1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
25 */
26
27 /*
28 * NT Lan Manager Security Support Provider (NTLMSSP)
29 *
30 * Based on information from the "Davenport NTLM" page:
31 * http://davenport.sourceforge.net/ntlm.html
32 */
33
34
35 #include <errno.h>
36 #include <stdio.h>
37 #include <stddef.h>
38 #include <stdlib.h>
39 #include <unistd.h>
40 #include <strings.h>
41 #include <netdb.h>
42 #include <libintl.h>
43 #include <xti.h>
44 #include <assert.h>
45
46 #include <sys/types.h>
47 #include <sys/time.h>
48 #include <sys/byteorder.h>
49 #include <sys/socket.h>
50 #include <sys/fcntl.h>
51
52 #include <netinet/in.h>
53 #include <netinet/tcp.h>
54 #include <arpa/inet.h>
55
56 #include <netsmb/smb.h>
57 #include <netsmb/smb_lib.h>
58 #include <netsmb/mchain.h>
59
60 #include "private.h"
61 #include "charsets.h"
62 #include "smb_crypt.h"
63 #include "spnego.h"
64 #include "derparse.h"
65 #include "ssp.h"
66 #include "ntlm.h"
67 #include "ntlmssp.h"
68
69 /* A shorter alias for a crazy long name from [MS-NLMP] */
70 #define NTLMSSP_NEGOTIATE_NTLM2 \
71 NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
72
73 typedef struct ntlmssp_state {
74 uint32_t ss_flags;
75 char *ss_target_name; /* Primary domain or server name */
76 struct mbuf *ss_target_info;
77 uchar_t ss_kxkey[NTLM_HASH_SZ];
78 } ntlmssp_state_t;
79
80 /*
81 * So called "security buffer".
82 * A lot like an RPC string.
83 */
84 struct sec_buf {
85 uint16_t sb_length;
86 uint16_t sb_maxlen;
87 uint32_t sb_offset;
88 };
89 #define ID_SZ 8
90 static const char ntlmssp_id[ID_SZ] = "NTLMSSP";
91
92 static int
93 ntlm_rand_ssn_key(struct smb_ctx *ctx,
94 ntlmssp_state_t *ssp_st, struct mbdata *ek_mbp);
95
96 /*
97 * Get a "security buffer" (header part)
98 */
99 static int
md_get_sb_hdr(struct mbdata * mbp,struct sec_buf * sb)100 md_get_sb_hdr(struct mbdata *mbp, struct sec_buf *sb)
101 {
102 int err;
103
104 (void) md_get_uint16le(mbp, &sb->sb_length);
105 (void) md_get_uint16le(mbp, &sb->sb_maxlen);
106 err = md_get_uint32le(mbp, &sb->sb_offset);
107
108 return (err);
109 }
110
111 /*
112 * Get a "security buffer" (data part), where
113 * the data is delivered as an mbuf.
114 */
115 static int
md_get_sb_data(struct mbdata * mbp,struct sec_buf * sb,struct mbuf ** mp)116 md_get_sb_data(struct mbdata *mbp, struct sec_buf *sb, struct mbuf **mp)
117 {
118 struct mbdata tmp_mb;
119 int err;
120
121 /*
122 * Setup tmp_mb to point to the start of the header.
123 * This is a dup ref - do NOT free it.
124 */
125 mb_initm(&tmp_mb, mbp->mb_top);
126
127 /* Skip data up to the offset. */
128 err = md_get_mem(&tmp_mb, NULL, sb->sb_offset, MB_MSYSTEM);
129 if (err)
130 return (err);
131
132 /* Get the data (as an mbuf). */
133 err = md_get_mbuf(&tmp_mb, sb->sb_maxlen, mp);
134
135 return (err);
136 }
137
138 /*
139 * Put a "security buffer" (header part)
140 */
141 static int
mb_put_sb_hdr(struct mbdata * mbp,struct sec_buf * sb)142 mb_put_sb_hdr(struct mbdata *mbp, struct sec_buf *sb)
143 {
144 int err;
145
146 (void) mb_put_uint16le(mbp, sb->sb_length);
147 (void) mb_put_uint16le(mbp, sb->sb_maxlen);
148 err = mb_put_uint32le(mbp, sb->sb_offset);
149
150 return (err);
151 }
152
153 /*
154 * Put a "security buffer" (data part), where
155 * the data is an mbuf. Note: consumes m.
