25 #elif defined(_MSC_VER) 49 #define UINTEGER64 __int64 50 #define UINT64(c) c ## Ui64 53 #define UINTEGER64 unsigned long long 54 #define UINT64(c) c ## LL 63 key[1] = ((hash[0] & 1) << 7) | (hash[1] >> 1);
64 key[2] = ((hash[1] & 3) << 6) | (hash[2] >> 2);
65 key[3] = ((hash[2] & 7) << 5) | (hash[3] >> 3);
66 key[4] = ((hash[3] & 15) << 4) | (hash[4] >> 4);
67 key[5] = ((hash[4] & 31) << 3) | (hash[5] >> 5);
68 key[6] = ((hash[5] & 63) << 2) | (hash[6] >> 6);
69 key[7] = ((hash[6] & 127) << 1);
80 md_full(md4_kt, data, data_len, md);
109 timestamp_ull = (timestamp_ull +
UINT64(11644473600)) *
UINT64(10000000);
112 timestamp[0] = timestamp_ull &
UINT64(0xFF);
113 timestamp[1] = (timestamp_ull >> 8) &
UINT64(0xFF);
114 timestamp[2] = (timestamp_ull >> 16) &
UINT64(0xFF);
115 timestamp[3] = (timestamp_ull >> 24) &
UINT64(0xFF);
116 timestamp[4] = (timestamp_ull >> 32) &
UINT64(0xFF);
117 timestamp[5] = (timestamp_ull >> 40) &
UINT64(0xFF);
118 timestamp[6] = (timestamp_ull >> 48) &
UINT64(0xFF);
119 timestamp[7] = (timestamp_ull >> 56) &
UINT64(0xFF);
128 for (i = 0; i<8; i++)
141 *str = toupper(*str);
162 unsigned char *msg_buf,
int *msg_bufpos)
166 msg_buf[sb_offset] = (
unsigned char)length;
167 msg_buf[sb_offset + 2] = msg_buf[sb_offset];
168 msg_buf[sb_offset + 4] = (
unsigned char)(*msg_bufpos & 0xff);
169 msg_buf[sb_offset + 5] = (
unsigned char)((*msg_bufpos >> 8) & 0xff);
170 memcpy(&msg_buf[*msg_bufpos], data, msg_buf[sb_offset]);
171 *msg_bufpos += length;
187 buf_printf(&out,
"%s",
"TlRMTVNTUAABAAAAAgIAAA==");
206 uint8_t challenge[8], ntlm_response[24];
209 uint8_t ntlmv2_response[144];
210 char userdomain_u[256];
211 char userdomain[128];
213 uint8_t ntlmv2_hmacmd5[16];
214 uint8_t *ntlmv2_blob = ntlmv2_response + 16;
215 int ntlmv2_blob_size = 0;
216 int phase3_bufpos = 0x40;
232 if (separator == NULL)
234 strncpy(username, p->
up.
