krb5_error_code _kdc_do_kaserver(krb5_context context, krb5_kdc_configuration *config, unsigned char *buf, size_t len, krb5_data *reply, const char *from, struct sockaddr_in *addr) { krb5_error_code ret = 0; struct rx_header hdr; uint32_t op; krb5_storage *sp; if (len < RX_HEADER_SIZE) return -1; sp = krb5_storage_from_mem (buf, len); ret = decode_rx_header (sp, &hdr); if (ret) goto out; buf += RX_HEADER_SIZE; len -= RX_HEADER_SIZE; switch (hdr.type) { case HT_DATA : break; case HT_ACK : case HT_BUSY : case HT_ABORT : case HT_ACKALL : case HT_CHAL : case HT_RESP : case HT_DEBUG : default: /* drop */ goto out; } if (hdr.serviceid != KA_AUTHENTICATION_SERVICE && hdr.serviceid != KA_TICKET_GRANTING_SERVICE) { ret = -1; goto out; } ret = krb5_ret_uint32(sp, &op); if (ret) goto out; switch (op) { case AUTHENTICATE : case AUTHENTICATE_V2 : do_authenticate (context, config, &hdr, sp, addr, from, reply); break; case GETTICKET : do_getticket (context, config, &hdr, sp, addr, from, reply); break; case AUTHENTICATE_OLD : case CHANGEPASSWORD : case GETTICKET_OLD : case SETPASSWORD : case SETFIELDS : case CREATEUSER : case DELETEUSER : case GETENTRY : case LISTENTRY : case GETSTATS : case DEBUG : case GETPASSWORD : case GETRANDOMKEY : default : make_error_reply (&hdr, RXGEN_OPCODE, reply); break; } out: krb5_storage_free (sp); return ret; }
int manage_request(char *target_domain) { char buf[BUFFER_SIZE + 1]; char *c, *decoded; ntlmhdr *fast_header; int oversized = 0; try_again: if (fgets(buf, BUFFER_SIZE, stdin) == NULL) return 0; c = memchr(buf, '\n', BUFFER_SIZE); if (c) { if (oversized) { helperfail("illegal request received"); warn("Illegal request received: '%s'\n", buf); return 1; } *c = '\0'; } else { warn("No newline in '%s'\n", buf); oversized = 1; goto try_again; } debug("Got '%s' from squid.\n", buf); if (memcmp(buf, "YR", 2) == 0) { /* refresh-request */ sendchallenge(ntlm_make_challenge(target_domain, NULL, build_challenge(), CHALLENGE_LEN)); return 1; } if (strncmp(buf, "KK ", 3) != 0) { /* not an auth-request */ helperfail("illegal request received"); warn("Illegal request received: '%s'\n", buf); return 1; } /* At this point I'm sure it's a KK */ decoded = base64_decode(buf + 3); if (!decoded) { /* decoding failure, return error */ authfail("-", "-", "Auth-format error, base64-decoding error"); return 1; } fast_header = (struct _ntlmhdr *) decoded; /* sanity-check: it IS a NTLMSSP packet, isn't it? */ if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) { authfail("-", "-", "Broken NTLM packet, missing NTLMSSP signature"); return 1; } /* Understand what we got */ switch WSWAP(fast_header->type) { case NTLM_NEGOTIATE: authfail("-", "-", "Received neg-request while expecting auth packet"); return 1; case NTLM_CHALLENGE: authfail("-", "-", "Received challenge. Refusing to abide"); return 1; case NTLM_AUTHENTICATE: do_authenticate((ntlm_authenticate *) decoded, (strlen(buf) - 3) * 3 / 4); return 1; default: helperfail("Unknown authentication packet type"); return 1; } /* notreached */ return 1; }