156 */
157 static int
mb_put_sb_data(struct mbdata * mbp,struct sec_buf * sb,struct mbuf * m)158 mb_put_sb_data(struct mbdata *mbp, struct sec_buf *sb, struct mbuf *m)
159 {
160 int cnt0;
161 int err = 0;
162
163 sb->sb_offset = cnt0 = mbp->mb_count;
164 if (m != NULL)
165 err = mb_put_mbuf(mbp, m);
166 sb->sb_maxlen = sb->sb_length = mbp->mb_count - cnt0;
167
168 return (err);
169 }
170
171 /*
172 * Put a "security buffer" (data part), where
173 * the data is a string (OEM or unicode).
174 *
175 * The string is NOT null terminated.
176 */
177 static int
mb_put_sb_string(struct mbdata * mbp,struct sec_buf * sb,const char * str,int unicode)178 mb_put_sb_string(struct mbdata *mbp, struct sec_buf *sb,
179 const char *str, int unicode)
180 {
181 int err, trim;
182 struct mbdata tmp_mb;
183
184 bzero(&tmp_mb, sizeof (tmp_mb));
185
186 if (str != NULL && *str != '\0') {
187 /*
188 * Put the string into a temp. mbuf,
189 * then chop off the null terminator
190 * before appending to caller's mbp.
191 */
192 err = mb_init(&tmp_mb);
193 if (err)
194 return (err);
195 err = mb_put_string(&tmp_mb, str, unicode);
196 if (err)
197 return (err);
198
199 trim = (unicode) ? 2 : 1;
200 if (tmp_mb.mb_cur->m_len < trim)
201 trim = 0;
202 tmp_mb.mb_cur->m_len -= trim;
203 }
204
205 err = mb_put_sb_data(mbp, sb, tmp_mb.mb_top);
206 /*
207 * Note: tmp_mb.mb_top (if any) is consumed,
208 * so do NOT free it (no mb_done)
209 */
210 return (err);
211 }
212
213 /*
214 * Build a Type 1 message
215 *
216 * This message has a header section containing offsets to
217 * data later in the message. We use the common trick of
218 * building it in two parts and then concatenatening.
219 */
220 int
ntlmssp_put_type1(struct ssp_ctx * sp,struct mbdata * out_mb)221 ntlmssp_put_type1(struct ssp_ctx *sp, struct mbdata *out_mb)
222 {
223 struct type1hdr {
224 char h_id[ID_SZ];
225 uint32_t h_type;
226 uint32_t h_flags;
227 struct sec_buf h_cldom;
228 struct sec_buf h_wksta;
229 } hdr;
230 struct mbdata mb2; /* 2nd part */
231 int err;
232 struct smb_ctx *ctx = sp->smb_ctx;
233 ntlmssp_state_t *ssp_st = sp->sp_private;
234
235 if ((err = mb_init(&mb2)) != 0)
236 return (err);
237 mb2.mb_count = sizeof (hdr);
238
239 /*
240 * The initial negotiation flags represent the union of all
241 * options we support. The server selects from these.
