Context Navigation

source: vendor/current/source4/auth/ntlmssp/ntlmssp.c@ 740

Visit:

Last change on this file since 740 was 740, checked in by Silvan Scherrer, 12 years ago
Samba Server: update vendor to 3.6.0
File size: 9.2 KB

Line
1	/*
2	Unix SMB/Netbios implementation.
3	Version 3.0
4	handle NLTMSSP, client server side parsing
5
6	Copyright (C) Andrew Tridgell 2001
7	Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2005
8	Copyright (C) Stefan Metzmacher 2005
9
10	This program is free software; you can redistribute it and/or modify
11	it under the terms of the GNU General Public License as published by
12	the Free Software Foundation; either version 3 of the License, or
13	(at your option) any later version.
14
15	This program is distributed in the hope that it will be useful,
16	but WITHOUT ANY WARRANTY; without even the implied warranty of
17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18	GNU General Public License for more details.
19
20	You should have received a copy of the GNU General Public License
21	along with this program. If not, see <http://www.gnu.org/licenses/>.
22	*/
23
24	#include "includes.h"
25	#include "auth/ntlmssp/ntlmssp.h"
26	#include "../libcli/auth/libcli_auth.h"
27	#include "librpc/gen_ndr/ndr_dcerpc.h"
28	#include "auth/gensec/gensec.h"
29	#include "auth/gensec/gensec_proto.h"
30
31	/**
32	* Callbacks for NTLMSSP - for both client and server operating modes
33	*
34	*/
35
36	static const struct ntlmssp_callbacks {
37	enum ntlmssp_role role;
38	enum ntlmssp_message_type command;
39	NTSTATUS (sync_fn)(struct gensec_security gensec_security,
40	TALLOC_CTX *out_mem_ctx,
41	DATA_BLOB in, DATA_BLOB *out);
42	} ntlmssp_callbacks[] = {
43	{
44	.role = NTLMSSP_CLIENT,
45	.command = NTLMSSP_INITIAL,
46	.sync_fn = ntlmssp_client_initial,
47	},{
48	.role = NTLMSSP_SERVER,
49	.command = NTLMSSP_NEGOTIATE,
50	.sync_fn = gensec_ntlmssp_server_negotiate,
51	},{
52	.role = NTLMSSP_CLIENT,
53	.command = NTLMSSP_CHALLENGE,
54	.sync_fn = ntlmssp_client_challenge,
55	},{
56	.role = NTLMSSP_SERVER,
57	.command = NTLMSSP_AUTH,
58	.sync_fn = gensec_ntlmssp_server_auth,
59	}
60	};
61
62
63	static NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security,
64	const DATA_BLOB *first_packet)
65	{
66	if (first_packet->length > 8 && memcmp("NTLMSSP\0", first_packet->data, 8) == 0) {
67	return NT_STATUS_OK;
68	} else {
69	return NT_STATUS_INVALID_PARAMETER;
70	}
71	}
72
73	static NTSTATUS gensec_ntlmssp_update_find(struct ntlmssp_state *ntlmssp_state,
74	const DATA_BLOB input, uint32_t *idx)
75	{
76	struct gensec_ntlmssp_context *gensec_ntlmssp =
77	talloc_get_type_abort(ntlmssp_state->callback_private,
78	struct gensec_ntlmssp_context);
79	struct gensec_security *gensec_security = gensec_ntlmssp->gensec_security;
80	uint32_t ntlmssp_command;
81	uint32_t i;
82
83	if (ntlmssp_state->expected_state == NTLMSSP_DONE) {
84	/* We are strict here because other modules, which we
85	* don't fully control (such as GSSAPI) are also
86	* strict, but are tested less often */
87
88	DEBUG(1, ("Called NTLMSSP after state machine was 'done'\n"));
89	return NT_STATUS_INVALID_PARAMETER;
90	}
91
92	if (!input.length) {
93	switch (ntlmssp_state->role) {
94	case NTLMSSP_CLIENT:
95	ntlmssp_command = NTLMSSP_INITIAL;
96	break;
97	case NTLMSSP_SERVER:
98	if (gensec_security->want_features & GENSEC_FEATURE_DATAGRAM_MODE) {
99	/* 'datagram' mode - no neg packet */
100	ntlmssp_command = NTLMSSP_NEGOTIATE;
101	} else {
102	/* This is normal in SPNEGO mech negotiation fallback */
103	DEBUG(2, ("Failed to parse NTLMSSP packet: zero length\n"));
104	return NT_STATUS_INVALID_PARAMETER;
105	}
106	break;
107	}
108	} else {
109	if (!msrpc_parse(ntlmssp_state,
110	&input, "Cd",
111	"NTLMSSP",
112	&ntlmssp_command)) {
113	DEBUG(1, ("Failed to parse NTLMSSP packet, could not extract NTLMSSP command\n"));
114	dump_data(2, input.data, input.length);
115	return NT_STATUS_INVALID_PARAMETER;
116	}
117	}
118
119	if (ntlmssp_command != ntlmssp_state->expected_state) {
120	DEBUG(2, ("got NTLMSSP command %u, expected %u\n", ntlmssp_command, ntlmssp_state->expected_state));
121	return NT_STATUS_INVALID_PARAMETER;
122	}
123
124	for (i=0; i < ARRAY_SIZE(ntlmssp_callbacks); i++) {
125	if (ntlmssp_callbacks[i].role == ntlmssp_state->role &&
126	ntlmssp_callbacks[i].command == ntlmssp_command) {
127	*idx = i;
128	return NT_STATUS_OK;
129	}
130	}
131
132	DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n",
133	ntlmssp_state->role, ntlmssp_command));
134
135	return NT_STATUS_INVALID_PARAMETER;
136	}
137
138	/**
139	* Next state function for the wrapped NTLMSSP state machine
140	*
141	* @param gensec_security GENSEC state, initialised to NTLMSSP
142	* @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
143	* @param in The request, as a DATA_BLOB
144	* @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
145	* @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
146	* or NT_STATUS_OK if the user is authenticated.
147	*/
148
149	static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security,
150	TALLOC_CTX *out_mem_ctx,
151	const DATA_BLOB input, DATA_BLOB *out)
152	{
153	struct gensec_ntlmssp_context *gensec_ntlmssp =
154	talloc_get_type_abort(gensec_security->private_data,
155	struct gensec_ntlmssp_context);
156	struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
157	NTSTATUS status;
158	uint32_t i;
159
160	*out = data_blob(NULL, 0);
161
162	if (!out_mem_ctx) {
163	/* if the caller doesn't want to manage/own the memory,
164	we can put it on our context */
165	out_mem_ctx = ntlmssp_state;
166	}
167
168	status = gensec_ntlmssp_update_find(ntlmssp_state, input, &i);
169	NT_STATUS_NOT_OK_RETURN(status);
170
171	status = ntlmssp_callbacks[i].sync_fn(gensec_security, out_mem_ctx, input, out);
172	NT_STATUS_NOT_OK_RETURN(status);
173
174	return NT_STATUS_OK;
175	}
176
177	/**
178	* Return the NTLMSSP master session key
179	*
180	* @param ntlmssp_state NTLMSSP State
181	*/
182
183	NTSTATUS gensec_ntlmssp_session_key(struct gensec_security *gensec_security,
184	DATA_BLOB *session_key)
185	{
186	struct gensec_ntlmssp_context *gensec_ntlmssp =
187	talloc_get_type_abort(gensec_security->private_data,
188	struct gensec_ntlmssp_context);
189	struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
190
191	if (ntlmssp_state->expected_state != NTLMSSP_DONE) {
192	return NT_STATUS_NO_USER_SESSION_KEY;
193	}
194
195	if (!ntlmssp_state->session_key.data) {
196	return NT_STATUS_NO_USER_SESSION_KEY;
197	}
