
|
||||
{
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_56;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_VERSION;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_LM_KEY;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_OEM;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_56;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_VERSION;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_LM_KEY;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_OEM;
|
||||
}
|
||||
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_KEY_EXCH;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_128;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_NTLM;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_SIGN;
|
||||
message.NegotiateFlags |= NTLMSSP_REQUEST_TARGET;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_UNICODE;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_KEY_EXCH;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_128;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_NTLM;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_SIGN;
|
||||
message->NegotiateFlags |= NTLMSSP_REQUEST_TARGET;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_UNICODE;
|
||||
|
||||
if (context->confidentiality)
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_SEAL;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_SEAL;
|
||||
|
||||
if (context->SendVersionInfo)
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_VERSION;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_VERSION;
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_get_version_info(&(message.Version));
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_get_version_info(&(message->Version));
|
||||
|
||||
context->NegotiateFlags = message.NegotiateFlags;
|
||||
context->NegotiateFlags = message->NegotiateFlags;
|
||||
|
||||
/* Message Header (12 bytes) */
|
||||
ntlm_write_message_header(s, (NTLM_MESSAGE_HEADER*) &message);
|
||||
ntlm_write_message_header(s, (NTLM_MESSAGE_HEADER*) message);
|
||||
|
||||
Stream_Write_UINT32(s, message.NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
Stream_Write_UINT32(s, message->NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
|
||||
/* only set if NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED is set */
|
||||
|
||||
/* DomainNameFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message.DomainName));
|
||||
ntlm_write_message_fields(s, &(message->DomainName));
|
||||
|
||||
/* only set if NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED is set */
|
||||
|
||||
/* WorkstationFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message.Workstation));
|
||||
ntlm_write_message_fields(s, &(message->Workstation));
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_write_version_info(s, &(message.Version));
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_write_version_info(s, &(message->Version));
|
||||
|
||||
length = Stream_Position(s);
|
||||
buffer->cbBuffer = length;
|
||||
@ -325,8 +329,8 @@ SECURITY_STATUS ntlm_write_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer bu
|
||||
winpr_HexDump(s->buffer, length);
|
||||
printf("\n");
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message.Version));
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message->Version));
|
||||
#endif
|
||||
|
||||
context->state = NTLM_STATE_CHALLENGE;
|
||||
@ -343,54 +347,56 @@ SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buf
|
||||
PBYTE StartOffset;
|
||||
PBYTE PayloadOffset;
|
||||
NTLM_AV_PAIR* AvTimestamp;
|
||||
NTLM_CHALLENGE_MESSAGE message;
|
||||
NTLM_CHALLENGE_MESSAGE* message;
|
||||
|
||||
ntlm_generate_client_challenge(context);
|
||||
|
||||
ZeroMemory(&message, sizeof(message));
|
||||
message = &context->CHALLENGE_MESSAGE;
|
||||
ZeroMemory(message, sizeof(NTLM_CHALLENGE_MESSAGE));
|
||||
|
||||
s = Stream_New(buffer->pvBuffer, buffer->cbBuffer);
|
||||
|
||||
StartOffset = Stream_Pointer(s);
|
||||
|
||||
ntlm_read_message_header(s, (NTLM_MESSAGE_HEADER*) &message);
|
||||
ntlm_read_message_header(s, (NTLM_MESSAGE_HEADER*) message);
|
||||
|
||||
if (!ntlm_validate_message_header(s, (NTLM_MESSAGE_HEADER*) &message, MESSAGE_TYPE_CHALLENGE))
|
||||
if (!ntlm_validate_message_header(s, (NTLM_MESSAGE_HEADER*) message, MESSAGE_TYPE_CHALLENGE))
|
||||
{
|
||||
Stream_Free(s, FALSE);
|
||||
return SEC_E_INVALID_TOKEN;
|
||||
}
|
||||
|
||||
/* TargetNameFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.TargetName));
|
||||
ntlm_read_message_fields(s, &(message->TargetName));
|
||||
|
||||
Stream_Read_UINT32(s, message.NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
context->NegotiateFlags = message.NegotiateFlags;
|
||||
Stream_Read_UINT32(s, message->NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
context->NegotiateFlags = message->NegotiateFlags;
|
||||
|
||||
Stream_Read(s, message.ServerChallenge, 8); /* ServerChallenge (8 bytes) */
|
||||
CopyMemory(context->ServerChallenge, message.ServerChallenge, 8);
|
||||
Stream_Read(s, message->ServerChallenge, 8); /* ServerChallenge (8 bytes) */
|
||||
CopyMemory(context->ServerChallenge, message->ServerChallenge, 8);
|
||||
|
||||
Stream_Read(s, message.Reserved, 8); /* Reserved (8 bytes), should be ignored */
|
||||
Stream_Read(s, message->Reserved, 8); /* Reserved (8 bytes), should be ignored */
|
||||
|
||||
/* TargetInfoFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.TargetInfo));
|
||||
ntlm_read_message_fields(s, &(message->TargetInfo));
|
||||
|
||||
if (context->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_read_version_info(s, &(message.Version)); /* Version (8 bytes) */
|
||||
ntlm_read_version_info(s, &(message->Version)); /* Version (8 bytes) */
|
||||
|
||||
/* Payload (variable) */
|
||||
PayloadOffset = Stream_Pointer(s);
|
||||
|
||||
if (message.TargetName.Len > 0)
|
||||
ntlm_read_message_fields_buffer(s, &(message.TargetName));
|
||||
if (message->TargetName.Len > 0)
|
||||
ntlm_read_message_fields_buffer(s, &(message->TargetName));
|
||||
|
||||
if (message.TargetInfo.Len > 0)
|
||||
if (message->TargetInfo.Len > 0)
|
||||
{
|
||||
ntlm_read_message_fields_buffer(s, &(message.TargetInfo));
|
||||
ntlm_read_message_fields_buffer(s, &(message->TargetInfo));
|
||||
|
||||
context->ChallengeTargetInfo.pvBuffer = message.TargetInfo.Buffer;
|
||||
context->ChallengeTargetInfo.cbBuffer = message.TargetInfo.Len;
|
||||
context->ChallengeTargetInfo.pvBuffer = message->TargetInfo.Buffer;
|
||||
context->ChallengeTargetInfo.cbBuffer = message->TargetInfo.Len;
|
||||
|
||||
AvTimestamp = ntlm_av_pair_get((NTLM_AV_PAIR*) message.TargetInfo.Buffer, MsvAvTimestamp);
|
||||
AvTimestamp = ntlm_av_pair_get((NTLM_AV_PAIR*) message->TargetInfo.Buffer, MsvAvTimestamp);
|
||||
|
||||
if (AvTimestamp != NULL)
|
||||
{
|
||||
@ -401,7 +407,7 @@ SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buf
|
||||
}
|
||||
}
|
||||
|
||||
length = (PayloadOffset - StartOffset) + message.TargetName.Len + message.TargetInfo.Len;
|
||||
length = (PayloadOffset - StartOffset) + message->TargetName.Len + message->TargetInfo.Len;
|
||||
|
||||
sspi_SecBufferAlloc(&context->ChallengeMessage, length);
|
||||
CopyMemory(context->ChallengeMessage.pvBuffer, StartOffset, length);
|
||||
@ -414,10 +420,10 @@ SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buf
|
||||
ntlm_print_negotiate_flags(context->NegotiateFlags);
|
||||
|
||||
if (context->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message.Version));
|
||||
ntlm_print_version_info(&(message->Version));
|
||||
|
||||
ntlm_print_message_fields(&(message.TargetName), "TargetName");
|
||||
ntlm_print_message_fields(&(message.TargetInfo), "TargetInfo");
|
||||
ntlm_print_message_fields(&(message->TargetName), "TargetName");
|
||||
ntlm_print_message_fields(&(message->TargetInfo), "TargetInfo");
|
||||
|
||||
if (context->ChallengeTargetInfo.cbBuffer > 0)
|
||||
{
|
||||
@ -515,7 +521,7 @@ SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buf
|
||||
|
||||
context->state = NTLM_STATE_AUTHENTICATE;
|
||||
|
||||
ntlm_free_message_fields_buffer(&(message.TargetName));
|
||||
ntlm_free_message_fields_buffer(&(message->TargetName));
|
||||
|
||||
Stream_Free(s, FALSE);
|
||||
|
||||
@ -527,13 +533,15 @@ SECURITY_STATUS ntlm_write_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer bu
|
||||
wStream* s;
|
||||
int length;
|
||||
UINT32 PayloadOffset;
|
||||
NTLM_CHALLENGE_MESSAGE message;
|
||||
NTLM_CHALLENGE_MESSAGE* message;
|
||||
|
||||
message = &context->CHALLENGE_MESSAGE;
|
||||
ZeroMemory(message, sizeof(NTLM_CHALLENGE_MESSAGE));
|
||||
|
||||
ZeroMemory(&message, sizeof(message));
|
||||
s = Stream_New(buffer->pvBuffer, buffer->cbBuffer);
|
||||
|
||||
/* Version */
|
||||
ntlm_get_version_info(&(message.Version));
|
||||
ntlm_get_version_info(&(message->Version));
|
||||
|
||||
/* Server Challenge */
|
||||
ntlm_generate_server_challenge(context);
|
||||
@ -545,58 +553,58 @@ SECURITY_STATUS ntlm_write_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer bu
|
||||
ntlm_construct_challenge_target_info(context);
|
||||
|
||||
/* ServerChallenge */
|
||||