242 * See: [MS-NLMP 2.2.2.5 NEGOTIATE]
243 */
244 ssp_st->ss_flags =
245 NTLMSSP_NEGOTIATE_UNICODE |
246 NTLMSSP_NEGOTIATE_OEM |
247 NTLMSSP_REQUEST_TARGET |
248 NTLMSSP_NEGOTIATE_SIGN |
249 NTLMSSP_NEGOTIATE_SEAL |
250 /* NTLMSSP_NEGOTIATE_LM_KEY (never) */
251 NTLMSSP_NEGOTIATE_NTLM |
252 /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN (set below) */
253 NTLMSSP_NEGOTIATE_NTLM2 |
254 NTLMSSP_NEGOTIATE_128 |
255 NTLMSSP_NEGOTIATE_KEY_EXCH |
256 NTLMSSP_NEGOTIATE_56;
257
258 if (ctx->ct_vcflags & SMBV_WILL_SIGN) {
259 ssp_st->ss_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
260 ctx->ct_hflags2 |= SMB_FLAGS2_SECURITY_SIGNATURE;
261 }
262
263 bcopy(ntlmssp_id, &hdr.h_id, ID_SZ);
264 hdr.h_type = NTLMSSP_MSGTYPE_NEGOTIATE;
265 hdr.h_flags = ssp_st->ss_flags;
266
267 /*
268 * We could put the client domain, client name strings
269 * here, (always in OEM format, upper-case), and set
270 * NTLMSSP_NEGOTIATE_OEM_..._SUPPLIED, but Windows
271 * leaves these NULL so let's do the same.
272 */
273 (void) mb_put_sb_string(&mb2, &hdr.h_cldom, NULL, 0);
274 (void) mb_put_sb_string(&mb2, &hdr.h_wksta, NULL, 0);
275
276 /*
277 * Marshal the header (in LE order)
278 * then concatenate the 2nd part.
279 */
280 (void) mb_put_mem(out_mb, &hdr.h_id, ID_SZ, MB_MSYSTEM);
281 (void) mb_put_uint32le(out_mb, hdr.h_type);
282 (void) mb_put_uint32le(out_mb, hdr.h_flags);
283 (void) mb_put_sb_hdr(out_mb, &hdr.h_cldom);
284 (void) mb_put_sb_hdr(out_mb, &hdr.h_wksta);
285
286 err = mb_put_mbuf(out_mb, mb2.mb_top);
287
288 return (err);
289 }
290
291 /*
292 * Parse a Type 2 message
293 */
294 int
ntlmssp_get_type2(struct ssp_ctx * sp,struct mbdata * in_mb)295 ntlmssp_get_type2(struct ssp_ctx *sp, struct mbdata *in_mb)
296 {
297 struct type2hdr {
298 char h_id[ID_SZ];
299 uint32_t h_type;
300 struct sec_buf h_target_name;
301 uint32_t h_flags;
302 uint8_t h_challenge[8];
303 uint32_t h_context[2]; /* optional */
304 struct sec_buf h_target_info; /* optional */
305 } hdr;
306 struct mbdata top_mb, tmp_mb;
307 struct mbuf *m;
308 int err, uc;
309 int min_hdr_sz = offsetof(struct type2hdr, h_context);
310 struct smb_ctx *ctx = sp->smb_ctx;
311 ntlmssp_state_t *ssp_st = sp->sp_private;
312 char *buf = NULL;
313
314 if (m_totlen(in_mb->mb_top) < min_hdr_sz) {
315 err = EBADRPC;
316 goto out;
317 }
318
319 /*
320 * Save the mbdata pointers before we consume anything.
321 * Careful to NOT free this (would be dup. free)
322 * We use this below to find data based on offsets
323 * from the start of the header.
324 */
325 top_mb = *in_mb;
326
327 /* Parse the fixed size header stuff. */
328 bzero(&hdr, sizeof (hdr));
329 (void) md_get_mem(in_mb, &hdr.h_id, ID_SZ, MB_MSYSTEM);
330 (void) md_get_uint32le(in_mb, &hdr.h_type);
331 if (hdr.h_type != NTLMSSP_MSGTYPE_CHALLENGE) {
332 err = EPROTO;
333 goto out;
334 }
335 (void) md_get_sb_hdr(in_mb, &hdr.h_target_name);
336 (void) md_get_uint32le(in_mb, &hdr.h_flags);
337 (void) md_get_mem(in_mb, &hdr.h_challenge, NTLM_CHAL_SZ, MB_MSYSTEM);
338
339 /*
340 * Save flags, server challenge for later.
