📄 http-ntlm.c
字号:
/* NTLM code. Copyright (C) 2005 Free Software Foundation, Inc. Donated by Daniel Stenberg.This file is part of GNU Wget.GNU Wget is free software; you can redistribute it and/or modifyit under the terms of the GNU General Public License as published bythe Free Software Foundation; either version 2 of the License, or (at your option) any later version.GNU Wget is distributed in the hope that it will be useful,but WITHOUT ANY WARRANTY; without even the implied warranty ofMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See theGNU General Public License for more details.You should have received a copy of the GNU General Public Licensealong with Wget; if not, write to the Free SoftwareFoundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.In addition, as a special exception, the Free Software Foundationgives permission to link the code of its release of Wget with theOpenSSL project's "OpenSSL" library (or with modified versions of itthat use the same license as the "OpenSSL" library), and distributethe linked executables. You must obey the GNU General Public Licensein all respects for all of the code used other than "OpenSSL". If youmodify this file, you may extend this exception to your version of thefile, but you are not obligated to do so. If you do not wish to doso, delete this exception statement from your version. */#include <config.h>/* NTLM details: http://davenport.sourceforge.net/ntlm.html http://www.innovation.ch/java/ntlm.html*//* -- WIN32 approved -- */#include <stdio.h>#ifdef HAVE_STRING_H# include <string.h>#else# include <strings.h>#endif#include <stdlib.h>#include <openssl/des.h>#include <openssl/md4.h>#include "wget.h"#include "utils.h"#include "http-ntlm.h"#if OPENSSL_VERSION_NUMBER < 0x00907001L#define DES_key_schedule des_key_schedule#define DES_cblock des_cblock#define DES_set_odd_parity des_set_odd_parity#define DES_set_key des_set_key#define DES_ecb_encrypt des_ecb_encrypt/* This is how things were done in the old days */#define DESKEY(x) x#define DESKEYARG(x) x#else/* Modern version */#define DESKEYARG(x) *x#define DESKEY(x) &x#endif/* Define this to make the type-3 message include the NT response message */#define USE_NTRESPONSES 1
/* Flag bits definitions available at on http://davenport.sourceforge.net/ntlm.html */#define NTLMFLAG_NEGOTIATE_UNICODE (1<<0)#define NTLMFLAG_NEGOTIATE_OEM (1<<1)#define NTLMFLAG_REQUEST_TARGET (1<<2)/* unknown (1<<3) */#define NTLMFLAG_NEGOTIATE_SIGN (1<<4)#define NTLMFLAG_NEGOTIATE_SEAL (1<<5)#define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6)#define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7)#define NTLMFLAG_NEGOTIATE_NETWARE (1<<8)#define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9)/* unknown (1<<10) *//* unknown (1<<11) */#define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12)#define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13)#define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14)#define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15)#define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16)#define NTLMFLAG_TARGET_TYPE_SERVER (1<<17)#define NTLMFLAG_TARGET_TYPE_SHARE (1<<18)#define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19)#define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20)#define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21)#define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22)#define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23)/* unknown (1<24) *//* unknown (1<25) *//* unknown (1<26) *//* unknown (1<27) *//* unknown (1<28) */#define NTLMFLAG_NEGOTIATE_128 (1<<29)#define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30)#define NTLMFLAG_NEGOTIATE_56 (1<<31)
