Example #1
0
/* Does both the NTLMv2 owfs of a user's password */
bool ntv2_owf_gen(const uchar owf[16],
		  const char *user_in, const char *domain_in,
		  bool upper_case_domain, /* Transform the domain into UPPER case */
		  uchar kr_buf[16])
{
	smb_ucs2_t *user;
	smb_ucs2_t *domain;
	
	size_t user_byte_len;
	size_t domain_byte_len;

	HMACMD5Context ctx;

	if (!push_ucs2_allocate(&user, user_in, &user_byte_len)) {
		DEBUG(0, ("push_uss2_allocate() for user failed: %s\n",
			  strerror(errno)));
		return False;
	}

	if (!push_ucs2_allocate(&domain, domain_in, &domain_byte_len)) {
		DEBUG(0, ("push_uss2_allocate() for domain failed: %s\n",
			  strerror(errno)));
		SAFE_FREE(user);
		return False;
	}

	strupper_w(user);

	if (upper_case_domain)
		strupper_w(domain);

	SMB_ASSERT(user_byte_len >= 2);
	SMB_ASSERT(domain_byte_len >= 2);

	/* We don't want null termination */
	user_byte_len = user_byte_len - 2;
	domain_byte_len = domain_byte_len - 2;
	
	hmac_md5_init_limK_to_64(owf, 16, &ctx);
	hmac_md5_update((const unsigned char *)user, user_byte_len, &ctx);
	hmac_md5_update((const unsigned char *)domain, domain_byte_len, &ctx);
	hmac_md5_final(kr_buf, &ctx);

#ifdef DEBUG_PASSWORD
	DEBUG(100, ("ntv2_owf_gen: user, domain, owfkey, kr\n"));
	dump_data(100, (uint8 *)user, user_byte_len);
	dump_data(100, (uint8 *)domain, domain_byte_len);
	dump_data(100, (uint8 *)owf, 16);
	dump_data(100, (uint8 *)kr_buf, 16);
#endif

	SAFE_FREE(user);
	SAFE_FREE(domain);
	return True;
}
Example #2
0
size_t push_ascii_nstring(void *dest, const char *src)
{
	size_t i, buffer_len, dest_len;
	smb_ucs2_t *buffer;

	conv_silent = True;
	buffer_len = push_ucs2_allocate(&buffer, src);
	if (buffer_len == (size_t)-1) {
		smb_panic("failed to create UCS2 buffer");
	}

	/* We're using buffer_len below to count ucs2 characters, not bytes. */
	buffer_len /= sizeof(smb_ucs2_t);

	dest_len = 0;
	for (i = 0; buffer[i] != 0 && (i < buffer_len); i++) {
		unsigned char mb[10];
		/* Convert one smb_ucs2_t character at a time. */
		size_t mb_len = convert_string(CH_UTF16LE, CH_DOS, buffer+i, sizeof(smb_ucs2_t), mb, sizeof(mb), False);
		if ((mb_len != (size_t)-1) && (dest_len + mb_len <= MAX_NETBIOSNAME_LEN - 1)) {
			memcpy((char *)dest + dest_len, mb, mb_len);
			dest_len += mb_len;
		} else {
			errno = E2BIG;
			break;
		}
	}
	((char *)dest)[dest_len] = '\0';

	SAFE_FREE(buffer);
	conv_silent = False;
	return dest_len;
}
Example #3
0
static void name_map(char *OutName, BOOL need83, BOOL cache83, int default_case, int snum)
{
	smb_ucs2_t *OutName_ucs2;
	magic_char = lp_magicchar(snum);

	DEBUG(5,("name_map( %s, need83 = %s, cache83 = %s)\n", OutName,
		 need83 ? "True" : "False", cache83 ? "True" : "False"));
	
	if (push_ucs2_allocate(&OutName_ucs2, OutName) == (size_t)-1) {
		DEBUG(0, ("push_ucs2_allocate failed!\n"));
		return;
	}

	if( !need83 && !NT_STATUS_IS_OK(is_valid_name(OutName_ucs2, False, False)))
		need83 = True;

	/* check if it's already in 8.3 format */
	if (need83 && !NT_STATUS_IS_OK(is_8_3_w(OutName_ucs2, False))) {
		char *tmp = NULL; 

		/* mangle it into 8.3 */
		if (cache83)
			tmp = SMB_STRDUP(OutName);

		to_8_3(OutName, default_case);

		if(tmp != NULL) {
			cache_mangled_name(OutName, tmp);
			SAFE_FREE(tmp);
		}
	}

	DEBUG(5,("name_map() ==> [%s]\n", OutName));
	SAFE_FREE(OutName_ucs2);
}
Example #4
0
bool secrets_store_trusted_domain_password(const char* domain, const char* pwd,
                                           const DOM_SID *sid)
{
	smb_ucs2_t *uni_dom_name;
	bool ret;

	/* packing structures */
	uint8 *pass_buf = NULL;
	int pass_len = 0;

	struct trusted_dom_pass pass;
	ZERO_STRUCT(pass);

	if (push_ucs2_allocate(&uni_dom_name, domain) == (size_t)-1) {
		DEBUG(0, ("Could not convert domain name %s to unicode\n",
			  domain));
		return False;
	}

	strncpy_w(pass.uni_name, uni_dom_name, sizeof(pass.uni_name) - 1);
	pass.uni_name_len = strlen_w(uni_dom_name)+1;
	SAFE_FREE(uni_dom_name);

	/* last change time */
	pass.mod_time = time(NULL);

	/* password of the trust */
	pass.pass_len = strlen(pwd);
	fstrcpy(pass.pass, pwd);

	/* domain sid */
	sid_copy(&pass.domain_sid, sid);

	/* Calculate the length. */
	pass_len = tdb_trusted_dom_pass_pack(NULL, 0, &pass);
	pass_buf = SMB_MALLOC_ARRAY(uint8, pass_len);
	if (!pass_buf) {
		return false;
	}
	pass_len = tdb_trusted_dom_pass_pack(pass_buf, pass_len, &pass);
	ret = secrets_store(trustdom_keystr(domain), (void *)pass_buf,
			pass_len);
	SAFE_FREE(pass_buf);
	return ret;
}
Example #5
0
size_t unix_strupper(const char *src, size_t srclen, char *dest, size_t destlen)
{
	size_t size;
	smb_ucs2_t *buffer;
	
	size = push_ucs2_allocate(&buffer, src);
	if (size == (size_t)-1) {
		smb_panic("failed to create UCS2 buffer");
	}
	if (!strupper_w(buffer) && (dest == src)) {
		free(buffer);
		return srclen;
	}
	
	size = convert_string(CH_UTF16LE, CH_UNIX, buffer, size, dest, destlen, True);
	free(buffer);
	return size;
}
Example #6
0
static int check_push_ucs2(const char *orig) 
{
	smb_ucs2_t *dest = NULL;
	char *orig2 = NULL;
	int ret;

	push_ucs2_allocate(&dest, orig);
	pull_ucs2_allocate(&orig2, dest);
	ret = strcmp(orig, orig2);
	if (ret) {
		fprintf(stderr, "orig: %s\n", orig);
		fprintf(stderr, "orig (UNIX -> UCS2 -> UNIX): %s\n", orig2);
	}

	SAFE_FREE(dest);
	SAFE_FREE(orig2);

	return ret;
}
Example #7
0
char *strdup_lower(const char *s)
{
	size_t size;
	smb_ucs2_t *buffer = NULL;
	char *out_buffer;
	
	size = push_ucs2_allocate(&buffer, s);
	if (size == -1 || !buffer) {
		return NULL;
	}

	strlower_w(buffer);
	
	size = pull_ucs2_allocate(&out_buffer, buffer);
	SAFE_FREE(buffer);

	if (size == (size_t)-1) {
		return NULL;
	}
	
	return out_buffer;
}
Example #8
0
static BOOL is_8_3(const char *fname, BOOL check_case, BOOL allow_wildcards,
		   const struct share_params *p)
{
	const char *f;
	smb_ucs2_t *ucs2name;
	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
	size_t size;

	magic_char = lp_magicchar(p);

	if (!fname || !*fname)
		return False;
	if ((f = strrchr(fname, '/')) == NULL)
		f = fname;
	else
		f++;

	if (strlen(f) > 12)
		return False;
	
	size = push_ucs2_allocate(&ucs2name, f);
	if (size == (size_t)-1) {
		DEBUG(0,("is_8_3: internal error push_ucs2_allocate() failed!\n"));
		goto done;
	}

	ret = is_8_3_w(ucs2name, allow_wildcards);

done:
	SAFE_FREE(ucs2name);

	if (!NT_STATUS_IS_OK(ret)) { 
		return False;
	}
	
	return True;
}
static bool test_plaintext(enum ntlm_break break_which)
{
	NTSTATUS nt_status;
	uint32 flags = 0;
	DATA_BLOB nt_response = data_blob_null;
	DATA_BLOB lm_response = data_blob_null;
	char *password;
	smb_ucs2_t *nt_response_ucs2;
	size_t converted_size;

	uchar user_session_key[16];
	uchar lm_key[16];
	static const uchar zeros[8] = { 0, };
	DATA_BLOB chall = data_blob(zeros, sizeof(zeros));
	char *error_string;

	ZERO_STRUCT(user_session_key);
	
	flags |= WBFLAG_PAM_LMKEY;
	flags |= WBFLAG_PAM_USER_SESSION_KEY;

	if (!push_ucs2_allocate(&nt_response_ucs2, opt_password,
				&converted_size))
	{
		DEBUG(0, ("push_ucs2_allocate failed!\n"));
		exit(1);
	}

	nt_response.data = (unsigned char *)nt_response_ucs2;
	nt_response.length = strlen_w(nt_response_ucs2)*sizeof(smb_ucs2_t);

	if ((password = strdup_upper(opt_password)) == NULL) {
		DEBUG(0, ("strdup_upper failed!\n"));
		exit(1);
	}

	if (!convert_string_allocate(NULL, CH_UNIX,
				     CH_DOS, password,
				     strlen(password)+1, 
				     &lm_response.data,
				     &lm_response.length, True)) {
		DEBUG(0, ("convert_string_allocate failed!\n"));
		exit(1);
	}

	SAFE_FREE(password);

	switch (break_which) {
	case BREAK_NONE:
		break;
	case BREAK_LM:
		lm_response.data[0]++;
		break;
	case BREAK_NT:
		nt_response.data[0]++;
		break;
	case NO_LM:
		SAFE_FREE(lm_response.data);
		lm_response.length = 0;
		break;
	case NO_NT:
		SAFE_FREE(nt_response.data);
		nt_response.length = 0;
		break;
	}

	nt_status = contact_winbind_auth_crap(opt_username, opt_domain, 
					      opt_workstation,
					      &chall,
					      &lm_response,
					      &nt_response,
					      flags,
					      lm_key,
					      user_session_key,
					      &error_string, NULL);
	
	SAFE_FREE(nt_response.data);
	SAFE_FREE(lm_response.data);
	data_blob_free(&chall);

	if (!NT_STATUS_IS_OK(nt_status)) {
		d_printf("%s (0x%x)\n", 
			 error_string,
			 NT_STATUS_V(nt_status));
		SAFE_FREE(error_string);
		return break_which == BREAK_NT;
	}

        return break_which != BREAK_NT;
}