static void manage_squid_basic_request(enum stdio_helper_mode stdio_helper_mode,
char *buf, int length)
{
char *user, *pass;
user=buf;
pass=memchr(buf,' ',length);
if (!pass) {
DEBUG(2, ("Password not found. Denying access\n"));
x_fprintf(x_stdout, "ERR\n");
return;
}
*pass='******';
pass++;
if (stdio_helper_mode == SQUID_2_5_BASIC) {
rfc1738_unescape(user);
rfc1738_unescape(pass);
}
if (check_plaintext_auth(user, pass, False)) {
x_fprintf(x_stdout, "OK\n");
} else {
x_fprintf(x_stdout, "ERR\n");
}
}
static BOOL manage_client_ntlmssp_init(SPNEGO_DATA spnego)
{
NTSTATUS status;
DATA_BLOB null_blob = data_blob(NULL, 0);
DATA_BLOB to_server;
char *to_server_base64;
const char *my_mechs[] = {OID_NTLMSSP, NULL};
DEBUG(10, ("Got spnego negTokenInit with NTLMSSP\n"));
if (client_ntlmssp_state != NULL) {
DEBUG(1, ("Request for initial SPNEGO request where "
"we already have a state\n"));
return False;
}
if (!client_ntlmssp_state) {
if (!NT_STATUS_IS_OK(status = ntlm_auth_start_ntlmssp_client(&client_ntlmssp_state))) {
x_fprintf(x_stdout, "BH %s\n", nt_errstr(status));
return False;
}
}
if (opt_password == NULL) {
/* Request a password from the calling process. After
sending it, the calling process should retry with
the negTokenInit. */
DEBUG(10, ("Requesting password\n"));
x_fprintf(x_stdout, "PW\n");
return True;
}
spnego.type = SPNEGO_NEG_TOKEN_INIT;
spnego.negTokenInit.mechTypes = my_mechs;
spnego.negTokenInit.reqFlags = 0;
spnego.negTokenInit.mechListMIC = null_blob;
status = ntlmssp_update(client_ntlmssp_state, null_blob,
&spnego.negTokenInit.mechToken);
if ( !(NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) ||
NT_STATUS_IS_OK(status)) ) {
DEBUG(1, ("Expected OK or MORE_PROCESSING_REQUIRED, got: %s\n",
nt_errstr(status)));
ntlmssp_end(&client_ntlmssp_state);
return False;
}
write_spnego_data(&to_server, &spnego);
data_blob_free(&spnego.negTokenInit.mechToken);
to_server_base64 = base64_encode_data_blob(to_server);
data_blob_free(&to_server);
x_fprintf(x_stdout, "KK %s\n", to_server_base64);
SAFE_FREE(to_server_base64);
return True;
}
static BOOL check_auth_crap(void)
{
NTSTATUS nt_status;
uint32 flags = 0;
char lm_key[8];
char user_session_key[16];
char *hex_lm_key;
char *hex_user_session_key;
char *error_string;
static uint8 zeros[16];
x_setbuf(x_stdout, NULL);
if (request_lm_key)
flags |= WBFLAG_PAM_LMKEY;
if (request_user_session_key)
flags |= WBFLAG_PAM_USER_SESSION_KEY;
flags |= WBFLAG_PAM_NT_STATUS_SQUASH;
nt_status = contact_winbind_auth_crap(opt_username, opt_domain,
opt_workstation,
&opt_challenge,
&opt_lm_response,
&opt_nt_response,
flags,
(unsigned char *)lm_key,
(unsigned char *)user_session_key,
&error_string, NULL);
if (!NT_STATUS_IS_OK(nt_status)) {
x_fprintf(x_stdout, "%s (0x%x)\n",
error_string,
NT_STATUS_V(nt_status));
SAFE_FREE(error_string);
return False;
}
if (request_lm_key
&& (memcmp(zeros, lm_key,
sizeof(lm_key)) != 0)) {
hex_lm_key = hex_encode(NULL, (const unsigned char *)lm_key,
sizeof(lm_key));
x_fprintf(x_stdout, "LM_KEY: %s\n", hex_lm_key);
TALLOC_FREE(hex_lm_key);
}
if (request_user_session_key
&& (memcmp(zeros, user_session_key,
sizeof(user_session_key)) != 0)) {
hex_user_session_key = hex_encode(NULL, (const unsigned char *)user_session_key,
sizeof(user_session_key));
x_fprintf(x_stdout, "NT_KEY: %s\n", hex_user_session_key);
TALLOC_FREE(hex_user_session_key);
}
return True;
}
static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego)
{
NTSTATUS status;
DATA_BLOB null_blob = data_blob(NULL, 0);
DATA_BLOB request;
DATA_BLOB to_server;
char *to_server_base64;
DEBUG(10, ("Got spnego negTokenTarg with NTLMSSP\n"));
if (client_ntlmssp_state == NULL) {
DEBUG(1, ("Got NTLMSSP tArg without a client state\n"));
x_fprintf(x_stdout, "BH\n");
return;
}
if (spnego.negTokenTarg.negResult == SPNEGO_REJECT) {
x_fprintf(x_stdout, "NA\n");
ntlmssp_end(&client_ntlmssp_state);
return;
}
if (spnego.negTokenTarg.negResult == SPNEGO_ACCEPT_COMPLETED) {
x_fprintf(x_stdout, "AF\n");
ntlmssp_end(&client_ntlmssp_state);
return;
}
status = ntlmssp_update(client_ntlmssp_state,
spnego.negTokenTarg.responseToken,
&request);
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
DEBUG(1, ("Expected MORE_PROCESSING_REQUIRED from "
"ntlmssp_client_update, got: %s\n",
nt_errstr(status)));
x_fprintf(x_stdout, "BH\n");
data_blob_free(&request);
ntlmssp_end(&client_ntlmssp_state);
return;
}
spnego.type = SPNEGO_NEG_TOKEN_TARG;
spnego.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE;
spnego.negTokenTarg.supportedMech = (char *)OID_NTLMSSP;
spnego.negTokenTarg.responseToken = request;
spnego.negTokenTarg.mechListMIC = null_blob;
write_spnego_data(&to_server, &spnego);
data_blob_free(&request);
to_server_base64 = base64_encode_data_blob(to_server);
data_blob_free(&to_server);
x_fprintf(x_stdout, "KK %s\n", to_server_base64);
SAFE_FREE(to_server_base64);
return;
}
static void offer_gss_spnego_mechs(void) {
DATA_BLOB token;
SPNEGO_DATA spnego;
ssize_t len;
char *reply_base64;
pstring principal;
pstring myname_lower;
ZERO_STRUCT(spnego);
pstrcpy(myname_lower, global_myname());
strlower_m(myname_lower);
pstr_sprintf(principal, "%s$@%s", myname_lower, lp_realm());
/* Server negTokenInit (mech offerings) */
spnego.type = SPNEGO_NEG_TOKEN_INIT;
spnego.negTokenInit.mechTypes = SMB_XMALLOC_ARRAY(const char *, 2);
#ifdef HAVE_KRB5
spnego.negTokenInit.mechTypes[0] = smb_xstrdup(OID_KERBEROS5_OLD);
spnego.negTokenInit.mechTypes[1] = smb_xstrdup(OID_NTLMSSP);
spnego.negTokenInit.mechTypes[2] = NULL;
#else
spnego.negTokenInit.mechTypes[0] = smb_xstrdup(OID_NTLMSSP);
spnego.negTokenInit.mechTypes[1] = NULL;
#endif
spnego.negTokenInit.mechListMIC = data_blob(principal,
strlen(principal));
len = write_spnego_data(&token, &spnego);
free_spnego_data(&spnego);
if (len == -1) {
DEBUG(1, ("Could not write SPNEGO data blob\n"));
x_fprintf(x_stdout, "BH\n");
return;
}
reply_base64 = base64_encode_data_blob(token);
x_fprintf(x_stdout, "TT %s *\n", reply_base64);
SAFE_FREE(reply_base64);
data_blob_free(&token);
DEBUG(10, ("sent SPNEGO negTokenInit\n"));
return;
}
/**
* Hook function - dump a char_attr line to a file
*/
void dump_line_file(char_attr *this_line)
{
int x = 0;
char_attr xa = this_line[0];
byte (*old_xchar_hook)(byte c) = Term->xchar_hook;
char buf[2];
/* We use either ascii or system-specific encoding */
int encoding = OPT(xchars_to_file) ? SYSTEM_SPECIFIC : ASCII;
/* Display the requested encoding -- ASCII or system-specific */
if (!OPT(xchars_to_file)) Term->xchar_hook = NULL;
/* Dump the line */
while (xa.pchar != '\0')
{
/* Add the char/attr */
x_fprintf(dump_out_file, encoding, "%c", xa.pchar);
/* Advance */
xa = this_line[++x];
}
/* Return to standard display */
Term->xchar_hook = old_xchar_hook;
/* Terminate the line */
buf[0] = '\n';
buf[1] = '\0';
file_put(dump_out_file, buf);
}
static void manage_squid_request(enum stdio_helper_mode helper_mode, stdio_helper_function fn)
{
char buf[SQUID_BUFFER_SIZE+1];
int length;
char *c;
static BOOL err;
/* this is not a typo - x_fgets doesn't work too well under squid */
if (fgets(buf, sizeof(buf)-1, stdin) == NULL) {
if (ferror(stdin)) {
DEBUG(1, ("fgets() failed! dying..... errno=%d (%s)\n", ferror(stdin),
strerror(ferror(stdin))));
exit(1); /* BIIG buffer */
}
exit(0);
}
c=memchr(buf,'\n',sizeof(buf)-1);
if (c) {
*c = '\0';
length = c-buf;
} else {
err = 1;
return;
}
if (err) {
DEBUG(2, ("Oversized message\n"));
x_fprintf(x_stderr, "ERR\n");
err = 0;
return;
}
DEBUG(10, ("Got '%s' from squid (length: %d).\n",buf,length));
if (buf[0] == '\0') {
DEBUG(2, ("Invalid Request\n"));
x_fprintf(x_stderr, "ERR\n");
return;
}
fn(helper_mode, buf, length);
}
static void manage_client_krb5_targ(SPNEGO_DATA spnego)
{
switch (spnego.negTokenTarg.negResult) {
case SPNEGO_ACCEPT_INCOMPLETE:
DEBUG(1, ("Got a Kerberos negTokenTarg with ACCEPT_INCOMPLETE\n"));
x_fprintf(x_stdout, "BH\n");
break;
case SPNEGO_ACCEPT_COMPLETED:
DEBUG(10, ("Accept completed\n"));
x_fprintf(x_stdout, "AF\n");
break;
case SPNEGO_REJECT:
DEBUG(10, ("Rejected\n"));
x_fprintf(x_stdout, "NA\n");
break;
default:
DEBUG(1, ("Got an invalid negTokenTarg\n"));
x_fprintf(x_stdout, "AF\n");
}
}
static void mux_printf(unsigned int mux_id, const char *format, ...)