341 */
342 ssp_st->ss_flags = hdr.h_flags;
343 bcopy(&hdr.h_challenge, ctx->ct_srv_chal, NTLM_CHAL_SZ);
344
345 /*
346 * Turn off flags that might have been given but
347 * that we don't want to send with authenticate.
348 */
349 uc = hdr.h_flags & NTLMSSP_NEGOTIATE_UNICODE;
350 ssp_st->ss_flags &= ~NTLMSSP_NEGOTIATE_VERSION;
351
352 /*
353 * Now find out if the optional parts are there.
354 */
355 if ((m_totlen(top_mb.mb_top) > sizeof (hdr)) &&
356 (hdr.h_target_name.sb_offset >= sizeof (hdr))) {
357 (void) md_get_uint32le(in_mb, &hdr.h_context[0]);
358 (void) md_get_uint32le(in_mb, &hdr.h_context[1]);
359 (void) md_get_sb_hdr(in_mb, &hdr.h_target_info);
360 }
361
362 /*
363 * Get the target name string. (Server name or
364 * Primary domain name.) First get a copy of the
365 * data from the offset/length indicated in the
366 * security buffer header; then parse the string.
367 */
368 err = md_get_sb_data(&top_mb, &hdr.h_target_name, &m);
369 if (err)
370 goto out;
371 mb_initm(&tmp_mb, m);
372 err = md_get_string(&tmp_mb, &ssp_st->ss_target_name, uc);
373 mb_done(&tmp_mb);
374
375 /*
376 * Get the target info blob, if present.
377 */
378 if (hdr.h_target_info.sb_offset >= sizeof (hdr)) {
379 err = md_get_sb_data(&top_mb, &hdr.h_target_info,
380 &ssp_st->ss_target_info);
381 }
382
383 out:
384 if (buf != NULL)
385 free(buf);
386
387 return (err);
388 }
389
390 /*
391 * Build a Type 3 message
392 *
393 * This message has a header section containing offsets to
394 * data later in the message. We use the common trick of
395 * building it in two parts and then concatenatening.
396 */
397 int
ntlmssp_put_type3(struct ssp_ctx * sp,struct mbdata * out_mb)398 ntlmssp_put_type3(struct ssp_ctx *sp, struct mbdata *out_mb)
399 {
400 struct type3hdr {
401 char h_id[ID_SZ];
402 uint32_t h_type;
403 struct sec_buf h_lm_resp;
404 struct sec_buf h_nt_resp;
405 struct sec_buf h_domain;
406 struct sec_buf h_user;
407 struct sec_buf h_wksta;
408 struct sec_buf h_ssn_key;
409 uint32_t h_flags;
410 /* Version struct (ommitted) */
411 uchar_t h_mic[NTLM_HASH_SZ];
412 } hdr;
413 struct mbdata lm_mbc; /* LM response */
414 struct mbdata nt_mbc; /* NT response */
415 struct mbdata ti_mbc; /* target info */
416 struct mbdata ek_mbc; /* encrypted session key */
417 struct mbdata mb2; /* payload */
418 int err, uc;
419 struct smb_ctx *ctx = sp->smb_ctx;
420 ntlmssp_state_t *ssp_st = sp->sp_private;
421 uchar_t *pmic;
422
423 bzero(&hdr, sizeof (hdr));
424 bzero(&lm_mbc, sizeof (lm_mbc));
425 bzero(&nt_mbc, sizeof (nt_mbc));
426 bzero(&ti_mbc, sizeof (ti_mbc));
427 bzero(&ek_mbc, sizeof (ek_mbc));
428 bzero(&mb2, sizeof (mb2));
429
430 /*
431 * Fill in the NTLMSSP header, etc.
432 */
433 if ((err = mb_init(&mb2)) != 0)
434 goto out;
435 mb2.mb_count = sizeof (hdr);
436 uc = ssp_st->ss_flags & NTLMSSP_NEGOTIATE_UNICODE;
437
438 bcopy(ntlmssp_id, &hdr.h_id, ID_SZ);
439 hdr.h_type = NTLMSSP_MSGTYPE_AUTHENTICATE;
440 hdr.h_flags = ssp_st->ss_flags;
441
442 /*
443 * Put the NTLMv2/LMv2 or NTLM/LM (v1) responses,
444 * and compute the session key, etc.
445 */
446 if (ctx->ct_authflags & SMB_AT_ANON) {
447 /*
448 * We're setting up a NULL session, meaning
449 * the lm_mbc, nt_mbc parts remain empty.
450 * Let's add the "anon" flag (hint).
451 * As there is no session key, disable the
452 * fancy session key stuff.
453 */
454 hdr.h_flags |= NTLMSSP_NEGOTIATE_NULL_SESSION;
455 ssp_st->ss_flags &= ~(
456 NTLMSSP_NEGOTIATE_NTLM2 |
457 NTLMSSP_NEGOTIATE_KEY_EXCH);
458 err = 0;
459 } else if (ctx->ct_authflags & SMB_AT_NTLM2) {
460 /*
461 * Doing NTLMv2/LMv2
462 */
463 err = ntlm_build_target_info(ctx,
464 ssp_st->ss_target_info, &ti_mbc);
465 if (err)
466 goto out;
467 err = ntlm_put_v2_responses(ctx, &ti_mbc,
468 &lm_mbc, &nt_mbc);
469 if (err)
470 goto out;
471 /* The "key exg. key" is the session base key */
472 memcpy(ssp_st->ss_kxkey, ctx->ct_ssn_key, NTLM_HASH_SZ);
473
474 } else if (ssp_st->ss_flags & NTLMSSP_NEGOTIATE_NTLM2) {
475 /*
476 * Doing NTLM ("v1x") which is NTLM with
477 * "Extended Session Security"
478 */
479 err = ntlm_put_v1x_responses(ctx,
480 &lm_mbc, &nt_mbc);
481 if (err)
482 goto out;
483 /* Compute the "Key exchange key". */
484 ntlm2_kxkey(ctx, &lm_mbc, ssp_st->ss_kxkey);
485 } else {
486 /*
487 * Doing plain old NTLM (and LM if enabled)
488 */
489 err = ntlm_put_v1_responses(ctx,
490 &lm_mbc, &nt_mbc);
491 if (err)
492 goto out;
493 /* The "key exg. key" is the session base key */
494 memcpy(ssp_st->ss_kxkey, ctx->ct_ssn_key, NTLM_HASH_SZ);
495 }
496
497 /*
498 * Compute the "Exported Session Key" and (possibly)
499 * the "Encrypted Random Sesion Key".
500 * [MS-NLMP 3.1.5.1.2]
501 */
502 if (ssp_st->ss_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
503 err = ntlm_rand_ssn_key(ctx, ssp_st, &ek_mbc);
504 if (err)
505 goto out;
506 } else {
507 /* ExportedSessionKey is the KeyExchangeKey */
508 memcpy(ctx->ct_ssn_key, ssp_st->ss_kxkey, NTLM_HASH_SZ);
509 /* EncryptedRandomSessionKey remains NULL */
510 }
511
512 err = mb_put_sb_data(&mb2, &hdr.h_lm_resp, lm_mbc.mb_top);
513 lm_mbc.mb_top = NULL; /* consumed */
514 if (err)
515 goto out;
516 err = mb_put_sb_data(&mb2, &hdr.h_nt_resp, nt_mbc.mb_top);
517 nt_mbc.mb_top = NULL; /* consumed */
518 if (err)
519 goto out;
520
521 /*
522 * Put the "target" (domain), user, workstation
523 */
524 err = mb_put_sb_string(&mb2, &hdr.h_domain, ctx->ct_domain, uc);
525 if (err)
526 goto out;
527 err = mb_put_sb_string(&mb2, &hdr.h_user, ctx->ct_user, uc);
528 if (err)
529 goto out;
530 err = mb_put_sb_string(&mb2, &hdr.h_wksta, ctx->ct_locname, uc);
531 if (err)
532 goto out;
533
534 /*
535 * Put the "Encrypted Random Session Key", if any.
