BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_pac_data) { DATA_BLOB pac_contents; ASN1_DATA data; int data_type; if (!auth_data->length) { return False; } asn1_load(&data, *auth_data); asn1_start_tag(&data, ASN1_SEQUENCE(0)); asn1_start_tag(&data, ASN1_SEQUENCE(0)); asn1_start_tag(&data, ASN1_CONTEXT(0)); asn1_read_Integer(&data, &data_type); if (data_type != KRB5_AUTHDATA_WIN2K_PAC ) { DEBUG(10,("authorization data is not a Windows PAC (type: %d)\n", data_type)); asn1_free(&data); return False; } asn1_end_tag(&data); asn1_start_tag(&data, ASN1_CONTEXT(1)); asn1_read_OctetString(&data, &pac_contents); asn1_end_tag(&data); asn1_end_tag(&data); asn1_end_tag(&data); asn1_free(&data); *unwrapped_pac_data = data_blob_talloc(mem_ctx, pac_contents.data, pac_contents.length); data_blob_free(&pac_contents); return True; }
static bool read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx, struct spnego_negTokenInit *token) { ZERO_STRUCTP(token); asn1_start_tag(asn1, ASN1_CONTEXT(0)); asn1_start_tag(asn1, ASN1_SEQUENCE(0)); while (!asn1->has_error && 0 < asn1_tag_remaining(asn1)) { int i; uint8_t context; if (!asn1_peek_uint8(asn1, &context)) { asn1->has_error = true; break; } switch (context) { /* Read mechTypes */ case ASN1_CONTEXT(0): asn1_start_tag(asn1, ASN1_CONTEXT(0)); asn1_start_tag(asn1, ASN1_SEQUENCE(0)); token->mechTypes = talloc(NULL, const char *); for (i = 0; !asn1->has_error && 0 < asn1_tag_remaining(asn1); i++) { token->mechTypes = talloc_realloc(NULL, token->mechTypes, const char *, i+2); asn1_read_OID(asn1, token->mechTypes, token->mechTypes + i); } token->mechTypes[i] = NULL; asn1_end_tag(asn1); asn1_end_tag(asn1); break; /* Read reqFlags */ case ASN1_CONTEXT(1): asn1_start_tag(asn1, ASN1_CONTEXT(1)); asn1_read_Integer(asn1, &token->reqFlags); token->reqFlags |= SPNEGO_REQ_FLAG; asn1_end_tag(asn1); break; /* Read mechToken */ case ASN1_CONTEXT(2): asn1_start_tag(asn1, ASN1_CONTEXT(2)); asn1_read_OctetString(asn1, mem_ctx, &token->mechToken); asn1_end_tag(asn1); break; /* Read mecListMIC */ case ASN1_CONTEXT(3): { uint8_t type_peek; asn1_start_tag(asn1, ASN1_CONTEXT(3)); if (!asn1_peek_uint8(asn1, &type_peek)) { asn1->has_error = true; break; } if (type_peek == ASN1_OCTET_STRING) { asn1_read_OctetString(asn1, mem_ctx, &token->mechListMIC); } else { /* RFC 2478 says we have an Octet String here, but W2k sends something different... */ char *mechListMIC; asn1_push_tag(asn1, ASN1_SEQUENCE(0)); asn1_push_tag(asn1, ASN1_CONTEXT(0)); asn1_read_GeneralString(asn1, mem_ctx, &mechListMIC); asn1_pop_tag(asn1); asn1_pop_tag(asn1); token->targetPrincipal = mechListMIC; } asn1_end_tag(asn1); break; } default: asn1->has_error = true; break; } } asn1_end_tag(asn1); asn1_end_tag(asn1); return !asn1->has_error; }