CopyMemory(message.ServerChallenge, context->ServerChallenge, 8);
|
||||
CopyMemory(message->ServerChallenge, context->ServerChallenge, 8);
|
||||
|
||||
message.NegotiateFlags = context->NegotiateFlags;
|
||||
message->NegotiateFlags = context->NegotiateFlags;
|
||||
|
||||
ntlm_populate_message_header((NTLM_MESSAGE_HEADER*) &message, MESSAGE_TYPE_CHALLENGE);
|
||||
ntlm_populate_message_header((NTLM_MESSAGE_HEADER*) message, MESSAGE_TYPE_CHALLENGE);
|
||||
|
||||
/* Message Header (12 bytes) */
|
||||
ntlm_write_message_header(s, (NTLM_MESSAGE_HEADER*) &message);
|
||||
ntlm_write_message_header(s, (NTLM_MESSAGE_HEADER*) message);
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_REQUEST_TARGET)
|
||||
if (message->NegotiateFlags & NTLMSSP_REQUEST_TARGET)
|
||||
{
|
||||
message.TargetName.Len = (UINT16) context->TargetName.cbBuffer;
|
||||
message.TargetName.Buffer = context->TargetName.pvBuffer;
|
||||
message->TargetName.Len = (UINT16) context->TargetName.cbBuffer;
|
||||
message->TargetName.Buffer = context->TargetName.pvBuffer;
|
||||
}
|
||||
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_TARGET_INFO;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_TARGET_INFO;
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_TARGET_INFO)
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_TARGET_INFO)
|
||||
{
|
||||
message.TargetInfo.Len = (UINT16) context->ChallengeTargetInfo.cbBuffer;
|
||||
message.TargetInfo.Buffer = context->ChallengeTargetInfo.pvBuffer;
|
||||
message->TargetInfo.Len = (UINT16) context->ChallengeTargetInfo.cbBuffer;
|
||||
message->TargetInfo.Buffer = context->ChallengeTargetInfo.pvBuffer;
|
||||
}
|
||||
|
||||
PayloadOffset = 48;
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
PayloadOffset += 8;
|
||||
|
||||
message.TargetName.BufferOffset = PayloadOffset;
|
||||
message.TargetInfo.BufferOffset = message.TargetName.BufferOffset + message.TargetName.Len;
|
||||
message->TargetName.BufferOffset = PayloadOffset;
|
||||
message->TargetInfo.BufferOffset = message->TargetName.BufferOffset + message->TargetName.Len;
|
||||
|
||||
/* TargetNameFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message.TargetName));
|
||||
ntlm_write_message_fields(s, &(message->TargetName));
|
||||
|
||||
Stream_Write_UINT32(s, message.NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
Stream_Write_UINT32(s, message->NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
|
||||
Stream_Write(s, message.ServerChallenge, 8); /* ServerChallenge (8 bytes) */
|
||||
Stream_Write(s, message.Reserved, 8); /* Reserved (8 bytes), should be ignored */
|
||||
Stream_Write(s, message->ServerChallenge, 8); /* ServerChallenge (8 bytes) */
|
||||
Stream_Write(s, message->Reserved, 8); /* Reserved (8 bytes), should be ignored */
|
||||
|
||||
/* TargetInfoFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message.TargetInfo));
|
||||
ntlm_write_message_fields(s, &(message->TargetInfo));
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_write_version_info(s, &(message.Version)); /* Version (8 bytes) */
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_write_version_info(s, &(message->Version)); /* Version (8 bytes) */
|
||||
|
||||
/* Payload (variable) */
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_REQUEST_TARGET)
|
||||
ntlm_write_message_fields_buffer(s, &(message.TargetName));
|
||||
if (message->NegotiateFlags & NTLMSSP_REQUEST_TARGET)
|
||||
ntlm_write_message_fields_buffer(s, &(message->TargetName));
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_TARGET_INFO)
|
||||
ntlm_write_message_fields_buffer(s, &(message.TargetInfo));
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_TARGET_INFO)
|
||||
ntlm_write_message_fields_buffer(s, &(message->TargetInfo));
|
||||
|
||||
length = Stream_Position(s);
|
||||
buffer->cbBuffer = length;
|
||||
@ -609,13 +617,13 @@ SECURITY_STATUS ntlm_write_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer bu
|
||||
winpr_HexDump(context->ChallengeMessage.pvBuffer, context->ChallengeMessage.cbBuffer);
|
||||
printf("\n");
|
||||
|
||||
ntlm_print_negotiate_flags(message.NegotiateFlags);
|
||||
ntlm_print_negotiate_flags(message->NegotiateFlags);
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message.Version));
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message->Version));
|
||||
|
||||
ntlm_print_message_fields(&(message.TargetName), "TargetName");
|
||||
ntlm_print_message_fields(&(message.TargetInfo), "TargetInfo");
|
||||
ntlm_print_message_fields(&(message->TargetName), "TargetName");
|
||||
