2004-04-12 14:19:48 +00:00
/*
Unix SMB / CIFS implementation .
Winbind status program .
Copyright ( C ) Tim Potter 2000 - 2003
Copyright ( C ) Andrew Bartlett < abartlet @ samba . org > 2003 - 2004
Copyright ( C ) Francesco Chemolli < kinkie @ kame . usr . dsi . unimi . it > 2000
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 19:25:36 +00:00
the Free Software Foundation ; either version 3 of the License , or
2004-04-12 14:19:48 +00:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 00:52:41 +00:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2004-04-12 14:19:48 +00:00
*/
# include "includes.h"
2004-10-07 04:01:18 +00:00
# include "utils/ntlm_auth.h"
2009-03-16 21:27:58 +11:00
# include "../libcli/auth/libcli_auth.h"
2010-08-18 12:42:49 +02:00
# include "nsswitch/winbind_client.h"
2004-04-12 14:19:48 +00:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_WINBIND
enum ntlm_break {
BREAK_NONE ,
BREAK_LM ,
BREAK_NT ,
NO_LM ,
NO_NT
} ;
/*
Authenticate a user with a challenge / response , checking session key
and valid authentication types
*/
/*
* Test the normal ' LM and NTLM ' combination
*/
2007-10-18 17:40:25 -07:00
static bool test_lm_ntlm_broken ( enum ntlm_break break_which )
2004-04-12 14:19:48 +00:00
{
2007-10-18 17:40:25 -07:00
bool pass = True ;
2004-04-12 14:19:48 +00:00
NTSTATUS nt_status ;
2015-05-06 17:00:06 -07:00
uint32_t flags = 0 ;
2004-04-12 14:19:48 +00:00
DATA_BLOB lm_response = data_blob ( NULL , 24 ) ;
DATA_BLOB nt_response = data_blob ( NULL , 24 ) ;
DATA_BLOB session_key = data_blob ( NULL , 16 ) ;
2017-03-17 11:49:40 +01:00
uint8_t authoritative = 0 ;
2004-04-12 14:19:48 +00:00
uchar lm_key [ 8 ] ;
uchar user_session_key [ 16 ] ;
uchar lm_hash [ 16 ] ;
uchar nt_hash [ 16 ] ;
DATA_BLOB chall = get_challenge ( ) ;
char * error_string ;
ZERO_STRUCT ( lm_key ) ;
ZERO_STRUCT ( user_session_key ) ;
flags | = WBFLAG_PAM_LMKEY ;
flags | = WBFLAG_PAM_USER_SESSION_KEY ;
SMBencrypt ( opt_password , chall . data , lm_response . data ) ;
E_deshash ( opt_password , lm_hash ) ;
SMBNTencrypt ( opt_password , chall . data , nt_response . data ) ;
E_md4hash ( opt_password , nt_hash ) ;
2009-03-16 21:27:58 +11:00
SMBsesskeygen_ntv1 ( nt_hash , session_key . data ) ;
2004-04-12 14:19:48 +00:00
switch ( break_which ) {
case BREAK_NONE :
break ;
case BREAK_LM :
lm_response . data [ 0 ] + + ;
break ;
case BREAK_NT :
nt_response . data [ 0 ] + + ;
break ;
case NO_LM :
data_blob_free ( & lm_response ) ;
break ;
case NO_NT :
data_blob_free ( & nt_response ) ;
break ;
}
nt_status = contact_winbind_auth_crap ( opt_username , opt_domain ,
opt_workstation ,
& chall ,
& lm_response ,
& nt_response ,
2012-02-19 10:56:12 +11:00
flags , 0 ,
2004-04-12 14:19:48 +00:00
lm_key ,
user_session_key ,
2017-03-17 11:49:40 +01:00
& authoritative ,
2004-04-12 14:19:48 +00:00
& error_string , NULL ) ;
data_blob_free ( & lm_response ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
d_printf ( " %s (0x%x) \n " ,
error_string ,
NT_STATUS_V ( nt_status ) ) ;
SAFE_FREE ( error_string ) ;
return break_which = = BREAK_NT ;
}
if ( memcmp ( lm_hash , lm_key ,
sizeof ( lm_key ) ) ! = 0 ) {
DEBUG ( 1 , ( " LM Key does not match expectations! \n " ) ) ;
DEBUG ( 1 , ( " lm_key: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , lm_key , 8 ) ;
2004-04-12 14:19:48 +00:00
DEBUG ( 1 , ( " expected: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , lm_hash , 8 ) ;
2004-04-12 14:19:48 +00:00
pass = False ;
}
if ( break_which = = NO_NT ) {
if ( memcmp ( lm_hash , user_session_key ,
