#include "ntlmauth/support_endian.h"
Go to the source code of this file.
Classes | |
| struct | _strhdr |
| struct | _lstring |
| struct | _ntlmhdr |
| struct | _ntlm_negotiate |
| struct | _ntlm_challenge |
| struct | _ntlm_authenticate |
Typedefs | |
| typedef struct _strhdr | strhdr |
| typedef struct _lstring | lstring |
| typedef struct _ntlmhdr | ntlmhdr |
| typedef struct _ntlm_negotiate | ntlm_negotiate |
| typedef struct _ntlm_challenge | ntlm_challenge |
| typedef struct _ntlm_authenticate | ntlm_authenticate |
Functions | |
| void | ntlm_dump_ntlmssp_flags (const uint32_t flags) |
| int | ntlm_validate_packet (const ntlmhdr *packet, const int32_t type) |
| lstring | ntlm_fetch_string (const ntlmhdr *packet, const int32_t packet_length, const strhdr *str, const uint32_t flags) |
| void | ntlm_add_to_payload (const ntlmhdr *packet_hdr, char *payload, int *payload_length, strhdr *hdr, const char *toadd, const uint16_t toadd_length) |
| void | ntlm_make_nonce (char *nonce) |
| void | ntlm_make_challenge (ntlm_challenge *ch, const char *domain, const char *domain_controller, const char *challenge_nonce, const int challenge_nonce_len, const uint32_t flags) |
| int | ntlm_unpack_auth (const ntlm_authenticate *auth, char *user, char *domain, const int32_t size) |
Macro Definition Documentation
◆ NTLM_ANY
| #define NTLM_ANY 0 |
Definition at line 72 of file ntlmauth.h.
◆ NTLM_AUTHENTICATE
| #define NTLM_AUTHENTICATE 3 |
Definition at line 75 of file ntlmauth.h.
◆ NTLM_BAD_NTGROUP
| #define NTLM_BAD_NTGROUP 2 |
Definition at line 47 of file ntlmauth.h.
◆ NTLM_BAD_REQUEST
| #define NTLM_BAD_REQUEST 3 |
Definition at line 48 of file ntlmauth.h.
◆ NTLM_BLOB_BUFFER_SIZE
| #define NTLM_BLOB_BUFFER_SIZE 10240 |
Definition at line 25 of file ntlmauth.h.
◆ NTLM_CHALLENGE
| #define NTLM_CHALLENGE 2 |
Definition at line 74 of file ntlmauth.h.
◆ NTLM_CHALLENGE_HEADER_OFFSET
| #define NTLM_CHALLENGE_HEADER_OFFSET (sizeof(ntlm_challenge)-256) |
Definition at line 153 of file ntlmauth.h.
◆ NTLM_CHALLENGE_TARGET_IS_DOMAIN
| #define NTLM_CHALLENGE_TARGET_IS_DOMAIN 0x10000 |
Definition at line 137 of file ntlmauth.h.
◆ NTLM_CHALLENGE_TARGET_IS_SERVER
| #define NTLM_CHALLENGE_TARGET_IS_SERVER 0x20000 |
Definition at line 138 of file ntlmauth.h.
◆ NTLM_CHALLENGE_TARGET_IS_SHARE
| #define NTLM_CHALLENGE_TARGET_IS_SHARE 0x40000 |
Definition at line 139 of file ntlmauth.h.
◆ NTLM_ERR_BAD_PROTOCOL
| #define NTLM_ERR_BAD_PROTOCOL -1 |
Definition at line 37 of file ntlmauth.h.
◆ NTLM_ERR_BLOB
| #define NTLM_ERR_BLOB -2 |
Definition at line 36 of file ntlmauth.h.
◆ NTLM_ERR_INTERNAL
| #define NTLM_ERR_INTERNAL -3 |
Definition at line 35 of file ntlmauth.h.
◆ NTLM_ERR_LOGON
| #define NTLM_ERR_LOGON 3 /* aka. SMBLM_ERR_LOGON */ |
Definition at line 42 of file ntlmauth.h.
◆ NTLM_ERR_NONE
| #define NTLM_ERR_NONE 0 /* aka. SMBLM_ERR_NONE */ |
Definition at line 38 of file ntlmauth.h.
◆ NTLM_ERR_NOT_CONNECTED
| #define NTLM_ERR_NOT_CONNECTED 10 |
Definition at line 44 of file ntlmauth.h.
◆ NTLM_ERR_PROTOCOL
| #define NTLM_ERR_PROTOCOL 2 /* aka. SMBLM_ERR_PROTOCOL */ |
Definition at line 41 of file ntlmauth.h.
◆ NTLM_ERR_SERVER
| #define NTLM_ERR_SERVER 1 /* aka. SMBLM_ERR_SERVER */ |
Definition at line 40 of file ntlmauth.h.
◆ NTLM_ERR_UNTRUSTED_DOMAIN
| #define NTLM_ERR_UNTRUSTED_DOMAIN 4 |
Definition at line 43 of file ntlmauth.h.
◆ NTLM_MAX_FIELD_LENGTH
| #define NTLM_MAX_FIELD_LENGTH 300 /* max length of an NTLMSSP field */ |
Definition at line 22 of file ntlmauth.h.
◆ NTLM_NEGOTIATE
| #define NTLM_NEGOTIATE 1 |
Definition at line 73 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_ALWAYS_SIGN
| #define NTLM_NEGOTIATE_ALWAYS_SIGN 0x8000 |
Definition at line 119 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_ASCII
| #define NTLM_NEGOTIATE_ASCII 0x0002 |
Definition at line 108 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_DATAGRAM_STYLE
| #define NTLM_NEGOTIATE_DATAGRAM_STYLE 0x0040 |
Definition at line 112 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_DOMAIN_SUPPLIED
| #define NTLM_NEGOTIATE_DOMAIN_SUPPLIED 0x1000 |
Definition at line 116 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_REQUEST_SEAL
| #define NTLM_NEGOTIATE_REQUEST_SEAL 0x0020 |
Definition at line 111 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_REQUEST_SIGN
| #define NTLM_NEGOTIATE_REQUEST_SIGN 0x0010 |
Definition at line 110 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_REQUEST_TARGET
| #define NTLM_NEGOTIATE_REQUEST_TARGET 0x0004 |
Definition at line 109 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_THIS_IS_LOCAL_CALL
| #define NTLM_NEGOTIATE_THIS_IS_LOCAL_CALL 0x4000 |
Definition at line 118 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_UNICODE
| #define NTLM_NEGOTIATE_UNICODE 0x0001 |
Definition at line 107 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_USE_LM
| #define NTLM_NEGOTIATE_USE_LM 0x0080 |
Definition at line 113 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_USE_NETWARE
| #define NTLM_NEGOTIATE_USE_NETWARE 0x0100 |
Definition at line 114 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_USE_NTLM
| #define NTLM_NEGOTIATE_USE_NTLM 0x0200 |
Definition at line 115 of file ntlmauth.h.
◆ NTLM_NEGOTIATE_WORKSTATION_SUPPLIED
| #define NTLM_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000 |
Definition at line 117 of file ntlmauth.h.
◆ NTLM_NONCE_LEN
| #define NTLM_NONCE_LEN 8 |
Definition at line 134 of file ntlmauth.h.
◆ NTLM_REQUEST_ACCEPT_RESPONSE
| #define NTLM_REQUEST_ACCEPT_RESPONSE 0x200000 |
Definition at line 31 of file ntlmauth.h.
◆ NTLM_REQUEST_INIT_RESPONSE
| #define NTLM_REQUEST_INIT_RESPONSE 0x100000 |
Definition at line 30 of file ntlmauth.h.
◆ NTLM_REQUEST_NON_NT_SESSION_KEY
| #define NTLM_REQUEST_NON_NT_SESSION_KEY 0x400000 |
Definition at line 32 of file ntlmauth.h.
◆ NTLM_SSPI_ERROR
| #define NTLM_SSPI_ERROR 1 |
Definition at line 46 of file ntlmauth.h.
Typedef Documentation
◆ lstring
◆ ntlm_authenticate
| typedef struct _ntlm_authenticate ntlm_authenticate |
Authentication request sent by client in response to challenge
◆ ntlm_challenge
| typedef struct _ntlm_challenge ntlm_challenge |
Challenge request sent by server.
◆ ntlm_negotiate
| typedef struct _ntlm_negotiate ntlm_negotiate |
Negotiation request sent by client
◆ ntlmhdr
This is an header common to all packets, it's used to discriminate among the different packet signature types.
◆ strhdr
Function Documentation
◆ ntlm_add_to_payload()
| void ntlm_add_to_payload | ( | const ntlmhdr * | packet_hdr, |
| char * | payload, | ||
| int * | payload_length, | ||
| strhdr * | hdr, | ||
| const char * | toadd, | ||
| const uint16_t | toadd_length | ||
| ) |
Append a string to the NTLM packet payload.
Adds something to the payload. The caller must guarantee that there is enough space in the payload string to accommodate the added value. payload_length and hdr will be modified as a side-effect.
Definition at line 164 of file ntlmauth.cc.
References htole16, htole32, _strhdr::len, _strhdr::maxlen, and _strhdr::offset.
Referenced by ntlm_make_challenge().
◆ ntlm_dump_ntlmssp_flags()
| void ntlm_dump_ntlmssp_flags | ( | uint32_t | flags | ) |
Debug dump the given flags field to stderr
Dumps NTLM flags to standard error for debugging purposes
Definition at line 30 of file ntlmauth.cc.
References NTLM_CHALLENGE_TARGET_IS_DOMAIN, NTLM_CHALLENGE_TARGET_IS_SERVER, NTLM_CHALLENGE_TARGET_IS_SHARE, NTLM_NEGOTIATE_ALWAYS_SIGN, NTLM_NEGOTIATE_ASCII, NTLM_NEGOTIATE_DATAGRAM_STYLE, NTLM_NEGOTIATE_DOMAIN_SUPPLIED, NTLM_NEGOTIATE_REQUEST_SEAL, NTLM_NEGOTIATE_REQUEST_SIGN, NTLM_NEGOTIATE_REQUEST_TARGET, NTLM_NEGOTIATE_THIS_IS_LOCAL_CALL, NTLM_NEGOTIATE_UNICODE, NTLM_NEGOTIATE_USE_LM, NTLM_NEGOTIATE_USE_NETWARE, NTLM_NEGOTIATE_USE_NTLM, NTLM_NEGOTIATE_WORKSTATION_SUPPLIED, NTLM_REQUEST_ACCEPT_RESPONSE, NTLM_REQUEST_INIT_RESPONSE, and NTLM_REQUEST_NON_NT_SESSION_KEY.
◆ ntlm_fetch_string()
| lstring ntlm_fetch_string | ( | const ntlmhdr * | packet, |
| const int32_t | packet_size, | ||
| const strhdr * | str, | ||
| const uint32_t | flags | ||
| ) |
Retrieve a string from the NTLM packet payload.
Fetches a string from the authentication packet. The lstring data-part may point to inside the packet itself or a temporary static buffer. It's up to the user to memcpy() that if the value needs to be used in any way that requires a tailing \0. (can check whether the value is there though, in that case lstring.length == -1).
String may be either ASCII or UNICODE depending on whether flags contains NTLM_NEGOTIATE_ASCII
Definition at line 98 of file ntlmauth.cc.
References debug(), _lstring::l, le16toh, le32toh, _strhdr::len, NTLM_MAX_FIELD_LENGTH, NTLM_NEGOTIATE_ASCII, _strhdr::offset, sc, _lstring::str, and xisprint.
Referenced by ntlm_check_auth(), and ntlm_unpack_auth().
◆ ntlm_make_challenge()
| void ntlm_make_challenge | ( | ntlm_challenge * | ch, |
| const char * | domain, | ||
| const char * | domain_controller, | ||
| const char * | challenge_nonce, | ||
| const int | challenge_nonce_len, | ||
| const uint32_t | flags | ||
| ) |
Generate a challenge request Blob to be sent to the client. Will silently truncate the domain value at 2^16-1 bytes if larger.
Prepares a challenge packet to be sent to the client
- Note
- domain should be upper_case
Definition at line 209 of file ntlmauth.cc.
References _ntlm_challenge::challenge, _ntlm_challenge::context_high, _ntlm_challenge::context_low, _ntlm_challenge::flags, _ntlm_challenge::hdr, htole32, ntlm_add_to_payload(), NTLM_CHALLENGE, _ntlm_challenge::payload, _ntlmhdr::signature, _ntlm_challenge::target, and _ntlmhdr::type.
Referenced by main(), and make_challenge().
◆ ntlm_make_nonce()
| void ntlm_make_nonce | ( | char * | nonce | ) |
Generate a challenge request nonce.
Definition at line 195 of file ntlmauth.cc.
References NTLM_NONCE_LEN.
Referenced by main().
◆ ntlm_unpack_auth()
| int ntlm_unpack_auth | ( | const ntlm_authenticate * | auth, |
| char * | user, | ||
| char * | domain, | ||
| const int32_t | size | ||
| ) |
Unpack username and domain out of a packet payload.
Unpack the strings in an NTLM authentication response from client. The caller is responsible for initializing the user and domain buffers this function will only insert data if the packet contains any. Otherwise the buffers will be left untouched.
- Return values
-
NTLM_ERR_NONE username present, maybe also domain. NTLM_ERR_PROTOCOL packet type is not an authentication packet. NTLM_ERR_LOGON no username. NTLM_ERR_BLOB domain field is apparently larger than the packet.
Definition at line 246 of file ntlmauth.cc.
References debug(), _ntlm_authenticate::domain, _ntlm_authenticate::flags, _ntlm_authenticate::hdr, _lstring::l, le32toh, _strhdr::len, _ntlm_authenticate::lmresponse, NTLM_AUTHENTICATE, NTLM_ERR_BLOB, NTLM_ERR_LOGON, NTLM_ERR_NONE, NTLM_ERR_PROTOCOL, ntlm_fetch_string(), ntlm_validate_packet(), _ntlm_authenticate::ntresponse, _strhdr::offset, _ntlm_authenticate::sessionkey, size, _lstring::str, _ntlm_authenticate::user, and _ntlm_authenticate::workstation.
Referenced by main(), and ntlm_check_auth().
◆ ntlm_validate_packet()
Validate the packet type matches one we want.
Check the validity of a decoded NTLM packet.
- Return values
-
NTLM_ERR_NONE Packet is okay NTLM_ERR_BLOB Packet is not even an NTLMSSP packet at all. NTLM_ERR_PROTOCOL Packet is not the expected type.
Definition at line 67 of file ntlmauth.cc.
References debug(), le32toh, NTLM_ANY, NTLM_ERR_BLOB, NTLM_ERR_NONE, NTLM_ERR_PROTOCOL, _ntlmhdr::signature, and _ntlmhdr::type.
Referenced by main(), manage_request(), and ntlm_unpack_auth().