Apache-AuthenNTLM
view release on metacpan or search on metacpan
AuthenNTLM.pm view on Meta::CPAN
: $r->log_reason("SMB Server connection not open in state 3 for " . $r -> uri) ;
return ;
}
my $rc ;
print STDERR "[$$] AuthenNTLM: Verify user $self->{username} via smb server\n" if ($debug) ;
if ($self -> {basic})
{
$rc = Authen::Smb::Valid_User_Auth ($self -> {smbhandle}, $self->{username}, $self -> {password}) ;
}
else
{
$rc = Authen::Smb::Valid_User_Auth ($self -> {smbhandle}, $self->{username}, $self -> {usernthash}, 1, $self->{userdomain}) ;
}
my $errno = Authen::Smb::SMBlib_errno ;
my $smberr = Authen::Smb::SMBlib_SMB_Error ;
Authen::Smb::Valid_User_Disconnect ($self -> {smbhandle}) if ($self -> {smbhandle}) ;
$self -> {smbhandle} = undef ;
$self -> {lock} = undef ;
if ($rc == &Authen::Smb::NTV_LOGON_ERROR)
{
MP2 ? $r->log_error("Wrong password/user (rc=$rc/$errno/$smberr): $self->{userdomain}\\$self->{username} for " . $r -> uri) : $r->log_reason("Wrong password/user (rc=$rc/$errno/$smberr): $self->{userdomain}\\$self->{username} for " . $r -> ur...
print STDERR "[$$] AuthenNTLM: rc = $rc ntlmhash = $self->{usernthash}\n" if ($debug) ;
return ;
}
if ($rc)
{
MP2 ? $r->log_reason("SMB Server error $rc/$errno/$smberr for " . $r -> uri) : $r->log_reason("SMB Server error $rc/$errno/$smberr for " . $r -> uri) ;
return ;
}
AuthenNTLM.pm view on Meta::CPAN
return $type ;
}
sub get_basic
{
my ($self, $r, $data) = @_ ;
($self -> {username}, $self -> {password}) = split (/:/, $data) ;
my ($domain, $username) = split (/\\|\//, $self -> {username}) ;
if ($username)
{
$self -> {domain} = $domain ;
$self -> {username} = $username ;
}
else
{
$self -> {domain} = $self -> {defaultdomain} ;
AuthenNTLM.pm view on Meta::CPAN
PerlSetVar ntlmdebug 1
</Location>
=head1 DESCRIPTION
The purpose of this module is to perform a user authentication via Microsoft's
NTLM protocol. This protocol is supported by all versions of the Internet
Explorer and is mainly useful for intranets. Depending on your preferences
setting IE will supply your windows logon credentials to the web server
when the server asks for NTLM authentication. This saves the user to type in
his/her password again.
The NTLM protocol performs a challenge/response to exchange a random number
(nonce) and get back a md4 hash, which is built from the user's password
and the nonce. This makes sure that no password goes over the wire in plain text.
The main advantage of the Perl implementation is, that it can be easily extended
to verify the user/password against other sources than a windows domain controller.
The defaultf implementation is to go to the domain controller for the given domain
and verify the user. If you want to verify the user against another source, you
can inherit from Apache::AuthenNTLM and override it's methods.
To support users that aren't using Internet Explorer, Apache::AuthenNTLM can
also perform basic authentication depending on its configuration.
B<IMPORTANT:> NTLM authentification works only when KeepAlive is on. (If you have set ntlmdebug 2, and see that there is no return message (type 3), check your httpd.conf file for "KeepAlive Off". If KeepAlive Off, then change it to KeepAlive On, re...
AuthenNTLM.pm view on Meta::CPAN
Set when we are doing basic authentication
=item $self -> {ntlm}
Set when we are doing ntlm authentication
=item $self -> {username}
The username
=item $self -> {password}
The password when doing basic authentication
=item $self -> {usernthash}
The md4 hash when doing ntlm authentication
=item $self -> {userdomain}
The domain
=back
OVERVIEW
========
The purpose of this module is to perform a user authentication via Microsoft's
NTLM protocol. This protocol is supported by all versions of the Internet
Explorer and is mainly useful for intranets. Depending on your preferences
setting, IE will supply your windows logon credentials to the web server
when the server asks for NTLM authentication. This saves the user to type in
his/her password again.