8 ) ! = 0 ) {
DEBUG ( 1 , ( " NT Session Key does not match expectations (should be LM hash)! \n " ) ) ;
DEBUG ( 1 , ( " user_session_key: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , user_session_key , sizeof ( user_session_key ) ) ;
2004-04-12 14:19:48 +00:00
DEBUG ( 1 , ( " expected: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , lm_hash , sizeof ( lm_hash ) ) ;
2004-04-12 14:19:48 +00:00
pass = False ;
}
} else {
if ( memcmp ( session_key . data , user_session_key ,
sizeof ( user_session_key ) ) ! = 0 ) {
DEBUG ( 1 , ( " NT Session Key does not match expectations! \n " ) ) ;
DEBUG ( 1 , ( " user_session_key: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , user_session_key , 16 ) ;
2004-04-12 14:19:48 +00:00
DEBUG ( 1 , ( " expected: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , session_key . data , session_key . length ) ;
2004-04-12 14:19:48 +00:00
pass = False ;
}
}
return pass ;
}
/*
* Test LM authentication , no NT response supplied
*/
2007-10-18 17:40:25 -07:00
static bool test_lm ( void )
2004-04-12 14:19:48 +00:00
{
return test_lm_ntlm_broken ( NO_NT ) ;
}
/*
* Test the NTLM response only , no LM .
*/
2007-10-18 17:40:25 -07:00
static bool test_ntlm ( void )
2004-04-12 14:19:48 +00:00
{
return test_lm_ntlm_broken ( NO_LM ) ;
}
/*
* Test the NTLM response only , but in the LM field .
*/
2007-10-18 17:40:25 -07:00
static bool test_ntlm_in_lm ( void )
2004-04-12 14:19:48 +00:00
{
2007-10-18 17:40:25 -07:00
bool pass = True ;
2004-04-12 14:19:48 +00:00
NTSTATUS nt_status ;
2015-05-06 17:00:06 -07:00
uint32_t flags = 0 ;
2004-04-12 14:19:48 +00:00
DATA_BLOB nt_response = data_blob ( NULL , 24 ) ;
2017-03-17 11:49:40 +01:00
uint8_t authoritative = 0 ;
2004-04-12 14:19:48 +00:00
uchar lm_key [ 8 ] ;
uchar lm_hash [ 16 ] ;
uchar user_session_key [ 16 ] ;
DATA_BLOB chall = get_challenge ( ) ;
char * error_string ;
ZERO_STRUCT ( user_session_key ) ;
flags | = WBFLAG_PAM_LMKEY ;
flags | = WBFLAG_PAM_USER_SESSION_KEY ;
SMBNTencrypt ( opt_password , chall . data , nt_response . data ) ;
E_deshash ( opt_password , lm_hash ) ;
nt_status = contact_winbind_auth_crap ( opt_username , opt_domain ,
opt_workstation ,
& chall ,
& nt_response ,
NULL ,
2012-02-19 10:56:12 +11:00
flags , 0 ,
2004-04-12 14:19:48 +00:00
lm_key ,
user_session_key ,
2017-03-17 11:49:40 +01:00
& authoritative ,
2004-04-12 14:19:48 +00:00
& error_string , NULL ) ;
data_blob_free ( & nt_response ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
d_printf ( " %s (0x%x) \n " ,
error_string ,
NT_STATUS_V ( nt_status ) ) ;
SAFE_FREE ( error_string ) ;
return False ;
}
if ( memcmp ( lm_hash , lm_key ,
sizeof ( lm_key ) ) ! = 0 ) {
DEBUG ( 1 , ( " LM Key does not match expectations! \n " ) ) ;
DEBUG ( 1 , ( " lm_key: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , lm_key , 8 ) ;
2004-04-12 14:19:48 +00:00
DEBUG ( 1 , ( " expected: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , lm_hash , 8 ) ;
2004-04-12 14:19:48 +00:00
pass = False ;
}
if ( memcmp ( lm_hash , user_session_key , 8 ) ! = 0 ) {
DEBUG ( 1 , ( " Session Key (first 8 lm hash) does not match expectations! \n " ) ) ;
DEBUG ( 1 , ( " user_session_key: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , user_session_key , 16 ) ;
2004-04-12 14:19:48 +00:00
DEBUG ( 1 , ( " expected: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , lm_hash , 8 ) ;
2004-04-12 14:19:48 +00:00
pass = False ;
}
return pass ;
}
/*
* Test the NTLM response only , but in the both the NT and LM fields .
*/
2007-10-18 17:40:25 -07:00
static bool test_ntlm_in_both ( void )
2004-04-12 14:19:48 +00:00
{
2007-10-18 17:40:25 -07:00
bool pass = True ;
2004-04-12 14:19:48 +00:00
NTSTATUS nt_status ;
2015-05-06 17:00:06 -07:00
uint32_t flags = 0 ;
2004-04-12 14:19:48 +00:00
DATA_BLOB nt_response = data_blob ( NULL , 24 ) ;
DATA_BLOB session_key = data_blob ( NULL , 16 ) ;
2017-03-17 11:49:40 +01:00
uint8_t authoritative = 0 ;
2015-05-06 17:00:06 -07:00
uint8_t lm_key [ 8 ] ;
uint8_t lm_hash [ 16 ] ;
uint8_t user_session_key [ 16 ] ;
uint8_t nt_hash [ 16 ] ;
2004-04-12 14:19:48 +00:00
DATA_BLOB chall = get_challenge ( ) ;
char * error_string ;
ZERO_STRUCT ( lm_key ) ;
ZERO_STRUCT ( user_session_key ) ;
flags | = WBFLAG_PAM_LMKEY ;
flags | = WBFLAG_PAM_USER_SESSION_KEY ;
SMBNTencrypt ( opt_password , chall . data , nt_response . data ) ;
2007-03-28 13:31:52 +00:00
E_md4hash ( opt_password , nt_hash ) ;
2009-03-16 21:27:58 +11:00
SMBsesskeygen_ntv1 ( nt_hash , session_key . data ) ;
2004-04-12 14:19:48 +00:00
2007-03-28 13:31:52 +00:00
E_deshash ( opt_password , lm_hash ) ;
2004-04-12 14:19:48 +00:00
nt_status = contact_winbind_auth_crap ( opt_username , opt_domain ,
opt_workstation ,
& chall ,
& nt_response ,
& nt_response ,
2012-02-19 10:56:12 +11:00
flags , 0 ,
2007-03-28 13:31:52 +00:00
lm_key ,
user_session_key ,
2017-03-17 11:49:40 +01:00
& authoritative ,
2004-04-12 14:19:48 +00:00
& error_string , NULL ) ;
data_blob_free ( & nt_response ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
d_printf ( " %s (0x%x) \n " ,
error_string ,
NT_STATUS_V ( nt_status ) ) ;
SAFE_FREE ( error_string ) ;
return False ;
}
if ( memcmp ( lm_hash , lm_key ,
sizeof ( lm_key ) ) ! = 0 ) {
DEBUG ( 1 , ( " LM Key does not match expectations! \n " ) ) ;
DEBUG ( 1 , ( " lm_key: \n " ) ) ;
dump_data ( 1 , lm_key , 8 ) ;
DEBUG ( 1 , ( " expected: \n " ) ) ;
dump_data ( 1 , lm_hash , 8 ) ;
pass = False ;
}
if ( memcmp ( session_key . data , user_session_key ,
sizeof ( user_session_key ) ) ! = 0 ) {
DEBUG ( 1 , ( " NT Session Key does not match expectations! \n " ) ) ;
DEBUG ( 1 , ( " user_session_key: \n " ) ) ;
dump_data ( 1 , user_session_key , 16 ) ;
DEBUG ( 1 , ( " expected: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , session_key . data , session_key . length ) ;
2004-04-12 14:19:48 +00:00
pass = False ;
}
return pass ;
}
/*
* Test the NTLMv2 and LMv2 responses
*/
2007-10-18 17:40:25 -07:00
static bool test_lmv2_ntlmv2_broken ( enum ntlm_break break_which )
2004-04-12 14:19:48 +00:00
{
2007-10-18 17:40:25 -07:00
bool pass = True ;
2004-04-12 14:19:48 +00:00
NTSTATUS nt_status ;
2015-05-06 17:00:06 -07:00
uint32_t flags = 0 ;
2007-05-14 12:16:20 +00:00
DATA_BLOB ntlmv2_response = data_blob_null ;
DATA_BLOB lmv2_response = data_blob_null ;
DATA_BLOB ntlmv2_session_key = data_blob_null ;
2009-03-16 21:27:58 +11:00
DATA_BLOB names_blob = NTLMv2_generate_names_blob ( NULL , get_winbind_netbios_name ( ) , get_winbind_domain ( ) ) ;