/* receive a cldap netlogon reply */ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx, int sock, uint32_t *nt_version, union nbt_cldap_netlogon **reply) { int ret; ASN1_DATA data; DATA_BLOB blob = data_blob_null; DATA_BLOB os1 = data_blob_null; DATA_BLOB os2 = data_blob_null; DATA_BLOB os3 = data_blob_null; int i1; /* half the time of a regular ldap timeout, not less than 3 seconds. */ unsigned int al_secs = MAX(3,lp_ldap_timeout()/2); union nbt_cldap_netlogon *r = NULL; blob = data_blob(NULL, 8192); if (blob.data == NULL) { DEBUG(1, ("data_blob failed\n")); errno = ENOMEM; return -1; } /* Setup timeout */ gotalarm = 0; CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig); alarm(al_secs); /* End setup timeout. */ ret = read(sock, blob.data, blob.length); /* Teardown timeout. */ CatchSignal(SIGALRM, SIGNAL_CAST SIG_IGN); alarm(0); if (ret <= 0) { DEBUG(1,("no reply received to cldap netlogon\n")); data_blob_free(&blob); return -1; } blob.length = ret; asn1_load(&data, blob); asn1_start_tag(&data, ASN1_SEQUENCE(0)); asn1_read_Integer(&data, &i1); asn1_start_tag(&data, ASN1_APPLICATION(4)); asn1_read_OctetString(&data, &os1); asn1_start_tag(&data, ASN1_SEQUENCE(0)); asn1_start_tag(&data, ASN1_SEQUENCE(0)); asn1_read_OctetString(&data, &os2); asn1_start_tag(&data, ASN1_SET); asn1_read_OctetString(&data, &os3); asn1_end_tag(&data); asn1_end_tag(&data); asn1_end_tag(&data); asn1_end_tag(&data); asn1_end_tag(&data); if (data.has_error) { data_blob_free(&blob); data_blob_free(&os1); data_blob_free(&os2); data_blob_free(&os3); asn1_free(&data); DEBUG(1,("Failed to parse cldap reply\n")); return -1; } r = TALLOC_ZERO_P(mem_ctx, union nbt_cldap_netlogon); if (!r) { errno = ENOMEM; data_blob_free(&os1); data_blob_free(&os2); data_blob_free(&os3); data_blob_free(&blob); return -1; } if (!pull_mailslot_cldap_reply(mem_ctx, &os3, r, nt_version)) { data_blob_free(&os1); data_blob_free(&os2); data_blob_free(&os3); data_blob_free(&blob); TALLOC_FREE(r); return -1; } data_blob_free(&os1); data_blob_free(&os2); data_blob_free(&os3); data_blob_free(&blob); asn1_free(&data); if (reply) { *reply = r; } else { TALLOC_FREE(r); } return 0; }
/* receive a cldap netlogon reply */ static int recv_cldap_netlogon(int sock, struct cldap_netlogon_reply *reply) { int ret; ASN1_DATA data; DATA_BLOB blob; DATA_BLOB os1, os2, os3; uint32 i1; char *p; blob = data_blob(NULL, 8192); ret = read(sock, blob.data, blob.length); if (ret <= 0) { d_printf("no reply received to cldap netlogon\n"); return -1; } blob.length = ret; asn1_load(&data, blob); asn1_start_tag(&data, ASN1_SEQUENCE(0)); asn1_read_Integer(&data, &i1); asn1_start_tag(&data, ASN1_APPLICATION(4)); asn1_read_OctetString(&data, &os1); asn1_start_tag(&data, ASN1_SEQUENCE(0)); asn1_start_tag(&data, ASN1_SEQUENCE(0)); asn1_read_OctetString(&data, &os2); asn1_start_tag(&data, ASN1_SET); asn1_read_OctetString(&data, &os3); asn1_end_tag(&data); asn1_end_tag(&data); asn1_end_tag(&data); asn1_end_tag(&data); asn1_end_tag(&data); if (data.has_error) { d_printf("Failed to parse cldap reply\n"); return -1; } p = (char *)os3.data; reply->type = IVAL(p, 0); p += 4; reply->flags = IVAL(p, 0); p += 4; memcpy(&reply->guid.info, p, UUID_FLAT_SIZE); p += UUID_FLAT_SIZE; p += pull_netlogon_string(reply->forest, p, (const char *)os3.data); p += pull_netlogon_string(reply->domain, p, (const char *)os3.data); p += pull_netlogon_string(reply->hostname, p, (const char *)os3.data); p += pull_netlogon_string(reply->netbios_domain, p, (const char *)os3.data); p += pull_netlogon_string(reply->netbios_hostname, p, (const char *)os3.data); p += pull_netlogon_string(reply->unk, p, (const char *)os3.data); if (reply->type == SAMLOGON_AD_R) { p += pull_netlogon_string(reply->user_name, p, (const char *)os3.data); } else { *reply->user_name = 0; } p += pull_netlogon_string(reply->site_name, p, (const char *)os3.data); p += pull_netlogon_string(reply->site_name_2, p, (const char *)os3.data); reply->version = IVAL(p, 0); reply->lmnt_token = SVAL(p, 4); reply->lm20_token = SVAL(p, 6); data_blob_free(&os1); data_blob_free(&os2); data_blob_free(&os3); data_blob_free(&blob); return 0; }
static bool read_negTokenInit(ASN1_DATA *asn1, negTokenInit_t *token) { ZERO_STRUCTP(token); asn1_start_tag(asn1, ASN1_CONTEXT(0)); asn1_start_tag(asn1, ASN1_SEQUENCE(0)); while (!asn1->has_error && 0 < asn1_tag_remaining(asn1)) { int i; switch (asn1->data[asn1->ofs]) { /* Read mechTypes */ case ASN1_CONTEXT(0): asn1_start_tag(asn1, ASN1_CONTEXT(0)); asn1_start_tag(asn1, ASN1_SEQUENCE(0)); token->mechTypes = SMB_MALLOC_P(const char *); for (i = 0; !asn1->has_error && 0 < asn1_tag_remaining(asn1); i++) { char *p_oid = NULL; token->mechTypes = SMB_REALLOC_ARRAY(token->mechTypes, const char *, i + 2); if (!token->mechTypes) { asn1->has_error = True; return False; } asn1_read_OID(asn1, &p_oid); token->mechTypes[i] = p_oid; } token->mechTypes[i] = NULL; asn1_end_tag(asn1); asn1_end_tag(asn1); break; /* Read reqFlags */ case ASN1_CONTEXT(1): asn1_start_tag(asn1, ASN1_CONTEXT(1)); asn1_read_Integer(asn1, &token->reqFlags); token->reqFlags |= SPNEGO_REQ_FLAG; asn1_end_tag(asn1); break; /* Read mechToken */ case ASN1_CONTEXT(2): asn1_start_tag(asn1, ASN1_CONTEXT(2)); asn1_read_OctetString(asn1, &token->mechToken); asn1_end_tag(asn1); break; /* Read mecListMIC */ case ASN1_CONTEXT(3): asn1_start_tag(asn1, ASN1_CONTEXT(3)); if (asn1->data[asn1->ofs] == ASN1_OCTET_STRING) { asn1_read_OctetString(asn1, &token->mechListMIC); } else { /* RFC 2478 says we have an Octet String here, but W2k sends something different... */ char *mechListMIC; asn1_push_tag(asn1, ASN1_SEQUENCE(0)); asn1_push_tag(asn1, ASN1_CONTEXT(0)); asn1_read_GeneralString(asn1, &mechListMIC); asn1_pop_tag(asn1); asn1_pop_tag(asn1); token->mechListMIC = data_blob(mechListMIC, strlen(mechListMIC)); SAFE_FREE(mechListMIC); } asn1_end_tag(asn1); break; default: asn1->has_error = True; break; } } asn1_end_tag(asn1); asn1_end_tag(asn1); return !asn1->has_error; }