diff options
| author | stas <stas@FreeBSD.org> | 2011-09-29 05:23:57 +0000 |
|---|---|---|
| committer | stas <stas@FreeBSD.org> | 2011-09-29 05:23:57 +0000 |
| commit | f6e720bf7e3d09d00d73f389a5dac8efdce0eb8c (patch) | |
| tree | cf5b65423910d126fddaaf04b885d0de3507d692 /crypto/heimdal/lib/gssapi/ntlm | |
| parent | 51b6601db456e699ea5d4843cbc7239ee92d9c13 (diff) | |
| download | FreeBSD-src-f6e720bf7e3d09d00d73f389a5dac8efdce0eb8c.zip FreeBSD-src-f6e720bf7e3d09d00d73f389a5dac8efdce0eb8c.tar.gz | |
- Flatten the vendor heimdal tree.
Diffstat (limited to 'crypto/heimdal/lib/gssapi/ntlm')
29 files changed, 0 insertions, 3592 deletions
diff --git a/crypto/heimdal/lib/gssapi/ntlm/accept_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/accept_sec_context.c deleted file mode 100644 index 79fc538..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/accept_sec_context.c +++ /dev/null @@ -1,257 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: accept_sec_context.c 22521 2008-01-24 11:53:18Z lha $"); - -/* - * - */ - -OM_uint32 -_gss_ntlm_allocate_ctx(OM_uint32 *minor_status, ntlm_ctx *ctx) -{ - OM_uint32 maj_stat; - - *ctx = calloc(1, sizeof(**ctx)); - - (*ctx)->server = &ntlmsspi_kdc_digest; - - maj_stat = (*(*ctx)->server->nsi_init)(minor_status, &(*ctx)->ictx); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - - return GSS_S_COMPLETE; -} - -/* - * - */ - -OM_uint32 -_gss_ntlm_accept_sec_context -(OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t * delegated_cred_handle - ) -{ - krb5_error_code ret; - struct ntlm_buf data; - ntlm_ctx ctx; - - output_token->value = NULL; - output_token->length = 0; - - *minor_status = 0; - - if (context_handle == NULL) - return GSS_S_FAILURE; - - if (input_token_buffer == GSS_C_NO_BUFFER) - return GSS_S_FAILURE; - - if (src_name) - *src_name = GSS_C_NO_NAME; - if (mech_type) - *mech_type = GSS_C_NO_OID; - if (ret_flags) - *ret_flags = 0; - if (time_rec) - *time_rec = 0; - if (delegated_cred_handle) - *delegated_cred_handle = GSS_C_NO_CREDENTIAL; - - if (*context_handle == GSS_C_NO_CONTEXT) { - struct ntlm_type1 type1; - OM_uint32 major_status; - OM_uint32 retflags; - struct ntlm_buf out; - - major_status = _gss_ntlm_allocate_ctx(minor_status, &ctx); - if (major_status) - return major_status; - *context_handle = (gss_ctx_id_t)ctx; - - /* check if the mechs is allowed by remote service */ - major_status = (*ctx->server->nsi_probe)(minor_status, ctx->ictx, NULL); - if (major_status) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - return major_status; - } - - data.data = input_token_buffer->value; - data.length = input_token_buffer->length; - - ret = heim_ntlm_decode_type1(&data, &type1); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if ((type1.flags & NTLM_NEG_UNICODE) == 0) { - heim_ntlm_free_type1(&type1); - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - if (type1.flags & NTLM_NEG_SIGN) - ctx->gssflags |= GSS_C_CONF_FLAG; - if (type1.flags & NTLM_NEG_SIGN) - ctx->gssflags |= GSS_C_INTEG_FLAG; - - major_status = (*ctx->server->nsi_type2)(minor_status, - ctx->ictx, - type1.flags, - type1.hostname, - type1.domain, - &retflags, - &out); - heim_ntlm_free_type1(&type1); - if (major_status != GSS_S_COMPLETE) { - OM_uint32 junk; - _gss_ntlm_delete_sec_context(&junk, context_handle, NULL); - return major_status; - } - - output_token->value = malloc(out.length); - if (output_token->value == NULL) { - OM_uint32 junk; - _gss_ntlm_delete_sec_context(&junk, context_handle, NULL); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy(output_token->value, out.data, out.length); - output_token->length = out.length; - - ctx->flags = retflags; - - return GSS_S_CONTINUE_NEEDED; - } else { - OM_uint32 maj_stat; - struct ntlm_type3 type3; - struct ntlm_buf session; - - ctx = (ntlm_ctx)*context_handle; - - data.data = input_token_buffer->value; - data.length = input_token_buffer->length; - - ret = heim_ntlm_decode_type3(&data, 1, &type3); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - maj_stat = (*ctx->server->nsi_type3)(minor_status, - ctx->ictx, - &type3, - &session); - if (maj_stat) { - heim_ntlm_free_type3(&type3); - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - return maj_stat; - } - - if (src_name) { - ntlm_name n = calloc(1, sizeof(*n)); - if (n) { - n->user = strdup(type3.username); - n->domain = strdup(type3.targetname); - } - if (n == NULL || n->user == NULL || n->domain == NULL) { - heim_ntlm_free_type3(&type3); - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - return maj_stat; - } - *src_name = (gss_name_t)n; - } - - heim_ntlm_free_type3(&type3); - - ret = krb5_data_copy(&ctx->sessionkey, - session.data, session.length); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (session.length != 0) { - - ctx->status |= STATUS_SESSIONKEY; - - if (ctx->flags & NTLM_NEG_NTLM2_SESSION) { - _gss_ntlm_set_key(&ctx->u.v2.send, 1, - (ctx->flags & NTLM_NEG_KEYEX), - ctx->sessionkey.data, - ctx->sessionkey.length); - _gss_ntlm_set_key(&ctx->u.v2.recv, 0, - (ctx->flags & NTLM_NEG_KEYEX), - ctx->sessionkey.data, - ctx->sessionkey.length); - } else { - RC4_set_key(&ctx->u.v1.crypto_send.key, - ctx->sessionkey.length, - ctx->sessionkey.data); - RC4_set_key(&ctx->u.v1.crypto_recv.key, - ctx->sessionkey.length, - ctx->sessionkey.data); - } - } - - if (mech_type) - *mech_type = GSS_NTLM_MECHANISM; - if (time_rec) - *time_rec = GSS_C_INDEFINITE; - - ctx->status |= STATUS_OPEN; - - if (ret_flags) - *ret_flags = ctx->gssflags; - - return GSS_S_COMPLETE; - } -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/acquire_cred.c b/crypto/heimdal/lib/gssapi/ntlm/acquire_cred.c deleted file mode 100644 index 8e17d4f..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/acquire_cred.c +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: acquire_cred.c 22380 2007-12-29 18:42:56Z lha $"); - -OM_uint32 _gss_ntlm_acquire_cred - (OM_uint32 * min_stat, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gss_cred_id_t * output_cred_handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - ntlm_name name = (ntlm_name) desired_name; - OM_uint32 maj_stat; - ntlm_ctx ctx; - - *min_stat = 0; - if (output_cred_handle) - *output_cred_handle = GSS_C_NO_CREDENTIAL; - if (actual_mechs) - *actual_mechs = GSS_C_NO_OID_SET; - if (time_rec) - *time_rec = GSS_C_INDEFINITE; - - if (desired_name == NULL) - return GSS_S_NO_CRED; - - if (cred_usage == GSS_C_BOTH || cred_usage == GSS_C_ACCEPT) { - - maj_stat = _gss_ntlm_allocate_ctx(min_stat, &ctx); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - - maj_stat = (*ctx->server->nsi_probe)(min_stat, ctx->ictx, - name->domain); - - if (maj_stat) - return maj_stat; - - { - gss_ctx_id_t context = (gss_ctx_id_t)ctx; - _gss_ntlm_delete_sec_context(min_stat, &context, NULL); - *min_stat = 0; - } - } - if (cred_usage == GSS_C_BOTH || cred_usage == GSS_C_INITIATE) { - ntlm_cred cred; - - *min_stat = _gss_ntlm_get_user_cred(name, &cred); - if (*min_stat) - return GSS_S_FAILURE; - cred->usage = cred_usage; - - *output_cred_handle = (gss_cred_id_t)cred; - } - - return (GSS_S_COMPLETE); -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/add_cred.c b/crypto/heimdal/lib/gssapi/ntlm/add_cred.c deleted file mode 100644 index 11a2581..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/add_cred.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: add_cred.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_add_cred ( - OM_uint32 *minor_status, - const gss_cred_id_t input_cred_handle, - const gss_name_t desired_name, - const gss_OID desired_mech, - gss_cred_usage_t cred_usage, - OM_uint32 initiator_time_req, - OM_uint32 acceptor_time_req, - gss_cred_id_t *output_cred_handle, - gss_OID_set *actual_mechs, - OM_uint32 *initiator_time_rec, - OM_uint32 *acceptor_time_rec) -{ - if (minor_status) - *minor_status = 0; - if (output_cred_handle) - *output_cred_handle = GSS_C_NO_CREDENTIAL; - if (actual_mechs) - *actual_mechs = GSS_C_NO_OID_SET; - if (initiator_time_rec) - *initiator_time_rec = 0; - if (acceptor_time_rec) - *acceptor_time_rec = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/canonicalize_name.c b/crypto/heimdal/lib/gssapi/ntlm/canonicalize_name.c deleted file mode 100644 index 8eaa870..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/canonicalize_name.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: canonicalize_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_canonicalize_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - const gss_OID mech_type, - gss_name_t * output_name - ) -{ - return gss_duplicate_name (minor_status, input_name, output_name); -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/compare_name.c b/crypto/heimdal/lib/gssapi/ntlm/compare_name.c deleted file mode 100644 index d2c2d8b..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/compare_name.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: compare_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_compare_name - (OM_uint32 * minor_status, - const gss_name_t name1, - const gss_name_t name2, - int * name_equal - ) -{ - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/context_time.c b/crypto/heimdal/lib/gssapi/ntlm/context_time.c deleted file mode 100644 index a6895cb..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/context_time.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: context_time.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_context_time - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - OM_uint32 * time_rec - ) -{ - if (time_rec) - *time_rec = GSS_C_INDEFINITE; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/crypto.c b/crypto/heimdal/lib/gssapi/ntlm/crypto.c deleted file mode 100644 index b05246c..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/crypto.c +++ /dev/null @@ -1,595 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: crypto.c 19535 2006-12-28 14:49:01Z lha $"); - -uint32_t -_krb5_crc_update (const char *p, size_t len, uint32_t res); -void -_krb5_crc_init_table(void); - -/* - * - */ - -static void -encode_le_uint32(uint32_t n, unsigned char *p) -{ - p[0] = (n >> 0) & 0xFF; - p[1] = (n >> 8) & 0xFF; - p[2] = (n >> 16) & 0xFF; - p[3] = (n >> 24) & 0xFF; -} - - -static void -decode_le_uint32(const void *ptr, uint32_t *n) -{ - const unsigned char *p = ptr; - *n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); -} - -/* - * - */ - -const char a2i_signmagic[] = - "session key to server-to-client signing key magic constant"; -const char a2i_sealmagic[] = - "session key to server-to-client sealing key magic constant"; -const char i2a_signmagic[] = - "session key to client-to-server signing key magic constant"; -const char i2a_sealmagic[] = - "session key to client-to-server sealing key magic constant"; - - -void -_gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign, - unsigned char *data, size_t len) -{ - unsigned char out[16]; - MD5_CTX ctx; - const char *signmagic; - const char *sealmagic; - - if (acceptor) { - signmagic = a2i_signmagic; - sealmagic = a2i_sealmagic; - } else { - signmagic = i2a_signmagic; - sealmagic = i2a_sealmagic; - } - - key->seq = 0; - - MD5_Init(&ctx); - MD5_Update(&ctx, data, len); - MD5_Update(&ctx, signmagic, strlen(signmagic) + 1); - MD5_Final(key->signkey, &ctx); - - MD5_Init(&ctx); - MD5_Update(&ctx, data, len); - MD5_Update(&ctx, sealmagic, strlen(sealmagic) + 1); - MD5_Final(out, &ctx); - - RC4_set_key(&key->sealkey, 16, out); - if (sealsign) - key->signsealkey = &key->sealkey; -} - -/* - * - */ - -static OM_uint32 -v1_sign_message(gss_buffer_t in, - RC4_KEY *signkey, - uint32_t seq, - unsigned char out[16]) -{ - unsigned char sigature[12]; - uint32_t crc; - - _krb5_crc_init_table(); - crc = _krb5_crc_update(in->value, in->length, 0); - - encode_le_uint32(0, &sigature[0]); - encode_le_uint32(crc, &sigature[4]); - encode_le_uint32(seq, &sigature[8]); - - encode_le_uint32(1, out); /* version */ - RC4(signkey, sizeof(sigature), sigature, out + 4); - - if (RAND_bytes(out + 4, 4) != 1) - return GSS_S_UNAVAILABLE; - - return 0; -} - - -static OM_uint32 -v2_sign_message(gss_buffer_t in, - unsigned char signkey[16], - RC4_KEY *sealkey, - uint32_t seq, - unsigned char out[16]) -{ - unsigned char hmac[16]; - unsigned int hmaclen; - HMAC_CTX c; - - HMAC_CTX_init(&c); - HMAC_Init_ex(&c, signkey, 16, EVP_md5(), NULL); - - encode_le_uint32(seq, hmac); - HMAC_Update(&c, hmac, 4); - HMAC_Update(&c, in->value, in->length); - HMAC_Final(&c, hmac, &hmaclen); - HMAC_CTX_cleanup(&c); - - encode_le_uint32(1, &out[0]); - if (sealkey) - RC4(sealkey, 8, hmac, &out[4]); - else - memcpy(&out[4], hmac, 8); - - memset(&out[12], 0, 4); - - return GSS_S_COMPLETE; -} - -static OM_uint32 -v2_verify_message(gss_buffer_t in, - unsigned char signkey[16], - RC4_KEY *sealkey, - uint32_t seq, - const unsigned char checksum[16]) -{ - OM_uint32 ret; - unsigned char out[16]; - - ret = v2_sign_message(in, signkey, sealkey, seq, out); - if (ret) - return ret; - - if (memcmp(checksum, out, 16) != 0) - return GSS_S_BAD_MIC; - - return GSS_S_COMPLETE; -} - -static OM_uint32 -v2_seal_message(const gss_buffer_t in, - unsigned char signkey[16], - uint32_t seq, - RC4_KEY *sealkey, - gss_buffer_t out) -{ - unsigned char *p; - OM_uint32 ret; - - if (in->length + 16 < in->length) - return EINVAL; - - p = malloc(in->length + 16); - if (p == NULL) - return ENOMEM; - - RC4(sealkey, in->length, in->value, p); - - ret = v2_sign_message(in, signkey, sealkey, seq, &p[in->length]); - if (ret) { - free(p); - return ret; - } - - out->value = p; - out->length = in->length + 16; - - return 0; -} - -static OM_uint32 -v2_unseal_message(gss_buffer_t in, - unsigned char signkey[16], - uint32_t seq, - RC4_KEY *sealkey, - gss_buffer_t out) -{ - OM_uint32 ret; - - if (in->length < 16) - return GSS_S_BAD_MIC; - - out->length = in->length - 16; - out->value = malloc(out->length); - if (out->value == NULL) - return GSS_S_BAD_MIC; - - RC4(sealkey, out->length, in->value, out->value); - - ret = v2_verify_message(out, signkey, sealkey, seq, - ((const unsigned char *)in->value) + out->length); - if (ret) { - OM_uint32 junk; - gss_release_buffer(&junk, out); - } - return ret; -} - -/* - * - */ - -#define CTX_FLAGS_ISSET(_ctx,_flags) \ - (((_ctx)->flags & (_flags)) == (_flags)) - -/* - * - */ - -OM_uint32 _gss_ntlm_get_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - OM_uint32 junk; - - if (minor_status) - *minor_status = 0; - if (message_token) { - message_token->length = 0; - message_token->value = NULL; - } - - message_token->value = malloc(16); - message_token->length = 16; - if (message_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SIGN|NTLM_NEG_NTLM2_SESSION)) { - OM_uint32 ret; - - if ((ctx->status & STATUS_SESSIONKEY) == 0) { - gss_release_buffer(&junk, message_token); - return GSS_S_UNAVAILABLE; - } - - ret = v2_sign_message(message_buffer, - ctx->u.v2.send.signkey, - ctx->u.v2.send.signsealkey, - ctx->u.v2.send.seq++, - message_token->value); - if (ret) - gss_release_buffer(&junk, message_token); - return ret; - - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SIGN)) { - OM_uint32 ret; - - if ((ctx->status & STATUS_SESSIONKEY) == 0) { - gss_release_buffer(&junk, message_token); - return GSS_S_UNAVAILABLE; - } - - ret = v1_sign_message(message_buffer, - &ctx->u.v1.crypto_send.key, - ctx->u.v1.crypto_send.seq++, - message_token->value); - if (ret) - gss_release_buffer(&junk, message_token); - return