ntlm_print_message_fields(&(message->TargetInfo), "TargetInfo");
|
||||
#endif
|
||||
|
||||
context->state = NTLM_STATE_AUTHENTICATE;
|
||||
@ -634,78 +642,69 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
NTLM_AV_PAIR* AvFlags;
|
||||
NTLMv2_RESPONSE response;
|
||||
UINT32 PayloadBufferOffset;
|
||||
NTLM_AUTHENTICATE_MESSAGE message;
|
||||
NTLM_AUTHENTICATE_MESSAGE* message;
|
||||
|
||||
flags = 0;
|
||||
MicOffset = 0;
|
||||
AvFlags = NULL;
|
||||
|
||||
ZeroMemory(&message, sizeof(message));
|
||||
message = &context->AUTHENTICATE_MESSAGE;
|
||||
ZeroMemory(message, sizeof(NTLM_AUTHENTICATE_MESSAGE));
|
||||
|
||||
s = Stream_New(buffer->pvBuffer, buffer->cbBuffer);
|
||||
|
||||
ntlm_read_message_header(s, (NTLM_MESSAGE_HEADER*) &message);
|
||||
ntlm_read_message_header(s, (NTLM_MESSAGE_HEADER*) message);
|
||||
|
||||
if (!ntlm_validate_message_header(s, (NTLM_MESSAGE_HEADER*) &message, MESSAGE_TYPE_AUTHENTICATE))
|
||||
if (!ntlm_validate_message_header(s, (NTLM_MESSAGE_HEADER*) message, MESSAGE_TYPE_AUTHENTICATE))
|
||||
{
|
||||
Stream_Free(s, FALSE);
|
||||
return SEC_E_INVALID_TOKEN;
|
||||
}
|
||||
|
||||
/* LmChallengeResponseFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.LmChallengeResponse));
|
||||
ntlm_read_message_fields(s, &(message->LmChallengeResponse)); /* LmChallengeResponseFields (8 bytes) */
|
||||
|
||||
/* NtChallengeResponseFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.NtChallengeResponse));
|
||||
ntlm_read_message_fields(s, &(message->NtChallengeResponse)); /* NtChallengeResponseFields (8 bytes) */
|
||||
|
||||
/* only set if NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED is set */
|
||||
|
||||
/* DomainNameFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.DomainName));
|
||||
ntlm_read_message_fields(s, &(message->DomainName)); /* DomainNameFields (8 bytes) */
|
||||
|
||||
/* UserNameFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.UserName));
|
||||
ntlm_read_message_fields(s, &(message->UserName)); /* UserNameFields (8 bytes) */
|
||||
|
||||
/* only set if NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED is set */
|
||||
|
||||
/* WorkstationFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.Workstation));
|
||||
ntlm_read_message_fields(s, &(message->Workstation)); /* WorkstationFields (8 bytes) */
|
||||
|
||||
/* EncryptedRandomSessionKeyFields (8 bytes) */
|
||||
ntlm_read_message_fields(s, &(message.EncryptedRandomSessionKey));
|
||||
ntlm_read_message_fields(s, &(message->EncryptedRandomSessionKey)); /* EncryptedRandomSessionKeyFields (8 bytes) */
|
||||
|
||||
Stream_Read_UINT32(s, message.NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
Stream_Read_UINT32(s, message->NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_read_version_info(s, &(message.Version)); /* Version (8 bytes) */
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_read_version_info(s, &(message->Version)); /* Version (8 bytes) */
|
||||
|
||||
PayloadBufferOffset = Stream_Position(s);
|
||||
|
||||
/* DomainName */
|
||||
ntlm_read_message_fields_buffer(s, &(message.DomainName));
|
||||
ntlm_read_message_fields_buffer(s, &(message->DomainName)); /* DomainName */
|
||||
|
||||
/* UserName */
|
||||
ntlm_read_message_fields_buffer(s, &(message.UserName));
|
||||
ntlm_read_message_fields_buffer(s, &(message->UserName)); /* UserName */
|
||||
|
||||
/* Workstation */
|
||||
ntlm_read_message_fields_buffer(s, &(message.Workstation));
|
||||
ntlm_read_message_fields_buffer(s, &(message->Workstation)); /* Workstation */
|
||||
|
||||
/* LmChallengeResponse */
|
||||
ntlm_read_message_fields_buffer(s, &(message.LmChallengeResponse));
|
||||
ntlm_read_message_fields_buffer(s, &(message->LmChallengeResponse)); /* LmChallengeResponse */
|
||||
|
||||
/* NtChallengeResponse */
|
||||
ntlm_read_message_fields_buffer(s, &(message.NtChallengeResponse));
|
||||
ntlm_read_message_fields_buffer(s, &(message->NtChallengeResponse)); /* NtChallengeResponse */
|
||||
|
||||
if (message.NtChallengeResponse.Len > 0)
|
||||
if (message->NtChallengeResponse.Len > 0)
|
||||
{
|
||||
wStream* s = Stream_New(message.NtChallengeResponse.Buffer, message.NtChallengeResponse.Len);
|
||||
wStream* s = Stream_New(message->NtChallengeResponse.Buffer, message->NtChallengeResponse.Len);
|
||||
ntlm_read_ntlm_v2_response(s, &response);
|
||||
Stream_Free(s, FALSE);
|
||||
|
||||
context->NtChallengeResponse.pvBuffer = message.NtChallengeResponse.Buffer;
|
||||
context->NtChallengeResponse.cbBuffer = message.NtChallengeResponse.Len;
|
||||
context->NtChallengeResponse.pvBuffer = message->NtChallengeResponse.Buffer;
