Commit Graph

157 Commits

Author SHA1 Message Date
Armin Novak
bf9f1eccc1 Fixed issued with mingw build 2022-02-18 08:38:28 +01:00
akallabeth
8cc6582044
Unify struct definitions (#7633)
* Unified enum/struct definitions, fixed include issues

* Fixed mac compilation issues

* Added missing include

* Fixed windows server build warnings

* Fixed VS2010 build issue

* Removed unnecessary library linking

* Fixed ThreadPool WinXP compatibility

* Fixed pr review remarks
2022-02-14 14:59:22 +01:00
akallabeth
bd42b34776 Decreased NTLM debug log verbosity 2022-01-13 17:20:48 +01:00
Armin Novak
4551ecf845 Removed unused string constant 2021-12-14 13:46:34 +01:00
Armin Novak
46c78cf0f0 Fixed missing return check 2021-12-14 13:46:34 +01:00
David Fort
67986ea298 Fix compilation with mingw
This patch addresses some issues when compiling against mingw. With these changes
FreeRDP can be compiled out-of-the box on a Ubuntu 20.04.
2021-11-15 09:23:16 +01:00
Biswapriyo Nath
a22bd407b0 winpr: Fix typo in NTLM_AV_ID member.
According to Microsoft specifications[1] the 10th member is named as MsvAvChannelBindings.
[1]: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/
2021-06-23 12:04:29 +02:00
akallabeth
b453d5e40e Fixed rdtk, uwac and winpr standalone builds 2021-06-22 08:54:18 +02:00
Ali Abdel-Qader
c0e29f7f19 Re-added "extern" to ntlm_export.h symbols 2021-06-19 09:49:41 +02:00
Armin Novak
81a4670af0 Fixed ntlm_export.h includes 2021-06-18 09:41:02 +02:00
akallabeth
6726772d8d Fixed integer warnings 2021-06-18 09:41:02 +02:00
Armin Novak
1af7ef2f1b Fixed compilation warnings and typos 2021-06-16 15:21:56 +02:00
Armin Novak
d36d94766e Replaced assert with WINPR_ASSERT 2021-06-14 09:37:07 +02:00
Armin Novak
c4b3d53a9a Fix NTLM auth message return code. 2021-04-16 16:34:17 +02:00
Armin Novak
58f471c7d9 Added log message for not implemented NTLM functions. 2020-08-10 14:41:20 +02:00
akallabeth
58a3122250 Fixed OOB read in ntlm_av_pair_get
CVE-2020-11097 thanks to @antonio-morales for finding this.
2020-06-22 11:51:39 +02:00
akallabeth
057b6df4ae Fixed memory leaks in ntlm 2020-06-22 11:51:38 +02:00
Armin Novak
8e45a2dd50 Respect SECBUFFER_READONLY flag in NTLM EncryptMessage 2020-06-19 11:31:13 +02:00
akallabeth
b37d8c9be1 Fixed GHSL-2020-100: oob read in ntlm_read_ChallengeMessage
* Added length checks for data read from stream
* Unified function resource cleanup
2020-05-20 15:10:07 +02:00
akallabeth
8241ab42fd Fixed oob read in ntlm_read_AuthenticateMessage 2020-05-06 13:31:57 +02:00
akallabeth
afdffac4b5 Fixed oob read in ntlm_read_ntlm_v2_response 2020-05-06 13:31:57 +02:00
akallabeth
8fa3835963 Fixed oob read in ntlm_read_NegotiateMessage 2020-05-06 13:31:57 +02:00
Zhu Qun-Ying
5553be0983
possible memory leak when various functions return failure. (#6110)
* possible memory leak when allocation failed.

* Use initialization in stead of ZeroMemory

* Format with clang-format
2020-04-25 16:07:12 +02:00
Martin Haimberger
7b6b9a9675 removed unnecessary casts, use sizeof for debug printing 2020-04-15 13:20:03 +02:00
Martin Haimberger
85e49aa601 fix: server side ntlmv2 implementation
- in the case no mic was present, but the user was found,
  the enterd password was ignored and the user authenticated
2020-04-15 13:20:03 +02:00
Armin Novak
106ab8cfbd Removed unused function 2020-03-10 14:04:53 +01:00
Armin Novak
e63377945b Silenced warning due to missing debug define guard. 2020-03-10 14:04:53 +01:00
Armin Novak
1fd51d9183 Fixed clang scanbuild warnings. 2020-03-04 09:17:35 +01:00
Martin Fleisz
71feb974ac
Merge pull request #5739 from akallabeth/improve_function_hiding
Improve function hiding
2019-12-02 11:31:35 +01:00
Armin Novak
7c243da6e1 Remove symbols exported by accident. 2019-12-02 10:57:31 +01:00
David Fort
5e6775ce95 winpr: fix anonymous enum members and menbers without a size 2019-11-25 13:39:31 +01:00
Armin Novak
72ca88f49c Reformatted to new style 2019-11-07 10:53:54 +01:00
Armin Novak
f8dd9a9f75 Fixed ntlm_av_pair_get_len return, no signed value required 2019-04-05 09:28:09 +02:00
Armin Novak
2c9cd5067f Fixed argument pointer type cast 2019-04-05 09:22:50 +02:00
Samuel Holland
6931f54fad Fix NTLM AvPair lists
There were two main issues here: First, the `ntlm_av_pair_add` and
`ntlm_av_pair_add_copy` were not adding a new `MsvAvEOL` to the end of
the list to replace the one they overwrote. This caused the second call
to one of those functions to fail (since it couldn't find the
terminator), which was the source of the test failure. It also caused
`ntlm_av_pair_list_length` and `ntlm_print_av_pair_list` to read out of
bounds until they happened to find the right word.

