boolean rpc_ntlm_http_in_connect(rdpRpc* rpc)
{
STREAM* s;
int ntlm_token_length;
uint8* ntlm_token_data;
HttpResponse* http_response;
rdpNtlm* ntlm = rpc->ntlm_http_in->ntlm;
ntlm_client_init(ntlm, true, rpc->settings->username,
rpc->settings->domain, rpc->settings->password);
ntlm_authenticate(ntlm);
s = rpc_ntlm_http_request(rpc, &ntlm->outputBuffer, 0, TSG_CHANNEL_IN);
/* Send IN Channel Request */
DEBUG_RPC("\n%s", s->data);
tls_write_all(rpc->tls_in, s->data, s->size);
stream_free(s);
/* Receive IN Channel Response */
http_response = http_response_recv(rpc->tls_in);
ntlm_token_data = NULL;
crypto_base64_decode((uint8*) http_response->AuthParam, strlen(http_response->AuthParam),
&ntlm_token_data, &ntlm_token_length);
ntlm->inputBuffer.pvBuffer = ntlm_token_data;
ntlm->inputBuffer.cbBuffer = ntlm_token_length;
ntlm_authenticate(ntlm);
http_response_free(http_response);
s = rpc_ntlm_http_request(rpc, &ntlm->outputBuffer, 0x40000000, TSG_CHANNEL_IN);
/* Send IN Channel Request */
DEBUG_RPC("\n%s", s->data);
tls_write_all(rpc->tls_in, s->data, s->size);
stream_free(s);
ntlm_client_uninit(ntlm);
ntlm_free(ntlm);
return true;
}
static BOOL rdg_handle_ntlm_challenge(rdpNtlm* ntlm, HttpResponse* response)
{
char* token64 = NULL;
int ntlmTokenLength = 0;
BYTE* ntlmTokenData = NULL;
if (response->StatusCode != HTTP_STATUS_DENIED)
{
WLog_DBG(TAG, "Unexpected NTLM challenge HTTP status: %d",
response->StatusCode);
return FALSE;
}
token64 = ListDictionary_GetItemValue(response->Authenticates, "NTLM");
if (!token64)
return FALSE;
crypto_base64_decode(token64, strlen(token64), &ntlmTokenData, &ntlmTokenLength);
if (ntlmTokenData && ntlmTokenLength)
{
ntlm->inputBuffer[0].pvBuffer = ntlmTokenData;
ntlm->inputBuffer[0].cbBuffer = ntlmTokenLength;
}
ntlm_authenticate(ntlm);
return TRUE;
}
int rpc_ncacn_http_send_out_channel_request(rdpRpc* rpc, RpcOutChannel* outChannel, BOOL replacement)
{
wStream* s;
int status;
int contentLength;
BOOL continueNeeded;
rdpNtlm* ntlm = outChannel->ntlm;
HttpContext* http = outChannel->http;
continueNeeded = ntlm_authenticate(ntlm);
if (!replacement)
contentLength = (continueNeeded) ? 0 : 76;
else
contentLength = (continueNeeded) ? 0 : 120;
s = rpc_ntlm_http_request(rpc, http, "RPC_OUT_DATA", contentLength, &ntlm->outputBuffer[0]);
if (!s)
return -1;
status = rpc_out_channel_write(outChannel, Stream_Buffer(s), Stream_Length(s));
Stream_Free(s, TRUE);
return (status > 0) ? 1 : -1;
}
int rpc_recv_bind_ack_pdu(rdpRpc* rpc, BYTE* buffer, UINT32 length)
{
BYTE* auth_data;
rpcconn_hdr_t* header;
header = (rpcconn_hdr_t*) buffer;
WLog_DBG(TAG, "Receiving BindAck PDU");
rpc->max_recv_frag = header->bind_ack.max_xmit_frag;
rpc->max_xmit_frag = header->bind_ack.max_recv_frag;
rpc->ntlm->inputBuffer[0].cbBuffer = header->common.auth_length;
rpc->ntlm->inputBuffer[0].pvBuffer = malloc(header->common.auth_length);
if (!rpc->ntlm->inputBuffer[0].pvBuffer)
return -1;
auth_data = buffer + (header->common.frag_length - header->common.auth_length);
CopyMemory(rpc->ntlm->inputBuffer[0].pvBuffer, auth_data, header->common.auth_length);
ntlm_authenticate(rpc->ntlm);
return (int) length;
}
BOOL rdg_process_out_channel_response(rdpRdg* rdg, HttpResponse* response)
{
int status;
wStream* s;
char* token64 = NULL;
int ntlmTokenLength = 0;
BYTE* ntlmTokenData = NULL;
rdpNtlm* ntlm = rdg->ntlm;
if (response->StatusCode != HTTP_STATUS_DENIED)
{