|
||||
context->NtChallengeResponse.cbBuffer = message->NtChallengeResponse.Len;
|
||||
|
||||
context->ChallengeTargetInfo.pvBuffer = (void*) response.Challenge.AvPairs;
|
||||
context->ChallengeTargetInfo.cbBuffer = message.NtChallengeResponse.Len - (28 + 16);
|
||||
context->ChallengeTargetInfo.cbBuffer = message->NtChallengeResponse.Len - (28 + 16);
|
||||
|
||||
CopyMemory(context->ClientChallenge, response.Challenge.ClientChallenge, 8);
|
||||
|
||||
@ -716,8 +715,8 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
}
|
||||
|
||||
/* EncryptedRandomSessionKey */
|
||||
ntlm_read_message_fields_buffer(s, &(message.EncryptedRandomSessionKey));
|
||||
CopyMemory(context->EncryptedRandomSessionKey, message.EncryptedRandomSessionKey.Buffer, 16);
|
||||
ntlm_read_message_fields_buffer(s, &(message->EncryptedRandomSessionKey));
|
||||
CopyMemory(context->EncryptedRandomSessionKey, message->EncryptedRandomSessionKey.Buffer, 16);
|
||||
|
||||
length = Stream_Position(s);
|
||||
sspi_SecBufferAlloc(&context->AuthenticateMessage, length);
|
||||
@ -729,7 +728,7 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
if (flags & MSV_AV_FLAGS_MESSAGE_INTEGRITY_CHECK)
|
||||
{
|
||||
MicOffset = Stream_Position(s);
|
||||
Stream_Read(s, message.MessageIntegrityCheck, 16);
|
||||
Stream_Read(s, message->MessageIntegrityCheck, 16);
|
||||
PayloadBufferOffset += 16;
|
||||
}
|
||||
|
||||
@ -738,37 +737,37 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
winpr_HexDump(context->AuthenticateMessage.pvBuffer, context->AuthenticateMessage.cbBuffer);
|
||||
printf("\n");
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message.Version));
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message->Version));
|
||||
|
||||
ntlm_print_message_fields(&(message.DomainName), "DomainName");
|
||||
ntlm_print_message_fields(&(message.UserName), "UserName");
|
||||
ntlm_print_message_fields(&(message.Workstation), "Workstation");
|
||||
ntlm_print_message_fields(&(message.LmChallengeResponse), "LmChallengeResponse");
|
||||
ntlm_print_message_fields(&(message.NtChallengeResponse), "NtChallengeResponse");
|
||||
ntlm_print_message_fields(&(message.EncryptedRandomSessionKey), "EncryptedRandomSessionKey");
|
||||
ntlm_print_message_fields(&(message->DomainName), "DomainName");
|
||||
ntlm_print_message_fields(&(message->UserName), "UserName");
|
||||
ntlm_print_message_fields(&(message->Workstation), "Workstation");
|
||||
ntlm_print_message_fields(&(message->LmChallengeResponse), "LmChallengeResponse");
|
||||
ntlm_print_message_fields(&(message->NtChallengeResponse), "NtChallengeResponse");
|
||||
ntlm_print_message_fields(&(message->EncryptedRandomSessionKey), "EncryptedRandomSessionKey");
|
||||
|
||||
ntlm_print_av_pair_list(response.Challenge.AvPairs);
|
||||
|
||||
if (flags & MSV_AV_FLAGS_MESSAGE_INTEGRITY_CHECK)
|
||||
{
|
||||
printf("MessageIntegrityCheck:\n");
|
||||
winpr_HexDump(message.MessageIntegrityCheck, 16);
|
||||
winpr_HexDump(message->MessageIntegrityCheck, 16);
|
||||
}
|
||||
#endif
|
||||
|
||||
if (message.UserName.Len > 0)
|
||||
if (message->UserName.Len > 0)
|
||||
{
|
||||
context->identity.User = (UINT16*) malloc(message.UserName.Len);
|
||||
CopyMemory(context->identity.User, message.UserName.Buffer, message.UserName.Len);
|
||||
context->identity.UserLength = message.UserName.Len / 2;
|
||||
context->identity.User = (UINT16*) malloc(message->UserName.Len);
|
||||
CopyMemory(context->identity.User, message->UserName.Buffer, message->UserName.Len);
|
||||
context->identity.UserLength = message->UserName.Len / 2;
|
||||
}
|
||||
|
||||
if (message.DomainName.Len > 0)
|
||||
if (message->DomainName.Len > 0)
|
||||
{
|
||||
context->identity.Domain = (UINT16*) malloc(message.DomainName.Len);
|
||||
CopyMemory(context->identity.Domain, message.DomainName.Buffer, message.DomainName.Len);
|
||||
context->identity.DomainLength = message.DomainName.Len / 2;
|
||||
context->identity.Domain = (UINT16*) malloc(message->DomainName.Len);
|
||||
CopyMemory(context->identity.Domain, message->DomainName.Buffer, message->DomainName.Len);
|
||||
context->identity.DomainLength = message->DomainName.Len / 2;
|
||||
}
|
||||
|
||||
/* LmChallengeResponse */
|
||||
@ -790,16 +789,16 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
{
|
||||
ZeroMemory(&((PBYTE) context->AuthenticateMessage.pvBuffer)[MicOffset], 16);
|
||||
ntlm_compute_message_integrity_check(context);
|
||||
CopyMemory(&((PBYTE) context->AuthenticateMessage.pvBuffer)[MicOffset], message.MessageIntegrityCheck, 16);
|
||||
CopyMemory(&((PBYTE) context->AuthenticateMessage.pvBuffer)[MicOffset], message->MessageIntegrityCheck, 16);
|
||||
|
||||
if (memcmp(context->MessageIntegrityCheck, message.MessageIntegrityCheck, 16) != 0)
|
||||
if (memcmp(context->MessageIntegrityCheck, message->MessageIntegrityCheck, 16) != 0)
|
||||
{
|
||||
printf("Message Integrity Check (MIC) verification failed!\n");
|
||||
|
||||
printf("Expected MIC:\n");
|
||||
winpr_HexDump(context->MessageIntegrityCheck, 16);
|
||||
printf("Actual MIC:\n");
|
||||
winpr_HexDump(message.MessageIntegrityCheck, 16);
|
||||
winpr_HexDump(message->MessageIntegrityCheck, 16);
|
||||
|
||||
return SEC_E_MESSAGE_ALTERED;
|
||||
}
|
||||
@ -866,12 +865,12 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
|
||||
Stream_Free(s, FALSE);
|
||||
|
||||
ntlm_free_message_fields_buffer(&(message.DomainName));
|
||||
ntlm_free_message_fields_buffer(&(message.UserName));
|
||||
ntlm_free_message_fields_buffer(&(message.Workstation));
|
||||
ntlm_free_message_fields_buffer(&(message.LmChallengeResponse));
|
||||
ntlm_free_message_fields_buffer(&(message.NtChallengeResponse));
|
||||
ntlm_free_message_fields_buffer(&(message.EncryptedRandomSessionKey));
|
||||
ntlm_free_message_fields_buffer(&(message->DomainName));
|
||||
ntlm_free_message_fields_buffer(&(message->UserName));
|
||||
ntlm_free_message_fields_buffer(&(message->Workstation));
|
||||
ntlm_free_message_fields_buffer(&(message->LmChallengeResponse));
|
||||
ntlm_free_message_fields_buffer(&(message->NtChallengeResponse));
|
||||
ntlm_free_message_fields_buffer(&(message->EncryptedRandomSessionKey));
|
||||
|
||||
return SEC_I_COMPLETE_NEEDED;
|
||||
}
|
||||
@ -889,106 +888,110 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
int length;
|
||||
UINT32 MicOffset = 0;
|
||||
UINT32 PayloadBufferOffset;
|
||||
NTLM_AUTHENTICATE_MESSAGE message;
|
||||
NTLM_AUTHENTICATE_MESSAGE* message;
|
||||
|
||||
message = &context->AUTHENTICATE_MESSAGE;
|
||||
ZeroMemory(message, sizeof(NTLM_AUTHENTICATE_MESSAGE));
|
||||
|
||||
ZeroMemory(&message, sizeof(message));
|
||||
s = Stream_New(buffer->pvBuffer, buffer->cbBuffer);
|
||||
|
||||
if (context->NTLMv2)
|
||||
{
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_56;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_56;
|
||||
|
||||
if (context->SendVersionInfo)
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_VERSION;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_VERSION;
|
||||
}
|
||||
|
||||
if (context->UseMIC)
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_TARGET_INFO;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_TARGET_INFO;
|
||||
|
||||
if (context->SendWorkstationName)
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED;
|
||||
|
||||
if (context->confidentiality)
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_SEAL;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_SEAL;
|
||||
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_KEY_EXCH;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_128;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_NTLM;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_SIGN;
|
||||
message.NegotiateFlags |= NTLMSSP_REQUEST_TARGET;
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_UNICODE;
|
||||
if (context->CHALLENGE_MESSAGE.NegotiateFlags & NTLMSSP_NEGOTIATE_KEY_EXCH)
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_KEY_EXCH;
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_get_version_info(&(message.Version));
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_128;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_NTLM;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_SIGN;
|
||||
message->NegotiateFlags |= NTLMSSP_REQUEST_TARGET;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_UNICODE;
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED)
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_get_version_info(&(message->Version));
|
||||
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED)
|
||||
{
|
||||
message.Workstation.Len = context->Workstation.Length;
|
||||
message.Workstation.Buffer = (BYTE*) context->Workstation.Buffer;
|
||||
message->Workstation.Len = context->Workstation.Length;
|
||||
message->Workstation.Buffer = (BYTE*) context->Workstation.Buffer;
|
||||
}
|
||||
|
||||
if (context->identity.DomainLength > 0)
|
||||
{
|
||||
message.NegotiateFlags |= NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED;
|
||||
message.DomainName.Len = (UINT16) context->identity.DomainLength * 2;
|
||||
message.DomainName.Buffer = (BYTE*) context->identity.Domain;