Second, several bounds checks were wrong or missing. For example,
`ntlm_av_pair_add` does not ensure that the value fits inside the list.
And `ntlm_av_pair_get_len` and `ntlm_av_pair_get_value_pointer` can
return error codes or NULL, but those error returns were ignored, and
the values used anyway (such as in `ntlm_av_pair_add_copy`).

This fixes the list handling code to have the invariant that all
functions returning `NTLM_AV_PAIR*` only return non-`NULL` if the entire
returned `AvPair` is within bounds. This removes the need for the length
parameter in functions that only operate on a single `AvPair`. This
check is performed by the new `ntlm_av_pair_check` helper, which is
added in some new places and used to simplify the code in others.

Other issues fixed along the way include:
 - `ntlm_av_pair_list_length` did not cast to `PBYTE`, so it was
   returning the number of `NTLM_AV_PAIR`-sized chunks (which was
   possibly not even an integer) instead of the number of bytes
 - I removed an impossible check for `offset <= 0` in
   `ntlm_av_pair_get_next_pointer`
 - The assertion that `Value != NULL` and the call to `CopyMemory` are
   only necessary if `AvLen` is nonzero
 - `ntlm_av_pair_get_next_pointer` (renamed to `ntlm_av_pair_next`)
   could be declared `static`

With this commit, TestNTLM now passes on powerpc64.

```
$ ./Testing/TestSspi TestNTLM
NTLM_NEGOTIATE (length = 40):
NTLM_CHALLENGE (length = 168):
NTLM_AUTHENTICATE (length = 352):
$ echo $?
0
```

Fixes #5250
2019-03-17 20:40:13 -05:00
Armin Novak
17bbe7a23f Do not compile extended authentication debugging by default. 2018-11-21 15:36:31 +01:00
Armin Novak
d8d30a0554 Fix #5037: Fix calls to ntlm_print_av_pair_list 2018-11-21 09:18:38 +01:00
Armin Novak
eb57ed3a30 Refactored ntlm_av_pairs API
Tightened checks, cleaned up code and improved redability.
2018-11-20 11:08:31 +01:00
Armin Novak
2ee663f39d Fixed CVE-2018-8789
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Ondrej Holy
35bccd5262 winpr/sspi/ntlm: Fix leak found by covscan
leaked_storage: Variable "sam" going out of scope leaks the storage it points to.
leaked_storage: Variable "s" going out of scope leaks the storage it points to.
leaked_storage: Variable "snt" going out of scope leaks the storage it points to.
2018-08-22 14:34:02 +02:00
Pascal J. Bourguignon
15f2bafeab Cleaned up const char** -> char** for argv, since we definitely do modify the argv!
(we overwrite the password and pin arguments).
This implies changes in the argument parsing tests that now must pass a mutable argv
(copied from the statically declared test argvs).
Some other const inconsistency have been dealt with too.
2018-06-06 16:43:09 +02:00
Armin Novak
e8b9116507 Fixed invalid function argument for ntlm_compute_message_integrity_check 2018-05-11 11:00:46 +02:00
Armin Novak
5b961e9c75 Fixed /pth: Consistently treat the hash offset to password length. 2018-05-03 17:51:11 +02:00
Martin Fleisz
b228deb998
Merge pull request #4543 from oshogbo/master
Fix variable passsed to HashCallback with MIC.
2018-04-18 14:50:31 +02:00
Mariusz Zaborski
509afe252d Remove MessageIntegrityCheck from context. 2018-04-17 15:03:27 +02:00
Mariusz Zaborski
fe37fede50 Fix variable passsed to HashCallback with MIC.
The value in the context is not set yet and we need one from
authentication message.
2018-04-06 21:18:20 +02:00
Mariusz Zaborski
00374382d9 There is no reason to restrict nSize to 2 the hostname can be empty on
UNIX-like machines.
2018-04-06 21:07:51 +02:00
Armin Novak
dc48c42926 Refactored NTLM, functions static where approprate 2018-01-16 11:34:07 +01:00
Armin Novak
5550f6ffe1 Fixed #4357: NTLM debug message. 2018-01-12 09:22:08 +01:00
Armin Novak
50a0968c6a Removed unused variables. 2017-12-21 11:29:24 +01:00