The NTLM protocol performs a challenge/response to exchange a random number
(nonce) and get back a md4 hash, which is built form the users password
and the nonce. This makes sure that no password goes over the wire in plain text,
so it's more secure than basic authentication, which doesn't mean it's
a real secure authentication scheme. ;)
Some information about NTLM can be found at:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/com/htm/security_9qgg.asp
http://davenport.sourceforge.net/ntlm.html
More detailed implementation details are available from:
http://www.opengroup.org/comsource/techref2/NCH1222X.HTM
http://www.innovation.ch/java/ntlm.html
A lot of ideas and information are taken from the similar Apache module mod_ntlm,
which can be found at http://sourceforge.net/projects/modntlm/
The main advantage of the Perl implementation is, that it can be easily extended
to verify the user/password against other sources than a windows domain controller.
The default implementation is to go to the domain controller for the given domain
and verify the user. If you want to verify the user against another source, you
can inherit from Apache::AuthenNTLM and override its methods.
To support users that aren't using Internet Explorer, Apache::AuthenNTLM can
also perform basic authentication depending on it's configuration.
Apache::AuthenNTLM contains an extended version of Authen::Smb, which exposes
some more functions to Perl.
smb/.svn/text-base/Changes.svn-base view on Meta::CPAN
0.7 Mon Apr 19 19:22:13 1999
- Resolved some segfault problems on various platforms by reducing
the optimization during the smbval compile.
0.8 Mon Apr 19 19:37:13 1999
- Shot another smbval bug.
0.81 Sun Jun 6 10:2:09 1999
- Updated to the latest smbval library, hopefully resolving some
segfaults and authentication problems for usernames and passwords
with weird characters in them.
- Cleaned up Smb.xs
- Unreleased version
0.9 Sun Jun 6 18:50:23 1999
- While toying around with smbval, discovered some buffer overflows
in the library. Worked around them in the perl portion of the
module for now, but will get in touch with author to try and
merge some patches to resolve the overflows in the library itself.
Because of these overflows, it is _critical_ that anyone using
smb/.svn/text-base/Smb.pm.svn-base view on Meta::CPAN
sub authen {
my @args = @_;
# Truncate everything to length 80 to avoid poor coding practices in the
# smbvalid.a (buffer overflows) PMK--fixme in smbvalid.a when possible.
for my $i ( 0..$#args ) {
$args[$i] = substr($args[$i], 0, 80);
}
my($username, $password, $server, $backup, $domain) = @args;
my $res = Valid_User($username, $password, $server, $backup, $domain);
$res
}
sub AUTOLOAD {
# This AUTOLOAD is used to 'autoload' constants from the constant()
# XS function. If a constant is not found then control is passed
# to the AUTOLOAD in AutoLoader.
my $constname;
smb/.svn/text-base/Smb.xs.svn-base view on Meta::CPAN
MODULE = Authen::Smb PACKAGE = Authen::Smb
double
constant(name,arg)
char * name
int arg
int
Valid_User(username, password, server, backup, domain)
char * username
char * password
char * server
char * backup
char * domain
OUTPUT:
RETVAL
void *
Valid_User_Connect(server,backup,domain,nonce)
smb/.svn/text-base/Smb.xs.svn-base view on Meta::CPAN
if (!SvPOK (ST(3)) || SvCUR(ST(3)) < 8)
croak ("nonce muist be preallocated with an 8 character string") ;
RETVAL = Valid_User_Connect(server, backup, domain, nonce);
OUTPUT:
RETVAL
int
Valid_User_Auth(handle,username,password,precrypt=0,domain="")
void *handle
char *username
char *password
int precrypt
char *domain
void
Valid_User_Disconnect(handle)
void *handle
int
smb/Changes view on Meta::CPAN
0.7 Mon Apr 19 19:22:13 1999
- Resolved some segfault problems on various platforms by reducing
the optimization during the smbval compile.
0.8 Mon Apr 19 19:37:13 1999
- Shot another smbval bug.
0.81 Sun Jun 6 10:2:09 1999
- Updated to the latest smbval library, hopefully resolving some
segfaults and authentication problems for usernames and passwords
with weird characters in them.
- Cleaned up Smb.xs
- Unreleased version
0.9 Sun Jun 6 18:50:23 1999
- While toying around with smbval, discovered some buffer overflows
in the library. Worked around them in the perl portion of the
module for now, but will get in touch with author to try and
merge some patches to resolve the overflows in the library itself.