2017-03-17 11:49:40 +01:00
uint8_t authoritative = 0 ;
2004-04-12 14:19:48 +00:00
uchar user_session_key [ 16 ] ;
DATA_BLOB chall = get_challenge ( ) ;
char * error_string ;
ZERO_STRUCT ( user_session_key ) ;
flags | = WBFLAG_PAM_USER_SESSION_KEY ;
2009-03-16 21:27:58 +11:00
if ( ! SMBNTLMv2encrypt ( NULL , opt_username , opt_domain , opt_password , & chall ,
2004-04-12 14:19:48 +00:00
& names_blob ,
2009-03-16 21:27:58 +11:00
& lmv2_response , & ntlmv2_response , NULL ,
2004-04-12 14:19:48 +00:00
& ntlmv2_session_key ) ) {
data_blob_free ( & names_blob ) ;
return False ;
}
data_blob_free ( & names_blob ) ;
switch ( break_which ) {
case BREAK_NONE :
break ;
case BREAK_LM :
lmv2_response . data [ 0 ] + + ;
break ;
case BREAK_NT :
ntlmv2_response . data [ 0 ] + + ;
break ;
case NO_LM :
data_blob_free ( & lmv2_response ) ;
break ;
case NO_NT :
data_blob_free ( & ntlmv2_response ) ;
break ;
}
nt_status = contact_winbind_auth_crap ( opt_username , opt_domain ,
opt_workstation ,
& chall ,
& lmv2_response ,
& ntlmv2_response ,
2012-02-19 10:56:12 +11:00
flags , 0 ,
2004-04-12 14:19:48 +00:00
NULL ,
user_session_key ,
2017-03-17 11:49:40 +01:00
& authoritative ,
2004-04-12 14:19:48 +00:00
& error_string , NULL ) ;
data_blob_free ( & lmv2_response ) ;
data_blob_free ( & ntlmv2_response ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
d_printf ( " %s (0x%x) \n " ,
error_string ,
NT_STATUS_V ( nt_status ) ) ;
SAFE_FREE ( error_string ) ;
return break_which = = BREAK_NT ;
}
if ( break_which ! = NO_NT & & break_which ! = BREAK_NT & & memcmp ( ntlmv2_session_key . data , user_session_key ,
sizeof ( user_session_key ) ) ! = 0 ) {
DEBUG ( 1 , ( " USER (NTLMv2) Session Key does not match expectations! \n " ) ) ;
DEBUG ( 1 , ( " user_session_key: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , user_session_key , 16 ) ;
2004-04-12 14:19:48 +00:00
DEBUG ( 1 , ( " expected: \n " ) ) ;
2007-03-28 13:34:59 +00:00
dump_data ( 1 , ntlmv2_session_key . data , ntlmv2_session_key . length ) ;
2004-04-12 14:19:48 +00:00
pass = False ;
}
return pass ;
}
/*
* Test the NTLMv2 and LMv2 responses
*/
2007-10-18 17:40:25 -07:00
static bool test_lmv2_ntlmv2 ( void )
2004-04-12 14:19:48 +00:00
{
return test_lmv2_ntlmv2_broken ( BREAK_NONE ) ;
}
/*
* Test the LMv2 response only
*/
2007-10-18 17:40:25 -07:00
static bool test_lmv2 ( void )
2004-04-12 14:19:48 +00:00
{
return test_lmv2_ntlmv2_broken ( NO_NT ) ;
}
/*
* Test the NTLMv2 response only
*/
2007-10-18 17:40:25 -07:00
static bool test_ntlmv2 ( void )
2004-04-12 14:19:48 +00:00
{
return test_lmv2_ntlmv2_broken ( NO_LM ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_lm_ntlm ( void )
2004-04-12 14:19:48 +00:00
{
return test_lm_ntlm_broken ( BREAK_NONE ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_ntlm_lm_broken ( void )
2004-04-12 14:19:48 +00:00
{
return test_lm_ntlm_broken ( BREAK_LM ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_ntlm_ntlm_broken ( void )
2004-04-12 14:19:48 +00:00
