/* prepares a base64-encode challenge packet to be sent to the client * note: domain should be upper_case * note: the storage type for the returned value depends on * base64_encode_bin. Currently this means static storage. */ const char * ntlm_make_challenge(char *domain, char *domain_controller, char *challenge_nonce, int challenge_nonce_len) { ntlm_challenge ch; int pl = 0; const char *encoded; memset(&ch, 0, sizeof(ntlm_challenge)); /* reset */ memcpy(ch.signature, "NTLMSSP", 8); /* set the signature */ ch.type = WSWAP(NTLM_CHALLENGE); /* this is a challenge */ ntlm_add_to_payload(ch.payload, &pl, &ch.target, domain, strlen(domain), NTLM_CHALLENGE_HEADER_OFFSET); ch.flags = WSWAP( REQUEST_NON_NT_SESSION_KEY | CHALLENGE_TARGET_IS_DOMAIN | NEGOTIATE_ALWAYS_SIGN | NEGOTIATE_USE_NTLM | NEGOTIATE_USE_LM | NEGOTIATE_ASCII | 0 ); ch.context_low = 0; /* check this out */ ch.context_high = 0; memcpy(ch.challenge, challenge_nonce, challenge_nonce_len); encoded = base64_encode_bin((char *) &ch, NTLM_CHALLENGE_HEADER_OFFSET + pl); return encoded; }
const char * WINAPI SSP_ValidateNegotiateCredentials(PVOID PAutenticateBuf, int AutenticateLen, PBOOL fDone, int * Status, char * credentials) { DWORD cbOut = 0; DWORD cbIn = 0; const char * encoded = NULL; memcpy(pClientBuf, PAutenticateBuf, AutenticateLen); ZeroMemory(pServerBuf, cbMaxToken); do { if (!hModule) break; /* Prepare server message (authentication) */ cbIn = AutenticateLen; cbOut = cbMaxToken; if (!GenServerContext(&NTLM_asServer, pClientBuf, cbIn, pServerBuf, &cbOut, fDone, credentials)) { *Status = SSP_ERROR; break; } *Status = SSP_OK; } while (0); if (pServerBuf != NULL && cbOut > 0) encoded = base64_encode_bin((char *) pServerBuf, cbOut); return encoded; }
const char * WINAPI SSP_MakeNegotiateBlob(PVOID PNegotiateBuf, int NegotiateLen, PBOOL fDone, int * Status, char * credentials) { DWORD cbOut = 0; DWORD cbIn = 0; const char * encoded = NULL; if (NTLM_asServer.fHaveCtxtHandle) _DeleteSecurityContext(&NTLM_asServer.hctxt); if (NTLM_asServer.fHaveCredHandle) _FreeCredentialsHandle(&NTLM_asServer.hcred); memcpy(pClientBuf, PNegotiateBuf, NegotiateLen); ZeroMemory(pServerBuf, cbMaxToken); ZeroMemory(&NTLM_asServer, sizeof(NTLM_asServer)); do { if (!hModule) break; /* Prepare server message (challenge) */ cbIn = NegotiateLen; cbOut = cbMaxToken; if (!GenServerContext(&NTLM_asServer, pClientBuf, cbIn, pServerBuf, &cbOut, fDone, credentials)) { *Status = SSP_ERROR; break; } *Status = SSP_OK; } while (0); if (pServerBuf != NULL && cbOut > 0) encoded = base64_encode_bin((char *) pServerBuf, cbOut); return encoded; }
static void authDigestNonceEncode(digest_nonce_h * nonce) { if (!nonce) return; if (nonce->hash.key) xfree(nonce->hash.key); nonce->hash.key = xstrdup(base64_encode_bin((char *) &(nonce->noncedata), sizeof(digest_nonce_data))); }
const char * WINAPI SSP_MakeChallenge(PVOID PNegotiateBuf, int NegotiateLen) { BOOL fDone = FALSE; PVOID fResult = NULL; DWORD cbOut = 0; DWORD cbIn = 0; ntlm_challenge * challenge; const char * encoded = NULL; if (NTLM_asServer.fHaveCtxtHandle) _DeleteSecurityContext(&NTLM_asServer.hctxt); if (NTLM_asServer.fHaveCredHandle) _FreeCredentialsHandle(&NTLM_asServer.hcred); NTLM_LocalCall = FALSE; Use_Unicode = FALSE; memcpy(pClientBuf, PNegotiateBuf, NegotiateLen); ZeroMemory(pServerBuf, cbMaxToken); ZeroMemory(&NTLM_asServer, sizeof(NTLM_asServer)); do { if (!hModule) break; /* Prepare server message (challenge) */ cbIn = NegotiateLen; cbOut = cbMaxToken; if (!GenServerContext(&NTLM_asServer, pClientBuf, cbIn, pServerBuf, &cbOut, &fDone, NULL)) break; fResult = pServerBuf; } while (0); if (fResult != NULL) { challenge = (ntlm_challenge *) fResult; Use_Unicode = NEGOTIATE_UNICODE & challenge->flags; NTLM_LocalCall = NEGOTIATE_THIS_IS_LOCAL_CALL & challenge->flags; encoded = base64_encode_bin((char *) fResult, cbOut); } return encoded; }