{
va_list ap;
if (opt_multiplex) {
x_fprintf(x_stdout, "%d ", mux_id);
}
va_start(ap, format);
x_vfprintf(x_stdout, format, ap);
va_end(ap);
}
static char *smb_readline_replacement(const char *prompt, void (*callback)(void),
char **(completion_fn)(const char *text, int start, int end))
{
char *line = NULL;
int fd = x_fileno(x_stdin);
char *ret;
/* Prompt might be NULL in non-interactive mode. */
if (prompt) {
x_fprintf(x_stdout, "%s", prompt);
x_fflush(x_stdout);
}
line = (char *)malloc(BUFSIZ);
if (!line) {
return NULL;
}
while (!smb_rl_done) {
struct pollfd pfd;
ZERO_STRUCT(pfd);
pfd.fd = fd;
pfd.events = POLLIN|POLLHUP;
if (sys_poll_intr(&pfd, 1, 5000) == 1) {
ret = x_fgets(line, BUFSIZ, x_stdin);
if (ret == 0) {
SAFE_FREE(line);
}
return ret;
}
if (callback) {
callback();
}
}
SAFE_FREE(line);
return NULL;
}
/* Function Definitions */
static boolean_T b_MACLayerTransmitter(testMACTransmitterStackData *SD, const
emlrtStack *sp, comm_AGC *ObjAGC, comm_SDRuReceiver *ObjSDRuReceiver,
comm_SDRuTransmitter *ObjSDRuTransmitter, commcodegen_CRCDetector *ObjDetect,
OFDMDemodulator_1 *ObjPreambleDemod, OFDMDemodulator_1 *ObjDataDemod, const
c_struct_T *estimate, const e_struct_T *tx, const real_T messageBits_data[563],
char_T previousMessage_data[77], int32_T previousMessage_size[2])
{
boolean_T msgStatus;
int32_T tries;
int32_T state;
real_T decisions[10];
real_T destNodeID;
int16_T i36;
comm_SDRuTransmitter *obj;
boolean_T flag;
boolean_T exitg1;
comm_AGC *b_ObjAGC;
comm_SDRuReceiver *b_ObjSDRuReceiver;
commcodegen_CRCDetector *b_ObjDetect;
OFDMDemodulator_1 *b_ObjPreambleDemod;
OFDMDemodulator_1 *b_ObjDataDemod;
int32_T originNodeID;
real_T timeouts;
int32_T Response_size[2];
int32_T exitg10;
boolean_T guard1 = FALSE;
static const char_T b[7] = { 'T', 'i', 'm', 'e', 'o', 'u', 't' };
char_T Response_data[80];
int32_T messageBits_size[2];
real_T b_messageBits_data[563];
int8_T sza[2];
int32_T exitg16;
int32_T exitg15;
static const char_T cv343[7] = { 'T', 'i', 'm', 'e', 'o', 'u', 't' };
int32_T exitg14;
int32_T exitg13;
static const char_T cv344[9] = { 'C', 'R', 'C', ' ', 'E', 'r', 'r', 'o', 'r' };
int8_T szb[2];
int32_T exitg12;
int32_T exitg11;
int32_T loop_ub;
static const char_T b_b[9] = { 'D', 'u', 'p', 'l', 'i', 'c', 'a', 't', 'e' };
char_T b_Response_data[80];
int32_T exitg9;
int32_T exitg8;
boolean_T b_guard1 = FALSE;
int32_T exitg7;
int32_T exitg6;
static const char_T cv345[9] = { 'D', 'u', 'p', 'l', 'i', 'c', 'a', 't', 'e' };
int32_T exitg5;
int32_T exitg4;
int32_T exitg3;
int32_T exitg2;
static const char_T cv346[3] = { 'A', 'C', 'K' };
emlrtStack st;
emlrtStack b_st;
emlrtStack c_st;
st.prev = sp;
st.tls = sp->tls;
b_st.prev = &st;
b_st.tls = st.tls;
c_st.prev = &b_st;
c_st.tls = b_st.tls;
/* %Objects */
/* %Structs */
/* %Values/Vectors */
/* % This function is called when the node wants to transmit something */
/* % Sense spectrum and wait until it is unoccupied */
for (tries = 0; tries < 4; tries++) {
/* try only so many times */
for (state = 0; state < 10; state++) {
st.site = &xl_emlrtRSI;
SpectrumSenseP25(SD, &st, ObjAGC, ObjSDRuReceiver, decisions);
destNodeID = muDoubleScalarRound(decisions[state]);
if (destNodeID < 32768.0) {
if (destNodeID >= -32768.0) {
i36 = (int16_T)destNodeID;
} else {
i36 = MIN_int16_T;
}
} else if (destNodeID >= 32768.0) {
i36 = MAX_int16_T;
} else {
i36 = 0;
}
st.site = &yl_emlrtRSI;
d_fprintf(&st, (int16_T)(1 + state), i36);
emlrtBreakCheckFastR2012b(emlrtBreakCheckR2012bFlagVar, sp);
}
/* if occupied */
/* fprintf('MAC| Spectrum occupied, listening...\n'); */
/* %Recover signal and/or wait */
/* lookingForACK = false; */
/* %MACLayerReceiver(PHY,lookingForACK); */
/* else% Yay we can transmit now */
/* break; */
/* end */
/* if tries >=4 */
/* fprintf('MAC| Spectrum Busy, try again later\n'); */
/* return; */
/* end */
emlrtBreakCheckFastR2012b(emlrtBreakCheckR2012bFlagVar, sp);
}
msgStatus = FALSE;
/* Adjust offset for node */
st.site = &am_emlrtRSI;
f_fprintf(&st, 1, tx->offsetTable[0]);
st.site = &bm_emlrtRSI;
obj = ObjSDRuTransmitter;
b_st.site = &gb_emlrtRSI;
obj->CenterFrequency = 2.24E+9 + tx->offsetTable[0];
c_st.site = &ck_emlrtRSI;
b_st.site = &gb_emlrtRSI;
if (obj->isInitialized && (!obj->isReleased)) {
flag = TRUE;
} else {
flag = FALSE;
}
if (flag) {
obj->TunablePropsChanged = TRUE;
obj->tunablePropertyChanged[1] = TRUE;
}
/* % Spectrum clear, send message */
tries = 0;
exitg1 = FALSE;
while ((exitg1 == FALSE) && (tries < 4)) {
/* Send message */
/* %originator */
/* %destination */
st.site = &cm_emlrtRSI;
PHYTransmit(SD, &st, ObjSDRuTransmitter, ObjSDRuReceiver, tx->nodeNum);
/* Listen for acknowledgement */
/* fprintf('###########################################\n'); */
st.site = &dm_emlrtRSI;
h_fprintf(&st);
/* Call Receiver */
/* %Objects */
/* %Structs */
/* %Values/Vectors */
st.site = &em_emlrtRSI;
b_ObjAGC = ObjAGC;
b_ObjSDRuReceiver = ObjSDRuReceiver;
obj = ObjSDRuTransmitter;
b_ObjDetect = ObjDetect;
b_ObjPreambleDemod = ObjPreambleDemod;
b_ObjDataDemod = ObjDataDemod;
/* %Objects */
/* %Structs */
/* %Values/Vectors */
/* This function is called when the node is just listening to the spectrum */
/* waiting for a message to be transmitted to them */
/* % Listen to the spectrum */
/* previousMessage will be updated for next run */
/* %Objects */
/* %Structs */
/* %Values/Vectors */
b_st.site = &rt_emlrtRSI;
/* %Objects */
/* %Structs */
/* %Values/Vectors */
/* Initialize values */
originNodeID = -1;
destNodeID = -1.0;
/* 0 = Call PHY Receiver */
/* 1 = Timeout */
/* 2 = Corrupt Message */
/* 3 = Message Reception Successfull */
/* Duplicates are checked at the last stage */
state = 0;
/* Initial state */
timeouts = 0.0;
/* Counter */
/* Message string holder */
emlrtDimSizeGeqCheckFastR2012b(80, 0, &y_emlrtECI, &b_st);
Response_size[0] = 1;
Response_size[1] = 0;
/* Run system */
do {
exitg10 = 0;
/* %% Process Messages */
guard1 = FALSE;
switch (state) {
case 0:
/* Wait for message */
if (timeouts > 10.0) {
emlrtDimSizeGeqCheckFastR2012b(80, 7, &db_emlrtECI, &b_st);
Response_size[0] = 1;
Response_size[1] = 7;
for (state = 0; state < 7; state++) {
Response_data[state] = b[state];
}
exitg10 = 1;
} else {
/* Call Physical Layer */
/* %Objects */
/* %Structs */
/* %Values/Vectors */
SD->f15.estimate = *estimate;
messageBits_size[0] = 1;
messageBits_size[1] = 563;
memcpy(&b_messageBits_data[0], &messageBits_data[0], 563U * sizeof
(real_T));
c_st.site = &eu_emlrtRSI;
PHYReceive(SD, &c_st, b_ObjAGC, b_ObjSDRuReceiver, b_ObjDetect,
b_ObjPreambleDemod, b_ObjDataDemod, &SD->f15.estimate,
tx->shortPreambleOFDM, tx->longPreamble, tx->pilots,
tx->pilotLocationsWithoutGuardbands,
tx->dataSubcarrierIndexies.data,
tx->dataSubcarrierIndexies.size, b_messageBits_data,
messageBits_size, Response_data, Response_size);
/* Choose next state */
c_st.site = &fu_emlrtRSI;
flag = FALSE;
for (state = 0; state < 2; state++) {
sza[state] = (int8_T)Response_size[state];
}
state = 0;
do {
exitg16 = 0;
if (state < 2) {
if (sza[state] != 1 + 6 * state) {
exitg16 = 1;
} else {
state++;
}
} else {
state = 0;
exitg16 = 2;
}
} while (exitg16 == 0);
if (exitg16 == 1) {
} else {
do {
exitg15 = 0;
if (state <= Response_size[1] - 1) {
if (Response_data[state] != cv343[state]) {
exitg15 = 1;
} else {
state++;
}
} else {
flag = TRUE;
exitg15 = 1;
}
} while (exitg15 == 0);
}
if (flag) {
state = 1;
} else {
c_st.site = &gu_emlrtRSI;
flag = FALSE;
for (state = 0; state < 2; state++) {
sza[state] = (int8_T)Response_size[state];
