46#define UINTEGER64 __int64
47#define UINT64(c) c##Ui64
50#define UINTEGER64 unsigned long long
51#define UINT64(c) c##LL
61 md_full(
"MD4", data, data_len, md);
66gen_hmac_md5(
const uint8_t *data,
int data_len,
const uint8_t *
key, uint8_t *result)
88 timestamp_ull = (timestamp_ull +
UINT64(11644473600)) *
UINT64(10000000);
91 timestamp[0] = timestamp_ull &
UINT64(0xFF);
92 timestamp[1] = (timestamp_ull >> 8) &
UINT64(0xFF);
93 timestamp[2] = (timestamp_ull >> 16) &
UINT64(0xFF);
94 timestamp[3] = (timestamp_ull >> 24) &
UINT64(0xFF);
95 timestamp[4] = (timestamp_ull >> 32) &
UINT64(0xFF);
96 timestamp[5] = (timestamp_ull >> 40) &
UINT64(0xFF);
97 timestamp[6] = (timestamp_ull >> 48) &
UINT64(0xFF);
98 timestamp[7] = (timestamp_ull >> 56) &
UINT64(0xFF);
107 for (
i = 0;
i < 8;
i++)
120 *str = toupper(*str);
156 if (*msg_bufpos + length > msg_bufsize)
158 msg(
M_WARN,
"NTLM: security buffer too big for message buffer");
163 msg_buf[sb_offset] = (
unsigned char)length;
164 msg_buf[sb_offset + 2] = msg_buf[sb_offset];
165 msg_buf[sb_offset + 4] = (
unsigned char)(*msg_bufpos & 0xff);
166 msg_buf[sb_offset + 5] = (
unsigned char)((*msg_bufpos >> 8) & 0xff);
167 memcpy(&msg_buf[*msg_bufpos], data, msg_buf[sb_offset]);
168 *msg_bufpos += length;
184 buf_printf(&out,
"%s",
"TlRMTVNTUAABAAAAAgIAAA==");
197 char pwbuf[
sizeof(
p->up.password) * 2];
225 strncpy(username,
p->up.username,
sizeof(username) - 1);
226 username[
sizeof(username) - 1] = 0;
232 username[
sizeof(username) - 1] = 0;
234 if (
len >
sizeof(domain) - 1)
236 len =
sizeof(domain) - 1;
259 msg(
M_WARN,
"NTLM: base64 decoding of phase 2 response failed");
264 for (
i = 0;
i < 8;
i++)
281 msg(
M_INFO,
"NTLM: Username or domain too long");
309 const size_t hoff = 0x14;
310 unsigned long flags =
312 if ((flags & 0x00800000) == 0x00800000)
317 msg(
M_WARN,
"NTLM: target information buffer too long for response (len=%d)",
tib_len);
327 "NTLM: phase 2 response from server too long (need %d bytes at offset %u)",
bool buf_printf(struct buffer *buf, const char *format,...)
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
long int get_random(void)
Data Channel Cryptography Module.
void hmac_ctx_update(hmac_ctx_t *ctx, const uint8_t *src, int src_len)
hmac_ctx_t * hmac_ctx_new(void)
int md_full(const char *mdname, const uint8_t *src, int src_len, uint8_t *dst)
Calculates the message digest for the given buffer.
void hmac_ctx_init(hmac_ctx_t *ctx, const uint8_t *key, const char *mdname)
void hmac_ctx_final(hmac_ctx_t *ctx, uint8_t *dst)
void hmac_ctx_free(hmac_ctx_t *ctx)
void hmac_ctx_cleanup(hmac_ctx_t *ctx)
#define MD5_DIGEST_LENGTH
mbedtls_md_context_t hmac_ctx_t
Generic HMAC context.
#define MD4_DIGEST_LENGTH
static void gen_timestamp(uint8_t *timestamp)
static void gen_hmac_md5(const uint8_t *data, int data_len, const uint8_t *key, uint8_t *result)
static void add_security_buffer(int sb_offset, void *data, int length, unsigned char *msg_buf, int *msg_bufpos, size_t msg_bufsize)
static void my_strupr(char *str)
const char * ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2, struct gc_arena *gc)
const char * ntlm_phase_1(const struct http_proxy_info *p, struct gc_arena *gc)
static int unicodize(char *dst, const char *src)
This function expects a null-terminated string in src and will copy it (including the terminating NUL...
static void gen_md4_hash(const uint8_t *data, int data_len, uint8_t *result)
static void gen_nonce(unsigned char *nonce)
static time_t openvpn_time(time_t *t)
uint8_t * make_base64_string2(const uint8_t *str, int src_len, struct gc_arena *gc)
int openvpn_base64_decode(const char *str, void *data, int size)
Wrapper structure for dynamically allocated memory.
int len
Length in bytes of the actual content within the allocated memory.
Garbage collection arena used to keep track of dynamically allocated memory.
Container for unidirectional cipher and HMAC key material.