ret; - - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_ALWAYS_SIGN)) { - unsigned char *sigature; - - sigature = message_token->value; - - encode_le_uint32(1, &sigature[0]); /* version */ - encode_le_uint32(0, &sigature[4]); - encode_le_uint32(0, &sigature[8]); - encode_le_uint32(0, &sigature[12]); - - return GSS_S_COMPLETE; - } - gss_release_buffer(&junk, message_token); - - return GSS_S_UNAVAILABLE; -} - -/* - * - */ - -OM_uint32 -_gss_ntlm_verify_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - - if (qop_state != NULL) - *qop_state = GSS_C_QOP_DEFAULT; - *minor_status = 0; - - if (token_buffer->length != 16) - return GSS_S_BAD_MIC; - - if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SIGN|NTLM_NEG_NTLM2_SESSION)) { - OM_uint32 ret; - - if ((ctx->status & STATUS_SESSIONKEY) == 0) - return GSS_S_UNAVAILABLE; - - ret = v2_verify_message(message_buffer, - ctx->u.v2.recv.signkey, - ctx->u.v2.recv.signsealkey, - ctx->u.v2.recv.seq++, - token_buffer->value); - if (ret) - return ret; - - return GSS_S_COMPLETE; - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SIGN)) { - - unsigned char sigature[12]; - uint32_t crc, num; - - if ((ctx->status & STATUS_SESSIONKEY) == 0) - return GSS_S_UNAVAILABLE; - - decode_le_uint32(token_buffer->value, &num); - if (num != 1) - return GSS_S_BAD_MIC; - - RC4(&ctx->u.v1.crypto_recv.key, sizeof(sigature), - ((unsigned char *)token_buffer->value) + 4, sigature); - - _krb5_crc_init_table(); - crc = _krb5_crc_update(message_buffer->value, - message_buffer->length, 0); - /* skip first 4 bytes in the encrypted checksum */ - decode_le_uint32(&sigature[4], &num); - if (num != crc) - return GSS_S_BAD_MIC; - decode_le_uint32(&sigature[8], &num); - if (ctx->u.v1.crypto_recv.seq != num) - return GSS_S_BAD_MIC; - ctx->u.v1.crypto_recv.seq++; - - return GSS_S_COMPLETE; - } else if (ctx->flags & NTLM_NEG_ALWAYS_SIGN) { - uint32_t num; - unsigned char *p; - - p = (unsigned char*)(token_buffer->value); - - decode_le_uint32(&p[0], &num); /* version */ - if (num != 1) return GSS_S_BAD_MIC; - decode_le_uint32(&p[4], &num); - if (num != 0) return GSS_S_BAD_MIC; - decode_le_uint32(&p[8], &num); - if (num != 0) return GSS_S_BAD_MIC; - decode_le_uint32(&p[12], &num); - if (num != 0) return GSS_S_BAD_MIC; - - return GSS_S_COMPLETE; - } - - return GSS_S_UNAVAILABLE; -} - -/* - * - */ - -OM_uint32 -_gss_ntlm_wrap_size_limit ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 * max_input_size - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - - *minor_status = 0; - - if(ctx->flags & NTLM_NEG_SEAL) { - - if (req_output_size < 16) - *max_input_size = 0; - else - *max_input_size = req_output_size - 16; - - return GSS_S_COMPLETE; - } - - return GSS_S_UNAVAILABLE; -} - -/* - * - */ - -OM_uint32 _gss_ntlm_wrap -(OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - OM_uint32 ret; - - if (minor_status) - *minor_status = 0; - if (conf_state) - *conf_state = 0; - if (output_message_buffer == GSS_C_NO_BUFFER) - return GSS_S_FAILURE; - - - if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL|NTLM_NEG_NTLM2_SESSION)) { - - return v2_seal_message(input_message_buffer, - ctx->u.v2.send.signkey, - ctx->u.v2.send.seq++, - &ctx->u.v2.send.sealkey, - output_message_buffer); - - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL)) { - gss_buffer_desc trailer; - OM_uint32 junk; - - output_message_buffer->length = input_message_buffer->length + 16; - output_message_buffer->value = malloc(output_message_buffer->length); - if (output_message_buffer->value == NULL) { - output_message_buffer->length = 0; - return GSS_S_FAILURE; - } - - - RC4(&ctx->u.v1.crypto_send.key, input_message_buffer->length, - input_message_buffer->value, output_message_buffer->value); - - ret = _gss_ntlm_get_mic(minor_status, context_handle, - 0, input_message_buffer, - &trailer); - if (ret) { - gss_release_buffer(&junk, output_message_buffer); - return ret; - } - if (trailer.length != 16) { - gss_release_buffer(&junk, output_message_buffer); - gss_release_buffer(&junk, &trailer); - return GSS_S_FAILURE; - } - memcpy(((unsigned char *)output_message_buffer->value) + - input_message_buffer->length, - trailer.value, trailer.length); - gss_release_buffer(&junk, &trailer); - - return GSS_S_COMPLETE; - } - - return GSS_S_UNAVAILABLE; -} - -/* - * - */ - -OM_uint32 _gss_ntlm_unwrap - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - OM_uint32 ret; - - if (minor_status) - *minor_status = 0; - if (output_message_buffer) { - output_message_buffer->value = NULL; - output_message_buffer->length = 0; - } - if (conf_state) - *conf_state = 0; - if (qop_state) - *qop_state = 0; - - if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL|NTLM_NEG_NTLM2_SESSION)) { - - return v2_unseal_message(input_message_buffer, - ctx->u.v2.recv.signkey, - ctx->u.v2.recv.seq++, - &ctx->u.v2.recv.sealkey, - output_message_buffer); - - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL)) { - - gss_buffer_desc trailer; - OM_uint32 junk; - - if (input_message_buffer->length < 16) - return GSS_S_BAD_MIC; - - output_message_buffer->length = input_message_buffer->length - 16; - output_message_buffer->value = malloc(output_message_buffer->length); - if (output_message_buffer->value == NULL) { - output_message_buffer->length = 0; - return GSS_S_FAILURE; - } - - RC4(&ctx->u.v1.crypto_recv.key, output_message_buffer->length, - input_message_buffer->value, output_message_buffer->value); - - trailer.value = ((unsigned char *)input_message_buffer->value) + - output_message_buffer->length; - trailer.length = 16; - - ret = _gss_ntlm_verify_mic(minor_status, context_handle, - output_message_buffer, - &trailer, NULL); - if (ret) { - gss_release_buffer(&junk, output_message_buffer); - return ret; - } - - return GSS_S_COMPLETE; - } - - return GSS_S_UNAVAILABLE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/delete_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/delete_sec_context.c deleted file mode 100644 index c51f227..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/delete_sec_context.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: delete_sec_context.c 22163 2007-12-04 21:25:06Z lha $"); - -OM_uint32 _gss_ntlm_delete_sec_context - (OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t output_token - ) -{ - if (context_handle) { - ntlm_ctx ctx = (ntlm_ctx)*context_handle; - gss_cred_id_t cred = (gss_cred_id_t)ctx->client; - - *context_handle = GSS_C_NO_CONTEXT; - - if (ctx->server) - (*ctx->server->nsi_destroy)(minor_status, ctx->ictx); - - _gss_ntlm_release_cred(NULL, &cred); - - memset(ctx, 0, sizeof(*ctx)); - free(ctx); - } - if (output_token) { - output_token->length = 0; - output_token->value = NULL; - } - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/digest.c b/crypto/heimdal/lib/gssapi/ntlm/digest.c deleted file mode 100644 index fecf4a5..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/digest.c +++ /dev/null @@ -1,435 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: digest.c 22169 2007-12-04 22:19:16Z lha $"); - -/* - * - */ - -struct ntlmkrb5 { - krb5_context context; - krb5_ntlm ntlm; - krb5_realm kerberos_realm; - krb5_ccache id; - krb5_data opaque; - int destroy; - OM_uint32 flags; - struct ntlm_buf key; - krb5_data sessionkey; -}; - -static OM_uint32 kdc_destroy(OM_uint32 *, void *); - -/* - * Get credential cache that the ntlm code can use to talk to the KDC - * using the digest API. - */ - -static krb5_error_code -get_ccache(krb5_context context, int *destroy, krb5_ccache *id) -{ - krb5_principal principal = NULL; - krb5_error_code ret; - krb5_keytab kt = NULL; - - *id = NULL; - - if (!issuid()) { - const char *cache; - - cache = getenv("NTLM_ACCEPTOR_CCACHE"); - if (cache) { - ret = krb5_cc_resolve(context, cache, id); - if (ret) - goto out; - return 0; - } - } - - ret = krb5_sname_to_principal(context, NULL, "host", - KRB5_NT_SRV_HST, &principal); - if (ret) - goto out; - - ret = krb5_cc_cache_match(context, principal, NULL, id); - if (ret == 0) - return 0; - - /* did not find in default credcache, lets try default keytab */ - ret = krb5_kt_default(context, &kt); - if (ret) - goto out; - - /* XXX check in keytab */ - { - krb5_get_init_creds_opt *opt; - krb5_creds cred; - - memset(&cred, 0, sizeof(cred)); - - ret = krb5_cc_new_unique(context, "MEMORY", NULL, id); - if (ret) - goto out; - *destroy = 1; - ret = krb5_get_init_creds_opt_alloc(context, &opt); - if (ret) - goto out; - ret = krb5_get_init_creds_keytab (context, - &cred, - principal, - kt, - 0, - NULL, - opt); - krb5_get_init_creds_opt_free(context, opt); - if (ret) - goto out; - ret = krb5_cc_initialize (context, *id, cred.client); - if (ret) { - krb5_free_cred_contents (context, &cred); - goto out; - } - ret = krb5_cc_store_cred (context, *id, &cred); - krb5_free_cred_contents (context, &cred); - if (ret) - goto out; - } - - krb5_kt_close(context, kt); - - return 0; - -out: - if (*destroy) - krb5_cc_destroy(context, *id); - else - krb5_cc_close(context, *id); - - *id = NULL; - - if (kt) - krb5_kt_close(context, kt); - - if (principal) - krb5_free_principal(context, principal); - return ret; -} - -/* - * - */ - -static OM_uint32 -kdc_alloc(OM_uint32 *minor, void **ctx) -{ - krb5_error_code ret; - struct ntlmkrb5 *c; - OM_uint32 junk; - - c = calloc(1, sizeof(*c)); - if (c == NULL) { - *minor = ENOMEM; - return GSS_S_FAILURE; - } - - ret = krb5_init_context(&c->context); - if (ret) { - kdc_destroy(&junk, c); - *minor = ret; - return GSS_S_FAILURE; - } - - ret = get_ccache(c->context, &c->destroy, &c->id); - if (ret) { - kdc_destroy(&junk, c); - *minor = ret; - return GSS_S_FAILURE; - } - - ret = krb5_ntlm_alloc(c->context, &c->ntlm); - if (ret) { - kdc_destroy(&junk, c); - *minor = ret; - return GSS_S_FAILURE; - } - - *ctx = c; - - return GSS_S_COMPLETE; -} - -static int -kdc_probe(OM_uint32 *minor, void *ctx, const char *realm) -{ - struct ntlmkrb5 *c = ctx; - krb5_error_code ret; - unsigned flags; - - ret = krb5_digest_probe(c->context, rk_UNCONST(realm), c->id, &flags); - if (ret) - return ret; - - if ((flags & (1|2|4)) == 0) - return EINVAL; - - return 0; -} - -/* - * - */ - -static OM_uint32 -kdc_destroy(OM_uint32 *minor, void *ctx) -{ - struct ntlmkrb5 *c = ctx; - krb5_data_free(&c->opaque); - krb5_data_free(&c->sessionkey); - if (c->ntlm) - krb5_ntlm_free(c->context, c->ntlm); - if (c->id) { - if (c->destroy) - krb5_cc_destroy(c->context, c->id); - else - krb5_cc_close(c->context, c->id); - } - if (c->context) - krb5_free_context(c->context); - memset(c, 0, sizeof(*c)); - free(c); - - return GSS_S_COMPLETE; -} - -/* - * - */ - -static OM_uint32 -kdc_type2(OM_uint32 *minor_status, - void *ctx, - uint32_t flags, - const char *hostname, - const char *domain, - uint32_t *ret_flags, - struct ntlm_buf *out) -{ - struct ntlmkrb5 *c = ctx; - krb5_error_code ret; - struct ntlm_type2 type2; - krb5_data challange; - struct ntlm_buf data; - krb5_data ti; - - memset(&type2, 0, sizeof(type2)); - - /* - * Request data for type 2 packet from the KDC. - */ - ret = krb5_ntlm_init_request(c->context, - c->ntlm, - NULL, - c->id, - flags, - hostname, - domain); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* - * - */ - - ret = krb5_ntlm_init_get_opaque(c->context, c->ntlm, &c->opaque); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* - * - */ - - ret = krb5_ntlm_init_get_flags(c->context, c->ntlm, &type2.flags); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - *ret_flags = type2.flags; - - ret = krb5_ntlm_init_get_challange(c->context, c->ntlm, &challange); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (challange.length != sizeof(type2.challange)) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - memcpy(type2.challange, challange.data, sizeof(type2.challange)); - krb5_data_free(&challange); - - ret = krb5_ntlm_init_get_targetname(c->context, c->ntlm, - &type2.targetname); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_ntlm_init_get_targetinfo(c->context, c->ntlm, &ti); - if (ret) { - free(type2.targetname); - *minor_status = ret; - return GSS_S_FAILURE; - } - - type2.targetinfo.data = ti.data; - type2.targetinfo.length = ti.length; - - ret = heim_ntlm_encode_type2(&type2, &data); - free(type2.targetname); - krb5_data_free(&ti); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - out->data = data.data; - out->length = data.length; - - return GSS_S_COMPLETE; -} - -/* - * - */ - -static OM_uint32 -kdc_type3(OM_uint32 *minor_status, - void *ctx, - const struct ntlm_type3 *type3, - struct ntlm_buf *sessionkey) -{ - struct ntlmkrb5 *c = ctx; - krb5_error_code ret; - - sessionkey->data = NULL; - sessionkey->length = 0; - - ret = krb5_ntlm_req_set_flags(c->context, c->ntlm, type3->flags); - if (ret) goto out; - ret = krb5_ntlm_req_set_username(c->context, c->ntlm, type3->username); - if (ret) goto out; - ret = krb5_ntlm_req_set_targetname(c->context, c->ntlm, - type3->targetname); - if (ret) goto out; - ret = krb5_ntlm_req_set_lm(c->context, c->ntlm, - type3->lm.data, type3->lm.length); - if (ret) goto out; - ret = krb5_ntlm_req_set_ntlm(c->context, c->ntlm, - type3->ntlm.data, type3->ntlm.length); - if (ret) goto out; - ret = krb5_ntlm_req_set_opaque(c->context, c->ntlm, &c->opaque); - if (ret) goto out; - - if (type3->sessionkey.length) { - ret = krb5_ntlm_req_set_session(c->context, c->ntlm, - type3->sessionkey.data, - type3->sessionkey.length); - if (ret) goto out; - } - - /* - * Verify with the KDC the type3 packet is ok - */ - ret = krb5_ntlm_request(c->context, - c->ntlm, - NULL, - c->id); - if (ret) - goto out; - - if (krb5_ntlm_rep_get_status(c->context, c->ntlm) != TRUE) { - ret = EINVAL; - goto out; - } - - if (type3->sessionkey.length) { - ret = krb5_ntlm_rep_get_sessionkey(c->context, - c->ntlm, - &c->sessionkey); - if (ret) - goto out; - - sessionkey->data = c->sessionkey.data; - sessionkey->length = c->sessionkey.length; - } - - return 0; - - out: - *minor_status = ret; - return GSS_S_FAILURE; -} - -/* - * - */ - -static void -kdc_free_buffer(struct ntlm_buf *sessionkey) -{ - if (sessionkey->data) - free(sessionkey->data); - sessionkey->data = NULL; - sessionkey->length = 0; -} - -/* - * - */ - -struct ntlm_server_interface ntlmsspi_kdc_digest = { - kdc_alloc, - kdc_destroy, - kdc_probe, - kdc_type2, - kdc_type3, - kdc_free_buffer -}; diff --git a/crypto/heimdal/lib/gssapi/ntlm/display_name.c b/crypto/heimdal/lib/gssapi/ntlm/display_name.c deleted file mode 100644 index a04d96c..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/display_name.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: display_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_display_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t output_name_buffer, - gss_OID * output_name_type - ) -{ - *minor_status = 0; - - if (output_name_type) - *output_name_type = GSS_NTLM_MECHANISM; - - if (output_name_buffer) { - ntlm_name n = (ntlm_name)input_name; - char *str; - int len; - - output_name_buffer->length = 0; - output_name_buffer->value = NULL; - - if (n == NULL) { - *minor_status = 0; - return GSS_S_BAD_NAME; - } - - len = asprintf(&str, "%s@%s", n->user, n->domain); - if (str == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - output_name_buffer->length = len; - output_name_buffer->value = str; - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/display_status.c b/crypto/heimdal/lib/gssapi/ntlm/display_status.c deleted file mode 100644 index 70be5eb..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/display_status.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: display_status.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_display_status - (OM_uint32 *minor_status, - OM_uint32 status_value, - int status_type, - const gss_OID mech_type, - OM_uint32 *message_context, - gss_buffer_t status_string) -{ - if (minor_status) - *minor_status = 0; - if (status_string) { - status_string->length = 0; - status_string->value = NULL; - } - if (message_context) - *message_context = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/duplicate_name.c b/crypto/heimdal/lib/gssapi/ntlm/duplicate_name.c deleted file mode 100644 index 2b2f7dd..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/duplicate_name.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: duplicate_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_duplicate_name ( - OM_uint32 * minor_status, - const gss_name_t src_name, - gss_name_t * dest_name - ) -{ - if (minor_status) - *minor_status = 0; - if (dest_name) - *dest_name = NULL; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/export_name.c b/crypto/heimdal/lib/gssapi/ntlm/export_name.c deleted file mode 100644 index f0941b1..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/export_name.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 1997, 1999, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: export_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_export_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t exported_name - ) -{ - if (minor_status) - *minor_status = 0; - if (exported_name) { - exported_name->length = 0; - exported_name->value = NULL; - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/export_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/export_sec_context.c deleted file mode 100644 index 99a7be1..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/export_sec_context.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: export_sec_context.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 -_gss_ntlm_export_sec_context ( - OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t interprocess_token - ) -{ - if (minor_status) - *minor_status = 0; - if (interprocess_token) { - interprocess_token->length = 0; - interprocess_token->value = NULL; - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/external.c b/crypto/heimdal/lib/gssapi/ntlm/external.c deleted file mode 100644 index 8f86032..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/external.c +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: external.c 19359 2006-12-15 20:01:48Z lha $"); - -static gssapi_mech_interface_desc ntlm_mech = { - GMI_VERSION, - "ntlm", - {10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") }, - _gss_ntlm_acquire_cred, - _gss_ntlm_release_cred, - _gss_ntlm_init_sec_context, - _gss_ntlm_accept_sec_context, - _gss_ntlm_process_context_token, - _gss_ntlm_delete_sec_context, - _gss_ntlm_context_time, - _gss_ntlm_get_mic, - _gss_ntlm_verify_mic, - _gss_ntlm_wrap, - _gss_ntlm_unwrap, - _gss_ntlm_display_status, - NULL, - _gss_ntlm_compare_name, - _gss_ntlm_display_name, - _gss_ntlm_import_name, - _gss_ntlm_export_name, - _gss_ntlm_release_name, - _gss_ntlm_inquire_cred, - _gss_ntlm_inquire_context, - _gss_ntlm_wrap_size_limit, - _gss_ntlm_add_cred, - _gss_ntlm_inquire_cred_by_mech, - _gss_ntlm_export_sec_context, - _gss_ntlm_import_sec_context, - _gss_ntlm_inquire_names_for_mech, - _gss_ntlm_inquire_mechs_for_name, - _gss_ntlm_canonicalize_name, - _gss_ntlm_duplicate_name -}; - -gssapi_mech_interface -__gss_ntlm_initialize(void) -{ - return &ntlm_mech; -} - -static gss_OID_desc _gss_ntlm_mechanism_desc = -{10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") }; - -gss_OID GSS_NTLM_MECHANISM = &_gss_ntlm_mechanism_desc; diff --git a/crypto/heimdal/lib/gssapi/ntlm/import_name.c b/crypto/heimdal/lib/gssapi/ntlm/import_name.c deleted file mode 100644 index 91cba08..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/import_name.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: import_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_import_name - (OM_uint32 * minor_status, - const gss_buffer_t input_name_buffer, - const gss_OID input_name_type, - gss_name_t * output_name - ) -{ - char *name, *p, *p2; - ntlm_name n; - - *minor_status = 0; - - if (output_name) - *output_name = GSS_C_NO_NAME; - - if (!gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE)) - return GSS_S_BAD_NAMETYPE; - - name = malloc(input_name_buffer->length + 1); - if (name == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy(name, input_name_buffer->value, input_name_buffer->length); - name[input_name_buffer->length] = '\0'; - - /* find "domain" part of the name and uppercase it */ - p = strchr(name, '@'); - if (p == NULL) - return GSS_S_BAD_NAME; - p[0] = '\0'; - p++; - p2 = strchr(p, '.'); - if (p2 && p2[1] != '\0') { - p = p2 + 1; - p2 = strchr(p, '.'); - if (p2) - *p2 = '\0'; - } - strupr(p); - - n = calloc(1, sizeof(*n)); - if (name == NULL) { - free(name); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - n->user = strdup(name); - n->domain = strdup(p); - - free(name); - - if (n->user == NULL || n->domain == NULL) { - free(n->user); - free(n->domain); - free(n); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - *output_name = (gss_name_t)n; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/import_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/import_sec_context.c deleted file mode 100644 index cde0a01..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/import_sec_context.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: import_sec_context.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 -_gss_ntlm_import_sec_context ( - OM_uint32 * minor_status, - const gss_buffer_t interprocess_token, - gss_ctx_id_t * context_handle - ) -{ - if (minor_status) - *minor_status = 0; - if (context_handle) - *context_handle = GSS_C_NO_CONTEXT; - return GSS_S_FAILURE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/indicate_mechs.c b/crypto/heimdal/lib/gssapi/ntlm/indicate_mechs.c deleted file mode 100644 index 6417163..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/indicate_mechs.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: indicate_mechs.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_indicate_mechs -(OM_uint32 * minor_status, - gss_OID_set * mech_set - ) -{ - if (minor_status) - *minor_status = 0; - if (mech_set) - *mech_set = GSS_C_NO_OID_SET; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c deleted file mode 100644 index 140dbec..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c +++ /dev/null @@ -1,508 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: init_sec_context.c 22382 2007-12-30 12:13:17Z lha $"); - -static int -from_file(const char *fn, const char *target_domain, - char **username, struct ntlm_buf *key) -{ - char *str, buf[1024]; - FILE *f; - - f = fopen(fn, "r"); - if (f == NULL) - return ENOENT; - - while (fgets(buf, sizeof(buf), f) != NULL) { - char *d, *u, *p; - buf[strcspn(buf, "\r\n")] = '\0'; - if (buf[0] == '#') - continue; - str = NULL; - d = strtok_r(buf, ":", &str); - if (d && strcasecmp(target_domain, d) != 0) - continue; - u = strtok_r(NULL, ":", &str); - p = strtok_r(NULL, ":", &str); - if (u == NULL || p == NULL) - continue; - - *username = strdup(u); - - heim_ntlm_nt_key(p, key); - - memset(buf, 0, sizeof(buf)); - fclose(f); - return 0; - } - memset(buf, 0, sizeof(buf)); - fclose(f); - return ENOENT; -} - -static int -get_user_file(const ntlm_name target_name, - char **username, struct ntlm_buf *key) -{ - const char *fn; - - if (issuid()) - return ENOENT; - - fn = getenv("NTLM_USER_FILE"); - if (fn == NULL) - return ENOENT; - if (from_file(fn, target_name->domain, username, key) == 0) - return 0; - - return ENOENT; -} - -/* - * Pick up the ntlm cred from the default krb5 credential cache. - */ - -static int -get_user_ccache(const ntlm_name name, char **username, struct ntlm_buf *key) -{ - krb5_principal client; - krb5_context context = NULL; - krb5_error_code ret; - krb5_ccache id = NULL; - krb5_creds mcreds, creds; - - *username = NULL; - key->length = 0; - key->data = NULL; - - memset(&creds, 0, sizeof(creds)); - memset(&mcreds, 0, sizeof(mcreds)); - - ret = krb5_init_context(&context); - if (ret) - return ret; - - ret = krb5_cc_default(context, &id); - if (ret) - goto out; - - ret = krb5_cc_get_principal(context, id, &client); - if (ret) - goto out; - - ret = krb5_unparse_name_flags(context, client, - KRB5_PRINCIPAL_UNPARSE_NO_REALM, - username); - if (ret) - goto out; - - ret = krb5_make_principal(context, &mcreds.server, - krb5_principal_get_realm(context, client), - "@ntlm-key", name->domain, NULL); - krb5_free_principal(context, client); - if (ret) - goto out; - - mcreds.session.keytype = ENCTYPE_ARCFOUR_HMAC_MD5; - ret = krb5_cc_retrieve_cred(context, id, KRB5_TC_MATCH_KEYTYPE, - &mcreds, &creds); - if (ret) { - char *s = krb5_get_error_message(context, ret); - krb5_free_error_string(context, s); - goto out; - } - - key->data = malloc(creds.session.keyvalue.length); - if (key->data == NULL) - goto out; - key->length = creds.session.keyvalue.length; - memcpy(key->data, creds.session.keyvalue.data, key->length); - - krb5_free_cred_contents(context, &creds); - - return 0; - -out: - if (*username) { - free(*username); - *username = NULL; - } - krb5_free_cred_contents(context, &creds); - if (mcreds.server) - krb5_free_principal(context, mcreds.server); - if (id) - krb5_cc_close(context, id); - if (context) - krb5_free_context(context); - - return ret; -} - -int -_gss_ntlm_get_user_cred(const ntlm_name target_name, - ntlm_cred *rcred) -{ - ntlm_cred cred; - int ret; - - cred = calloc(1, sizeof(*cred)); - if (cred == NULL) - return ENOMEM; - - ret = get_user_file(target_name, &cred->username, &cred->key); - if (ret) - ret = get_user_ccache(target_name, &cred->username, &cred->key); - if (ret) { - free(cred); - return ret; - } - - cred->domain = strdup(target_name->domain); - *rcred = cred; - - return ret; -} - -static int -_gss_copy_cred(ntlm_cred from, ntlm_cred *to) -{ - *to = calloc(1, sizeof(*to)); - if (*to == NULL) - return ENOMEM; - (*to)->username = strdup(from->username); - if ((*to)->username == NULL) { - free(*to); - return ENOMEM; - } - (*to)->domain = strdup(from->domain); - if ((*to)->domain == NULL) { - free((*to)->username); - free(*to); - return ENOMEM; - } - (*to)->key.data = malloc(from->key.length); - if ((*to)->key.data == NULL) { - free((*to)->domain); - free((*to)->username); - free(*to); - return ENOMEM; - } - memcpy((*to)->key.data, from->key.data, from->key.length); - (*to)->key.length = from->key.length; - - return 0; -} - -OM_uint32 -_gss_ntlm_init_sec_context - (OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - ntlm_ctx ctx; - ntlm_name name = (ntlm_name)target_name; - - *minor_status = 0; - - if (ret_flags) - *ret_flags = 0; - if (time_rec) - *time_rec = 0; - if (actual_mech_type) - *actual_mech_type = GSS_C_NO_OID; - - if (*context_handle == GSS_C_NO_CONTEXT) { - struct ntlm_type1 type1; - struct ntlm_buf data; - uint32_t flags = 0; - int ret; - - ctx = calloc(1, sizeof(*ctx)); - if (ctx == NULL) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - *context_handle = (gss_ctx_id_t)ctx; - - if (initiator_cred_handle != GSS_C_NO_CREDENTIAL) { - ntlm_cred cred = (ntlm_cred)initiator_cred_handle; - ret = _gss_copy_cred(cred, &ctx->client); - } else - ret = _gss_ntlm_get_user_cred(name, &ctx->client); - - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (req_flags & GSS_C_CONF_FLAG) - flags |= NTLM_NEG_SEAL; - if (req_flags & GSS_C_INTEG_FLAG) - flags |= NTLM_NEG_SIGN; - else - flags |= NTLM_NEG_ALWAYS_SIGN; - - flags |= NTLM_NEG_UNICODE; - flags |= NTLM_NEG_NTLM; - flags |= NTLM_NEG_NTLM2_SESSION; - flags |= NTLM_NEG_KEYEX; - - memset(&type1, 0, sizeof(type1)); - - type1.flags = flags; - type1.domain = name->domain; - type1.hostname = NULL; - type1.os[0] = 0; - type1.os[1] = 0; - - ret = heim_ntlm_encode_type1(&type1, &data); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - output_token->value = data.data; - output_token->length = data.length; - - return GSS_S_CONTINUE_NEEDED; - } else { - krb5_error_code ret; - struct ntlm_type2 type2; - struct ntlm_type3 type3; - struct ntlm_buf data; - - ctx = (ntlm_ctx)*context_handle; - - data.data = input_token->value; - data.length = input_token->length; - - ret = heim_ntlm_decode_type2(&data, &type2); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ctx->flags = type2.flags; - - /* XXX check that type2.targetinfo matches `target_name´ */ - /* XXX check verify targetinfo buffer */ - - memset(&type3, 0, sizeof(type3)); - - type3.username = ctx->client->username; - type3.flags = type2.flags; - type3.targetname = type2.targetname; - type3.ws = rk_UNCONST("workstation"); - - /* - * NTLM Version 1 if no targetinfo buffer. - */ - - if (1 || type2.targetinfo.length == 0) { - struct ntlm_buf sessionkey; - - if (type2.flags & NTLM_NEG_NTLM2_SESSION) { - unsigned char nonce[8]; - - if (RAND_bytes(nonce, sizeof(nonce)) != 1) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - ret = heim_ntlm_calculate_ntlm2_sess(nonce, - type2.challange, - ctx->client->key.data, - &type3.lm, - &type3.ntlm); - } else { - ret = heim_ntlm_calculate_ntlm1(ctx->client->key.data, - ctx->client->key.length, - type2.challange, - &type3.ntlm); - - } - if (ret) { - _gss_ntlm_delete_sec_context(minor_status,context_handle,NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = heim_ntlm_build_ntlm1_master(ctx->client->key.data, - ctx->client->key.length, - &sessionkey, - &type3.sessionkey); - if (ret) { - if (type3.lm.data) - free(type3.lm.data); - if (type3.ntlm.data) - free(type3.ntlm.data); - _gss_ntlm_delete_sec_context(minor_status,context_handle,NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_data_copy(&ctx->sessionkey, - sessionkey.data, sessionkey.length); - free(sessionkey.data); - if (ret) { - if (type3.lm.data) - free(type3.lm.data); - if (type3.ntlm.data) - free(type3.ntlm.data); - _gss_ntlm_delete_sec_context(minor_status,context_handle,NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - ctx->status |= STATUS_SESSIONKEY; - - } else { - struct ntlm_buf sessionkey; - unsigned char ntlmv2[16]; - struct ntlm_targetinfo ti; - - /* verify infotarget */ - - ret = heim_ntlm_decode_targetinfo(&type2.targetinfo, 1, &ti); - if(ret) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (ti.domainname && strcmp(ti.domainname, name->domain) != 0) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - ret = heim_ntlm_calculate_ntlm2(ctx->client->key.data, - ctx->client->key.length, - ctx->client->username, - name->domain, - type2.challange, - &type2.targetinfo, - ntlmv2, - &type3.ntlm); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = heim_ntlm_build_ntlm1_master(ntlmv2, sizeof(ntlmv2), - &sessionkey, - &type3.sessionkey); - memset(ntlmv2, 0, sizeof(ntlmv2)); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ctx->flags |= NTLM_NEG_NTLM2_SESSION; - - ret = krb5_data_copy(&ctx->sessionkey, - sessionkey.data, sessionkey.length); - free(sessionkey.data); - } - - if (ctx->flags & NTLM_NEG_NTLM2_SESSION) { - ctx->status |= STATUS_SESSIONKEY; - _gss_ntlm_set_key(&ctx->u.v2.send, 0, (ctx->flags & NTLM_NEG_KEYEX), - ctx->sessionkey.data, - ctx->sessionkey.length); - _gss_ntlm_set_key(&ctx->u.v2.recv, 1, (ctx->flags & NTLM_NEG_KEYEX), - ctx->sessionkey.data, - ctx->sessionkey.length); - } else { - ctx->status |= STATUS_SESSIONKEY; - RC4_set_key(&ctx->u.v1.crypto_recv.key, - ctx->sessionkey.length, - ctx->sessionkey.data); - RC4_set_key(&ctx->u.v1.crypto_send.key, - ctx->sessionkey.length, - ctx->sessionkey.data); - } - - - - ret = heim_ntlm_encode_type3(&type3, &data); - free(type3.sessionkey.data); - if (type3.lm.data) - free(type3.lm.data); - if (type3.ntlm.data) - free(type3.ntlm.data); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - output_token->length = data.length; - output_token->value = data.data; - - if (actual_mech_type) - *actual_mech_type = GSS_NTLM_MECHANISM; - if (ret_flags) - *ret_flags = 0; - if (time_rec) - *time_rec = GSS_C_INDEFINITE; - - ctx->status |= STATUS_OPEN; - - return GSS_S_COMPLETE; - } -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_context.