/* Does both the NTLMv2 owfs of a user's password */
bool ntv2_owf_gen(const uchar owf[16],
const char *user_in, const char *domain_in,
bool upper_case_domain, /* Transform the domain into UPPER case */
uchar kr_buf[16])
{
smb_ucs2_t *user;
smb_ucs2_t *domain;
size_t user_byte_len;
size_t domain_byte_len;
HMACMD5Context ctx;
if (!push_ucs2_allocate(&user, user_in, &user_byte_len)) {
DEBUG(0, ("push_uss2_allocate() for user failed: %s\n",
strerror(errno)));
return False;
}
if (!push_ucs2_allocate(&domain, domain_in, &domain_byte_len)) {
DEBUG(0, ("push_uss2_allocate() for domain failed: %s\n",
strerror(errno)));
SAFE_FREE(user);
return False;
}
strupper_w(user);
if (upper_case_domain)
strupper_w(domain);
SMB_ASSERT(user_byte_len >= 2);
SMB_ASSERT(domain_byte_len >= 2);
/* We don't want null termination */
user_byte_len = user_byte_len - 2;
domain_byte_len = domain_byte_len - 2;
hmac_md5_init_limK_to_64(owf, 16, &ctx);
hmac_md5_update((const unsigned char *)user, user_byte_len, &ctx);
hmac_md5_update((const unsigned char *)domain, domain_byte_len, &ctx);
hmac_md5_final(kr_buf, &ctx);
#ifdef DEBUG_PASSWORD
DEBUG(100, ("ntv2_owf_gen: user, domain, owfkey, kr\n"));
dump_data(100, (uint8 *)user, user_byte_len);
dump_data(100, (uint8 *)domain, domain_byte_len);
dump_data(100, (uint8 *)owf, 16);
dump_data(100, (uint8 *)kr_buf, 16);
#endif
SAFE_FREE(user);
SAFE_FREE(domain);
return True;
}
size_t push_ascii_nstring(void *dest, const char *src)
{
size_t i, buffer_len, dest_len;
smb_ucs2_t *buffer;
conv_silent = True;
buffer_len = push_ucs2_allocate(&buffer, src);
if (buffer_len == (size_t)-1) {
smb_panic("failed to create UCS2 buffer");
}
/* We're using buffer_len below to count ucs2 characters, not bytes. */
buffer_len /= sizeof(smb_ucs2_t);
dest_len = 0;
for (i = 0; buffer[i] != 0 && (i < buffer_len); i++) {
unsigned char mb[10];
/* Convert one smb_ucs2_t character at a time. */
size_t mb_len = convert_string(CH_UTF16LE, CH_DOS, buffer+i, sizeof(smb_ucs2_t), mb, sizeof(mb), False);
if ((mb_len != (size_t)-1) && (dest_len + mb_len <= MAX_NETBIOSNAME_LEN - 1)) {
memcpy((char *)dest + dest_len, mb, mb_len);
dest_len += mb_len;
} else {
errno = E2BIG;
break;
}
}
((char *)dest)[dest_len] = '\0';
SAFE_FREE(buffer);
conv_silent = False;
return dest_len;
}
static void name_map(char *OutName, BOOL need83, BOOL cache83, int default_case, int snum)
{
smb_ucs2_t *OutName_ucs2;
magic_char = lp_magicchar(snum);
DEBUG(5,("name_map( %s, need83 = %s, cache83 = %s)\n", OutName,
need83 ? "True" : "False", cache83 ? "True" : "False"));
if (push_ucs2_allocate(&OutName_ucs2, OutName) == (size_t)-1) {
DEBUG(0, ("push_ucs2_allocate failed!\n"));
return;
}
if( !need83 && !NT_STATUS_IS_OK(is_valid_name(OutName_ucs2, False, False)))
need83 = True;
/* check if it's already in 8.3 format */
if (need83 && !NT_STATUS_IS_OK(is_8_3_w(OutName_ucs2, False))) {
char *tmp = NULL;
/* mangle it into 8.3 */
if (cache83)
tmp = SMB_STRDUP(OutName);
to_8_3(OutName, default_case);
if(tmp != NULL) {
cache_mangled_name(OutName, tmp);
SAFE_FREE(tmp);
}
}
DEBUG(5,("name_map() ==> [%s]\n", OutName));
SAFE_FREE(OutName_ucs2);
}
bool secrets_store_trusted_domain_password(const char* domain, const char* pwd,
const DOM_SID *sid)
{
smb_ucs2_t *uni_dom_name;
bool ret;
/* packing structures */
uint8 *pass_buf = NULL;
int pass_len = 0;
struct trusted_dom_pass pass;
ZERO_STRUCT(pass);
if (push_ucs2_allocate(&uni_dom_name, domain) == (size_t)-1) {
DEBUG(0, ("Could not convert domain name %s to unicode\n",
domain));
return False;
}
strncpy_w(pass.uni_name, uni_dom_name, sizeof(pass.uni_name) - 1);
pass.uni_name_len = strlen_w(uni_dom_name)+1;
SAFE_FREE(uni_dom_name);
/* last change time */
pass.mod_time = time(NULL);
/* password of the trust */
pass.pass_len = strlen(pwd);
fstrcpy(pass.pass, pwd);
/* domain sid */
sid_copy(&pass.domain_sid, sid);