198	*session_key = ntlmssp_state->session_key;
199
200	return NT_STATUS_OK;
201	}
202
203	static bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
204	uint32_t feature)
205	{
206	struct gensec_ntlmssp_context *gensec_ntlmssp =
207	talloc_get_type_abort(gensec_security->private_data,
208	struct gensec_ntlmssp_context);
209	struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
210
211	if (feature & GENSEC_FEATURE_SIGN) {
212	if (!ntlmssp_state->session_key.length) {
213	return false;
214	}
215	if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN) {
216	return true;
217	}
218	}
219	if (feature & GENSEC_FEATURE_SEAL) {
220	if (!ntlmssp_state->session_key.length) {
221	return false;
222	}
223	if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL) {
224	return true;
225	}
226	}
227	if (feature & GENSEC_FEATURE_SESSION_KEY) {
228	if (ntlmssp_state->session_key.length) {
229	return true;
230	}
231	}
232	if (feature & GENSEC_FEATURE_DCE_STYLE) {
233	return true;
234	}
235	if (feature & GENSEC_FEATURE_ASYNC_REPLIES) {
236	if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
237	return true;
238	}
239	}
240	return false;
241	}
242
243	NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security)
244	{
245	struct gensec_ntlmssp_context *gensec_ntlmssp;
246	struct ntlmssp_state *ntlmssp_state;
247
248	gensec_ntlmssp = talloc_zero(gensec_security,
249	struct gensec_ntlmssp_context);
250	if (!gensec_ntlmssp) {
251	return NT_STATUS_NO_MEMORY;
252	}
253
254	gensec_ntlmssp->gensec_security = gensec_security;
255
256	ntlmssp_state = talloc_zero(gensec_ntlmssp,
257	struct ntlmssp_state);
258	if (!ntlmssp_state) {
259	return NT_STATUS_NO_MEMORY;
260	}
261
262	ntlmssp_state->callback_private = gensec_ntlmssp;
263
264	gensec_ntlmssp->ntlmssp_state = ntlmssp_state;
265
266	gensec_security->private_data = gensec_ntlmssp;
267	return NT_STATUS_OK;
268	}
269
270	static const char *gensec_ntlmssp_oids[] = {
271	GENSEC_OID_NTLMSSP,
272	NULL
273	};
274
275	static const struct gensec_security_ops gensec_ntlmssp_security_ops = {
276	.name = "ntlmssp",
277	.sasl_name = GENSEC_SASL_NAME_NTLMSSP, /* "NTLM" */
278	.auth_type = DCERPC_AUTH_TYPE_NTLMSSP,
279	.oid = gensec_ntlmssp_oids,
280	.client_start = gensec_ntlmssp_client_start,
281	.server_start = gensec_ntlmssp_server_start,
282	.magic = gensec_ntlmssp_magic,
283	.update = gensec_ntlmssp_update,
284	.sig_size = gensec_ntlmssp_sig_size,
285	.sign_packet = gensec_ntlmssp_sign_packet,
286	.check_packet = gensec_ntlmssp_check_packet,
287	.seal_packet = gensec_ntlmssp_seal_packet,
288	.unseal_packet = gensec_ntlmssp_unseal_packet,
289	.wrap = gensec_ntlmssp_wrap,
290	.unwrap = gensec_ntlmssp_unwrap,
291	.session_key = gensec_ntlmssp_session_key,
292	.session_info = gensec_ntlmssp_session_info,
293	.have_feature = gensec_ntlmssp_have_feature,
294	.enabled = true,
295	.priority = GENSEC_NTLMSSP
296	};
297
298
299	_PUBLIC_ NTSTATUS gensec_ntlmssp_init(void)
300	{
301	NTSTATUS ret;
302
303	ret = gensec_register(&gensec_ntlmssp_security_ops);
304	if (!NT_STATUS_IS_OK(ret)) {
305	DEBUG(0,("Failed to register '%s' gensec backend!\n",
306	gensec_ntlmssp_security_ops.name));
307	return ret;
308	}
309
310	return ret;
311	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: