gsasl  1.10.0
About: GNU SASL is an implementation of the Simple Authentication and Security Layer (SASL). Development version.
  Fossies Dox: gsasl-1.10.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

ntlm.c
Go to the documentation of this file.
1 /* ntlm.c --- Implementation of non-standard SASL mechanism NTLM, client side.
2  * Copyright (C) 2002-2021 Simon Josefsson
3  *
4  * This file is part of GNU SASL Library.
5  *
6  * GNU SASL Library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public License
8  * as published by the Free Software Foundation; either version 2.1 of
9  * the License, or (at your option) any later version.
10  *
11  * GNU SASL Library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with GNU SASL Library; if not, write to the Free
18  * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
19  * Boston, MA 02110-1301, USA.
20  *
21  */
22 
23 #ifdef HAVE_CONFIG_H
24 #include "config.h"
25 #endif
26 
27 /* Get malloc, free. */
28 #include <stdlib.h>
29 
30 /* Get memcpy. */
31 #include <string.h>
32 
33 /* Get specification. */
34 #include "x-ntlm.h"
35 
36 #include <ntlm.h>
37 
39 {
40  int step;
41 };
43 
44 int
45 _gsasl_ntlm_client_start (Gsasl_session * sctx _GL_UNUSED, void **mech_data)
46 {
47  _Gsasl_ntlm_state *state;
48 
49  state = (_Gsasl_ntlm_state *) malloc (sizeof (*state));
50  if (state == NULL)
51  return GSASL_MALLOC_ERROR;
52 
53  state->step = 0;
54 
55  *mech_data = state;
56 
57  return GSASL_OK;
58 }
59 
60 int
62  void *mech_data,
63  const char *input, size_t input_len,
64  char **output, size_t *output_len)
65 {
66  _Gsasl_ntlm_state *state = mech_data;
67  const char *domain = gsasl_property_get (sctx, GSASL_REALM);
68  const char *authid = gsasl_property_get (sctx, GSASL_AUTHID);
69  const char *password;
70  int res;
71 
72  if (!authid)
73  return GSASL_NO_AUTHID;
74 
75  switch (state->step)
76  {
77  case 0:
78  {
79  tSmbNtlmAuthRequest *request;
80 
81  request = malloc (sizeof (*request));
82  if (!request)
83  return GSASL_MALLOC_ERROR;
84 
85  buildSmbNtlmAuthRequest (request, authid, domain);
86 
87  *output_len = SmbLength (request);
88  *output = malloc (*output_len);
89  if (!*output)
90  {
91  free (request);
92  return GSASL_MALLOC_ERROR;
93  }
94  memcpy (*output, request, *output_len);
95 
96  free (request);
97 
98  /* dumpSmbNtlmAuthRequest(stdout, &request); */
99 
100  state->step++;
102  break;
103  }
104 
105  case 1:
106  {
107  tSmbNtlmAuthChallenge *challenge;
108  tSmbNtlmAuthResponse *response;
109 
110  if (input_len > sizeof (*challenge))
112 
113  challenge = malloc (sizeof (*challenge));
114  if (!challenge)
115  return GSASL_MALLOC_ERROR;
116 
117  /* Hand crafted challenge for parser testing:
118  TlRMTVNTUAAAAAAAAAAAAAAAAAAAAGFiY2RlZmdoMDEyMzQ1Njc4ODY2NDQwMTIz */
119 
120  memcpy (challenge, input, input_len);
121 
122  password = gsasl_property_get (sctx, GSASL_PASSWORD);
123  if (!password)
124  {
125  free (challenge);
126  return GSASL_NO_PASSWORD;
127  }
128 
129  response = malloc (sizeof (*response));
130  if (!response)
131  {
132  free (challenge);
133  return GSASL_MALLOC_ERROR;
134  }
135 
136  buildSmbNtlmAuthResponse (challenge, response, authid, password);
137 
138  free (challenge);
139 
140  *output_len = SmbLength (response);
141  *output = malloc (*output_len);
142  if (!*output)
143  {
144  free (response);
145  return GSASL_MALLOC_ERROR;
146  }
147  memcpy (*output, response, *output_len);
148 
149  free (response);
150 
151  /* dumpSmbNtlmAuthResponse(stdout, &response); */
152 
153  state->step++;
154  res = GSASL_OK;
155  break;
156  }
157 
158  default:
160  break;
161  }
162 
163  return res;
164 }
165 
166 void
167 _gsasl_ntlm_client_finish (Gsasl_session * sctx _GL_UNUSED, void *mech_data)
168 {
169  _Gsasl_ntlm_state *state = mech_data;
170 
171  free (state);
172 }
#define NULL
Definition: stddef.in.h:72
const char * gsasl_property_get(Gsasl_session *sctx, Gsasl_property prop)
Definition: property.c:263
@ GSASL_OK
Definition: gsasl.h:171
@ GSASL_NEEDS_MORE
Definition: gsasl.h:172
@ GSASL_MALLOC_ERROR
Definition: gsasl.h:175
@ GSASL_NO_PASSWORD
Definition: gsasl.h:188
@ GSASL_MECHANISM_CALLED_TOO_MANY_TIMES
Definition: gsasl.h:174
@ GSASL_NO_AUTHID
Definition: gsasl.h:186
@ GSASL_MECHANISM_PARSE_ERROR
Definition: gsasl.h:179
@ GSASL_PASSWORD
Definition: gsasl.h:337
@ GSASL_REALM
Definition: gsasl.h:345
@ GSASL_AUTHID
Definition: gsasl.h:335
int res
Definition: mbrtowc-impl.h:45
int _gsasl_ntlm_client_step(Gsasl_session *sctx, void *mech_data, const char *input, size_t input_len, char **output, size_t *output_len)
Definition: ntlm.c:61
int _gsasl_ntlm_client_start(Gsasl_session *sctx _GL_UNUSED, void **mech_data)
Definition: ntlm.c:45
void _gsasl_ntlm_client_finish(Gsasl_session *sctx _GL_UNUSED, void *mech_data)
Definition: ntlm.c:167