WLog_DBG(TAG, "RDG not supported");
rdg->state = RDG_CLIENT_STATE_NOT_FOUND;
return FALSE;
}
WLog_DBG(TAG, "Out Channel authorization required");
if (ListDictionary_Contains(response->Authenticates, "NTLM"))
{
token64 = ListDictionary_GetItemValue(response->Authenticates, "NTLM");
if (!token64)
{
return FALSE;
}
crypto_base64_decode(token64, strlen(token64), &ntlmTokenData, &ntlmTokenLength);
}
if (ntlmTokenData && ntlmTokenLength)
{
ntlm->inputBuffer[0].pvBuffer = ntlmTokenData;
ntlm->inputBuffer[0].cbBuffer = ntlmTokenLength;
}
ntlm_authenticate(ntlm);
s = rdg_build_http_request(rdg, "RDG_OUT_DATA");
if (!s)
return FALSE;
status = tls_write_all(rdg->tlsOut, Stream_Buffer(s), Stream_Length(s));
Stream_Free(s, TRUE);
ntlm_free(rdg->ntlm);
rdg->ntlm = NULL;
if (status < 0)
{
return FALSE;
}
rdg->state = RDG_CLIENT_STATE_OUT_CHANNEL_AUTHORIZE;
return TRUE;
}
int rpc_recv_bind_ack_pdu(rdpRpc* rpc)
{
BYTE* p;
STREAM* s;
int status;
BYTE* pdu;
BYTE* auth_data;
RPC_PDU_HEADER header;
int pdu_length = 0x8FFF;
pdu = malloc(pdu_length);
if (pdu == NULL)
return -1;
status = rpc_out_read(rpc, pdu, pdu_length);
if (status > 0)
{
s = stream_new(0);
stream_attach(s, pdu, pdu_length);
rpc_pdu_header_read(s, &header);
stream_detach(s);
stream_free(s);
auth_data = malloc(header.auth_length);
if (auth_data == NULL)
{
free(pdu);
return -1;
}
p = (pdu + (header.frag_length - header.auth_length));
memcpy(auth_data, p, header.auth_length);
rpc->ntlm->inputBuffer.pvBuffer = auth_data;
rpc->ntlm->inputBuffer.cbBuffer = header.auth_length;
ntlm_authenticate(rpc->ntlm);
}
free(pdu);
return status;
}
int rpc_ncacn_http_send_in_channel_request(rdpRpc* rpc)
{
STREAM* s;
int content_length;
BOOL continue_needed;
rdpNtlm* ntlm = rpc->NtlmHttpIn->ntlm;
continue_needed = ntlm_authenticate(ntlm);
content_length = (continue_needed) ? 0 : 0x40000000;
s = rpc_ntlm_http_request(rpc, &ntlm->outputBuffer, content_length, TSG_CHANNEL_IN);
DEBUG_RPC("\n%s", s->data);
rpc_in_write(rpc, s->data, s->size);
stream_free(s);
return 0;
}
int rpc_ncacn_http_send_in_channel_request(rdpRpc* rpc)
{
wStream* s;
int content_length;
BOOL continue_needed;
rdpNtlm* ntlm = rpc->NtlmHttpIn->ntlm;
continue_needed = ntlm_authenticate(ntlm);
content_length = (continue_needed) ? 0 : 0x40000000;
s = rpc_ntlm_http_request(rpc, &ntlm->outputBuffer[0], content_length, TSG_CHANNEL_IN);
WLog_DBG(TAG, "\n%s", Stream_Buffer(s));
rpc_in_write(rpc, Stream_Buffer(s), Stream_Length(s));
Stream_Free(s, TRUE);
return 0;
}
int rpc_ncacn_http_send_out_channel_request(rdpRpc* rpc)
{
wStream* s;
int content_length;
BOOL continue_needed;
rdpNtlm* ntlm = rpc->NtlmHttpOut->ntlm;
continue_needed = ntlm_authenticate(ntlm);
content_length = (continue_needed) ? 0 : 76;
s = rpc_ntlm_http_request(rpc, &ntlm->outputBuffer, content_length, TSG_CHANNEL_OUT);
DEBUG_RPC("\n%s", Stream_Buffer(s));
rpc_out_write(rpc, Stream_Buffer(s), Stream_Length(s));
Stream_Free(s, TRUE);
return 0;
}
int rpc_ncacn_http_send_in_channel_request(rdpRpc* rpc)
{
wStream* s;
int status;
int contentLength;
BOOL continueNeeded;
rdpNtlm* ntlm = rpc->NtlmHttpIn->ntlm;
continueNeeded = ntlm_authenticate(ntlm);
contentLength = (continueNeeded) ? 0 : 0x40000000;
s = rpc_ntlm_http_request(rpc, &ntlm->outputBuffer[0], contentLength, TSG_CHANNEL_IN);
if (!s)
return -1;
status = rpc_in_write(rpc, Stream_Buffer(s), Stream_Length(s));
Stream_Free(s, TRUE);
return (status > 0) ? 1 : -1;