}
state = 0;
do {
exitg14 = 0;
if (state < 2) {
if (sza[state] != 1 + (state << 3)) {
exitg14 = 1;
} else {
state++;
}
} else {
state = 0;
exitg14 = 2;
}
} while (exitg14 == 0);
if (exitg14 == 1) {
} else {
do {
exitg13 = 0;
if (state <= Response_size[1] - 1) {
if (Response_data[state] != cv344[state]) {
exitg13 = 1;
} else {
state++;
}
} else {
flag = TRUE;
exitg13 = 1;
}
} while (exitg13 == 0);
}
if (flag || (Response_size[1] == 0)) {
state = 2;
} else {
/* Successfully decoded */
state = 3;
}
}
/* Timeout occured */
guard1 = TRUE;
}
break;
case 1:
timeouts++;
if (timeouts > 10.0) {
/* if DebugFlag;fprintf('DL| Max timeouts reached\n');end */
c_st.site = &du_emlrtRSI;
l_fprintf(&c_st);
emlrtDimSizeGeqCheckFastR2012b(80, 7, &cb_emlrtECI, &b_st);
Response_size[0] = 1;
Response_size[1] = 7;
for (state = 0; state < 7; state++) {
Response_data[state] = b[state];
}
exitg10 = 1;
} else {
state = 0;
/* Get another message */
/* Message corrupted */
guard1 = TRUE;
}
break;
case 2:
timeouts += 0.01;
state = 0;
/* Get another message */
/* Default: Message successfully received */
guard1 = TRUE;
break;
case 3:
/* otherwise */
/* disp(['DL| MSG: ',Response]) */
/* disp(['DL| Timeouts: ',num2str(timeouts)]) */
/* Final Duplication check */
c_st.site = &bu_emlrtRSI;
flag = FALSE;
for (state = 0; state < 2; state++) {
sza[state] = (int8_T)previousMessage_size[state];
}
for (state = 0; state < 2; state++) {
szb[state] = (int8_T)Response_size[state];
}
state = 0;
do {
exitg12 = 0;
if (state < 2) {
if (sza[state] != szb[state]) {
exitg12 = 1;
} else {
state++;
}
} else {
state = 0;
exitg12 = 2;
}
} while (exitg12 == 0);
if (exitg12 == 1) {
} else {
do {
exitg11 = 0;
if (state <= previousMessage_size[1] - 1) {
if (previousMessage_data[state] != Response_data[state]) {
exitg11 = 1;
} else {
state++;
}
} else {
flag = TRUE;
exitg11 = 1;
}
} while (exitg11 == 0);
}
if (flag) {
/* Dupe */
/* if DebugFlag;fprintf('DL| Duplicate Message\n');end */
c_st.site = &cu_emlrtRSI;
j_fprintf(&c_st);
previousMessage_size[0] = 1;
previousMessage_size[1] = Response_size[1];
loop_ub = Response_size[1];
for (state = 0; state < loop_ub; state++) {
previousMessage_data[previousMessage_size[0] * state] =
Response_data[Response_size[0] * state];
}
/* Update history for next iteration */
state = Response_size[1] - 2;
originNodeID = (uint8_T)
Response_data[emlrtDynamicBoundsCheckFastR2012b(state, 1,
Response_size[1], &wb_emlrtBCI, &b_st) - 1] - 48;
/* extract node ID and convert char to number */
state = Response_size[1] - 1;
destNodeID = (real_T)(uint8_T)
Response_data[emlrtDynamicBoundsCheckFastR2012b(state, 1,
Response_size[1], &xb_emlrtBCI, &b_st) - 1] - 48.0;
/* extract node ID and convert char to number */
emlrtDimSizeGeqCheckFastR2012b(80, 9, &ab_emlrtECI, &b_st);
Response_size[0] = 1;
Response_size[1] = 9;
for (state = 0; state < 9; state++) {
Response_data[state] = b_b[state];
}
/* Tell upper layers duplicate */
} else {
/* No Dupe */
previousMessage_size[0] = 1;
previousMessage_size[1] = Response_size[1];
loop_ub = Response_size[1];
for (state = 0; state < loop_ub; state++) {
previousMessage_data[previousMessage_size[0] * state] =
Response_data[Response_size[0] * state];
}
/* Update history for next iteration */
state = Response_size[1] - 2;
originNodeID = (uint8_T)
Response_data[emlrtDynamicBoundsCheckFastR2012b(state, 1,
Response_size[1], &ub_emlrtBCI, &b_st) - 1] - 48;
/* extract node ID and convert char to number */
state = Response_size[1] - 1;
destNodeID = (real_T)(uint8_T)
Response_data[emlrtDynamicBoundsCheckFastR2012b(state, 1,
Response_size[1], &vb_emlrtBCI, &b_st) - 1] - 48.0;
/* extract node ID and convert char to number */
if (1 > Response_size[1] - 3) {
loop_ub = 0;
} else {
emlrtDynamicBoundsCheckFastR2012b(1, 1, Response_size[1],
&tb_emlrtBCI, &b_st);
state = Response_size[1] - 3;
loop_ub = emlrtDynamicBoundsCheckFastR2012b(state, 1, Response_size
[1], &tb_emlrtBCI, &b_st);
}
emlrtDimSizeGeqCheckFastR2012b(80, loop_ub, &bb_emlrtECI, &b_st);
for (state = 0; state < loop_ub; state++) {
b_Response_data[state] = Response_data[state];
}
Response_size[0] = 1;
Response_size[1] = loop_ub;
for (state = 0; state < loop_ub; state++) {
Response_data[state] = b_Response_data[state];
}
/* Remove identifer key and nodeIDs */
}
exitg10 = 1;
break;
default:
guard1 = TRUE;
break;
}
if (guard1 == TRUE) {
emlrtBreakCheckFastR2012b(emlrtBreakCheckR2012bFlagVar, &b_st);
}
} while (exitg10 == 0);
/* Final check */
c_st.site = &hu_emlrtRSI;
if (muDoubleScalarAbs(destNodeID) > 3.0) {
destNodeID = tx->nodeNum;
/* Something went wrong, probably corrupt message, reset to self */
}
/* % Possible response messages */
/* 1.) Timeout */
/* 2.) Some message */
b_st.site = &st_emlrtRSI;
flag = FALSE;
for (state = 0; state < 2; state++) {
sza[state] = (int8_T)Response_size[state];
}
state = 0;
do {
exitg9 = 0;
if (state < 2) {
if (sza[state] != 1 + 6 * state) {
exitg9 = 1;
} else {
state++;
}
} else {
state = 0;
exitg9 = 2;
}
} while (exitg9 == 0);
if (exitg9 == 1) {
} else {
do {
exitg8 = 0;
if (state <= Response_size[1] - 1) {
if (Response_data[state] != cv343[state]) {
exitg8 = 1;
} else {
state++;
}
} else {
flag = TRUE;
exitg8 = 1;
}
} while (exitg8 == 0);
}
b_guard1 = FALSE;
if (!flag) {
b_st.site = &st_emlrtRSI;
flag = FALSE;
for (state = 0; state < 2; state++) {
sza[state] = (int8_T)Response_size[state];
}
state = 0;
do {
exitg7 = 0;
if (state < 2) {
if (sza[state] != 1 + (state << 3)) {
exitg7 = 1;
} else {
state++;
}
} else {
state = 0;
exitg7 = 2;
}
} while (exitg7 == 0);
if (exitg7 == 1) {
} else {
do {
exitg6 = 0;
if (state <= Response_size[1] - 1) {
if (Response_data[state] != cv345[state]) {
exitg6 = 1;
} else {
state++;
}
} else {
flag = TRUE;
exitg6 = 1;
}
} while (exitg6 == 0);
}
if (!flag) {
/* fprintf('###########################################\n'); */
b_st.site = &tt_emlrtRSI;
n_fprintf(&b_st, Response_data, Response_size);
b_st.site = &ut_emlrtRSI;
p_fprintf(&b_st, (int16_T)originNodeID);
} else {
b_guard1 = TRUE;
}
} else {
b_guard1 = TRUE;
}
if (b_guard1 == TRUE) {
b_st.site = &vt_emlrtRSI;
flag = FALSE;
for (state = 0; state < 2; state++) {
sza[state] = (int8_T)Response_size[state];
}
state = 0;
do {
exitg5 = 0;
if (state < 2) {
if (sza[state] != 1 + (state << 3)) {
exitg5 = 1;
} else {
state++;
}
} else {
state = 0;
exitg5 = 2;
}
} while (exitg5 == 0);
if (exitg5 == 1) {
} else {
do {
exitg4 = 0;
if (state <= Response_size[1] - 1) {
if (Response_data[state] != cv345[state]) {
exitg4 = 1;
} else {
state++;
}
} else {
flag = TRUE;
exitg4 = 1;
}
} while (exitg4 == 0);
}
if (flag) {
b_st.site = &wt_emlrtRSI;
r_fprintf(&b_st);
/* %% Send ACK */
b_st.site = &xt_emlrtRSI;
f_fprintf(&b_st, (int16_T)originNodeID, tx->
offsetTable[emlrtDynamicBoundsCheckFastR2012b(originNodeID, 1,
3, &yb_emlrtBCI, &st) - 1]);
b_st.site = &yt_emlrtRSI;
c_st.site = &gb_emlrtRSI;
obj->CenterFrequency = 2.24E+9 + tx->offsetTable[originNodeID - 1];
c_st.site = &gb_emlrtRSI;
if (obj->isInitialized && (!obj->isReleased)) {
flag = TRUE;
} else {
flag = FALSE;
}
if (flag) {
obj->TunablePropsChanged = TRUE;
obj->tunablePropertyChanged[1] = TRUE;
}
/* Adjust offset for node */
b_st.site = &au_emlrtRSI;
b_PHYTransmit(SD, &b_st, obj, b_ObjSDRuReceiver, originNodeID,
destNodeID);
}
}
st.site = &fm_emlrtRSI;
flag = FALSE;
for (state = 0; state < 2; state++) {
sza[state] = (int8_T)Response_size[state];
}
state = 0;
do {
exitg3 = 0;
if (state < 2) {
if (sza[state] != 1 + (state << 1)) {
exitg3 = 1;
} else {
state++;
}
} else {
state = 0;
exitg3 = 2;
}
} while (exitg3 == 0);
if (exitg3 == 1) {
} else {
do {
exitg2 = 0;
if (state <= Response_size[1] - 1) {
if (Response_data[state] != cv346[state]) {
exitg2 = 1;
} else {
state++;
}
} else {
flag = TRUE;
exitg2 = 1;
}
} while (exitg2 == 0);
}
if (flag) {
st.site = &gm_emlrtRSI;
t_fprintf(&st);
msgStatus = TRUE;
exitg1 = TRUE;
} else {
st.site = &hm_emlrtRSI;
v_fprintf(&st);
if (tries + 1 >= 4) {
st.site = &im_emlrtRSI;
x_fprintf(&st);
st.site = &jm_emlrtRSI;
ab_fprintf(&st);
st.site = &km_emlrtRSI;
x_fprintf(&st);
exitg1 = TRUE;
} else {
tries++;
emlrtBreakCheckFastR2012b(emlrtBreakCheckR2012bFlagVar, sp);
}
}
}
return msgStatus;
}
/*
* Create a spoiler file for items
*/
void spoil_obj_desc(cptr fname)
{
int i, k, s, t, n = 0;
u16b who[256];
char buf[1024];
char wgt[DESC_LEN];
char dam[DESC_LEN];
/* We use either ascii or system-specific encoding */
int encoding = (xchars_to_file) ? SYSTEM_SPECIFIC : ASCII;
/* Build the filename */
(void)path_build(buf, sizeof(buf), ANGBAND_DIR_INFO, fname);
/* File type is "TEXT" */
FILE_TYPE(FILE_TYPE_TEXT);
/* Open the file */
fff = my_fopen(buf, "w");
/* Oops */
if (!fff)
{
msg_print("Cannot create spoiler file.");
return;
}
/* Dump to the spoiler file */
text_out_hook = text_out_to_file;
text_out_file = fff;
/* Print header */
print_header("Object");
/* More Header */
x_fprintf(fff, encoding, "%-45s %8s%7s%5s%9s\n",
"Description", "Dam/AC", "Wgt", "Lev", "Cost");
x_fprintf(fff, encoding, "%-45s %8s%7s%5s%9s\n",
"----------------------------------------",
"------", "---", "---", "----");
/* List the groups */
for (i = 0; TRUE; i++)
{
/* Write out the group title */
if (group_item[i].name)
{
/* Hack -- bubble-sort by cost and then level */
for (s = 0; s < n - 1; s++)
{
for (t = 0; t < n - 1; t++)
{
int i1 = t;
int i2 = t + 1;
int e1;
int e2;
s32b t1;
s32b t2;
kind_info(NULL, NULL, NULL, &e1, &t1, who[i1]);
kind_info(NULL, NULL, NULL, &e2, &t2, who[i2]);
if ((t1 > t2) || ((t1 == t2) && (e1 > e2)))
{
int tmp = who[i1];
who[i1] = who[i2];
who[i2] = tmp;
}
}
}
/* Spoil each item */
for (s = 0; s < n; s++)
{
int e;
s32b v;
/* Describe the kind */
kind_info(buf, dam, wgt, &e, &v, who[s]);
/* Dump it */
if (!strlen(dam))
x_fprintf(fff, encoding, " %-53s%7s%5d%9ld\n",
buf, wgt, e, (long)(v));
else
x_fprintf(fff, encoding, " %-45s%8s%7s%5d%9ld\n",
buf, dam, wgt, e, (long)(v));
}
/* Start a new set */
n = 0;
/* Notice the end */
if (!group_item[i].tval) break;
/* Start a new set */
x_fprintf(fff, encoding, "\n\n%s\n\n", group_item[i].name);
}
/* Acquire legal item types */
for (k = 1; k < z_info->k_max; k++)
{
object_kind *k_ptr = &k_info[k];
/* Skip objects not of this tval */
if (k_ptr->tval != group_item[i].tval) continue;
/* Hack -- Skip instant-artifacts */
if (k_ptr->flags3 & (TR3_INSTA_ART)) continue;
/* Save the index */
who[n++] = k;
}
}
/* Check for errors */
if (ferror(fff) || my_fclose(fff))
{
msg_print("Cannot close spoiler file.");
return;
}
/* Message */
msg_print("Successfully created a spoiler file.");
}
static void manage_squid_request(struct loadparm_context *lp_ctx, enum stdio_helper_mode helper_mode,
stdio_helper_function fn, void **private2)
{
char *buf;
char tmp[INITIAL_BUFFER_SIZE+1];
unsigned int mux_id = 0;
int length, buf_size = 0;
char *c;
struct mux_private {
unsigned int max_mux;
void **private_pointers;
};
static struct mux_private *mux_private;
static void *normal_private;
void **private1;
buf = talloc_strdup(NULL, "");
if (buf == NULL) {
DEBUG(0, ("Failed to allocate memory for reading the input "
"buffer.\n"));
x_fprintf(x_stdout, "ERR\n");
return;
}
do {
/* this is not a typo - x_fgets doesn't work too well under
* squid */
if (fgets(tmp, INITIAL_BUFFER_SIZE, stdin) == NULL) {
if (ferror(stdin)) {
DEBUG(1, ("fgets() failed! dying..... errno=%d "
"(%s)\n", ferror(stdin),
strerror(ferror(stdin))));
exit(1); /* BIIG buffer */
}
exit(0);
}
buf = talloc_strdup_append_buffer(buf, tmp);
buf_size += INITIAL_BUFFER_SIZE;
if (buf_size > MAX_BUFFER_SIZE) {
DEBUG(0, ("Invalid Request (too large)\n"));
x_fprintf(x_stdout, "ERR\n");
talloc_free(buf);
return;
}
c = strchr(buf, '\n');
} while (c == NULL);
*c = '\0';
length = c-buf;
DEBUG(10, ("Got '%s' from squid (length: %d).\n",buf,length));
if (buf[0] == '\0') {
DEBUG(0, ("Invalid Request (empty)\n"));
x_fprintf(x_stdout, "ERR\n");
talloc_free(buf);
return;
}
if (opt_multiplex) {
if (sscanf(buf, "%u ", &mux_id) != 1) {
DEBUG(0, ("Invalid Request - no multiplex id\n"));
x_fprintf(x_stdout, "ERR\n");
talloc_free(buf);
return;
}
if (!mux_private) {
mux_private = talloc(NULL, struct mux_private);
mux_private->max_mux = 0;
mux_private->private_pointers = NULL;
}
c=strchr(buf,' ');
if (!c) {
DEBUG(0, ("Invalid Request - no data after multiplex id\n"));
x_fprintf(x_stdout, "ERR\n");
talloc_free(buf);
return;
}
c++;
if (mux_id >= mux_private->max_mux) {
unsigned int prev_max = mux_private->max_mux;
mux_private->max_mux = mux_id + 1;
mux_private->private_pointers
= talloc_realloc(mux_private,
mux_private->private_pointers,
void *, mux_private->max_mux);
memset(&mux_private->private_pointers[prev_max], '\0',
(sizeof(*mux_private->private_pointers) * (mux_private->max_mux - prev_max)));
};
static void callback(const char *sname, uint32 stype,
const char *comment, void *state)
{
x_fprintf(fp,"\"%s\" %08X \"%s\"\n", sname, stype, comment);
}
/*
* Create a spoiler file for monsters
*/
static void spoil_mon_desc(cptr fname)
{
int i, n = 0;
char buf[1024];
/* We use either ascii or system-specific encoding */
int encoding = (xchars_to_file) ? SYSTEM_SPECIFIC : ASCII;
char nam[DESC_LEN];
char lev[32];
char rar[32];
char spd[32];
char ac[32];
char hp[32];
char exp[32];
u16b *who;
u16b why = 2;
/* Build the filename */
(void)path_build(buf, sizeof(buf), ANGBAND_DIR_INFO, fname);
/* File type is "TEXT" */
FILE_TYPE(FILE_TYPE_TEXT);
/* Open the file */
fff = my_fopen(buf, "w");
/* Oops */
if (!fff)
{
msg_print("Cannot create spoiler file.");
return;
}
/* Dump to the spoiler file */
text_out_hook = text_out_to_file;
text_out_file = fff;
/* Print header */
print_header("Brief Monster");
/* Dump the header */
fprintf(fff, "%-40.40s%4s%4s%6s%8s%4s %11.11s\n",
"Name", "Lev", "Rar", "Spd", "Hp", "Ac", "Visual Info");
fprintf(fff, "%-40.40s%4s%4s%6s%8s%4s %11.11s\n",
"----", "---", "---", "---", "--", "--", "-----------");
/* Allocate the "who" array */
C_MAKE(who, z_info->r_max, u16b);
/* Scan the monsters */
for (i = 1; i < z_info->r_max; i++)
{
monster_race *r_ptr = &r_info[i];
/* Use that monster */
if (r_ptr->name) who[n++] = (u16b)i;
}
/* Select the sort method */
ang_sort_comp = ang_sort_comp_hook;
ang_sort_swap = ang_sort_swap_hook;
/* Sort the array by dungeon depth of monsters */
ang_sort(who, &why, n);
/* Scan again */
for (i = 0; i < n; i++)
{
monster_race *r_ptr = &r_info[who[i]];
cptr name = (r_name + r_ptr->name);
/* Get the "name" */
if (r_ptr->flags1 & (RF1_QUESTOR))
{
(void)strnfmt(nam, sizeof(nam), "[Q] %s", name);
}
else if (r_ptr->flags1 & (RF1_UNIQUE))
{
(void)strnfmt(nam, sizeof(nam), "[U] %s", name);
}
else
{
(void)strnfmt(nam, sizeof(nam), "The %s", name);
}
/* Level */
(void)strnfmt(lev, sizeof(lev), "%d", r_ptr->level);
/* Rarity */
(void)strnfmt(rar, sizeof(rar), "%d", r_ptr->rarity);
/* Speed */
(void)strnfmt(spd, sizeof(spd), "%+d", (r_ptr->speed - 110));
/* Armor Class */
(void)strnfmt(ac, sizeof(ac), "%d", r_ptr->ac);
/* Hitpoints */
if (r_ptr->flags1 & (RF1_FIXED_HPS))
{
