ntlmsubr.c 3.21 KB
Newer Older
1 2 3 4
#include "config.h"

#ifdef NTLM_ENABLE
#include "fetchmail.h"
5
#include "i18n.h"
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
#include "ntlm.h"
#include "socket.h"

#include <string.h>

int ntlm_helper(int sock, struct query *ctl, const char *proto)
{
/*
 * NTLM support by Grant Edwards.
 *
 * Handle MS-Exchange NTLM authentication method.  This is the same
 * as the NTLM auth used by Samba for SMB related services. We just
 * encode the packets in base64 instead of sending them out via a
 * network interface.
 *
 * Much source (ntlm.h, smb*.c smb*.h) was borrowed from Samba.
 */
    tSmbNtlmAuthRequest request;
    tSmbNtlmAuthChallenge challenge;
    tSmbNtlmAuthResponse response;

    char msgbuf[2048];
    int result;

    if ((result = gen_recv(sock, msgbuf, sizeof msgbuf)))
	return result;

33 34 35 36
    if (msgbuf[0] != '+' && strspn(msgbuf+1, " \t") < strlen(msgbuf+1)) {
	if (outlevel >= O_VERBOSE) {
	    report(stdout, GT_("Warning: received malformed challenge to \"AUTH(ENTICATE) NTLM\"!\n"));
	}
37
	result = PS_AUTHFAIL;
38 39
	goto cancelfail;
    }
40 41 42 43 44 45 46

    buildSmbNtlmAuthRequest(&request,ctl->remotename,NULL);

    if (outlevel >= O_DEBUG)
	dumpSmbNtlmAuthRequest(stdout, &request);

    memset(msgbuf,0,sizeof msgbuf);
47
    to64frombits (msgbuf, &request, SmbLength(&request), sizeof msgbuf);
48 49 50 51 52 53 54

    if (outlevel >= O_MONITOR)
	report(stdout, "%s> %s\n", proto, msgbuf);

    strcat(msgbuf,"\r\n");
    SockWrite (sock, msgbuf, strlen (msgbuf));

55 56
    if ((result = gen_recv(sock, msgbuf, sizeof msgbuf)))
	goto cancelfail;
57

Matthias Andree's avatar
Matthias Andree committed
58 59 60 61
    /*
     * < 0: decoding error
     * >= 0 < 32: too short to be plausible
     */
62
    if ((result = from64tobits (&challenge, msgbuf, sizeof(challenge))) < 0
Matthias Andree's avatar
Matthias Andree committed
63
	    || result < 32)
64 65 66 67 68 69 70
    {
	report (stderr, GT_("could not decode BASE64 challenge\n"));
	/* We do not goto cancelfail; the server has already sent the
	 * tagged reply, so the protocol exchange has ended, no need
	 * for us to send the asterisk. */
	return PS_AUTHFAIL;
    }
71

72 73 74 75 76 77 78 79
    /* validate challenge:
     * - ident
     * - message type
     * - that offset points into buffer
     * - that offset + length does not wrap
     * - that offset + length is not bigger than buffer */
    if (0 != memcmp("NTLMSSP", challenge.ident, 8)
	    || challenge.msgType != 2
Matthias Andree's avatar
Matthias Andree committed
80 81 82
	    || challenge.uDomain.offset > (unsigned)result
	    || (challenge.uDomain.offset + challenge.uDomain.len) < challenge.uDomain.offset
	    || (challenge.uDomain.offset + challenge.uDomain.len) > (unsigned)result)
83 84 85 86 87 88
    {
	report (stderr, GT_("NTLM challenge contains invalid data.\n"));
	result = PS_AUTHFAIL;
	goto cancelfail;
    }

89 90 91 92 93 94 95 96 97
    if (outlevel >= O_DEBUG)
	dumpSmbNtlmAuthChallenge(stdout, &challenge);

    buildSmbNtlmAuthResponse(&challenge, &response,ctl->remotename,ctl->password);

    if (outlevel >= O_DEBUG)
	dumpSmbNtlmAuthResponse(stdout, &response);

    memset(msgbuf,0,sizeof msgbuf);
98
    to64frombits (msgbuf, &response, SmbLength(&response), sizeof msgbuf);
99 100 101 102 103 104 105 106

    if (outlevel >= O_MONITOR)
	report(stdout, "%s> %s\n", proto, msgbuf);

    strcat(msgbuf,"\r\n");
    SockWrite (sock, msgbuf, strlen (msgbuf));

    return PS_SUCCESS;
107 108 109 110 111 112 113 114

cancelfail: /* cancel authentication and return failure */
    {
	if (outlevel >= O_MONITOR)
	    report(stdout, "%s> *\n", proto);
	SockWrite(sock, "*\r\n", 3);
	return result;
    }
115 116 117
}

#endif /* NTLM_ENABLE */