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_context.c deleted file mode 100644 index fe6b322..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_context.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_context.c 21079 2007-06-13 00:25:25Z lha $"); - -OM_uint32 _gss_ntlm_inquire_context ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_name_t * src_name, - gss_name_t * targ_name, - OM_uint32 * lifetime_rec, - gss_OID * mech_type, - OM_uint32 * ctx_flags, - int * locally_initiated, - int * open_context - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - - *minor_status = 0; - if (src_name) - *src_name = GSS_C_NO_NAME; - if (targ_name) - *targ_name = GSS_C_NO_NAME; - if (lifetime_rec) - *lifetime_rec = GSS_C_INDEFINITE; - if (mech_type) - *mech_type = GSS_NTLM_MECHANISM; - if (ctx_flags) - *ctx_flags = ctx->gssflags; - if (locally_initiated) - *locally_initiated = (ctx->status & STATUS_CLIENT) ? 1 : 0; - if (open_context) - *open_context = (ctx->status & STATUS_OPEN) ? 1 : 0; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_cred.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_cred.c deleted file mode 100644 index 1d49b50..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_cred.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_cred.c 22148 2007-12-04 17:59:29Z lha $"); - -OM_uint32 _gss_ntlm_inquire_cred - (OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - gss_name_t * name, - OM_uint32 * lifetime, - gss_cred_usage_t * cred_usage, - gss_OID_set * mechanisms - ) -{ - OM_uint32 ret, junk; - - if (minor_status) - *minor_status = 0; - if (name) - *name = GSS_C_NO_NAME; - if (lifetime) - *lifetime = GSS_C_INDEFINITE; - if (cred_usage) - *cred_usage = 0; - if (mechanisms) - *mechanisms = GSS_C_NO_OID_SET; - - if (cred_handle == GSS_C_NO_CREDENTIAL) - return GSS_S_NO_CRED; - - if (mechanisms) { - ret = gss_create_empty_oid_set(minor_status, mechanisms); - if (ret) - goto out; - ret = gss_add_oid_set_member(minor_status, - GSS_NTLM_MECHANISM, - mechanisms); - if (ret) - goto out; - } - - return GSS_S_COMPLETE; -out: - gss_release_oid_set(&junk, mechanisms); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_cred_by_mech.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_cred_by_mech.c deleted file mode 100644 index 572c6fe..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_cred_by_mech.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_cred_by_mech.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_inquire_cred_by_mech ( - OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - const gss_OID mech_type, - gss_name_t * name, - OM_uint32 * initiator_lifetime, - OM_uint32 * acceptor_lifetime, - gss_cred_usage_t * cred_usage - ) -{ - if (minor_status) - *minor_status = 0; - if (name) - *name = GSS_C_NO_NAME; - if (initiator_lifetime) - *initiator_lifetime = 0; - if (acceptor_lifetime) - *acceptor_lifetime = 0; - if (cred_usage) - *cred_usage = 0; - return GSS_S_UNAVAILABLE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_mechs_for_name.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_mechs_for_name.c deleted file mode 100644 index 8bee483..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_mechs_for_name.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_mechs_for_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_inquire_mechs_for_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - gss_OID_set * mech_types - ) -{ - if (minor_status) - *minor_status = 0; - if (mech_types) - *mech_types = GSS_C_NO_OID_SET; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_names_for_mech.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_names_for_mech.c deleted file mode 100644 index ebf624d..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_names_for_mech.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_names_for_mech.c 19334 2006-12-14 12:17:34Z lha $"); - - -OM_uint32 _gss_ntlm_inquire_names_for_mech ( - OM_uint32 * minor_status, - const gss_OID mechanism, - gss_OID_set * name_types - ) -{ - OM_uint32 ret; - - ret = gss_create_empty_oid_set(minor_status, name_types); - if (ret != GSS_S_COMPLETE) - return ret; - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/ntlm-private.h b/crypto/heimdal/lib/gssapi/ntlm/ntlm-private.h deleted file mode 100644 index cc6c400..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/ntlm-private.h +++ /dev/null @@ -1,264 +0,0 @@ -/* This is a generated file */ -#ifndef __ntlm_private_h__ -#define __ntlm_private_h__ - -#include <stdarg.h> - -gssapi_mech_interface -__gss_ntlm_initialize (void); - -OM_uint32 -_gss_ntlm_accept_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - const gss_cred_id_t /*acceptor_cred_handle*/, - const gss_buffer_t /*input_token_buffer*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - gss_name_t * /*src_name*/, - gss_OID * /*mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * /*time_rec*/, - gss_cred_id_t * delegated_cred_handle ); - -OM_uint32 -_gss_ntlm_acquire_cred ( - OM_uint32 * /*min_stat*/, - const gss_name_t /*desired_name*/, - OM_uint32 /*time_req*/, - const gss_OID_set /*desired_mechs*/, - gss_cred_usage_t /*cred_usage*/, - gss_cred_id_t * /*output_cred_handle*/, - gss_OID_set * /*actual_mechs*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gss_ntlm_add_cred ( - OM_uint32 */*minor_status*/, - const gss_cred_id_t /*input_cred_handle*/, - const gss_name_t /*desired_name*/, - const gss_OID /*desired_mech*/, - gss_cred_usage_t /*cred_usage*/, - OM_uint32 /*initiator_time_req*/, - OM_uint32 /*acceptor_time_req*/, - gss_cred_id_t */*output_cred_handle*/, - gss_OID_set */*actual_mechs*/, - OM_uint32 */*initiator_time_rec*/, - OM_uint32 */*acceptor_time_rec*/); - -OM_uint32 -_gss_ntlm_allocate_ctx ( - OM_uint32 */*minor_status*/, - ntlm_ctx */*ctx*/); - -OM_uint32 -_gss_ntlm_canonicalize_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - const gss_OID /*mech_type*/, - gss_name_t * output_name ); - -OM_uint32 -_gss_ntlm_compare_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*name1*/, - const gss_name_t /*name2*/, - int * name_equal ); - -OM_uint32 -_gss_ntlm_context_time ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gss_ntlm_delete_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t output_token ); - -OM_uint32 -_gss_ntlm_display_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t /*output_name_buffer*/, - gss_OID * output_name_type ); - -OM_uint32 -_gss_ntlm_display_status ( - OM_uint32 */*minor_status*/, - OM_uint32 /*status_value*/, - int /*status_type*/, - const gss_OID /*mech_type*/, - OM_uint32 */*message_context*/, - gss_buffer_t /*status_string*/); - -OM_uint32 -_gss_ntlm_duplicate_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*src_name*/, - gss_name_t * dest_name ); - -OM_uint32 -_gss_ntlm_export_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t exported_name ); - -OM_uint32 -_gss_ntlm_export_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t interprocess_token ); - -OM_uint32 -_gss_ntlm_get_mic ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*message_buffer*/, - gss_buffer_t message_token ); - -int -_gss_ntlm_get_user_cred ( - const ntlm_name /*target_name*/, - ntlm_cred */*rcred*/); - -OM_uint32 -_gss_ntlm_import_name ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*input_name_buffer*/, - const gss_OID /*input_name_type*/, - gss_name_t * output_name ); - -OM_uint32 -_gss_ntlm_import_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*interprocess_token*/, - gss_ctx_id_t * context_handle ); - -OM_uint32 -_gss_ntlm_indicate_mechs ( - OM_uint32 * /*minor_status*/, - gss_OID_set * mech_set ); - -OM_uint32 -_gss_ntlm_init_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*initiator_cred_handle*/, - gss_ctx_id_t * /*context_handle*/, - const gss_name_t /*target_name*/, - const gss_OID /*mech_type*/, - OM_uint32 /*req_flags*/, - OM_uint32 /*time_req*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - const gss_buffer_t /*input_token*/, - gss_OID * /*actual_mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gss_ntlm_inquire_context ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_name_t * /*src_name*/, - gss_name_t * /*targ_name*/, - OM_uint32 * /*lifetime_rec*/, - gss_OID * /*mech_type*/, - OM_uint32 * /*ctx_flags*/, - int * /*locally_initiated*/, - int * open_context ); - -OM_uint32 -_gss_ntlm_inquire_cred ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - gss_name_t * /*name*/, - OM_uint32 * /*lifetime*/, - gss_cred_usage_t * /*cred_usage*/, - gss_OID_set * mechanisms ); - -OM_uint32 -_gss_ntlm_inquire_cred_by_mech ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - const gss_OID /*mech_type*/, - gss_name_t * /*name*/, - OM_uint32 * /*initiator_lifetime*/, - OM_uint32 * /*acceptor_lifetime*/, - gss_cred_usage_t * cred_usage ); - -OM_uint32 -_gss_ntlm_inquire_mechs_for_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_OID_set * mech_types ); - -OM_uint32 -_gss_ntlm_inquire_names_for_mech ( - OM_uint32 * /*minor_status*/, - const gss_OID /*mechanism*/, - gss_OID_set * name_types ); - -OM_uint32 -_gss_ntlm_process_context_token ( - OM_uint32 */*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t token_buffer ); - -OM_uint32 -_gss_ntlm_release_cred ( - OM_uint32 * /*minor_status*/, - gss_cred_id_t * cred_handle ); - -OM_uint32 -_gss_ntlm_release_name ( - OM_uint32 * /*minor_status*/, - gss_name_t * input_name ); - -void -_gss_ntlm_set_key ( - struct ntlmv2_key */*key*/, - int /*acceptor*/, - int /*sealsign*/, - unsigned char */*data*/, - size_t /*len*/); - -OM_uint32 -_gss_ntlm_unwrap ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - gss_qop_t * qop_state ); - -OM_uint32 -_gss_ntlm_verify_mic ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*message_buffer*/, - const gss_buffer_t /*token_buffer*/, - gss_qop_t * qop_state ); - -OM_uint32 -_gss_ntlm_wrap ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t output_message_buffer ); - -OM_uint32 -_gss_ntlm_wrap_size_limit ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - OM_uint32 /*req_output_size*/, - OM_uint32 * max_input_size ); - -#endif /* __ntlm_private_h__ */ diff --git a/crypto/heimdal/lib/gssapi/ntlm/ntlm.h b/crypto/heimdal/lib/gssapi/ntlm/ntlm.h deleted file mode 100644 index 5713b72..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/ntlm.h +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ntlm.h 22373 2007-12-28 18:36:06Z lha $ */ - -#ifndef NTLM_NTLM_H -#define NTLM_NTLM_H - -#ifdef HAVE_CONFIG_H -#include <config.h> -#endif - -#include <stdio.h> -#include <stdlib.h> -#include <assert.h> -#include <string.h> -#include <errno.h> - -#include <gssapi.h> -#include <gssapi_mech.h> - -#include <krb5.h> -#include <roken.h> -#include <heim_threads.h> - -#include <heimntlm.h> - -#include "crypto-headers.h" - -typedef OM_uint32 -(*ntlm_interface_init)(OM_uint32 *, void **); - -typedef OM_uint32 -(*ntlm_interface_destroy)(OM_uint32 *, void *); - -typedef int -(*ntlm_interface_probe)(OM_uint32 *, void *, const char *); - -typedef OM_uint32 -(*ntlm_interface_type2)(OM_uint32 *, void *, uint32_t, const char *, - const char *, uint32_t *, struct ntlm_buf *); - -typedef OM_uint32 -(*ntlm_interface_type3)(OM_uint32 *, void *, const struct ntlm_type3 *, - struct ntlm_buf *); - -typedef void -(*ntlm_interface_free_buffer)(struct ntlm_buf *); - -struct ntlm_server_interface { - ntlm_interface_init nsi_init; - ntlm_interface_destroy nsi_destroy; - ntlm_interface_probe nsi_probe; - ntlm_interface_type2 nsi_type2; - ntlm_interface_type3 nsi_type3; - ntlm_interface_free_buffer nsi_free_buffer; -}; - - -struct ntlmv2_key { - uint32_t seq; - RC4_KEY sealkey; - RC4_KEY *signsealkey; - unsigned char signkey[16]; -}; - -extern struct ntlm_server_interface ntlmsspi_kdc_digest; - -typedef struct ntlm_cred { - gss_cred_usage_t usage; - char *username; - char *domain; - struct ntlm_buf key; -} *ntlm_cred; - -typedef struct { - struct ntlm_server_interface *server; - void *ictx; - ntlm_cred client; - OM_uint32 gssflags; - uint32_t flags; - uint32_t status; -#define STATUS_OPEN 1 -#define STATUS_CLIENT 2 -#define STATUS_SESSIONKEY 4 - krb5_data sessionkey; - - union { - struct { - struct { - uint32_t seq; - RC4_KEY key; - } crypto_send, crypto_recv; - } v1; - struct { - struct ntlmv2_key send, recv; - } v2; - } u; -} *ntlm_ctx; - -typedef struct { - char *user; - char *domain; -} *ntlm_name; - -#include <ntlm/ntlm-private.h> - - -#endif /* NTLM_NTLM_H */ diff --git a/crypto/heimdal/lib/gssapi/ntlm/process_context_token.c b/crypto/heimdal/lib/gssapi/ntlm/process_context_token.c deleted file mode 100644 index 33c1072..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/process_context_token.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: process_context_token.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_process_context_token ( - OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t token_buffer - ) -{ - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/release_cred.c b/crypto/heimdal/lib/gssapi/ntlm/release_cred.c deleted file mode 100644 index a63e568..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/release_cred.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: release_cred.c 22163 2007-12-04 21:25:06Z lha $"); - -OM_uint32 _gss_ntlm_release_cred - (OM_uint32 * minor_status, - gss_cred_id_t * cred_handle - ) -{ - ntlm_cred cred; - - if (minor_status) - *minor_status = 0; - - if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) - return GSS_S_COMPLETE; - - cred = (ntlm_cred)*cred_handle; - *cred_handle = GSS_C_NO_CREDENTIAL; - - if (cred->username) - free(cred->username); - if (cred->domain) - free(cred->domain); - if (cred->key.data) { - memset(cred->key.data, 0, cred->key.length); - free(cred->key.data); - } - - return GSS_S_COMPLETE; -} - diff --git a/crypto/heimdal/lib/gssapi/ntlm/release_name.c b/crypto/heimdal/lib/gssapi/ntlm/release_name.c deleted file mode 100644 index 687d9fd..0000000 --- a/crypto/heimdal/lib/gssapi/ntlm/release_name.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: release_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_release_name - (OM_uint32 * minor_status, - gss_name_t * input_name - ) -{ - if (minor_status) - *minor_status = 0; - if (input_name) { - ntlm_name n = (ntlm_name)*input_name; - *input_name = GSS_C_NO_NAME; - free(n->user); - free(n->domain); - free(n); - } - return GSS_S_COMPLETE; -} |
