2010-05-25 14:58:52 +04:00
/*
Unix SMB / Netbios implementation .
Version 3.0
handle NLTMSSP , server side
Copyright ( C ) Andrew Tridgell 2001
Copyright ( C ) Andrew Bartlett 2001 - 2003
Copyright ( C ) Andrew Bartlett 2005 ( Updated from gensec ) .
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
# include "includes.h"
2011-07-25 10:04:38 +04:00
# include "../auth/ntlmssp/ntlmssp.h"
# include "../auth/ntlmssp/ntlmssp_private.h"
2010-05-25 14:58:52 +04:00
/**
* Print out the NTLMSSP flags for debugging
* @ param neg_flags The flags from the packet
*/
void debug_ntlmssp_flags ( uint32_t neg_flags )
{
DEBUG ( 3 , ( " Got NTLMSSP neg_flags=0x%08x \n " , neg_flags ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_UNICODE )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_UNICODE \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_OEM )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_OEM \n " ) ) ;
if ( neg_flags & NTLMSSP_REQUEST_TARGET )
DEBUGADD ( 4 , ( " NTLMSSP_REQUEST_TARGET \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_SIGN )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_SIGN \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_SEAL )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_SEAL \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_DATAGRAM )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_DATAGRAM \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_LM_KEY )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_LM_KEY \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_NETWARE )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_NETWARE \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_NTLM )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_NTLM \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_ALWAYS_SIGN \n " ) ) ;
if ( neg_flags & NTLMSSP_REQUEST_NON_NT_SESSION_KEY )
DEBUGADD ( 4 , ( " NTLMSSP_REQUEST_NON_NT_SESSION_KEY \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_NTLM2 )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_NTLM2 \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_TARGET_INFO )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_TARGET_INFO \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_VERSION )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_VERSION \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_128 )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_128 \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_KEY_EXCH \n " ) ) ;
if ( neg_flags & NTLMSSP_NEGOTIATE_56 )
DEBUGADD ( 4 , ( " NTLMSSP_NEGOTIATE_56 \n " ) ) ;
}
2010-08-06 12:16:32 +04:00
void ntlmssp_handle_neg_flags ( struct ntlmssp_state * ntlmssp_state ,
uint32_t neg_flags , bool allow_lm )
{
if ( neg_flags & NTLMSSP_NEGOTIATE_UNICODE ) {
ntlmssp_state - > neg_flags | = NTLMSSP_NEGOTIATE_UNICODE ;
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_OEM ;
ntlmssp_state - > unicode = true ;
} else {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_UNICODE ;
ntlmssp_state - > neg_flags | = NTLMSSP_NEGOTIATE_OEM ;
ntlmssp_state - > unicode = false ;
}
if ( ( neg_flags & NTLMSSP_NEGOTIATE_LM_KEY ) & & allow_lm ) {
/* other end forcing us to use LM */
ntlmssp_state - > neg_flags | = NTLMSSP_NEGOTIATE_LM_KEY ;
ntlmssp_state - > use_ntlmv2 = false ;
} else {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_LM_KEY ;
}
if ( ! ( neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN ) ) {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_ALWAYS_SIGN ;
}
if ( ! ( neg_flags & NTLMSSP_NEGOTIATE_NTLM2 ) ) {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_NTLM2 ;
}
if ( ! ( neg_flags & NTLMSSP_NEGOTIATE_128 ) ) {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_128 ;
}
if ( ! ( neg_flags & NTLMSSP_NEGOTIATE_56 ) ) {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_56 ;
}
if ( ! ( neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH ) ) {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_KEY_EXCH ;
}
if ( ! ( neg_flags & NTLMSSP_NEGOTIATE_SIGN ) ) {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_SIGN ;
}
if ( ! ( neg_flags & NTLMSSP_NEGOTIATE_SEAL ) ) {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_SEAL ;
}
if ( ! ( neg_flags & NTLMSSP_NEGOTIATE_VERSION ) ) {
ntlmssp_state - > neg_flags & = ~ NTLMSSP_NEGOTIATE_VERSION ;
}
if ( ( neg_flags & NTLMSSP_REQUEST_TARGET ) ) {
ntlmssp_state - > neg_flags | = NTLMSSP_REQUEST_TARGET ;
}
}
2011-08-03 03:33:29 +04:00
/* Does this blob looks like it could be NTLMSSP? */
bool ntlmssp_blob_matches_magic ( const DATA_BLOB * blob )
{
if ( blob - > length > 8 & & memcmp ( " NTLMSSP \0 " , blob - > data , 8 ) = = 0 ) {
return true ;
} else {
return false ;
}
}