{
return test_lm_ntlm_broken ( BREAK_NT ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_ntlmv2_lmv2_broken ( void )
2004-04-12 14:19:48 +00:00
{
return test_lmv2_ntlmv2_broken ( BREAK_LM ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_ntlmv2_ntlmv2_broken ( void )
2004-04-12 14:19:48 +00:00
{
return test_lmv2_ntlmv2_broken ( BREAK_NT ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_plaintext ( enum ntlm_break break_which )
2004-04-12 14:19:48 +00:00
{
NTSTATUS nt_status ;
2015-05-06 17:00:06 -07:00
uint32_t flags = 0 ;
2007-05-14 12:16:20 +00:00
DATA_BLOB nt_response = data_blob_null ;
DATA_BLOB lm_response = data_blob_null ;
2004-04-12 14:19:48 +00:00
char * password ;
2006-07-11 18:01:26 +00:00
smb_ucs2_t * nt_response_ucs2 ;
2008-04-29 14:36:24 -07:00
size_t converted_size ;
2017-03-17 11:49:40 +01:00
uint8_t authoritative = 0 ;
2004-04-12 14:19:48 +00:00
uchar user_session_key [ 16 ] ;
uchar lm_key [ 16 ] ;
2006-09-04 09:51:47 +00:00
static const uchar zeros [ 8 ] = { 0 , } ;
2004-04-12 14:19:48 +00:00
DATA_BLOB chall = data_blob ( zeros , sizeof ( zeros ) ) ;
char * error_string ;
ZERO_STRUCT ( user_session_key ) ;
flags | = WBFLAG_PAM_LMKEY ;
flags | = WBFLAG_PAM_USER_SESSION_KEY ;
2009-04-14 12:43:34 +10:00
if ( ! push_ucs2_talloc ( talloc_tos ( ) , & nt_response_ucs2 , opt_password ,
2008-04-29 14:36:24 -07:00
& converted_size ) )
{
2009-03-19 12:20:11 +11:00
DEBUG ( 0 , ( " push_ucs2_talloc failed! \n " ) ) ;
2004-04-12 14:19:48 +00:00
exit ( 1 ) ;
}
2006-07-11 18:01:26 +00:00
nt_response . data = ( unsigned char * ) nt_response_ucs2 ;
nt_response . length = strlen_w ( nt_response_ucs2 ) * sizeof ( smb_ucs2_t ) ;
2004-04-12 14:19:48 +00:00
2009-04-14 12:43:34 +10:00
if ( ( password = strupper_talloc ( talloc_tos ( ) , opt_password ) ) = = NULL ) {
2009-03-19 12:20:11 +11:00
DEBUG ( 0 , ( " strupper_talloc() failed! \n " ) ) ;
2006-06-19 20:00:51 +00:00
exit ( 1 ) ;
}
2004-04-12 14:19:48 +00:00
2009-04-14 12:43:34 +10:00
if ( ! convert_string_talloc ( talloc_tos ( ) , CH_UNIX ,
2009-03-19 12:20:11 +11:00
CH_DOS , password ,
strlen ( password ) + 1 ,
& lm_response . data ,
2011-03-24 10:59:41 +11:00
& lm_response . length ) ) {
2009-03-19 12:20:11 +11:00
DEBUG ( 0 , ( " convert_string_talloc failed! \n " ) ) ;
2004-04-12 14:19:48 +00:00
exit ( 1 ) ;
}
2009-03-19 12:20:11 +11:00
TALLOC_FREE ( password ) ;
2004-04-12 14:19:48 +00:00
switch ( break_which ) {
case BREAK_NONE :
break ;
case BREAK_LM :
lm_response . data [ 0 ] + + ;
break ;
case BREAK_NT :
nt_response . data [ 0 ] + + ;
break ;
case NO_LM :
2009-09-03 23:49:50 +02:00
TALLOC_FREE ( lm_response . data ) ;
2004-04-12 14:19:48 +00:00
lm_response . length = 0 ;
break ;
case NO_NT :
2009-09-03 23:49:50 +02:00
TALLOC_FREE ( nt_response . data ) ;
2004-04-12 14:19:48 +00:00
nt_response . length = 0 ;
break ;
}
nt_status = contact_winbind_auth_crap ( opt_username , opt_domain ,
opt_workstation ,
& chall ,
& lm_response ,
& nt_response ,
