diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/http_ntlm.c | 67 |
1 files changed, 54 insertions, 13 deletions
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c index ee6f6eb9b..aff1bb1b6 100644 --- a/lib/http_ntlm.c +++ b/lib/http_ntlm.c @@ -49,6 +49,7 @@ #endif #include "urldata.h" +#include "easyif.h" /* for Curl_convert_... prototypes */ #include "sendf.h" #include "strequal.h" #include "base64.h" @@ -60,6 +61,9 @@ #define _MPRINTF_REPLACE /* use our functions only */ #include <curl/mprintf.h> +/* "NTLMSSP" signature is always in ASCII regardless of the platform */ +#define NTLMSSP_SIGNATURE "\x4e\x54\x4c\x4d\x53\x53\x50" + #ifndef USE_WINDOWS_SSPI #include <openssl/des.h> @@ -265,7 +269,7 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn, ntlm->flags = 0; if((size < 32) || - (memcmp(buffer, "NTLMSSP", 8) != 0) || + (memcmp(buffer, NTLMSSP_SIGNATURE, 8) != 0) || (memcmp(buffer+8, type2_marker, sizeof(type2_marker)) != 0)) { /* This was not a good enough type-2 message */ free(buffer); @@ -279,7 +283,7 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn, fprintf(stderr, "**** TYPE2 header flags=0x%08.8lx ", ntlm->flags); print_flags(stderr, ntlm->flags); fprintf(stderr, "\n nonce="); - print_hex(stderr, ntlm->nonce, 8); + print_hex(stderr, (char *)ntlm->nonce, 8); fprintf(stderr, "\n****\n"); fprintf(stderr, "**** Header %s\n ", header); }); @@ -349,7 +353,9 @@ static void lm_resp(unsigned char *keys, /* * Set up lanmanager hashed password */ -static void mk_lm_hash(char *password, unsigned char *lmbuffer /* 21 bytes */) +static void mk_lm_hash(struct SessionHandle *data, + char *password, + unsigned char *lmbuffer /* 21 bytes */) { unsigned char pw[14]; static const unsigned char magic[] = { @@ -367,6 +373,17 @@ static void mk_lm_hash(char *password, unsigned char *lmbuffer /* 21 bytes */) for (; i<14; i++) pw[i] = 0; +#ifdef CURL_DOES_CONVERSIONS + /* + * The LanManager hashed password needs to be created using the + * password in the network encoding not the host encoding. + */ + if(data) + Curl_convert_to_network(data, (char *)pw, 14); +#else + (void)data; +#endif + { /* Create LanManager hashed password. */ @@ -398,13 +415,26 @@ static void utf8_to_unicode_le(unsigned char *dest, const char *src, /* * Set up nt hashed passwords */ -static void mk_nt_hash(char *password, unsigned char *ntbuffer /* 21 bytes */) +static void mk_nt_hash(struct SessionHandle *data, + char *password, + unsigned char *ntbuffer /* 21 bytes */) { size_t len = strlen(password); unsigned char *pw = malloc(len*2); utf8_to_unicode_le(pw, password, len); +#ifdef CURL_DOES_CONVERSIONS + /* + * The NT hashed password needs to be created using the + * password in the network encoding not the host encoding. + */ + if(data) + Curl_convert_to_network(data, (char *)pw, len*2); +#else + (void)data; +#endif + { /* Create NT hashed password. */ MD4_CTX MD4; @@ -647,7 +677,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, #else #define NTLM2FLAG 0 #endif - snprintf((char *)ntlmbuf, sizeof(ntlmbuf), "NTLMSSP%c" + snprintf((char *)ntlmbuf, sizeof(ntlmbuf), NTLMSSP_SIGNATURE "%c" "\x01%c%c%c" /* 32-bit type = 1 */ "%c%c%c%c" /* 32-bit NTLM flag field */ "%c%c" /* domain length */ @@ -706,7 +736,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, }); /* now size is the size of the base64 encoded package size */ - size = Curl_base64_encode(conn->data, (char *)ntlmbuf, size, &base64); + size = Curl_base64_encode(NULL, (char *)ntlmbuf, size, &base64); if(size >0 ) { Curl_safefree(*allocuserpwd); @@ -841,7 +871,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, MD5_Final(md5sum, &MD5); /* We shall only use the first 8 bytes of md5sum, but the des code in lm_resp only encrypt the first 8 bytes */ - mk_nt_hash(passwdp, ntbuffer); + mk_nt_hash(conn->data, passwdp, ntbuffer); lm_resp(ntbuffer, md5sum, ntresp); /* End of NTLM2 Session code */ @@ -855,16 +885,18 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, unsigned char lmbuffer[0x18]; #if USE_NTRESPONSES - mk_nt_hash(passwdp, ntbuffer); + mk_nt_hash(conn->data, passwdp, ntbuffer); lm_resp(ntbuffer, &ntlm->nonce[0], ntresp); #endif - mk_lm_hash(passwdp, lmbuffer); + mk_lm_hash(conn->data, passwdp, lmbuffer); lm_resp(lmbuffer, &ntlm->nonce[0], lmresp); /* A safer but less compatible alternative is: * lm_resp(ntbuffer, &ntlm->nonce[0], lmresp); * See http://davenport.sourceforge.net/ntlm.html#ntlmVersion2 */ +#if USE_NTLM2SESSION } +#endif lmrespoff = 64; /* size of the message header */ #if USE_NTRESPONSES @@ -878,7 +910,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, /* Create the big type-3 message binary blob */ size = snprintf((char *)ntlmbuf, sizeof(ntlmbuf), - "NTLMSSP%c" + NTLMSSP_SIGNATURE "%c" "\x03%c%c%c" /* type-3, 32 bits */ "%c%c" /* LanManager length */ @@ -970,7 +1002,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, DEBUG_OUT({ fprintf(stderr, "**** TYPE3 header lmresp="); - print_hex(stderr, &ntlmbuf[lmrespoff], 0x18); + print_hex(stderr, (char *)&ntlmbuf[lmrespoff], 0x18); }); #if USE_NTRESPONSES @@ -982,7 +1014,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, DEBUG_OUT({ fprintf(stderr, "\n ntresp="); - print_hex(stderr, &ntlmbuf[ntrespoff], 0x18); + print_hex(stderr, (char *)&ntlmbuf[ntrespoff], 0x18); }); #endif @@ -1014,10 +1046,19 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, memcpy(&ntlmbuf[size], host, hostlen); size += hostlen; +#ifdef CURL_DOES_CONVERSIONS + /* convert domain, user, and host to ASCII but leave the rest as-is */ + if(CURLE_OK != Curl_convert_to_network(conn->data, + (char *)&ntlmbuf[domoff], + size-domoff)) { + return CURLE_CONV_FAILED; + } +#endif /* CURL_DOES_CONVERSIONS */ + #endif /* convert the binary blob into base64 */ - size = Curl_base64_encode(conn->data, (char *)ntlmbuf, size, &base64); + size = Curl_base64_encode(NULL, (char *)ntlmbuf, size, &base64); if(size >0 ) { Curl_safefree(*allocuserpwd); |