username,
sizeof(username)-1);
235 username[
sizeof(username)-1] = 0;
240 strncpy(username, separator+1,
sizeof(username)-1);
241 username[
sizeof(username)-1] = 0;
243 if (len >
sizeof(domain) - 1)
245 len =
sizeof(domain) - 1;
269 for (i = 0; i<8; i++)
271 challenge[i] = buf2[i+24];
279 strcpy(userdomain, username);
281 if (strlen(username) + strlen(domain) <
sizeof(userdomain))
283 strcat(userdomain, domain);
287 msg(
M_INFO,
"Warning: Username or domain too long");
290 gen_hmac_md5((uint8_t *)userdomain_u, 2 * strlen(userdomain), md4_hash,
294 memset(ntlmv2_blob, 0, 128);
295 ntlmv2_blob[0x00] = 1;
296 ntlmv2_blob[0x01] = 1;
297 ntlmv2_blob[0x04] = 0;
300 ntlmv2_blob[0x18] = 0;
316 const size_t hoff = 0x14;
317 unsigned long flags = buf2[hoff] | (buf2[hoff + 1] << 8)
318 |(buf2[hoff + 2] << 16) | (buf2[hoff + 3] << 24);
319 if ((flags & 0x00800000) == 0x00800000)
321 tib_len = buf2[0x28];
329 uint8_t tib_pos = buf2[0x2c];
330 if (tib_pos + tib_len >
sizeof(buf2))
335 tib_ptr = buf2 + tib_pos;
337 memcpy(&ntlmv2_blob[0x1c], tib_ptr, tib_len);
346 ntlmv2_blob[0x1c + tib_len] = 0;
349 ntlmv2_blob_size = 0x20 + tib_len;
352 memcpy(&ntlmv2_response[8], challenge, 8);
355 gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash,
376 &ntlm_response[DES_KEY_LENGTH * 2]);
380 memset(phase3, 0,
sizeof(phase3));
382 strcpy((
char *)phase3,
"NTLMSSP\0");
388 phase3, &phase3_bufpos);
404 phase3[0x10] = phase3_bufpos;
405 phase3[0x30] = phase3_bufpos;
406 phase3[0x38] = phase3_bufpos;
int md_full(const md_kt_t *kt, const uint8_t *src, int src_len, uint8_t *dst)
static void add_security_buffer(int sb_offset, void *data, int length, unsigned char *msg_buf, int *msg_bufpos)
const char * ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2, struct gc_arena *gc)
static void my_strupr(char *str)
bool buf_printf(struct buffer *buf, const char *format,...)
const char * ntlm_phase_1(const struct http_proxy_info *p, struct gc_arena *gc)
void hmac_ctx_cleanup(hmac_ctx_t *ctx)
mbedtls_md_context_t hmac_ctx_t
Generic HMAC context.
char username[USER_PASS_LEN]
void cipher_des_encrypt_ecb(const unsigned char key[DES_KEY_LENGTH], unsigned char src[DES_KEY_LENGTH], unsigned char dst[DES_KEY_LENGTH])
Encrypt the given block, using DES ECB mode.
#define MD5_DIGEST_LENGTH
int len
Length in bytes of the actual content within the allocated memory.
#define MD4_DIGEST_LENGTH
static void gen_md4_hash(const uint8_t *data, int data_len, uint8_t *result)
void hmac_ctx_update(hmac_ctx_t *ctx, const uint8_t *src, int src_len)
int openvpn_base64_decode(const char *str, void *data, int size)
mbedtls_md_info_t md_kt_t
Generic message digest key type context.
uint8_t * make_base64_string2(const uint8_t *str, int src_len, struct gc_arena *gc)
static void gen_hmac_md5(const uint8_t *data, int data_len, const uint8_t *key, int key_len, uint8_t *result)
void key_des_fixup(uint8_t *key, int key_len, int ndc)
static void gen_timestamp(uint8_t *timestamp)
const md_kt_t * md_kt_get(const char *digest)
Return message digest parameters, based on the given digest name.
static time_t openvpn_time(time_t *t)
Container for bidirectional cipher and HMAC key material.
static void create_des_keys(const unsigned char *hash, unsigned char *key)
static void gen_nonce(unsigned char *nonce)
Wrapper structure for dynamically allocated memory.
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
static int unicodize(char *dst, const char *src)
Garbage collection arena used to keep track of dynamically allocated memory.
void hmac_ctx_init(hmac_ctx_t *ctx, const uint8_t *key, int key_length, const md_kt_t *kt)
hmac_ctx_t * hmac_ctx_new(void)
long int get_random(void)
char password[USER_PASS_LEN]
void hmac_ctx_final(hmac_ctx_t *ctx, uint8_t *dst)
void hmac_ctx_free(hmac_ctx_t *ctx)
Container for unidirectional cipher and HMAC key material.