}
static BOOL rdg_ntlm_init(rdpRdg* rdg, rdpTls* tls)
{
rdpContext* context = rdg->context;
rdpSettings* settings = context->settings;
rdg->ntlm = ntlm_new();
if (!rdg->ntlm)
return FALSE;
if (!rdg_get_gateway_credentials(context))
return FALSE;
if (!ntlm_client_init(rdg->ntlm, TRUE, settings->GatewayUsername, settings->GatewayDomain,
settings->GatewayPassword, tls->Bindings))
return FALSE;
if (!ntlm_client_make_spn(rdg->ntlm, _T("HTTP"), settings->GatewayHostname))
return FALSE;
if (!ntlm_authenticate(rdg->ntlm))
return FALSE;
return TRUE;
}
int rpc_ncacn_http_send_in_channel_request(rdpRpc* rpc, RpcInChannel* inChannel)
{
wStream* s;
int status;
int contentLength;
BOOL continueNeeded;
rdpNtlm* ntlm = inChannel->ntlm;
HttpContext* http = inChannel->http;
continueNeeded = ntlm_authenticate(ntlm);
contentLength = (continueNeeded) ? 0 : 0x40000000;
s = rpc_ntlm_http_request(rpc, http, "RPC_IN_DATA", contentLength, &ntlm->outputBuffer[0]);
if (!s)
return -1;
status = rpc_in_channel_write(inChannel, Stream_Buffer(s), Stream_Length(s));
Stream_Free(s, TRUE);
return (status > 0) ? 1 : -1;
}
BOOL rdg_send_in_channel_request(rdpRdg*rdg)
{
int status;
wStream* s = NULL;
rdg->ntlm = ntlm_new();
if (!rdg->ntlm)
return FALSE;
status = rdg_ncacn_http_ntlm_init(rdg, rdg->tlsIn);
if (!status)
return FALSE;
status = ntlm_authenticate(rdg->ntlm);
if (!status)
return FALSE;
s = rdg_build_http_request(rdg, "RDG_IN_DATA");
if (!s)
return FALSE;
status = tls_write_all(rdg->tlsIn, Stream_Buffer(s), Stream_Length(s));
Stream_Free(s, TRUE);
if (status < 0)
return FALSE;
rdg->state = RDG_CLIENT_STATE_IN_CHANNEL_REQUEST;
return TRUE;
}
BOOL rpc_ntlm_http_in_connect(rdpRpc* rpc)
{
STREAM* s;
rdpSettings* settings;
int ntlm_token_length;
BYTE* ntlm_token_data;
HttpResponse* http_response;
rdpNtlm* ntlm = rpc->ntlm_http_in->ntlm;
settings = rpc->settings;
if (settings->tsg_same_credentials)
{
ntlm_client_init(ntlm, TRUE, settings->username,
settings->domain, settings->password);
ntlm_client_make_spn(ntlm, _T("HTTP"), settings->tsg_hostname);
}
else
{
ntlm_client_init(ntlm, TRUE, settings->tsg_username,
settings->tsg_domain, settings->tsg_password);
ntlm_client_make_spn(ntlm, _T("HTTP"), settings->tsg_hostname);
}
ntlm_authenticate(ntlm);
s = rpc_ntlm_http_request(rpc, &ntlm->outputBuffer, 0, TSG_CHANNEL_IN);
/* Send IN Channel Request */
DEBUG_RPC("\n%s", s->data);
tls_write_all(rpc->tls_in, s->data, s->size);
stream_free(s);
/* Receive IN Channel Response */
http_response = http_response_recv(rpc->tls_in);
ntlm_token_data = NULL;
crypto_base64_decode((BYTE*) http_response->AuthParam, strlen(http_response->AuthParam),
&ntlm_token_data, &ntlm_token_length);
ntlm->inputBuffer.pvBuffer = ntlm_token_data;
ntlm->inputBuffer.cbBuffer = ntlm_token_length;
ntlm_authenticate(ntlm);
http_response_free(http_response);
s = rpc_ntlm_http_request(rpc, &ntlm->outputBuffer, 0x40000000, TSG_CHANNEL_IN);
/* Send IN Channel Request */
DEBUG_RPC("\n%s", s->data);
tls_write_all(rpc->tls_in, s->data, s->size);
stream_free(s);
ntlm_client_uninit(ntlm);
ntlm_free(ntlm);
return TRUE;
}
int rpc_send_bind_pdu(rdpRpc* rpc)
{
BYTE* buffer;
UINT32 offset;
UINT32 length;
RpcClientCall* clientCall;
p_cont_elem_t* p_cont_elem;
rpcconn_bind_hdr_t* bind_pdu;
rdpSettings* settings = rpc->settings;
BOOL promptPassword = FALSE;
freerdp* instance = (freerdp*) settings->instance;
DEBUG_RPC("Sending bind PDU");
rpc->ntlm = ntlm_new();
if (!rpc->ntlm)
return -1;
if ((!settings->GatewayPassword) || (!settings->GatewayUsername)
|| (!strlen(settings->GatewayPassword)) || (!strlen(settings->GatewayUsername)))
{
promptPassword = TRUE;
}
if (promptPassword)
{
if (instance->GatewayAuthenticate)
{
BOOL proceed = instance->GatewayAuthenticate(instance,
&settings->GatewayUsername, &settings->GatewayPassword, &settings->GatewayDomain);
if (!proceed)
{
connectErrorCode = CANCELEDBYUSER;
freerdp_set_last_error(instance->context, FREERDP_ERROR_CONNECT_CANCELLED);
return 0;
}
if (settings->GatewayUseSameCredentials)
{
settings->Username = _strdup(settings->GatewayUsername);
settings->Domain = _strdup(settings->GatewayDomain);
settings->Password = _strdup(settings->GatewayPassword);
if (!settings->Username || !settings->Domain || settings->Password)
return -1;
}
}
}
if (!ntlm_client_init(rpc->ntlm, FALSE, settings->GatewayUsername, settings->GatewayDomain, settings->GatewayPassword, NULL) ||
!ntlm_client_make_spn(rpc->ntlm, NULL, settings->GatewayHostname) ||
!ntlm_authenticate(rpc->ntlm)
)
return -1;
bind_pdu = (rpcconn_bind_hdr_t*) calloc(1, sizeof(rpcconn_bind_hdr_t));
if (!bind_pdu)
return -1;
rpc_pdu_header_init(rpc, (rpcconn_hdr_t*) bind_pdu);
bind_pdu->auth_length = (UINT16) rpc->ntlm->outputBuffer[0].cbBuffer;
bind_pdu->auth_verifier.auth_value = rpc->ntlm->outputBuffer[0].pvBuffer;
bind_pdu->ptype = PTYPE_BIND;
bind_pdu->pfc_flags = PFC_FIRST_FRAG | PFC_LAST_FRAG | PFC_SUPPORT_HEADER_SIGN | PFC_CONC_MPX;
bind_pdu->call_id = 2;
bind_pdu->max_xmit_frag = rpc->max_xmit_frag;
bind_pdu->max_recv_frag = rpc->max_recv_frag;
bind_pdu->assoc_group_id = 0;
bind_pdu->p_context_elem.n_context_elem = 2;
bind_pdu->p_context_elem.reserved = 0;
bind_pdu->p_context_elem.reserved2 = 0;
bind_pdu->p_context_elem.p_cont_elem = malloc(sizeof(p_cont_elem_t) * bind_pdu->p_context_elem.n_context_elem);
if (!bind_pdu->p_context_elem.p_cont_elem)
return -1;
p_cont_elem = &bind_pdu->p_context_elem.p_cont_elem[0];
p_cont_elem->p_cont_id = 0;
p_cont_elem->n_transfer_syn = 1;
p_cont_elem->reserved = 0;
CopyMemory(&(p_cont_elem->abstract_syntax.if_uuid), &TSGU_UUID, sizeof(p_uuid_t));
p_cont_elem->abstract_syntax.if_version = TSGU_SYNTAX_IF_VERSION;
p_cont_elem->transfer_syntaxes = malloc(sizeof(p_syntax_id_t));
CopyMemory(&(p_cont_elem->transfer_syntaxes[0].if_uuid), &NDR_UUID, sizeof(p_uuid_t));
p_cont_elem->transfer_syntaxes[0].if_version = NDR_SYNTAX_IF_VERSION;
p_cont_elem = &bind_pdu->p_context_elem.p_cont_elem[1];
p_cont_elem->p_cont_id = 1;
p_cont_elem->n_transfer_syn = 1;
p_cont_elem->reserved = 0;
CopyMemory(&(p_cont_elem->abstract_syntax.if_uuid), &TSGU_UUID, sizeof(p_uuid_t));
p_cont_elem->abstract_syntax.if_version = TSGU_SYNTAX_IF_VERSION;
p_cont_elem->transfer_syntaxes = malloc(sizeof(p_syntax_id_t));
CopyMemory(&(p_cont_elem->transfer_syntaxes[0].if_uuid), &BTFN_UUID, sizeof(p_uuid_t));
p_cont_elem->transfer_syntaxes[0].if_version = BTFN_SYNTAX_IF_VERSION;
offset = 116;
bind_pdu->auth_verifier.auth_pad_length = rpc_offset_align(&offset, 4);
bind_pdu->auth_verifier.auth_type = RPC_C_AUTHN_WINNT;
bind_pdu->auth_verifier.auth_level = RPC_C_AUTHN_LEVEL_PKT_INTEGRITY;
bind_pdu->auth_verifier.auth_reserved = 0x00;
bind_pdu->auth_verifier.auth_context_id = 0x00000000;
offset += (8 + bind_pdu->auth_length);
bind_pdu->frag_length = offset;
buffer = (BYTE*) malloc(bind_pdu->frag_length);