(void)strnfmt(hp, sizeof(hp), "%d", (int)r_ptr->hitpoints);
}
else
{
(void)strnfmt(hp, sizeof(hp), "~%d", (int)r_ptr->hitpoints);
}
/* Experience */
(void)strnfmt(exp, sizeof(exp), "%ld", (long)(r_ptr->mexp));
/* Hack -- use visual instead */
(void)strnfmt(exp, sizeof(exp), "%s '%c'", attr_to_text(r_ptr->d_attr),
r_ptr->d_char);
/* Dump the info */
x_fprintf(fff, encoding, "%-40.40s%4s%4s%6s%8s%4s %11.11s\n",
nam, lev, rar, spd, hp, ac, exp);
}
/* End it */
fprintf(fff, "\n");
/* Free the "who" array */
FREE(who);
/* Check for errors */
if (ferror(fff) || my_fclose(fff))
{
msg_print("Cannot close spoiler file.");
return;
}
/* Worked */
msg_print("Successfully created a spoiler file.");
}
/*
* Create a spoiler file for artifacts
*/
static void spoil_artifact(cptr fname)
{
int i, j;
object_type *i_ptr;
object_type object_type_body;
char buf[1024];
/* We use either ascii or system-specific encoding */
int encoding = (xchars_to_file) ? SYSTEM_SPECIFIC : ASCII;
/* Build the filename */
(void)path_build(buf, sizeof(buf), ANGBAND_DIR_INFO, fname);
/* File type is "TEXT" */
FILE_TYPE(FILE_TYPE_TEXT);
/* Open the file */
fff = my_fopen(buf, "w");
/* Oops */
if (!fff)
{
msg_print("Cannot create spoiler file.");
return;
}
/* Dump to the spoiler file */
text_out_hook = text_out_to_file;
text_out_file = fff;
/* Dump the header */
print_header("Artifact");
/* List the artifacts by tval */
for (i = 0; group_artifact[i].tval; i++)
{
/* Write out the group title */
if (group_artifact[i].name)
{
spoiler_blanklines(2);
spoiler_underline(group_artifact[i].name);
spoiler_blanklines(1);
}
/* Now search through all of the artifacts */
for (j = 0; j < z_info->a_max; ++j)
{
artifact_type *a_ptr = &a_info[j];
/* We only want objects in the current group */
if (a_ptr->tval != group_artifact[i].tval) continue;
/* Get local object */
i_ptr = &object_type_body;
/* Attempt to create the artifact */
if (!make_fake_artifact(i_ptr, j)) continue;
/* Get this artifact */
a_ptr = &a_info[i_ptr->artifact_index];
/* Write a description of the artifact */
object_desc_store(buf, sizeof(buf), i_ptr, TRUE, 1);
x_fprintf(fff, encoding, buf);
fprintf(fff, "\n");
/* Write pval, flag, and activation information */
dump_obj_attrib(fff, i_ptr, 2);
/* Write level, rarity, and weight */
if (use_metric) fprintf(fff, " Level %u, Rarity %u, %d.%d kgs, "
"%ld Gold", a_ptr->level, a_ptr->rarity,
make_metric(a_ptr->weight) / 10, make_metric(a_ptr->weight) % 10,
a_ptr->cost);
else fprintf(fff, " Level %u, Rarity %u, %d.%d lbs, "
"%ld Gold", a_ptr->level, a_ptr->rarity,
a_ptr->weight / 10, a_ptr->weight % 10, (long)a_ptr->cost);
/* Insert a spacer line */
fprintf(fff, "\n\n");
}
}
/* Check for errors */
if (ferror(fff) || my_fclose(fff))
{
msg_print("Cannot close spoiler file.");
return;
}
/* Message */
msg_print("Successfully created a spoiler file.");
}
int
main() {
x_fprintf(stdout, "hello wolrld %s, %d %ld\n",
"hehe", "hm"[1], 34722777);
}
static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
char *buf, int length)
{
static NTLMSSP_STATE *ntlmssp_state = NULL;
SPNEGO_DATA request, response;
DATA_BLOB token;
NTSTATUS status;
ssize_t len;
char *user = NULL;
char *domain = NULL;
const char *reply_code;
char *reply_base64;
pstring reply_argument;
if (strlen(buf) < 2) {
DEBUG(1, ("SPENGO query [%s] invalid", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
if (strncmp(buf, "YR", 2) == 0) {
if (ntlmssp_state)
ntlmssp_end(&ntlmssp_state);
} else if (strncmp(buf, "KK", 2) == 0) {
} else {
DEBUG(1, ("SPENGO query [%s] invalid", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
if ( (strlen(buf) == 2)) {
/* no client data, get the negTokenInit offering
mechanisms */
offer_gss_spnego_mechs();
return;
}
/* All subsequent requests have a blob. This might be negTokenInit or negTokenTarg */
if (strlen(buf) <= 3) {
DEBUG(1, ("GSS-SPNEGO query [%s] invalid\n", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
token = base64_decode_data_blob(buf + 3);
len = read_spnego_data(token, &request);
data_blob_free(&token);
if (len == -1) {
DEBUG(1, ("GSS-SPNEGO query [%s] invalid", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
if (request.type == SPNEGO_NEG_TOKEN_INIT) {
/* Second request from Client. This is where the
client offers its mechanism to use. */
if ( (request.negTokenInit.mechTypes == NULL) ||
(request.negTokenInit.mechTypes[0] == NULL) ) {
DEBUG(1, ("Client did not offer any mechanism"));
x_fprintf(x_stdout, "BH\n");
return;
}
status = NT_STATUS_UNSUCCESSFUL;
if (strcmp(request.negTokenInit.mechTypes[0], OID_NTLMSSP) == 0) {
if ( request.negTokenInit.mechToken.data == NULL ) {
DEBUG(1, ("Client did not provide NTLMSSP data\n"));
x_fprintf(x_stdout, "BH\n");
return;
}
if ( ntlmssp_state != NULL ) {
DEBUG(1, ("Client wants a new NTLMSSP challenge, but "
"already got one\n"));
x_fprintf(x_stdout, "BH\n");
ntlmssp_end(&ntlmssp_state);
return;
}
if (!NT_STATUS_IS_OK(status = ntlm_auth_start_ntlmssp_server(&ntlmssp_state))) {
x_fprintf(x_stdout, "BH %s\n", nt_errstr(status));
return;
}
DEBUG(10, ("got NTLMSSP packet:\n"));
dump_data(10, (const char *)request.negTokenInit.mechToken.data,
request.negTokenInit.mechToken.length);
response.type = SPNEGO_NEG_TOKEN_TARG;
response.negTokenTarg.supportedMech = SMB_STRDUP(OID_NTLMSSP);
response.negTokenTarg.mechListMIC = data_blob(NULL, 0);
status = ntlmssp_update(ntlmssp_state,
request.negTokenInit.mechToken,
&response.negTokenTarg.responseToken);
}
#ifdef HAVE_KRB5
if (strcmp(request.negTokenInit.mechTypes[0], OID_KERBEROS5_OLD) == 0) {
TALLOC_CTX *mem_ctx = talloc_init("manage_gss_spnego_request");
char *principal;
DATA_BLOB ap_rep;
DATA_BLOB session_key;
if ( request.negTokenInit.mechToken.data == NULL ) {
DEBUG(1, ("Client did not provide Kerberos data\n"));
x_fprintf(x_stdout, "BH\n");
return;
}
response.type = SPNEGO_NEG_TOKEN_TARG;
response.negTokenTarg.supportedMech = SMB_STRDUP(OID_KERBEROS5_OLD);
response.negTokenTarg.mechListMIC = data_blob(NULL, 0);
response.negTokenTarg.responseToken = data_blob(NULL, 0);
status = ads_verify_ticket(mem_ctx, lp_realm(), 0,
&request.negTokenInit.mechToken,
&principal, NULL, &ap_rep,
&session_key);
talloc_destroy(mem_ctx);
/* Now in "principal" we have the name we are
authenticated as. */
if (NT_STATUS_IS_OK(status)) {
domain = strchr_m(principal, '@');
if (domain == NULL) {
DEBUG(1, ("Did not get a valid principal "
"from ads_verify_ticket\n"));
x_fprintf(x_stdout, "BH\n");
return;
}
*domain++ = '\0';
domain = SMB_STRDUP(domain);
user = SMB_STRDUP(principal);
data_blob_free(&ap_rep);
SAFE_FREE(principal);
}
}
#endif
} else {
if ( (request.negTokenTarg.supportedMech == NULL) ||
( strcmp(request.negTokenTarg.supportedMech, OID_NTLMSSP) != 0 ) ) {
/* Kerberos should never send a negTokenTarg, OID_NTLMSSP
is the only one we support that sends this stuff */
DEBUG(1, ("Got a negTokenTarg for something non-NTLMSSP: %s\n",
request.negTokenTarg.supportedMech));
x_fprintf(x_stdout, "BH\n");
return;
}
if (request.negTokenTarg.responseToken.data == NULL) {
DEBUG(1, ("Got a negTokenTarg without a responseToken!\n"));
x_fprintf(x_stdout, "BH\n");
return;
}
status = ntlmssp_update(ntlmssp_state,
request.negTokenTarg.responseToken,
&response.negTokenTarg.responseToken);
response.type = SPNEGO_NEG_TOKEN_TARG;
response.negTokenTarg.supportedMech = SMB_STRDUP(OID_NTLMSSP);
response.negTokenTarg.mechListMIC = data_blob(NULL, 0);
if (NT_STATUS_IS_OK(status)) {
user = SMB_STRDUP(ntlmssp_state->user);
domain = SMB_STRDUP(ntlmssp_state->domain);