|
||||
message->NegotiateFlags |= NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED;
|
||||
message->DomainName.Len = (UINT16) context->identity.DomainLength * 2;
|
||||
message->DomainName.Buffer = (BYTE*) context->identity.Domain;
|
||||
}
|
||||
|
||||
message.UserName.Len = (UINT16) context->identity.UserLength * 2;
|
||||
message.UserName.Buffer = (BYTE*) context->identity.User;
|
||||
message->UserName.Len = (UINT16) context->identity.UserLength * 2;
|
||||
message->UserName.Buffer = (BYTE*) context->identity.User;
|
||||
|
||||
message.LmChallengeResponse.Len = (UINT16) context->LmChallengeResponse.cbBuffer;
|
||||
message.LmChallengeResponse.Buffer = (BYTE*) context->LmChallengeResponse.pvBuffer;
|
||||
message->LmChallengeResponse.Len = (UINT16) context->LmChallengeResponse.cbBuffer;
|
||||
message->LmChallengeResponse.Buffer = (BYTE*) context->LmChallengeResponse.pvBuffer;
|
||||
|
||||
//if (context->NTLMv2)
|
||||
// ZeroMemory(message.LmChallengeResponse.Buffer, message.LmChallengeResponse.Len);
|
||||
// ZeroMemory(message->LmChallengeResponse.Buffer, message->LmChallengeResponse.Len);
|
||||
|
||||
message.NtChallengeResponse.Len = (UINT16) context->NtChallengeResponse.cbBuffer;
|
||||
message.NtChallengeResponse.Buffer = (BYTE*) context->NtChallengeResponse.pvBuffer;
|
||||
message->NtChallengeResponse.Len = (UINT16) context->NtChallengeResponse.cbBuffer;
|
||||
message->NtChallengeResponse.Buffer = (BYTE*) context->NtChallengeResponse.pvBuffer;
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_KEY_EXCH)
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_KEY_EXCH)
|
||||
{
|
||||
message.EncryptedRandomSessionKey.Len = 16;
|
||||
message.EncryptedRandomSessionKey.Buffer = context->EncryptedRandomSessionKey;
|
||||
message->EncryptedRandomSessionKey.Len = 16;
|
||||
message->EncryptedRandomSessionKey.Buffer = context->EncryptedRandomSessionKey;
|
||||
}
|
||||
|
||||
PayloadBufferOffset = 64;
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
PayloadBufferOffset += 8; /* Version (8 bytes) */
|
||||
|
||||
if (context->UseMIC)
|
||||
PayloadBufferOffset += 16; /* Message Integrity Check (16 bytes) */
|
||||
|
||||
message.DomainName.BufferOffset = PayloadBufferOffset;
|
||||
message.UserName.BufferOffset = message.DomainName.BufferOffset + message.DomainName.Len;
|
||||
message.Workstation.BufferOffset = message.UserName.BufferOffset + message.UserName.Len;
|
||||
message.LmChallengeResponse.BufferOffset = message.Workstation.BufferOffset + message.Workstation.Len;
|
||||
message.NtChallengeResponse.BufferOffset = message.LmChallengeResponse.BufferOffset + message.LmChallengeResponse.Len;
|
||||
message.EncryptedRandomSessionKey.BufferOffset = message.NtChallengeResponse.BufferOffset + message.NtChallengeResponse.Len;
|
||||
message->DomainName.BufferOffset = PayloadBufferOffset;
|
||||
message->UserName.BufferOffset = message->DomainName.BufferOffset + message->DomainName.Len;
|
||||
message->Workstation.BufferOffset = message->UserName.BufferOffset + message->UserName.Len;
|
||||
message->LmChallengeResponse.BufferOffset = message->Workstation.BufferOffset + message->Workstation.Len;
|
||||
message->NtChallengeResponse.BufferOffset = message->LmChallengeResponse.BufferOffset + message->LmChallengeResponse.Len;
|
||||
message->EncryptedRandomSessionKey.BufferOffset = message->NtChallengeResponse.BufferOffset + message->NtChallengeResponse.Len;
|
||||
|
||||
ntlm_populate_message_header((NTLM_MESSAGE_HEADER*) &message, MESSAGE_TYPE_AUTHENTICATE);
|
||||
ntlm_populate_message_header((NTLM_MESSAGE_HEADER*) message, MESSAGE_TYPE_AUTHENTICATE);
|
||||
|
||||
ntlm_write_message_header(s, (NTLM_MESSAGE_HEADER*) &message); /* Message Header (12 bytes) */
|
||||
ntlm_write_message_header(s, (NTLM_MESSAGE_HEADER*) message); /* Message Header (12 bytes) */
|
||||
|
||||
ntlm_write_message_fields(s, &(message.LmChallengeResponse)); /* LmChallengeResponseFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message->LmChallengeResponse)); /* LmChallengeResponseFields (8 bytes) */
|
||||
|
||||
ntlm_write_message_fields(s, &(message.NtChallengeResponse)); /* NtChallengeResponseFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message->NtChallengeResponse)); /* NtChallengeResponseFields (8 bytes) */
|
||||
|
||||
ntlm_write_message_fields(s, &(message.DomainName)); /* DomainNameFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message->DomainName)); /* DomainNameFields (8 bytes) */
|
||||
|
||||