if (!buffer)
return -1;
CopyMemory(buffer, bind_pdu, 24);
CopyMemory(&buffer[24], &bind_pdu->p_context_elem, 4);
CopyMemory(&buffer[28], &bind_pdu->p_context_elem.p_cont_elem[0], 24);
CopyMemory(&buffer[52], bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes, 20);
CopyMemory(&buffer[72], &bind_pdu->p_context_elem.p_cont_elem[1], 24);
CopyMemory(&buffer[96], bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes, 20);
offset = 116;
rpc_offset_pad(&offset, bind_pdu->auth_verifier.auth_pad_length);
CopyMemory(&buffer[offset], &bind_pdu->auth_verifier.auth_type, 8);
CopyMemory(&buffer[offset + 8], bind_pdu->auth_verifier.auth_value, bind_pdu->auth_length);
offset += (8 + bind_pdu->auth_length);
length = bind_pdu->frag_length;
clientCall = rpc_client_call_new(bind_pdu->call_id, 0);
if (!clientCall)
return -1;
if (ArrayList_Add(rpc->client->ClientCallList, clientCall) < 0)
return -1;
if (rpc_send_enqueue_pdu(rpc, buffer, length) != 0)
length = -1;
free(bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes);
free(bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes);
free(bind_pdu->p_context_elem.p_cont_elem);
free(bind_pdu);
return length;
}
boolean rpc_send_bind_pdu(rdpRpc* rpc)
{
STREAM* pdu;
rpcconn_bind_hdr_t* bind_pdu;
rdpSettings* settings = rpc->settings;
STREAM* ntlm_stream = stream_new(0xFFFF);
rpc->ntlm = ntlm_new();
DEBUG_RPC("Sending bind PDU");
ntlm_client_init(rpc->ntlm, false, settings->username, settings->domain, settings->password);
ntlm_authenticate(rpc->ntlm);
ntlm_stream->size = rpc->ntlm->outputBuffer.cbBuffer;
ntlm_stream->p = ntlm_stream->data = rpc->ntlm->outputBuffer.pvBuffer;
bind_pdu = xnew(rpcconn_bind_hdr_t);
bind_pdu->rpc_vers = 5;
bind_pdu->rpc_vers_minor = 0;
bind_pdu->PTYPE = PTYPE_BIND;
bind_pdu->pfc_flags = PFC_FIRST_FRAG | PFC_LAST_FRAG | PFC_PENDING_CANCEL | PFC_CONC_MPX;
bind_pdu->packed_drep[0] = 0x10;
bind_pdu->packed_drep[1] = 0x00;
bind_pdu->packed_drep[2] = 0x00;
bind_pdu->packed_drep[3] = 0x00;
bind_pdu->frag_length = 124 + ntlm_stream->size;
bind_pdu->auth_length = ntlm_stream->size;
bind_pdu->call_id = 2;
bind_pdu->max_xmit_frag = 0x0FF8;
bind_pdu->max_recv_frag = 0x0FF8;
bind_pdu->assoc_group_id = 0;
bind_pdu->p_context_elem.n_context_elem = 2;
bind_pdu->p_context_elem.reserved = 0;
bind_pdu->p_context_elem.reserved2 = 0;
bind_pdu->p_context_elem.p_cont_elem = xmalloc(sizeof(p_cont_elem_t) * bind_pdu->p_context_elem.n_context_elem);
bind_pdu->p_context_elem.p_cont_elem[0].p_cont_id = 0;
bind_pdu->p_context_elem.p_cont_elem[0].n_transfer_syn = 1;
bind_pdu->p_context_elem.p_cont_elem[0].reserved = 0;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.time_low = 0x44e265dd;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.time_mid = 0x7daf;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.time_hi_and_version = 0x42cd;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.clock_seq_hi_and_reserved = 0x85;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.clock_seq_low = 0x60;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.node[0] = 0x3c;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.node[1] = 0xdb;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.node[2] = 0x6e;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.node[3] = 0x7a;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.node[4] = 0x27;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_uuid.node[5] = 0x29;
bind_pdu->p_context_elem.p_cont_elem[0].abstract_syntax.if_version = 0x00030001;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes = xmalloc(sizeof(p_syntax_id_t));
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.time_low = 0x8a885d04;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.time_mid = 0x1ceb;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.time_hi_and_version = 0x11c9;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.clock_seq_hi_and_reserved = 0x9f;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.clock_seq_low = 0xe8;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.node[0] = 0x08;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.node[1] = 0x00;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.node[2] = 0x2b;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.node[3] = 0x10;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.node[4] = 0x48;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_uuid.node[5] = 0x60;
bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes[0].if_version = 0x00000002;
bind_pdu->p_context_elem.p_cont_elem[1].p_cont_id = 1;
bind_pdu->p_context_elem.p_cont_elem[1].n_transfer_syn = 1;
bind_pdu->p_context_elem.p_cont_elem[1].reserved = 0;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.time_low = 0x44e265dd;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.time_mid = 0x7daf;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.time_hi_and_version = 0x42cd;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.clock_seq_hi_and_reserved = 0x85;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.clock_seq_low = 0x60;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.node[0] = 0x3c;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.node[1] = 0xdb;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.node[2] = 0x6e;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.node[3] = 0x7a;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.node[4] = 0x27;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_uuid.node[5] = 0x29;
bind_pdu->p_context_elem.p_cont_elem[1].abstract_syntax.if_version = 0x00030001;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes = xmalloc(sizeof(p_syntax_id_t));
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.time_low = 0x6cb71c2c;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.time_mid = 0x9812;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.time_hi_and_version = 0x4540;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.clock_seq_hi_and_reserved = 0x03;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.clock_seq_low = 0x00;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.node[0] = 0x00;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.node[1] = 0x00;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.node[2] = 0x00;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.node[3] = 0x00;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.node[4] = 0x00;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_uuid.node[5] = 0x00;
bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes[0].if_version = 0x00000001;
bind_pdu->auth_verifier.auth_pad = NULL; /* align(4); size_is(auth_pad_length) p*/
bind_pdu->auth_verifier.auth_type = 0x0a; /* :01 which authent service */
bind_pdu->auth_verifier.auth_level = 0x05; /* :01 which level within service */
bind_pdu->auth_verifier.auth_pad_length = 0x00; /* :01 */
bind_pdu->auth_verifier.auth_reserved = 0x00; /* :01 reserved, m.b.z. */
bind_pdu->auth_verifier.auth_context_id = 0x00000000; /* :04 */
bind_pdu->auth_verifier.auth_value = xmalloc(bind_pdu->auth_length); /* credentials; size_is(auth_length) p*/;
memcpy(bind_pdu->auth_verifier.auth_value, ntlm_stream->data, bind_pdu->auth_length);
stream_free(ntlm_stream);
pdu = stream_new(bind_pdu->frag_length);
stream_write(pdu, bind_pdu, 24);
stream_write(pdu, &bind_pdu->p_context_elem, 4);
stream_write(pdu, bind_pdu->p_context_elem.p_cont_elem, 24);
stream_write(pdu, bind_pdu->p_context_elem.p_cont_elem[0].transfer_syntaxes, 20);
stream_write(pdu, bind_pdu->p_context_elem.p_cont_elem + 1, 24);
stream_write(pdu, bind_pdu->p_context_elem.p_cont_elem[1].transfer_syntaxes, 20);
if (bind_pdu->auth_verifier.auth_pad_length > 0)
stream_write(pdu, bind_pdu->auth_verifier.auth_pad, bind_pdu->auth_verifier.auth_pad_length);
stream_write(pdu, &bind_pdu->auth_verifier.auth_type, 8); /* assumed that uint8 pointer is 32bit long (4 bytes) */
stream_write(pdu, bind_pdu->auth_verifier.auth_value, bind_pdu->auth_length);
stream_seal(pdu);
rpc_in_write(rpc, pdu->data, pdu->size);
stream_free(pdu) ;
xfree(bind_pdu);
return true;
}
/**
* Report NTLM authentication test result
*
* @v test Authentication test
* @v file Test code file
* @v line Test code line
*/
static void ntlm_authenticate_okx ( struct ntlm_authenticate_test *test,
const char *file, unsigned int line ) {
struct ntlm_authenticate *expected = test->expected;
struct ntlm_challenge_info info;
struct ntlm_authenticate *auth;
struct ntlm_key key;
struct ntlm_lm_response lm;
struct ntlm_nt_response nt;
size_t len;
/* Parse Challenge message */
okx ( ntlm_challenge ( test->challenge, test->challenge_len,
&info ) == 0, file, line );
/* Generate key */
ntlm_key ( test->domain, test->username, test->password, &key );
/* Generate responses */
ntlm_response ( &info, &key, &test->nonce, &lm, &nt );
/* Allocate buffer for Authenticate message */
len = ntlm_authenticate_len ( &info, test->domain, test->username,
test->workstation );
okx ( len >= sizeof ( *auth ), file, line );
auth = malloc ( len );
okx ( auth != NULL, file, line );
/* Construct Authenticate message */
okx ( ntlm_authenticate ( &info, test->domain, test->username,
test->workstation, &lm, &nt, auth ) == len,
file, line );
/* Verify header */
okx ( memcmp ( &auth->header, &expected->header,
sizeof ( auth->header ) ) == 0, file, line );
/* Verify LAN Manager response */
ntlm_data_okx ( &auth->header, len, &auth->lm, &expected->header,
&expected->lm, "LM", file, line );
/* Verify NT response */
ntlm_data_okx ( &auth->header, len, &auth->nt, &expected->header,
&expected->nt, "NT", file, line );
/* Verify domain name */
ntlm_data_okx ( &auth->header, len, &auth->domain, &expected->header,
&expected->domain, "domain", file, line );
/* Verify user name */
ntlm_data_okx ( &auth->header, len, &auth->user, &expected->header,
&expected->user, "user", file, line );
/* Verify workstation name */
ntlm_data_okx ( &auth->header, len, &auth->workstation,
&expected->header, &expected->workstation,
"workstation",file, line );
/* Verify session key */
if ( auth->flags & NTLM_NEGOTIATE_KEY_EXCH ) {
ntlm_data_okx ( &auth->header, len, &auth->session,
&expected->header, &expected->session,
"session", file, line );
}
/* Free Authenticate message */
free ( auth );
}