/* Calculate the length. */
pass_len = tdb_trusted_dom_pass_pack(NULL, 0, &pass);
pass_buf = SMB_MALLOC_ARRAY(uint8, pass_len);
if (!pass_buf) {
return false;
}
pass_len = tdb_trusted_dom_pass_pack(pass_buf, pass_len, &pass);
ret = secrets_store(trustdom_keystr(domain), (void *)pass_buf,
pass_len);
SAFE_FREE(pass_buf);
return ret;
}
size_t unix_strupper(const char *src, size_t srclen, char *dest, size_t destlen)
{
size_t size;
smb_ucs2_t *buffer;
size = push_ucs2_allocate(&buffer, src);
if (size == (size_t)-1) {
smb_panic("failed to create UCS2 buffer");
}
if (!strupper_w(buffer) && (dest == src)) {
free(buffer);
return srclen;
}
size = convert_string(CH_UTF16LE, CH_UNIX, buffer, size, dest, destlen, True);
free(buffer);
return size;
}
static int check_push_ucs2(const char *orig)
{
smb_ucs2_t *dest = NULL;
char *orig2 = NULL;
int ret;
push_ucs2_allocate(&dest, orig);
pull_ucs2_allocate(&orig2, dest);
ret = strcmp(orig, orig2);
if (ret) {
fprintf(stderr, "orig: %s\n", orig);
fprintf(stderr, "orig (UNIX -> UCS2 -> UNIX): %s\n", orig2);
}
SAFE_FREE(dest);
SAFE_FREE(orig2);
return ret;
}
char *strdup_lower(const char *s)
{
size_t size;
smb_ucs2_t *buffer = NULL;
char *out_buffer;
size = push_ucs2_allocate(&buffer, s);
if (size == -1 || !buffer) {
return NULL;
}
strlower_w(buffer);
size = pull_ucs2_allocate(&out_buffer, buffer);
SAFE_FREE(buffer);
if (size == (size_t)-1) {
return NULL;
}
return out_buffer;
}
static BOOL is_8_3(const char *fname, BOOL check_case, BOOL allow_wildcards,
const struct share_params *p)
{
const char *f;
smb_ucs2_t *ucs2name;
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
size_t size;
magic_char = lp_magicchar(p);
if (!fname || !*fname)
return False;
if ((f = strrchr(fname, '/')) == NULL)
f = fname;
else
f++;
if (strlen(f) > 12)
return False;
size = push_ucs2_allocate(&ucs2name, f);
if (size == (size_t)-1) {
DEBUG(0,("is_8_3: internal error push_ucs2_allocate() failed!\n"));
goto done;
}
ret = is_8_3_w(ucs2name, allow_wildcards);
done:
SAFE_FREE(ucs2name);
if (!NT_STATUS_IS_OK(ret)) {
return False;
}
return True;
}
static bool test_plaintext(enum ntlm_break break_which)
{
NTSTATUS nt_status;
uint32 flags = 0;
DATA_BLOB nt_response = data_blob_null;
DATA_BLOB lm_response = data_blob_null;
char *password;
smb_ucs2_t *nt_response_ucs2;
size_t converted_size;
uchar user_session_key[16];
uchar lm_key[16];
static const uchar zeros[8] = { 0, };
DATA_BLOB chall = data_blob(zeros, sizeof(zeros));
char *error_string;
ZERO_STRUCT(user_session_key);
flags |= WBFLAG_PAM_LMKEY;
flags |= WBFLAG_PAM_USER_SESSION_KEY;
if (!push_ucs2_allocate(&nt_response_ucs2, opt_password,
&converted_size))
{
DEBUG(0, ("push_ucs2_allocate failed!\n"));
exit(1);
}
nt_response.data = (unsigned char *)nt_response_ucs2;
nt_response.length = strlen_w(nt_response_ucs2)*sizeof(smb_ucs2_t);
if ((password = strdup_upper(opt_password)) == NULL) {
DEBUG(0, ("strdup_upper failed!\n"));
exit(1);
}
if (!convert_string_allocate(NULL, CH_UNIX,
CH_DOS, password,
strlen(password)+1,
&lm_response.data,
&lm_response.length, True)) {
DEBUG(0, ("convert_string_allocate failed!\n"));
exit(1);
}
SAFE_FREE(password);
switch (break_which) {
case BREAK_NONE:
break;
case BREAK_LM:
lm_response.data[0]++;
break;
case BREAK_NT:
nt_response.data[0]++;
break;
case NO_LM:
SAFE_FREE(lm_response.data);
lm_response.length = 0;
break;
case NO_NT:
SAFE_FREE(nt_response.data);
nt_response.length = 0;
break;
}
nt_status = contact_winbind_auth_crap(opt_username, opt_domain,
opt_workstation,
&chall,
&lm_response,
&nt_response,
flags,
lm_key,
user_session_key,
&error_string, NULL);
SAFE_FREE(nt_response.data);
SAFE_FREE(lm_response.data);
data_blob_free(&chall);
if (!NT_STATUS_IS_OK(nt_status)) {
d_printf("%s (0x%x)\n",
error_string,
NT_STATUS_V(nt_status));
SAFE_FREE(error_string);
return break_which == BREAK_NT;
}
return break_which != BREAK_NT;
}