ntlm_write_message_fields(s, &(message.UserName)); /* UserNameFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message->UserName)); /* UserNameFields (8 bytes) */
|
||||
|
||||
ntlm_write_message_fields(s, &(message.Workstation)); /* WorkstationFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message->Workstation)); /* WorkstationFields (8 bytes) */
|
||||
|
||||
ntlm_write_message_fields(s, &(message.EncryptedRandomSessionKey)); /* EncryptedRandomSessionKeyFields (8 bytes) */
|
||||
ntlm_write_message_fields(s, &(message->EncryptedRandomSessionKey)); /* EncryptedRandomSessionKeyFields (8 bytes) */
|
||||
|
||||
Stream_Write_UINT32(s, message.NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
Stream_Write_UINT32(s, message->NegotiateFlags); /* NegotiateFlags (4 bytes) */
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_write_version_info(s, &(message.Version)); /* Version (8 bytes) */
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_write_version_info(s, &(message->Version)); /* Version (8 bytes) */
|
||||
|
||||
if (context->UseMIC)
|
||||
{
|
||||
@ -996,20 +999,20 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
Stream_Zero(s, 16); /* Message Integrity Check (16 bytes) */
|
||||
}
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED)
|
||||
ntlm_write_message_fields_buffer(s, &(message.DomainName)); /* DomainName */
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED)
|
||||
ntlm_write_message_fields_buffer(s, &(message->DomainName)); /* DomainName */
|
||||
|
||||
ntlm_write_message_fields_buffer(s, &(message.UserName)); /* UserName */
|
||||
ntlm_write_message_fields_buffer(s, &(message->UserName)); /* UserName */
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED)
|
||||
ntlm_write_message_fields_buffer(s, &(message.Workstation)); /* Workstation */
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED)
|
||||
ntlm_write_message_fields_buffer(s, &(message->Workstation)); /* Workstation */
|
||||
|
||||
ntlm_write_message_fields_buffer(s, &(message.LmChallengeResponse)); /* LmChallengeResponse */
|
||||
ntlm_write_message_fields_buffer(s, &(message->LmChallengeResponse)); /* LmChallengeResponse */
|
||||
|
||||
ntlm_write_message_fields_buffer(s, &(message.NtChallengeResponse)); /* NtChallengeResponse */
|
||||
ntlm_write_message_fields_buffer(s, &(message->NtChallengeResponse)); /* NtChallengeResponse */
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_KEY_EXCH)
|
||||
ntlm_write_message_fields_buffer(s, &(message.EncryptedRandomSessionKey)); /* EncryptedRandomSessionKey */
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_KEY_EXCH)
|
||||
ntlm_write_message_fields_buffer(s, &(message->EncryptedRandomSessionKey)); /* EncryptedRandomSessionKey */
|
||||
|
||||
length = Stream_Position(s);
|
||||
sspi_SecBufferAlloc(&context->AuthenticateMessage, length);
|
||||
@ -1031,10 +1034,10 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
winpr_HexDump(s->buffer, length);
|
||||
printf("\n");
|
||||
|
||||
ntlm_print_negotiate_flags(message.NegotiateFlags);
|
||||
ntlm_print_negotiate_flags(message->NegotiateFlags);
|
||||
|
||||
if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message.Version));
|
||||
if (message->NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)
|
||||
ntlm_print_version_info(&(message->Version));
|
||||
|
||||
if (context->AuthenticateTargetInfo.cbBuffer > 0)
|
||||
{
|
||||
@ -1042,12 +1045,12 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
|
||||
ntlm_print_av_pair_list(context->AuthenticateTargetInfo.pvBuffer);
|
||||
}
|
||||
|
||||
ntlm_print_message_fields(&(message.DomainName), "DomainName");
|
||||
ntlm_print_message_fields(&(message.UserName), "UserName");
|
||||
ntlm_print_message_fields(&(message.Workstation), "Workstation");
|
||||
ntlm_print_message_fields(&(message.LmChallengeResponse), "LmChallengeResponse");
|
||||
ntlm_print_message_fields(&(message.NtChallengeResponse), "NtChallengeResponse");
|
||||
ntlm_print_message_fields(&(message.EncryptedRandomSessionKey), "EncryptedRandomSessionKey");
|
||||
ntlm_print_message_fields(&(message->DomainName), "DomainName");
|
||||
ntlm_print_message_fields(&(message->UserName), "UserName");
|
||||
ntlm_print_message_fields(&(message->Workstation), "Workstation");
|
||||
ntlm_print_message_fields(&(message->LmChallengeResponse), "LmChallengeResponse");
|
||||
ntlm_print_message_fields(&(message->NtChallengeResponse), "NtChallengeResponse");
|
||||
ntlm_print_message_fields(&(message->EncryptedRandomSessionKey), "EncryptedRandomSessionKey");
|
||||
|
||||
if (context->UseMIC)
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user