ntlmssp_end(&ntlmssp_state);
}
}
free_spnego_data(&request);
if (NT_STATUS_IS_OK(status)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED;
reply_code = "AF";
pstr_sprintf(reply_argument, "%s\\%s", domain, user);
} else if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE;
reply_code = "TT";
pstr_sprintf(reply_argument, "*");
} else {
response.negTokenTarg.negResult = SPNEGO_REJECT;
reply_code = "NA";
pstrcpy(reply_argument, nt_errstr(status));
}
SAFE_FREE(user);
SAFE_FREE(domain);
len = write_spnego_data(&token, &response);
free_spnego_data(&response);
if (len == -1) {
DEBUG(1, ("Could not write SPNEGO data blob\n"));
x_fprintf(x_stdout, "BH\n");
return;
}
reply_base64 = base64_encode_data_blob(token);
x_fprintf(x_stdout, "%s %s %s\n",
reply_code, reply_base64, reply_argument);
SAFE_FREE(reply_base64);
data_blob_free(&token);
return;
}
static void manage_client_ntlmssp_request(enum stdio_helper_mode stdio_helper_mode,
char *buf, int length)
{
static NTLMSSP_STATE *ntlmssp_state = NULL;
DATA_BLOB request, reply;
NTSTATUS nt_status;
BOOL first = False;
if (strlen(buf) < 2) {
DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
if (strlen(buf) > 3) {
request = base64_decode_data_blob(buf + 3);
} else {
request = data_blob(NULL, 0);
}
if (strncmp(buf, "PW ", 3) == 0) {
/* We asked for a password and obviously got it :-) */
opt_password = SMB_STRNDUP((const char *)request.data, request.length);
if (opt_password == NULL) {
DEBUG(1, ("Out of memory\n"));
x_fprintf(x_stdout, "BH\n");
data_blob_free(&request);
return;
}
x_fprintf(x_stdout, "OK\n");
data_blob_free(&request);
return;
}
if (opt_password == NULL) {
/* Request a password from the calling process. After
sending it, the calling process should retry asking for the negotiate. */
DEBUG(10, ("Requesting password\n"));
x_fprintf(x_stdout, "PW\n");
return;
}
if (strncmp(buf, "YR", 2) == 0) {
if (ntlmssp_state)
ntlmssp_end(&ntlmssp_state);
} else if (strncmp(buf, "TT", 2) == 0) {
} else {
DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
if (!ntlmssp_state) {
if (!NT_STATUS_IS_OK(nt_status = ntlm_auth_start_ntlmssp_client(&ntlmssp_state))) {
x_fprintf(x_stdout, "BH %s\n", nt_errstr(nt_status));
return;
}
first = True;
}
DEBUG(10, ("got NTLMSSP packet:\n"));
dump_data(10, (const char *)request.data, request.length);
nt_status = ntlmssp_update(ntlmssp_state, request, &reply);
if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
char *reply_base64 = base64_encode_data_blob(reply);
if (first) {
x_fprintf(x_stdout, "YR %s\n", reply_base64);
} else {
x_fprintf(x_stdout, "KK %s\n", reply_base64);
}
SAFE_FREE(reply_base64);
data_blob_free(&reply);
DEBUG(10, ("NTLMSSP challenge\n"));
} else if (NT_STATUS_IS_OK(nt_status)) {
char *reply_base64 = base64_encode_data_blob(reply);
x_fprintf(x_stdout, "AF %s\n", reply_base64);
SAFE_FREE(reply_base64);
DEBUG(10, ("NTLMSSP OK!\n"));
if (ntlmssp_state)
ntlmssp_end(&ntlmssp_state);
} else {
x_fprintf(x_stdout, "BH %s\n", nt_errstr(nt_status));
DEBUG(0, ("NTLMSSP BH: %s\n", nt_errstr(nt_status)));
if (ntlmssp_state)
ntlmssp_end(&ntlmssp_state);
}
data_blob_free(&request);
}
static BOOL manage_client_krb5_init(SPNEGO_DATA spnego)
{
char *principal;
DATA_BLOB tkt, to_server;
DATA_BLOB session_key_krb5 = data_blob(NULL, 0);
SPNEGO_DATA reply;
char *reply_base64;
int retval;
const char *my_mechs[] = {OID_KERBEROS5_OLD, NULL};
ssize_t len;
if ( (spnego.negTokenInit.mechListMIC.data == NULL) ||
(spnego.negTokenInit.mechListMIC.length == 0) ) {
DEBUG(1, ("Did not get a principal for krb5\n"));
return False;
}
principal = SMB_MALLOC(spnego.negTokenInit.mechListMIC.length+1);
if (principal == NULL) {
DEBUG(1, ("Could not malloc principal\n"));
return False;
}
memcpy(principal, spnego.negTokenInit.mechListMIC.data,
spnego.negTokenInit.mechListMIC.length);
principal[spnego.negTokenInit.mechListMIC.length] = '\0';
retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5, 0, NULL);
if (retval) {
pstring user;
/* Let's try to first get the TGT, for that we need a
password. */
if (opt_password == NULL) {
DEBUG(10, ("Requesting password\n"));
x_fprintf(x_stdout, "PW\n");
return True;
}
pstr_sprintf(user, "%s@%s", opt_username, opt_domain);
if ((retval = kerberos_kinit_password(user, opt_password, 0, NULL))) {
DEBUG(10, ("Requesting TGT failed: %s\n", error_message(retval)));
return False;
}
retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5, 0, NULL);
if (retval) {
DEBUG(10, ("Kinit suceeded, but getting a ticket failed: %s\n", error_message(retval)));
return False;
}
}
data_blob_free(&session_key_krb5);
ZERO_STRUCT(reply);
reply.type = SPNEGO_NEG_TOKEN_INIT;
reply.negTokenInit.mechTypes = my_mechs;
reply.negTokenInit.reqFlags = 0;
reply.negTokenInit.mechToken = tkt;
reply.negTokenInit.mechListMIC = data_blob(NULL, 0);
len = write_spnego_data(&to_server, &reply);
data_blob_free(&tkt);
if (len == -1) {
DEBUG(1, ("Could not write SPNEGO data blob\n"));
return False;
}
reply_base64 = base64_encode_data_blob(to_server);
x_fprintf(x_stdout, "KK %s *\n", reply_base64);
SAFE_FREE(reply_base64);
data_blob_free(&to_server);
DEBUG(10, ("sent GSS-SPNEGO KERBEROS5 negTokenInit\n"));
return True;
}
static void manage_squid_ntlmssp_request(enum stdio_helper_mode stdio_helper_mode,
char *buf, int length)
{
static NTLMSSP_STATE *ntlmssp_state = NULL;
DATA_BLOB request, reply;
NTSTATUS nt_status;
if (strlen(buf) < 2) {
DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
if (strlen(buf) > 3) {
request = base64_decode_data_blob(buf + 3);
} else {
request = data_blob(NULL, 0);
}
if ((strncmp(buf, "PW ", 3) == 0)) {
/* The calling application wants us to use a local password (rather than winbindd) */
opt_password = SMB_STRNDUP((const char *)request.data, request.length);
if (opt_password == NULL) {
DEBUG(1, ("Out of memory\n"));
x_fprintf(x_stdout, "BH\n");
data_blob_free(&request);
return;
}
x_fprintf(x_stdout, "OK\n");
data_blob_free(&request);
return;
}
if (strncmp(buf, "YR", 2) == 0) {
if (ntlmssp_state)
ntlmssp_end(&ntlmssp_state);
} else if (strncmp(buf, "KK", 2) == 0) {
} else {
DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
if (!ntlmssp_state) {
if (!NT_STATUS_IS_OK(nt_status = ntlm_auth_start_ntlmssp_server(&ntlmssp_state))) {
x_fprintf(x_stdout, "BH %s\n", nt_errstr(nt_status));
return;
}
}
DEBUG(10, ("got NTLMSSP packet:\n"));
dump_data(10, (const char *)request.data, request.length);
nt_status = ntlmssp_update(ntlmssp_state, request, &reply);
if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
char *reply_base64 = base64_encode_data_blob(reply);
x_fprintf(x_stdout, "TT %s\n", reply_base64);
SAFE_FREE(reply_base64);
data_blob_free(&reply);
DEBUG(10, ("NTLMSSP challenge\n"));
} else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCESS_DENIED)) {
x_fprintf(x_stdout, "BH %s\n", nt_errstr(nt_status));
DEBUG(0, ("NTLMSSP BH: %s\n", nt_errstr(nt_status)));
ntlmssp_end(&ntlmssp_state);
} else if (!NT_STATUS_IS_OK(nt_status)) {
x_fprintf(x_stdout, "NA %s\n", nt_errstr(nt_status));
DEBUG(10, ("NTLMSSP %s\n", nt_errstr(nt_status)));
} else {
x_fprintf(x_stdout, "AF %s\n", (char *)ntlmssp_state->auth_context);
DEBUG(10, ("NTLMSSP OK!\n"));
}
data_blob_free(&request);
}
int main(int argc, const char **argv)
{
int opt;
static const char *helper_protocol;
static int diagnostics;
static const char *hex_challenge;
static const char *hex_lm_response;
static const char *hex_nt_response;
poptContext pc;
/* NOTE: DO NOT change this interface without considering the implications!
