Commit Graph

249 Commits

Author SHA1 Message Date
Armin Novak
72ca88f49c Reformatted to new style 2019-11-07 10:53:54 +01:00
Bernhard Miklautz
f867c90e4c
Merge pull request #5308 from akallabeth/fix_win32_overlinking
Fixed windows overlinking.
2019-05-03 12:01:51 +02:00
Armin Novak
f8dd9a9f75 Fixed ntlm_av_pair_get_len return, no signed value required 2019-04-05 09:28:09 +02:00
Armin Novak
2c9cd5067f Fixed argument pointer type cast 2019-04-05 09:22:50 +02:00
Armin Novak
0b82768a70 Fixed sign-compare warnings 2019-04-05 09:14:34 +02:00
Armin Novak
8e0565b2bd Fixed windows overlinking. 2019-03-18 15:10:21 +01:00
Samuel Holland
6931f54fad Fix NTLM AvPair lists
There were two main issues here: First, the `ntlm_av_pair_add` and
`ntlm_av_pair_add_copy` were not adding a new `MsvAvEOL` to the end of
the list to replace the one they overwrote. This caused the second call
to one of those functions to fail (since it couldn't find the
terminator), which was the source of the test failure. It also caused
`ntlm_av_pair_list_length` and `ntlm_print_av_pair_list` to read out of
bounds until they happened to find the right word.

Second, several bounds checks were wrong or missing. For example,
`ntlm_av_pair_add` does not ensure that the value fits inside the list.
And `ntlm_av_pair_get_len` and `ntlm_av_pair_get_value_pointer` can
return error codes or NULL, but those error returns were ignored, and
the values used anyway (such as in `ntlm_av_pair_add_copy`).

This fixes the list handling code to have the invariant that all
functions returning `NTLM_AV_PAIR*` only return non-`NULL` if the entire
returned `AvPair` is within bounds. This removes the need for the length
parameter in functions that only operate on a single `AvPair`. This
check is performed by the new `ntlm_av_pair_check` helper, which is
added in some new places and used to simplify the code in others.

Other issues fixed along the way include:
 - `ntlm_av_pair_list_length` did not cast to `PBYTE`, so it was
   returning the number of `NTLM_AV_PAIR`-sized chunks (which was
   possibly not even an integer) instead of the number of bytes
 - I removed an impossible check for `offset <= 0` in
   `ntlm_av_pair_get_next_pointer`
 - The assertion that `Value != NULL` and the call to `CopyMemory` are
   only necessary if `AvLen` is nonzero
 - `ntlm_av_pair_get_next_pointer` (renamed to `ntlm_av_pair_next`)
   could be declared `static`

With this commit, TestNTLM now passes on powerpc64.

```
$ ./Testing/TestSspi TestNTLM
NTLM_NEGOTIATE (length = 40):
NTLM_CHALLENGE (length = 168):
NTLM_AUTHENTICATE (length = 352):
$ echo $?
0
```

Fixes #5250
2019-03-17 20:40:13 -05:00
Armin Novak
fe9dcfacca Fixed NULL dereferences and uninitialized values 2019-01-30 16:11:10 +01:00
Armin Novak
17bbe7a23f Do not compile extended authentication debugging by default. 2018-11-21 15:36:31 +01:00
Armin Novak
d8d30a0554 Fix #5037: Fix calls to ntlm_print_av_pair_list 2018-11-21 09:18:38 +01:00
Armin Novak
eb57ed3a30 Refactored ntlm_av_pairs API
Tightened checks, cleaned up code and improved redability.
2018-11-20 11:08:31 +01:00
Armin Novak
2ee663f39d Fixed CVE-2018-8789
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Bernhard Miklautz
a9bcc07d23 fix [winpr/sspi]: export symbols on all systems 2018-11-14 12:19:36 +01:00
Armin Novak
5f4843191b Replaced BIO_free with BIO_free_all
There is no point in using BIO_free with a custom recursion
to free up stacked BIOs if there is already BIO_free_all.
Using it consistently avoids memory leaks due to stacked BIOs
not being recursively freed.
2018-11-08 12:09:49 +01:00
Ondrej Holy
35bccd5262 winpr/sspi/ntlm: Fix leak found by covscan
leaked_storage: Variable "sam" going out of scope leaks the storage it points to.
leaked_storage: Variable "s" going out of scope leaks the storage it points to.
leaked_storage: Variable "snt" going out of scope leaks the storage it points to.
2018-08-22 14:34:02 +02:00
Pascal J. Bourguignon
15f2bafeab Cleaned up const char** -> char** for argv, since we definitely do modify the argv!
(we overwrite the password and pin arguments).
This implies changes in the argument parsing tests that now must pass a mutable argv
(copied from the statically declared test argvs).
Some other const inconsistency have been dealt with too.
2018-06-06 16:43:09 +02:00
Armin Novak
e8b9116507 Fixed invalid function argument for ntlm_compute_message_integrity_check 2018-05-11 11:00:46 +02:00
Armin Novak
5b961e9c75 Fixed /pth: Consistently treat the hash offset to password length. 2018-05-03 17:51:11 +02:00
Martin Fleisz
b228deb998
Merge pull request #4543 from oshogbo/master
Fix variable passsed to HashCallback with MIC.
2018-04-18 14:50:31 +02:00
Mariusz Zaborski
509afe252d Remove MessageIntegrityCheck from context. 2018-04-17 15:03:27 +02:00
Mariusz Zaborski
fe37fede50 Fix variable passsed to HashCallback with MIC.
The value in the context is not set yet and we need one from
authentication message.
2018-04-06 21:18:20 +02:00
Mariusz Zaborski
00374382d9 There is no reason to restrict nSize to 2 the hostname can be empty on
UNIX-like machines.
2018-04-06 21:07:51 +02:00
Armin Novak
2517755d25 Fixed thread function return and parameters. 2018-03-07 14:36:55 +01:00
Armin Novak
53d2150e00 Fixed windows unicode authentication. 2018-02-13 11:29:56 +01:00
David Fort
6c64aa4e20 fixed include path
It was working because of multiple include directories.
2018-02-05 14:34:49 +01:00
Armin Novak
60ab8cc724 Fixed memory leak. 2018-01-24 14:11:33 +01:00
Armin Novak
29f2d2d9bb Fixed missing packageName setup in server NLA 2018-01-17 09:09:58 +01:00
Armin Novak
dc48c42926 Refactored NTLM, functions static where approprate 2018-01-16 11:34:07 +01:00
Armin Novak
1611ec16b1 Refactored kerberos SSPI
* Functions static where approrpriate
* Variables static const where appropriate
2018-01-16 10:58:30 +01:00
Armin Novak
c62fde53a4 Fix #4306:
* Do not reset context when changing package.
* All functions not exported static.
2018-01-16 10:31:08 +01:00
Armin Novak
5550f6ffe1 Fixed #4357: NTLM debug message. 2018-01-12 09:22:08 +01:00
Armin Novak
a0b49f4e07 Removed unused functions, fixed feature define guards 2017-12-21 11:30:21 +01:00
Armin Novak
50a0968c6a Removed unused variables. 2017-12-21 11:29:24 +01:00
Armin Novak
6a21bdae3d Fixed various scanbuild warnings. 2017-12-21 09:34:35 +01:00
akallabeth
e3e65734e8
Merge pull request #4303 from krisztian-kovacs-balabit/use-redirection-password
Use redirection password
2017-12-20 17:01:58 +01:00
Martin Fleisz
bfe8359b5b
Merge pull request #4239 from akallabeth/test_memleak_fixes
Test memleak fixes
2017-12-20 12:38:38 +01:00
Armin Novak
ae2a96293b Cleanup and initialization checks. 2017-12-12 11:40:48 +01:00
Armin Novak
7305828122 Fix #4239: Various memory leaks
* Fixed all tests, now can be run with -DWITH_ADDRESS_SANITIZER=ON compiled.
* Enabled address sanitizer for nightly builds.
2017-12-12 11:40:48 +01:00
David Fort
41823080f9 Fix users of Stream_GetPosition() that returns size_t 2017-12-11 22:38:58 +01:00
KOVACS Krisztian
3c56300afa winpr/sspi: add possibility to set auth identity with Unicode password
To be able to avoid password conversion if the password is already unicode
this change adds the sspi_SetAuthIdentityWithUnicodePassword() function
that is identical to sspi_SetAuthIdentity() except that the password is
used without further conversions in the Unicode identity.
2017-12-06 16:30:57 +01:00
Armin Novak
1fd6308ef5 Functions static, warnings fixed. 2017-11-15 15:56:24 +01:00
Armin Novak
65f4c560d3 Fixed uninitialized values and leaks. 2017-11-13 16:20:57 +01:00
dodo040
60406794ce fix Kerberos flavour's detection (MIT/Heimdal) and double free for MIT<1.13 2017-11-13 16:20:56 +01:00
dodo040
335de159b0 use SSIZE_T instead of ssize_t 2017-11-13 16:20:56 +01:00
dodo040
3e897a63cb remove useless includes 2017-11-13 16:20:56 +01:00
dodo040
e0a9999fb2 fix: GSS API init, enterprise name management, variable names and format code 2017-11-13 16:20:56 +01:00
dodo040
b81f168f0e initial commit for kerberos support 2017-11-13 16:20:55 +01:00
Armin Novak
11fa9f6753 Free credentials on exit. 2017-07-28 08:39:49 +02:00
Armin Novak
ceda244165 Fixed uninitialized values and leaks. 2017-07-28 08:35:31 +02:00
Armin Novak
0490aeb018 Fixed clang malloc integer overflow warnings. 2017-07-20 09:29:48 +02:00