536 * (ek_mbc.mb_top may be NULL)
537 */
538 err = mb_put_sb_data(&mb2, &hdr.h_ssn_key, ek_mbc.mb_top);
539 ek_mbc.mb_top = NULL; /* consumed (if any) */
540 if (err)
541 goto out;
542
543 /*
544 * Marshal the header (in LE order)
545 * then concatenate the 2nd part.
546 */
547 (void) mb_put_mem(out_mb, &hdr.h_id, ID_SZ, MB_MSYSTEM);
548 (void) mb_put_uint32le(out_mb, hdr.h_type);
549
550 (void) mb_put_sb_hdr(out_mb, &hdr.h_lm_resp);
551 (void) mb_put_sb_hdr(out_mb, &hdr.h_nt_resp);
552
553 (void) mb_put_sb_hdr(out_mb, &hdr.h_domain);
554 (void) mb_put_sb_hdr(out_mb, &hdr.h_user);
555 (void) mb_put_sb_hdr(out_mb, &hdr.h_wksta);
556
557 (void) mb_put_sb_hdr(out_mb, &hdr.h_ssn_key);
558 (void) mb_put_uint32le(out_mb, hdr.h_flags);
559
560 /* Put zeros for the MIC - filled in later */
561 pmic = mb_reserve(out_mb, NTLM_HASH_SZ);
562
563 /* Put the payload. */
564 err = mb_put_mbuf(out_mb, mb2.mb_top);
565 mb2.mb_top = NULL; /* consumed */
566
567 /*
568 * Compute the MIC and stuff that in...
569 * The MIC is apparently optional.
570 */
571 (void) pmic;
572
573 out:
574 mb_done(&mb2);
575 mb_done(&lm_mbc);
576 mb_done(&nt_mbc);
577 mb_done(&ti_mbc);
578 mb_done(&ek_mbc);
579
580 return (err);
581 }
582
583 /*
584 * Helper for ntlmssp_put_type3 when doing key exchange.
585 *
586 * "ExportedSessionKey" is what we give to the "application"
587 * layer, which in here means the MAC key for SMB signing.
588 * With "key exchange", we replace the ExportedSessionKey
589 * with random data and send that (encrypted) to the peer.
590 */
591 static int
ntlm_rand_ssn_key(struct smb_ctx * ctx,ntlmssp_state_t * ssp_st,struct mbdata * ek_mbp)592 ntlm_rand_ssn_key(
593 struct smb_ctx *ctx,
594 ntlmssp_state_t *ssp_st,
595 struct mbdata *ek_mbp)
596 {
597
598 uchar_t *encr_ssn_key;
599 int err;
600
601 if ((err = mb_init(ek_mbp)) != 0)
602 return (err);
603 encr_ssn_key = mb_reserve(ek_mbp, NTLM_HASH_SZ);
604
605 /* Set "ExportedSessionKey to NONCE(16) */
606 (void) smb_get_urandom(ctx->ct_ssn_key, NTLM_HASH_SZ);
607
608 /* Set "EncryptedRandomSessionKey" to RC4(...) */
609 err = smb_encrypt_RC4(encr_ssn_key, NTLM_HASH_SZ,
610 ssp_st->ss_kxkey, NTLM_HASH_SZ,
611 ctx->ct_ssn_key, NTLM_HASH_SZ);
612
613 return (err);
614 }
615
616 /*
617 * ntlmssp_final
618 *
619 * Called after successful authentication.
620 * Setup the MAC key for signing.
621 */
622 int
ntlmssp_final(struct ssp_ctx * sp)623 ntlmssp_final(struct ssp_ctx *sp)
624 {
625 struct smb_ctx *ctx = sp->smb_ctx;
626 int err = 0;
627
628 /*
629 * MAC_key is just the session key, but
630 * Only on the first successful auth.
631 */
632 if ((ctx->ct_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE) &&
633 (ctx->ct_mackey == NULL)) {
634 ctx->ct_mackeylen = NTLM_HASH_SZ;
635 ctx->ct_mackey = malloc(ctx->ct_mackeylen);
636 if (ctx->ct_mackey == NULL) {
637 ctx->ct_mackeylen = 0;
638 err = ENOMEM;
639 goto out;
640 }
641 memcpy(ctx->ct_mackey, ctx->ct_ssn_key, NTLM_HASH_SZ);
642 /*
643 * Apparently, the server used seq. no. zero
644 * for our previous message, so next is two.
645 */
646 ctx->ct_mac_seqno = 2;
647 }
648
649 out:
650 return (err);
651 }
652
653 /*
654 * ntlmssp_next_token
655 *
656 * See ssp.c: ssp_ctx_next_token
657 */
658 int
ntlmssp_next_token(struct ssp_ctx * sp,struct mbdata * in_mb,struct mbdata * out_mb)659 ntlmssp_next_token(struct ssp_ctx *sp, struct mbdata *in_mb,
660 struct mbdata *out_mb)
661 {
662 int err;
663
664 if (out_mb == NULL) {
665 /* final call on successful auth. */
666 err = ntlmssp_final(sp);
667 goto out;
668 }
669
670 /* Will build an ouptut token. */
671 err = mb_init(out_mb);
672 if (err)
673 goto out;
674
675 /*
676 * When called with in_mb == NULL, it means
677 * this is the first call for this session,
678 * so put a Type 1 (initialize) token.
679 */
680 if (in_mb == NULL) {
681 err = ntlmssp_put_type1(sp, out_mb);
682 goto out;
683 }
684
685 /*
686 * This is not the first call, so
687 * parse the response token we received.
688 * It should be a Type 2 (challenge).
689 * Then put a Type 3 (authenticate)
690 */
691 err = ntlmssp_get_type2(sp, in_mb);
692 if (err)
693 goto out;
694
695 err = ntlmssp_put_type3(sp, out_mb);
696
697 out:
698 if (err)
699 DPRINT("ret: %d", err);
700 return (err);
701 }
702
703 /*
704 * ntlmssp_ctx_destroy
705 *
706 * Destroy mechanism-specific data.
707 */
708 void
ntlmssp_destroy(struct ssp_ctx * sp)709 ntlmssp_destroy(struct ssp_ctx *sp)
710 {
711 ntlmssp_state_t *ssp_st;
712
713 ssp_st = sp->sp_private;
714 if (ssp_st != NULL) {
715 sp->sp_private = NULL;
716 free(ssp_st->ss_target_name);
717 m_freem(ssp_st->ss_target_info);
718 free(ssp_st);
719 }
720 }
721
722 /*
723 * ntlmssp_init_clnt
724 *
725 * Initialize a new NTLMSSP client context.
726 */
727 int
ntlmssp_init_client(struct ssp_ctx * sp)728 ntlmssp_init_client(struct ssp_ctx *sp)
729 {
730 ntlmssp_state_t *ssp_st;
731
732 if ((sp->smb_ctx->ct_authflags &
733 (SMB_AT_NTLM2 | SMB_AT_NTLM1 | SMB_AT_ANON)) == 0) {
734 DPRINT("No NTLM authflags");
735 return (EINVAL);
736 }
737
738 ssp_st = calloc(1, sizeof (*ssp_st));
739 if (ssp_st == NULL)
740 return (ENOMEM);
741
742 sp->sp_nexttok = ntlmssp_next_token;
743 sp->sp_destroy = ntlmssp_destroy;
744 sp->sp_private = ssp_st;
745
746 return (0);
747 }
748