This is an external interface, which other programs will use to interact
with this helper.
*/
/* We do not use single-letter command abbreviations, because they harm future
interface stability. */
struct poptOption long_options[] = {
POPT_AUTOHELP
{ "helper-protocol", 0, POPT_ARG_STRING, &helper_protocol, OPT_DOMAIN, "operate as a stdio-based helper", "helper protocol to use"},
{ "username", 0, POPT_ARG_STRING, &opt_username, OPT_USERNAME, "username"},
{ "domain", 0, POPT_ARG_STRING, &opt_domain, OPT_DOMAIN, "domain name"},
{ "workstation", 0, POPT_ARG_STRING, &opt_workstation, OPT_WORKSTATION, "workstation"},
{ "challenge", 0, POPT_ARG_STRING, &hex_challenge, OPT_CHALLENGE, "challenge (HEX encoded)"},
{ "lm-response", 0, POPT_ARG_STRING, &hex_lm_response, OPT_LM, "LM Response to the challenge (HEX encoded)"},
{ "nt-response", 0, POPT_ARG_STRING, &hex_nt_response, OPT_NT, "NT or NTLMv2 Response to the challenge (HEX encoded)"},
{ "password", 0, POPT_ARG_STRING, &opt_password, OPT_PASSWORD, "User's plaintext password"},
{ "request-lm-key", 0, POPT_ARG_NONE, &request_lm_key, OPT_LM_KEY, "Retrieve LM session key"},
{ "request-nt-key", 0, POPT_ARG_NONE, &request_user_session_key, OPT_USER_SESSION_KEY, "Retrieve User (NT) session key"},
{ "diagnostics", 0, POPT_ARG_NONE, &diagnostics, OPT_DIAGNOSTICS, "Perform diagnostics on the authentictaion chain"},
{ "require-membership-of", 0, POPT_ARG_STRING, &require_membership_of, OPT_REQUIRE_MEMBERSHIP, "Require that a user be a member of this group (either name or SID) for authentication to succeed" },
POPT_COMMON_SAMBA
POPT_TABLEEND
};
/* Samba client initialisation */
load_case_tables();
dbf = x_stderr;
/* Samba client initialisation */
if (!lp_load(dyn_CONFIGFILE, True, False, False, True)) {
d_fprintf(stderr, "ntlm_auth: error opening config file %s. Error was %s\n",
dyn_CONFIGFILE, strerror(errno));
exit(1);
}
/* Parse options */
pc = poptGetContext("ntlm_auth", argc, argv, long_options, 0);
/* Parse command line options */
if (argc == 1) {
poptPrintHelp(pc, stderr, 0);
return 1;
}
pc = poptGetContext(NULL, argc, (const char **)argv, long_options,
POPT_CONTEXT_KEEP_FIRST);
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_CHALLENGE:
opt_challenge = strhex_to_data_blob(NULL, hex_challenge);
if (opt_challenge.length != 8) {
x_fprintf(x_stderr, "hex decode of %s failed! (only got %d bytes)\n",
hex_challenge,
(int)opt_challenge.length);
exit(1);
}
break;
case OPT_LM:
opt_lm_response = strhex_to_data_blob(NULL, hex_lm_response);
if (opt_lm_response.length != 24) {
x_fprintf(x_stderr, "hex decode of %s failed! (only got %d bytes)\n",
hex_lm_response,
(int)opt_lm_response.length);
exit(1);
}
break;
case OPT_NT:
opt_nt_response = strhex_to_data_blob(NULL, hex_nt_response);
if (opt_nt_response.length < 24) {
x_fprintf(x_stderr, "hex decode of %s failed! (only got %d bytes)\n",
hex_nt_response,
(int)opt_nt_response.length);
exit(1);
}
break;
case OPT_REQUIRE_MEMBERSHIP:
if (StrnCaseCmp("S-", require_membership_of, 2) == 0) {
require_membership_of_sid = require_membership_of;
}
break;
}
}
if (opt_username) {
char *domain = SMB_STRDUP(opt_username);
char *p = strchr_m(domain, *lp_winbind_separator());
if (p) {
opt_username = p+1;
*p = '\0';
if (opt_domain && !strequal(opt_domain, domain)) {
x_fprintf(x_stderr, "Domain specified in username (%s) "
"doesn't match specified domain (%s)!\n\n",
domain, opt_domain);
poptPrintHelp(pc, stderr, 0);
exit(1);
}
opt_domain = domain;
} else {
SAFE_FREE(domain);
}
}
if (opt_domain == NULL || !*opt_domain) {
opt_domain = get_winbind_domain();
}
if (opt_workstation == NULL) {
opt_workstation = "";
}
if (helper_protocol) {
int i;
for (i=0; i<NUM_HELPER_MODES; i++) {
if (strcmp(helper_protocol, stdio_helper_protocols[i].name) == 0) {
squid_stream(stdio_helper_protocols[i].mode, stdio_helper_protocols[i].fn);
exit(0);
}
}
x_fprintf(x_stderr, "unknown helper protocol [%s]\n\nValid helper protools:\n\n", helper_protocol);
for (i=0; i<NUM_HELPER_MODES; i++) {
x_fprintf(x_stderr, "%s\n", stdio_helper_protocols[i].name);
}
exit(1);
}
if (!opt_username || !*opt_username) {
x_fprintf(x_stderr, "username must be specified!\n\n");
poptPrintHelp(pc, stderr, 0);
exit(1);
}
if (opt_challenge.length) {
if (!check_auth_crap()) {
exit(1);
}
exit(0);
}
if (!opt_password) {
opt_password = getpass("password: "******"%s%c%s", opt_domain, winbind_separator(), opt_username);
if (!check_plaintext_auth(user, opt_password, True)) {
return 1;
}
}
/* Exit code */
poptFreeContext(pc);
return 0;
}
/*
* Show what monster races appear on the current level
*/
static void spoil_mon_gen(cptr fname)
{
int i, num;
/* Storage */
u32b monster[1000];
u32b depth[MAX_DEPTH];
char buf[1024];
/* We use either ascii or system-specific encoding */
int encoding = (xchars_to_file) ? SYSTEM_SPECIFIC : ASCII;
/* Build the filename */
(void)path_build(buf, sizeof(buf), ANGBAND_DIR_INFO, fname);
/* File type is "TEXT" */
FILE_TYPE(FILE_TYPE_TEXT);
/* Open the file */
fff = my_fopen(buf, "w");
/* Oops */
if (!fff)
{
msg_print("Cannot create spoiler file.");
return;
}
/* Dump to the spoiler file */
text_out_hook = text_out_to_file;
text_out_file = fff;
/* Print header */
print_header("Monster Generation");
/* Clear storage. */
for (i = 0; i < z_info->r_max; i++)
{
monster[i] = 0L;
}
/* Clear storage. */
for (i = 0; i < MAX_DEPTH; i++)
{
depth[i] = 0L;
}
msg_print("This may take a while...");
if (!fresh_after) (void)Term_fresh();
/* Make a lot of monsters, and print their names out. */
for (i = 0L; i < 1000000L; i++)
{
if (i % 10000 == 0)
{
prt(format("%ld monsters created", (long)i), 0, 0);
if (!fresh_after) (void)Term_fresh();
}
/* Get a monster index */
num = get_mon_num(p_ptr->depth);
/* Count monster races. */
monster[num] += 1L;
/* Count monsters of that level. */
depth[r_info[num].level] += 1L;
}
/* Print to file. */
fprintf(fff, "\n\n\n");
fprintf(fff, "Number of monsters of various kinds (1,000,000 total)\n");
fprintf(fff, " Generation Level: %d\n\n", p_ptr->depth);
for (i = 1; i < z_info->r_max; i++)
{
monster_race *r_ptr = &r_info[i];
cptr name = (r_name + r_ptr->name);
if (monster[i])
{
x_fprintf(fff, encoding, "%-45s:%6ld\n", name, (long)monster[i]);
}
}
fprintf(fff, "\n\n\n");
fprintf(fff, "Monster distribution by depth\n\n");
for (i = 0; i < MAX_DEPTH; i++)
{
if (depth[i]) fprintf(fff, "Level %3d:%6ld\n", i, (long)depth[i]);
}
/* Check for errors */
if (ferror(fff) || my_fclose(fff))
{
msg_print("Cannot close spoiler file.");
return;
}
/* Message */
msg_print("Successfully created a spoiler file.");
}
static void manage_gss_spnego_client_request(enum stdio_helper_mode stdio_helper_mode,
char *buf, int length)
{
DATA_BLOB request;
SPNEGO_DATA spnego;
ssize_t len;
if (strlen(buf) <= 3) {
DEBUG(1, ("SPNEGO query [%s] too short\n", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
request = base64_decode_data_blob(buf+3);
if (strncmp(buf, "PW ", 3) == 0) {
/* We asked for a password and obviously got it :-) */
opt_password = SMB_STRNDUP((const char *)request.data, request.length);
if (opt_password == NULL) {
DEBUG(1, ("Out of memory\n"));
x_fprintf(x_stdout, "BH\n");
data_blob_free(&request);
return;
}
x_fprintf(x_stdout, "OK\n");
data_blob_free(&request);
return;
}