/* (*) = A "security buffer" is a triplet consisting of two shorts and one long: 1. a 'short' containing the length of the buffer in bytes 2. a 'short' containing the allocated space for the buffer in bytes 3. a 'long' containing the offset to the start of the buffer from the beginning of the NTLM message, in bytes.*//* return 1 on success, 0 otherwise */intntlm_input (struct ntlmdata *ntlm, const char *header){ if (0 != strncmp (header, "NTLM", 4)) return 0; header += 4; while (*header && ISSPACE(*header)) header++; if (*header) { /* We got a type-2 message here: Index Description Content 0 NTLMSSP Signature Null-terminated ASCII "NTLMSSP" (0x4e544c4d53535000) 8 NTLM Message Type long (0x02000000) 12 Target Name security buffer(*) 20 Flags long 24 Challenge 8 bytes (32) Context (optional) 8 bytes (two consecutive longs) (40) Target Information (optional) security buffer(*) 32 (48) start of data block */ int size; char *buffer = (char *) alloca (strlen (header)); DEBUGP (("Received a type-2 NTLM message.\n")); size = base64_decode (header, buffer); if (size < 0) return 0; /* malformed base64 from server */ ntlm->state = NTLMSTATE_TYPE2; /* we got a type-2 */ if (size >= 48) /* the nonce of interest is index [24 .. 31], 8 bytes */ memcpy (ntlm->nonce, &buffer[24], 8); /* at index decimal 20, there's a 32bit NTLM flag field */ } else { if (ntlm->state >= NTLMSTATE_TYPE1) { DEBUGP (("Unexpected empty NTLM message.\n")); return 0; /* this is an error */ } DEBUGP (("Empty NTLM message, starting transaction.\n")); ntlm->state = NTLMSTATE_TYPE1; /* we should sent away a type-1 */ } return 1;}/* * Turns a 56 bit key into the 64 bit, odd parity key and sets the key. The * key schedule ks is also set. */static voidsetup_des_key(unsigned char *key_56, DES_key_schedule DESKEYARG(ks)){ DES_cblock key; key[0] = key_56[0]; key[1] = ((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1); key[2] = ((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2); key[3] = ((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3); key[4] = ((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4); key[5] = ((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5); key[6] = ((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6); key[7] = (key_56[6] << 1) & 0xFF; DES_set_odd_parity(&key); DES_set_key(&key, ks);} /* * takes a 21 byte array and treats it as 3 56-bit DES keys. The * 8 byte plaintext is encrypted with each key and the resulting 24 * bytes are stored in the results array. */static voidcalc_resp(unsigned char *keys, unsigned char *plaintext, unsigned char *results){ DES_key_schedule ks; setup_des_key(keys, DESKEY(ks)); DES_ecb_encrypt((DES_cblock*) plaintext, (DES_cblock*) results, DESKEY(ks), DES_ENCRYPT); setup_des_key(keys+7, DESKEY(ks)); DES_ecb_encrypt((DES_cblock*) plaintext, (DES_cblock*) (results+8), DESKEY(ks), DES_ENCRYPT); setup_des_key(keys+14, DESKEY(ks)); DES_ecb_encrypt((DES_cblock*) plaintext, (DES_cblock*) (results+16), DESKEY(ks), DES_ENCRYPT);}/* * Set up lanmanager and nt hashed passwords */static voidmkhash(const char *password, unsigned char *nonce, /* 8 bytes */ unsigned char *lmresp /* must fit 0x18 bytes */#ifdef USE_NTRESPONSES , unsigned char *ntresp /* must fit 0x18 bytes */#endif ){ unsigned char lmbuffer[21];#ifdef USE_NTRESPONSES unsigned char ntbuffer[21];#endif unsigned char *pw; static const unsigned char magic[] = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 }; int i; int len = strlen(password); /* make it fit at least 14 bytes */ pw = (unsigned char *) alloca (len < 7 ? 14 : len * 2); if (len > 14) len = 14; for (i=0; i<len; i++) pw[i] = TOUPPER (password[i]); for (; i<14; i++) pw[i] = 0; { /* create LanManager hashed password */ DES_key_schedule ks; setup_des_key(pw, DESKEY(ks)); DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)lmbuffer, DESKEY(ks), DES_ENCRYPT); setup_des_key(pw+7, DESKEY(ks)); DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)(lmbuffer+8), DESKEY(ks), DES_ENCRYPT); memset(lmbuffer+16, 0, 5); } /* create LM responses */ calc_resp(lmbuffer, nonce, lmresp);#ifdef USE_NTRESPONSES { /* create NT hashed password */ MD4_CTX MD4; len = strlen(password); for (i=0; i<len; i++) { pw[2*i] = password[i]; pw[2*i+1] = 0; } MD4_Init(&MD4);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -