return NT_STATUS_INVALID_PARAMETER;
}
-/**
- * End an NTLMSSP state machine
- *
- * @param ntlmssp_state NTLMSSP State, free()ed by this function
- */
-
-void ntlmssp_end(struct ntlmssp_state **ntlmssp_state)
-{
- data_blob_free(&(*ntlmssp_state)->chal);
- data_blob_free(&(*ntlmssp_state)->lm_resp);
- data_blob_free(&(*ntlmssp_state)->nt_resp);
- TALLOC_FREE(*ntlmssp_state);
-
- *ntlmssp_state = NULL;
- return;
-}
-
-/**
- * Determine correct target name flags for reply, given server role
- * and negotiated flags
- *
- * @param ntlmssp_state NTLMSSP State
- * @param neg_flags The flags from the packet
- * @param chal_flags The flags to be set in the reply packet
- * @return The 'target name' string.
- */
-
-static const char *ntlmssp_target_name(struct ntlmssp_state *ntlmssp_state,
- uint32_t neg_flags, uint32_t *chal_flags)
-{
- if (neg_flags & NTLMSSP_REQUEST_TARGET) {
- *chal_flags |= NTLMSSP_NEGOTIATE_TARGET_INFO;
- *chal_flags |= NTLMSSP_REQUEST_TARGET;
- if (ntlmssp_state->server.is_standalone) {
- *chal_flags |= NTLMSSP_TARGET_TYPE_SERVER;
- return ntlmssp_state->server.netbios_name;
- } else {
- *chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN;
- return ntlmssp_state->server.netbios_domain;
- };
- } else {
- return "";
- }
-}
-
-static void ntlmssp_handle_neg_flags(struct ntlmssp_state *ntlmssp_state,
- uint32_t neg_flags, bool allow_lm) {
- if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) {
- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_OEM;
- ntlmssp_state->unicode = True;
- } else {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_UNICODE;
- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_OEM;
- ntlmssp_state->unicode = False;
- }
-
- if ((neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) && allow_lm) {
- /* other end forcing us to use LM */
- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY;
- ntlmssp_state->use_ntlmv2 = False;
- } else {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
- }
-
- if (!(neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)) {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
- }
-
- if (!(neg_flags & NTLMSSP_NEGOTIATE_NTLM2)) {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2;
- }
-
- if (!(neg_flags & NTLMSSP_NEGOTIATE_128)) {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_128;
- }
-
- if (!(neg_flags & NTLMSSP_NEGOTIATE_56)) {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_56;
- }
-
- if (!(neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH)) {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_KEY_EXCH;
- }
-
- if (!(neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_SIGN;
- }
-
- if (!(neg_flags & NTLMSSP_NEGOTIATE_SEAL)) {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_SEAL;
- }
-
- /* Woop Woop - unknown flag for Windows compatibility...
- What does this really do ? JRA. */
- if (!(neg_flags & NTLMSSP_NEGOTIATE_VERSION)) {
- ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_VERSION;
- }
-
- if ((neg_flags & NTLMSSP_REQUEST_TARGET)) {
- ntlmssp_state->neg_flags |= NTLMSSP_REQUEST_TARGET;
- }
-}
-
/**
* Next state function for the Negotiate packet
*
}
}
- ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, lp_lanman_auth());
+ ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, ntlmssp_state->allow_lm_key);
/* Ask our caller what challenge they would like in the packet */
status = ntlmssp_state->get_challenge(ntlmssp_state, cryptkey);
if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("ntlmssp_server_negotiate: backend doesn't give a challenge: %s\n",
+ nt_errstr(status)));
return status;
}
if (DEBUGLEVEL >= 10) {
struct CHALLENGE_MESSAGE *challenge = talloc(
- talloc_tos(), struct CHALLENGE_MESSAGE);
+ ntlmssp_state, struct CHALLENGE_MESSAGE);
if (challenge != NULL) {
challenge->NegotiateFlags = chal_flags;
status = ntlmssp_pull_CHALLENGE_MESSAGE(
}
if (auth_flags)
- ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, lp_lanman_auth());
+ ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, ntlmssp_state->allow_lm_key);
if (DEBUGLEVEL >= 10) {
struct AUTHENTICATE_MESSAGE *authenticate = talloc(
- talloc_tos(), struct AUTHENTICATE_MESSAGE);
+ ntlmssp_state, struct AUTHENTICATE_MESSAGE);
if (authenticate != NULL) {
NTSTATUS status;
authenticate->NegotiateFlags = auth_flags;
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM2 session key.\n"));
session_key = data_blob_null;
}
- } else if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) {
+ } else if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY)
+ /* Ensure we can never get here on NTLMv2 */
+ && (ntlmssp_state->nt_resp.length == 0 || ntlmssp_state->nt_resp.length == 24)) {
+
if (lm_session_key.data && lm_session_key.length >= 8) {
if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
session_key = data_blob_talloc(ntlmssp_state,
if (session_key.data == NULL) {
return NT_STATUS_NO_MEMORY;
}
- SMBsesskeygen_lm_sess_key(
- lm_session_key.data, zeros,
- session_key.data);
+ SMBsesskeygen_lm_sess_key(zeros, zeros,
+ session_key.data);
+ DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
}
dump_data_pw("LM session key:\n", session_key.data,
session_key.length);
} else {
+ /* LM Key not selected */
+ ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
+
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n"));
session_key = data_blob_null;
}
session_key = user_session_key;
DEBUG(10,("ntlmssp_server_auth: Using unmodified nt session key.\n"));
dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
+
+ /* LM Key not selected */
+ ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
+
} else if (lm_session_key.data) {
+ /* Very weird to have LM key, but no user session key, but anyway.. */
session_key = lm_session_key;
DEBUG(10,("ntlmssp_server_auth: Using unmodified lm session key.\n"));
dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
+
+ /* LM Key not selected */
+ ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
+
} else {
DEBUG(10,("ntlmssp_server_auth: Failed to create unmodified session key.\n"));
session_key = data_blob_null;
+
+ /* LM Key not selected */
+ ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
}
/* With KEY_EXCH, the client supplies the proposed session key,
ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE;
+ ntlmssp_state->allow_lm_key = lp_lanman_auth();
+
ntlmssp_state->neg_flags =
NTLMSSP_NEGOTIATE_128 |
NTLMSSP_NEGOTIATE_56 |
static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
DATA_BLOB reply, DATA_BLOB *next_request)
{
- struct NEGOTIATE_MESSAGE negotiate;
-
if (ntlmssp_state->unicode) {
ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
} else {
ntlmssp_state->client.netbios_name);
if (DEBUGLEVEL >= 10) {
- if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(next_request,
- ntlmssp_state,
- &negotiate)))
- {
- NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate);
+ struct NEGOTIATE_MESSAGE *negotiate = talloc(
+ talloc_tos(), struct NEGOTIATE_MESSAGE);
+ if (negotiate != NULL) {
+ NTSTATUS status;
+ status = ntlmssp_pull_NEGOTIATE_MESSAGE(
+ next_request, negotiate, negotiate);
+ if (NT_STATUS_IS_OK(status)) {
+ NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE,
+ negotiate);
+ }
+ TALLOC_FREE(negotiate);
}
}
DATA_BLOB session_key = data_blob_null;
DATA_BLOB encrypted_session_key = data_blob_null;
NTSTATUS nt_status = NT_STATUS_OK;
- struct CHALLENGE_MESSAGE challenge;
- struct AUTHENTICATE_MESSAGE authenticate;
if (ntlmssp_state->use_ccache) {
struct wbcCredentialCacheParams params;
}
if (DEBUGLEVEL >= 10) {
- if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(&reply,
- ntlmssp_state,
- &challenge)))
- {
- NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge);
+ struct CHALLENGE_MESSAGE *challenge = talloc(
+ talloc_tos(), struct CHALLENGE_MESSAGE);
+ if (challenge != NULL) {
+ NTSTATUS status;
+ challenge->NegotiateFlags = chal_flags;
+ status = ntlmssp_pull_CHALLENGE_MESSAGE(
+ &reply, challenge, challenge);
+ if (NT_STATUS_IS_OK(status)) {
+ NDR_PRINT_DEBUG(CHALLENGE_MESSAGE,
+ challenge);
+ }
+ TALLOC_FREE(challenge);
}
}
}
if (DEBUGLEVEL >= 10) {
- if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(next_request,
- ntlmssp_state,
- &authenticate)))
- {
- NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate);
+ struct AUTHENTICATE_MESSAGE *authenticate = talloc(
+ talloc_tos(), struct AUTHENTICATE_MESSAGE);
+ if (authenticate != NULL) {
+ NTSTATUS status;
+ authenticate->NegotiateFlags =
+ ntlmssp_state->neg_flags;
+ status = ntlmssp_pull_AUTHENTICATE_MESSAGE(
+ next_request, authenticate, authenticate);
+ if (NT_STATUS_IS_OK(status)) {
+ NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE,
+ authenticate);
+ }
+ TALLOC_FREE(authenticate);
}
}