if ( (strncmp(buf, "TT ", 3) != 0) &&
(strncmp(buf, "AF ", 3) != 0) &&
(strncmp(buf, "NA ", 3) != 0) ) {
DEBUG(1, ("SPNEGO request [%s] invalid\n", buf));
x_fprintf(x_stdout, "BH\n");
data_blob_free(&request);
return;
}
/* So we got a server challenge to generate a SPNEGO
client-to-server request... */
len = read_spnego_data(request, &spnego);
data_blob_free(&request);
if (len == -1) {
DEBUG(1, ("Could not read SPNEGO data for [%s]\n", buf));
x_fprintf(x_stdout, "BH\n");
return;
}
if (spnego.type == SPNEGO_NEG_TOKEN_INIT) {
/* The server offers a list of mechanisms */
const char **mechType = (const char **)spnego.negTokenInit.mechTypes;
while (*mechType != NULL) {
#ifdef HAVE_KRB5
if ( (strcmp(*mechType, OID_KERBEROS5_OLD) == 0) ||
(strcmp(*mechType, OID_KERBEROS5) == 0) ) {
if (manage_client_krb5_init(spnego))
goto out;
}
#endif
if (strcmp(*mechType, OID_NTLMSSP) == 0) {
if (manage_client_ntlmssp_init(spnego))
goto out;
}
mechType++;
}
DEBUG(1, ("Server offered no compatible mechanism\n"));
x_fprintf(x_stdout, "BH\n");
return;
}
if (spnego.type == SPNEGO_NEG_TOKEN_TARG) {
if (spnego.negTokenTarg.supportedMech == NULL) {
/* On accept/reject Windows does not send the
mechanism anymore. Handle that here and
shut down the mechanisms. */
switch (spnego.negTokenTarg.negResult) {
case SPNEGO_ACCEPT_COMPLETED:
x_fprintf(x_stdout, "AF\n");
break;
case SPNEGO_REJECT:
x_fprintf(x_stdout, "NA\n");
break;
default:
DEBUG(1, ("Got a negTokenTarg with no mech and an "
"unknown negResult: %d\n",
spnego.negTokenTarg.negResult));
x_fprintf(x_stdout, "BH\n");
}
ntlmssp_end(&client_ntlmssp_state);
goto out;
}
if (strcmp(spnego.negTokenTarg.supportedMech,
OID_NTLMSSP) == 0) {
manage_client_ntlmssp_targ(spnego);
goto out;
}
#if HAVE_KRB5
if (strcmp(spnego.negTokenTarg.supportedMech,
OID_KERBEROS5_OLD) == 0) {
manage_client_krb5_targ(spnego);
goto out;
}
#endif
}
DEBUG(1, ("Got an SPNEGO token I could not handle [%s]!\n", buf));
x_fprintf(x_stdout, "BH\n");
return;
out:
free_spnego_data(&spnego);
return;
}
static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mode,
char *buf, int length)
{
char *request, *parameter;
static DATA_BLOB challenge;
static DATA_BLOB lm_response;
static DATA_BLOB nt_response;
static char *full_username;
static char *username;
static char *domain;
static char *plaintext_password;
static BOOL ntlm_server_1_user_session_key;
static BOOL ntlm_server_1_lm_session_key;
if (strequal(buf, ".")) {
if (!full_username && !username) {
x_fprintf(x_stdout, "Error: No username supplied!\n");
} else if (plaintext_password) {
/* handle this request as plaintext */
if (!full_username) {
if (asprintf(&full_username, "%s%c%s", domain, winbind_separator(), username) == -1) {
x_fprintf(x_stdout, "Error: Out of memory in asprintf!\n.\n");
return;
}
}
if (check_plaintext_auth(full_username, plaintext_password, False)) {
x_fprintf(x_stdout, "Authenticated: Yes\n");
} else {
x_fprintf(x_stdout, "Authenticated: No\n");
}
} else if (!lm_response.data && !nt_response.data) {
x_fprintf(x_stdout, "Error: No password supplied!\n");
} else if (!challenge.data) {
x_fprintf(x_stdout, "Error: No lanman-challenge supplied!\n");
} else {
char *error_string = NULL;
uchar lm_key[8];
uchar user_session_key[16];
uint32 flags = 0;
if (full_username && !username) {
fstring fstr_user;
fstring fstr_domain;
if (!parse_ntlm_auth_domain_user(full_username, fstr_user, fstr_domain)) {
/* username might be 'tainted', don't print into our new-line deleimianted stream */
x_fprintf(x_stdout, "Error: Could not parse into domain and username\n");
}
SAFE_FREE(username);
SAFE_FREE(domain);
username = smb_xstrdup(fstr_user);
domain = smb_xstrdup(fstr_domain);
}
if (!domain) {
domain = smb_xstrdup(get_winbind_domain());
}
if (ntlm_server_1_lm_session_key)
flags |= WBFLAG_PAM_LMKEY;
if (ntlm_server_1_user_session_key)
flags |= WBFLAG_PAM_USER_SESSION_KEY;
if (!NT_STATUS_IS_OK(
contact_winbind_auth_crap(username,
domain,
global_myname(),
&challenge,
&lm_response,
&nt_response,
flags,
lm_key,
user_session_key,
&error_string,
NULL))) {
x_fprintf(x_stdout, "Authenticated: No\n");
x_fprintf(x_stdout, "Authentication-Error: %s\n.\n", error_string);
SAFE_FREE(error_string);
} else {
static char zeros[16];
char *hex_lm_key;
char *hex_user_session_key;
x_fprintf(x_stdout, "Authenticated: Yes\n");
if (ntlm_server_1_lm_session_key
&& (memcmp(zeros, lm_key,
sizeof(lm_key)) != 0)) {
hex_lm_key = hex_encode(NULL,
(const unsigned char *)lm_key,
sizeof(lm_key));
x_fprintf(x_stdout, "LANMAN-Session-Key: %s\n", hex_lm_key);
TALLOC_FREE(hex_lm_key);
}
if (ntlm_server_1_user_session_key
&& (memcmp(zeros, user_session_key,
sizeof(user_session_key)) != 0)) {
hex_user_session_key = hex_encode(NULL,
(const unsigned char *)user_session_key,
sizeof(user_session_key));
x_fprintf(x_stdout, "User-Session-Key: %s\n", hex_user_session_key);
TALLOC_FREE(hex_user_session_key);
}
}
}
/* clear out the state */
challenge = data_blob(NULL, 0);
nt_response = data_blob(NULL, 0);
lm_response = data_blob(NULL, 0);
SAFE_FREE(full_username);
SAFE_FREE(username);
SAFE_FREE(domain);
SAFE_FREE(plaintext_password);
ntlm_server_1_user_session_key = False;
ntlm_server_1_lm_session_key = False;
x_fprintf(x_stdout, ".\n");
return;
}
request = buf;
/* Indicates a base64 encoded structure */
parameter = strstr_m(request, ":: ");
if (!parameter) {
parameter = strstr_m(request, ": ");
if (!parameter) {
DEBUG(0, ("Parameter not found!\n"));
x_fprintf(x_stdout, "Error: Parameter not found!\n.\n");
return;
}
parameter[0] ='\0';
parameter++;
parameter[0] ='\0';
parameter++;
} else {
parameter[0] ='\0';
parameter++;
parameter[0] ='\0';
parameter++;
parameter[0] ='\0';
parameter++;
base64_decode_inplace(parameter);
}
if (strequal(request, "LANMAN-Challenge")) {
challenge = strhex_to_data_blob(NULL, parameter);
if (challenge.length != 8) {
x_fprintf(x_stdout, "Error: hex decode of %s failed! (got %d bytes, expected 8)\n.\n",
parameter,
(int)challenge.length);
challenge = data_blob(NULL, 0);
}
} else if (strequal(request, "NT-Response")) {
nt_response = strhex_to_data_blob(NULL, parameter);
if (nt_response.length < 24) {
x_fprintf(x_stdout, "Error: hex decode of %s failed! (only got %d bytes, needed at least 24)\n.\n",
parameter,
(int)nt_response.length);
nt_response = data_blob(NULL, 0);
}
} else if (strequal(request, "LANMAN-Response")) {
lm_response = strhex_to_data_blob(NULL, parameter);
if (lm_response.length != 24) {
x_fprintf(x_stdout, "Error: hex decode of %s failed! (got %d bytes, expected 24)\n.\n",
parameter,
(int)lm_response.length);
lm_response = data_blob(NULL, 0);
}
} else if (strequal(request, "Password")) {
plaintext_password = smb_xstrdup(parameter);
} else if (strequal(request, "NT-Domain")) {
domain = smb_xstrdup(parameter);
} else if (strequal(request, "Username")) {
username = smb_xstrdup(parameter);
} else if (strequal(request, "Full-Username")) {
full_username = smb_xstrdup(parameter);
} else if (strequal(request, "Request-User-Session-Key")) {
ntlm_server_1_user_session_key = strequal(parameter, "Yes");
} else if (strequal(request, "Request-LanMan-Session-Key")) {
ntlm_server_1_lm_session_key = strequal(parameter, "Yes");
} else {
x_fprintf(x_stdout, "Error: Unknown request %s\n.\n", request);
}
}