2012-02-19 10:56:12 +11:00
flags , MSV1_0_CLEARTEXT_PASSWORD_ALLOWED ,
2004-04-12 14:19:48 +00:00
lm_key ,
user_session_key ,
2017-03-17 11:49:40 +01:00
& authoritative ,
2004-04-12 14:19:48 +00:00
& error_string , NULL ) ;
2009-03-19 12:20:11 +11:00
TALLOC_FREE ( nt_response . data ) ;
TALLOC_FREE ( lm_response . data ) ;
2004-04-12 14:19:48 +00:00
data_blob_free ( & chall ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
d_printf ( " %s (0x%x) \n " ,
error_string ,
NT_STATUS_V ( nt_status ) ) ;
SAFE_FREE ( error_string ) ;
return break_which = = BREAK_NT ;
}
return break_which ! = BREAK_NT ;
}
2007-10-18 17:40:25 -07:00
static bool test_plaintext_none_broken ( void ) {
2004-04-12 14:19:48 +00:00
return test_plaintext ( BREAK_NONE ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_plaintext_lm_broken ( void ) {
2004-04-12 14:19:48 +00:00
return test_plaintext ( BREAK_LM ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_plaintext_nt_broken ( void ) {
2004-04-12 14:19:48 +00:00
return test_plaintext ( BREAK_NT ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_plaintext_nt_only ( void ) {
2004-04-12 14:19:48 +00:00
return test_plaintext ( NO_LM ) ;
}
2007-10-18 17:40:25 -07:00
static bool test_plaintext_lm_only ( void ) {
2004-04-12 14:19:48 +00:00
return test_plaintext ( NO_NT ) ;
}
/*
Tests :
- LM only
- NT and LM
- NT
- NT in LM field
- NT in both fields
- NTLMv2
- NTLMv2 and LMv2
- LMv2
- plaintext tests ( in challenge - response feilds )
check we get the correct session key in each case
check what values we get for the LM session key
*/
static const struct ntlm_tests {
2007-10-18 17:40:25 -07:00
bool ( * fn ) ( void ) ;
2004-04-12 14:19:48 +00:00
const char * name ;
} test_table [ ] = {
{ test_lm , " LM " } ,
{ test_lm_ntlm , " LM and NTLM " } ,
{ test_ntlm , " NTLM " } ,
{ test_ntlm_in_lm , " NTLM in LM " } ,
{ test_ntlm_in_both , " NTLM in both " } ,
{ test_ntlmv2 , " NTLMv2 " } ,
{ test_lmv2_ntlmv2 , " NTLMv2 and LMv2 " } ,
{ test_lmv2 , " LMv2 " } ,
{ test_ntlmv2_lmv2_broken , " NTLMv2 and LMv2, LMv2 broken " } ,
{ test_ntlmv2_ntlmv2_broken , " NTLMv2 and LMv2, NTLMv2 broken " } ,
{ test_ntlm_lm_broken , " NTLM and LM, LM broken " } ,
{ test_ntlm_ntlm_broken , " NTLM and LM, NTLM broken " } ,
{ test_plaintext_none_broken , " Plaintext " } ,
{ test_plaintext_lm_broken , " Plaintext LM broken " } ,
{ test_plaintext_nt_broken , " Plaintext NT broken " } ,
{ test_plaintext_nt_only , " Plaintext NT only " } ,
2004-05-19 11:50:01 +00:00
{ test_plaintext_lm_only , " Plaintext LM only " } ,
{ NULL , NULL }
2004-04-12 14:19:48 +00:00
} ;
2007-10-18 17:40:25 -07:00
bool diagnose_ntlm_auth ( void )
2004-04-12 14:19:48 +00:00
{
unsigned int i ;
2007-10-18 17:40:25 -07:00
bool pass = True ;
2004-04-12 14:19:48 +00:00
for ( i = 0 ; test_table [ i ] . fn ; i + + ) {
if ( ! test_table [ i ] . fn ( ) ) {
DEBUG ( 1 , ( " Test %s failed! \n " , test_table [ i ] . name ) ) ;
pass = False ;
}
}
return pass ;
}