Because of these overflows, it is _critical_ that anyone using
sub authen {
my @args = @_;
# Truncate everything to length 80 to avoid poor coding practices in the
# smbvalid.a (buffer overflows) PMK--fixme in smbvalid.a when possible.
for my $i ( 0..$#args ) {
$args[$i] = substr($args[$i], 0, 80);
}
my($username, $password, $server, $backup, $domain) = @args;
my $res = Valid_User($username, $password, $server, $backup, $domain);
$res
}
sub AUTOLOAD {
# This AUTOLOAD is used to 'autoload' constants from the constant()
# XS function. If a constant is not found then control is passed
# to the AUTOLOAD in AutoLoader.
my $constname;
MODULE = Authen::Smb PACKAGE = Authen::Smb
double
constant(name,arg)
char * name
int arg
int
Valid_User(username, password, server, backup, domain)
char * username
char * password
char * server
char * backup
char * domain
OUTPUT:
RETVAL
void *
Valid_User_Connect(server,backup,domain,nonce)
if (!SvPOK (ST(3)) || SvCUR(ST(3)) < 8)
croak ("nonce muist be preallocated with an 8 character string") ;
RETVAL = Valid_User_Connect(server, backup, domain, nonce);
OUTPUT:
RETVAL
int
Valid_User_Auth(handle,username,password,precrypt=0,domain="")
void *handle
char *username
char *password
int precrypt
char *domain
void
Valid_User_Disconnect(handle)
void *handle
int
smb/smbval/.svn/text-base/smbencrypt.c.svn-base view on Meta::CPAN
extern int DEBUGLEVEL;
#include "byteorder.h"
char *StrnCpy(char *dest,char *src,int n);
void strupper(char *s);
void E_P16(unsigned char *p14,unsigned char *p16);
void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24);
void mdfour(unsigned char *out, unsigned char *in, int n);
/*
This implements the X/Open SMB password encryption
It takes a password, a 8 byte "crypt key" and puts 24 bytes of
encrypted password into p24 */
void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24)
{
uchar p14[15], p21[21];
memset(p21,'\0',21);
memset(p14,'\0',14);
StrnCpy((char *)p14,(char *)passwd,14);
strupper((char *)p14);
E_P16(p14, p21);
smb/smbval/.svn/text-base/smbencrypt.c.svn-base view on Meta::CPAN
SSVAL(dst,0,val);
dst++;
src++;
if(val == 0)
break;
}
return i;
}
/*
* Creates the MD4 Hash of the users password in NT UNICODE.
*/
void E_md4hash(uchar *passwd, uchar *p16)
{
int len;
int16 wpwd[129];
/* Password cannot be longer than 128 characters */
len = strlen((char *)passwd);
if(len > 128)
smb/smbval/.svn/text-base/smbencrypt.c.svn-base view on Meta::CPAN
void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24)
{
uchar p21[21];
memset(p21,'\0',21);
E_md4hash(passwd, p21);
E_P24(p21, c8, p24);
}
/* Does both the NT and LM owfs of a user's password */
void nt_lm_owf_gen(char *pwd, char *nt_p16, char *p16)
{
char passwd[130];
StrnCpy(passwd, pwd, sizeof(passwd)-1);
/* Calculate the MD4 hash (NT compatible) of the password */
memset(nt_p16, '\0', 16);
E_md4hash((uchar *)passwd, (uchar *)nt_p16);
/* Mangle the passwords into Lanman format */
passwd[14] = '\0';
strupper(passwd);
/* Calculate the SMB (lanman) hash functions of the password */
memset(p16, '\0', 16);
E_P16((uchar *) passwd, (uchar *)p16);
/* clear out local copy of user's password (just being paranoid). */
bzero(passwd, sizeof(passwd));
}
/****************************************************************************
line strncpy but always null terminates. Make sure there is room!
****************************************************************************/
char *StrnCpy(char *dest,char *src,int n)
{
char *d = dest;
if (!dest) return(NULL);
smb/smbval/.svn/text-base/smblib-priv.h.svn-base view on Meta::CPAN
#define SMB_delet_bcc_offset 35 /* bcc */
#define SMB_delet_buf_offset 37
#define SMB_delet_len 37
/* Offsets for SESSION_SETUP_ANDX for both LM and NT LM protocols */
#define SMB_ssetpLM_mbs_offset 37 /* Max buffer Size, allow for AndX */
#define SMB_ssetpLM_mmc_offset 39 /* max multiplex count */
#define SMB_ssetpLM_vcn_offset 41 /* VC number if new VC */
#define SMB_ssetpLM_snk_offset 43 /* Session Key */
#define SMB_ssetpLM_pwl_offset 47 /* password length */
#define SMB_ssetpLM_res_offset 49 /* reserved */
#define SMB_ssetpLM_bcc_offset 53 /* bcc */
#define SMB_ssetpLM_len 55 /* before data ... */
#define SMB_ssetpLM_buf_offset 55
#define SMB_ssetpNTLM_mbs_offset 37 /* Max Buffer Size for NT LM 0.12 */
/* and above */
#define SMB_ssetpNTLM_mmc_offset 39 /* Max Multiplex count */
#define SMB_ssetpNTLM_vcn_offset 41 /* VC Number */
#define SMB_ssetpNTLM_snk_offset 43 /* Session key */
smb/smbval/.svn/text-base/smblib-priv.h.svn-base view on Meta::CPAN
struct SMB_Connect_Def {
SMB_Handle_Type Next_Con, Prev_Con; /* Next and previous conn */
int protocol; /* What is the protocol */
int prot_IDX; /* And what is the index */
void *Trans_Connect; /* The connection */
/* All these strings should be malloc'd */
char service[80], username[80], password[80], desthost[80], sock_options[80];
char address[80], myname[80];
SMB_Tree_Handle first_tree, last_tree; /* List of trees on this server */
int gid; /* Group ID, do we need it? */
int mid; /* Multiplex ID? We might need one per con */
int pid; /* Process ID */
int uid; /* Authenticated user id. */
/* It is pretty clear that we need to bust some of */
/* these out into a per TCon record, as there may */
/* be multiple TCon's per server, etc ... later */
int port; /* port to use in case not default, this is a TCPism! */
int max_xmit; /* Max xmit permitted by server */
int Security; /* 0 = share, 1 = user */
int Raw_Support; /* bit 0 = 1 = Read Raw supported, 1 = 1 Write raw */
BOOL encrypt_passwords; /* FALSE = don't */
int MaxMPX, MaxVC, MaxRaw;
unsigned int SessionKey, Capabilities;
int SvrTZ; /* Server Time Zone */
int Encrypt_Key_Len;
char Encrypt_Key[80], Domain[80], PDomain[80], OSName[80], LMType[40];
char Svr_OS[80], Svr_LMType[80], Svr_PDom[80];
};
#define SMBLIB_DEFAULT_DOMAIN "STAFF"
smb/smbval/.svn/text-base/smblib-priv.h.svn-base view on Meta::CPAN
/* global Variables for the library */
extern SMB_State_Types SMBlib_State;
#ifndef SMBLIB_ERRNO
extern int SMBlib_errno;
extern int SMBlib_SMB_Error; /* last Error */
#endif
SMB_Tree_Handle SMB_TreeConnect(SMB_Handle_Type con, SMB_Tree_Handle tree,
char *path, char *password, char *dev);
smb/smbval/.svn/text-base/smblib-util.c.svn-base view on Meta::CPAN
switch (CVAL(SMB_Hdr(pkt), SMB_hdr_wct_offset)) {
case 0x01: /* No more info ... */
break;
case 13: /* Up to and including LanMan 2.1 */
Con_Handle -> Security = SVAL(SMB_Hdr(pkt), SMB_negrLM_sec_offset);
Con_Handle -> encrypt_passwords = ((Con_Handle -> Security & SMB_sec_encrypt_mask) != 0x00);
Con_Handle -> Security = Con_Handle -> Security & SMB_sec_user_mask;
Con_Handle -> max_xmit = SVAL(SMB_Hdr(pkt), SMB_negrLM_mbs_offset);
Con_Handle -> MaxMPX = SVAL(SMB_Hdr(pkt), SMB_negrLM_mmc_offset);
Con_Handle -> MaxVC = SVAL(SMB_Hdr(pkt), SMB_negrLM_mnv_offset);
Con_Handle -> Raw_Support = SVAL(SMB_Hdr(pkt), SMB_negrLM_rm_offset);
Con_Handle -> SessionKey = IVAL(SMB_Hdr(pkt), SMB_negrLM_sk_offset);
Con_Handle -> SvrTZ = SVAL(SMB_Hdr(pkt), SMB_negrLM_stz_offset);
Con_Handle -> Encrypt_Key_Len = SVAL(SMB_Hdr(pkt), SMB_negrLM_ekl_offset);
smb/smbval/.svn/text-base/smblib-util.c.svn-base view on Meta::CPAN
p = (SMB_Hdr(pkt) + SMB_negrLM_buf_offset + Con_Handle -> Encrypt_Key_Len);
strncpy(p, Con_Handle -> Svr_PDom, sizeof(Con_Handle -> Svr_PDom) - 1);
break;
case 17: /* NT LM 0.12 and LN LM 1.0 */
Con_Handle -> Security = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_sec_offset);
Con_Handle -> encrypt_passwords = ((Con_Handle -> Security & SMB_sec_encrypt_mask) != 0x00);
Con_Handle -> Security = Con_Handle -> Security & SMB_sec_user_mask;
Con_Handle -> max_xmit = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_mbs_offset);
Con_Handle -> MaxMPX = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_mmc_offset);
Con_Handle -> MaxVC = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_mnv_offset);
Con_Handle -> MaxRaw = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_mrs_offset);
Con_Handle -> SessionKey = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_sk_offset);
Con_Handle -> SvrTZ = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_stz_offset);
Con_Handle -> Encrypt_Key_Len = CVAL(SMB_Hdr(pkt), SMB_negrNTLM_ekl_offset);
smb/smbval/.svn/text-base/smblib-util.c.svn-base view on Meta::CPAN
/* only keep the portion up to the first "." */
}
/* Send a TCON to the remote server ... */
SMB_Tree_Handle SMB_TreeConnect(SMB_Handle_Type Con_Handle,
SMB_Tree_Handle Tree_Handle,
char *path,
char *password,
char *device)
{ struct RFCNB_Pkt *pkt;
int param_len, i, pkt_len;
char *p;
SMB_Tree_Handle tree;
/* Figure out how much space is needed for path, password, dev ... */
if (path == NULL || password == NULL || device == NULL) {
#ifdef DEBUG
fprintf(stderr, "Bad parameter passed to SMB_TreeConnect\n");
#endif
SMBlib_errno = SMBlibE_BadParam;
return(NULL);
}
/* The + 2 is because of the \0 and the marker ... */
param_len = strlen(path) + 2 + strlen(password) + 2 + strlen(device) + 2;
/* The -1 accounts for the one byte smb_buf we have because some systems */
/* don't like char msg_buf[] */
pkt_len = SMB_tcon_len + param_len;
pkt = (struct RFCNB_Pkt *)RFCNB_Alloc_Pkt(pkt_len);
if (pkt == NULL) {
smb/smbval/.svn/text-base/smblib-util.c.svn-base view on Meta::CPAN
SSVAL(SMB_Hdr(pkt), SMB_tcon_bcc_offset, param_len);
/* Now copy the param strings in with the right stuff */
p = (char *)(SMB_Hdr(pkt) + SMB_tcon_buf_offset);
*p = SMBasciiID;
strcpy(p + 1, path);
p = p + strlen(path) + 2;
*p = SMBasciiID;
strcpy(p + 1, password);
p = p + strlen(password) + 2;
*p = SMBasciiID;
strcpy(p + 1, device);
/* Now send the packet and sit back ... */
if (RFCNB_Send(Con_Handle -> Trans_Connect, pkt, pkt_len) < 0){
#ifdef DEBUG
fprintf(stderr, "Error sending TCon request\n");
#endif
smb/smbval/.svn/text-base/smblib.c.svn-base view on Meta::CPAN
SMBlib_errno = SMBlibE_NoSpace;
return NULL;
}
}
/* Init some things ... */
strcpy(con -> service, "");
strcpy(con -> username, "");
strcpy(con -> password, "");
strcpy(con -> sock_options, "");
strcpy(con -> address, "");
strcpy(con -> desthost, server);
strcpy(con -> PDomain, NTdomain);
strcpy(con -> OSName, SMBLIB_DEFAULT_OSNAME);
strcpy(con -> LMType, SMBLIB_DEFAULT_LMTYPE);
con -> first_tree = con -> last_tree = NULL;
SMB_Get_My_Name(con -> myname, sizeof(con -> myname));
smb/smbval/.svn/text-base/smblib.c.svn-base view on Meta::CPAN
/* use the handle passed */
char *SMB_Prots_Restrict[] = {"PC NETWORK PROGRAM 1.0",
NULL};
SMB_Handle_Type SMB_Connect(SMB_Handle_Type Con_Handle,
SMB_Tree_Handle *tree,
char *service,
char *username,
char *password)
{ SMB_Handle_Type con;
char *host, *address;
char temp[80], called[80], calling[80];
int i;
/* Get a connection structure if one does not exist */
con = Con_Handle;
smb/smbval/.svn/text-base/smblib.c.svn-base view on Meta::CPAN
SMBlib_errno = SMBlibE_NoSpace;
return NULL;
}
}
/* Init some things ... */
strcpy(con -> service, service);
strcpy(con -> username, username);
strcpy(con -> password, password);
strcpy(con -> sock_options, "");
strcpy(con -> address, "");
strcpy(con -> PDomain, SMBLIB_DEFAULT_DOMAIN);
strcpy(con -> OSName, SMBLIB_DEFAULT_OSNAME);
strcpy(con -> LMType, SMBLIB_DEFAULT_LMTYPE);
con -> first_tree = con -> last_tree = NULL;
SMB_Get_My_Name(con -> myname, sizeof(con -> myname));
con -> port = 0; /* No port selected */
smb/smbval/.svn/text-base/smblib.c.svn-base view on Meta::CPAN
/* Hmmm what should we do here ... We have a connection, but could not
negotiate ... */
return NULL;
}
/* Now connect to the service ... */
if ((*tree = SMB_TreeConnect(con, NULL, service, password, "A:")) == NULL) {
return NULL;
}
return(con);
}
/* Logon to the server. That is, do a session setup if we can. We do not do */
smb/smbval/.svn/text-base/smblib.c.svn-base view on Meta::CPAN
SMBlib_errno = SMBlibE_ProtLow;
return(SMBlibE_BAD);
}
strcpy(pword, PassWord);
if (precrypted) {
pass_len=24;
memcpy(pword, PassWord, 24);
} else if (Con_Handle -> encrypt_passwords)
{
pass_len=24;
SMBencrypt((uchar *) PassWord, (uchar *)Con_Handle -> Encrypt_Key,(uchar *)pword);
}
else
pass_len=strlen(pword);
/* Now build the correct structure */
smb/smbval/.svn/text-base/smblib.c.svn-base view on Meta::CPAN
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_vcn_offset, 1); /* must be one, otherwise server will close all other connections!!! */
SIVAL(SMB_Hdr(pkt), SMB_ssetpLM_snk_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_pwl_offset, pass_len + 1);
SIVAL(SMB_Hdr(pkt), SMB_ssetpLM_res_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_bcc_offset, param_len);
/* Now copy the param strings in with the right stuff */
p = (char *)(SMB_Hdr(pkt) + SMB_ssetpLM_buf_offset);
/* Copy in password, then the rest. Password has a null at end */
memcpy(p, pword, pass_len);
p = p + pass_len + 1;
strcpy(p, UserName);
p = p + strlen(UserName);
*p = 0;
p = p + 1;
smb/smbval/.svn/text-base/smblib.c.svn-base view on Meta::CPAN
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cipl_offset, pass_len);
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cspl_offset, 0);
SIVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_res_offset, 0);
SIVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cap_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_bcc_offset, param_len);
/* Now copy the param strings in with the right stuff */
p = (char *)(SMB_Hdr(pkt) + SMB_ssetpNTLM_buf_offset);
/* Copy in password, then the rest. Password has no null at end */
memcpy(p, pword, pass_len);
p = p + pass_len;
strcpy(p, UserName);
p = p + strlen(UserName);
*p = 0;
p = p + 1;
smb/smbval/.svn/text-base/smblib.h.svn-base view on Meta::CPAN
void *SMB_Connect(void *Con, void **tree,
char *name, char *User, char *Password);
/* Negotiate a protocol */
int SMB_Negotiate(void *Con_Handle, char *Prots[]);
/* Connect to a tree ... */
void *SMB_TreeConnect(void *con_handle, void *tree_handle,
char *path, char *password, char *dev);
/* Disconnect a tree ... */
int SMB_TreeDisconect(void *tree_handle);
/* Open a file */
void *SMB_Open(void *tree_handle,
void *file_handle,
char *file_name,
smb/smbval/.svn/text-base/valid.h.svn-base view on Meta::CPAN
#ifndef _VALID_H_
#define _VALID_H_
/* SMB User verification function */
#define NTV_NO_ERROR 0
#define NTV_SERVER_ERROR 1
#define NTV_PROTOCOL_ERROR 2
#define NTV_LOGON_ERROR 3
int Valid_User(char *username,char *password,char *server, char *backup, char *domain);
void *Valid_User_Connect(char *server,char *backup, char *domain, char *nonce) ;
int Valid_User_Auth(void *handle, char *username,char *password,int precrypt, char * domain) ;
void Valid_User_Disconnect(void *handle) ;
#endif
smb/smbval/smbencrypt.c view on Meta::CPAN
extern int DEBUGLEVEL;
#include "byteorder.h"
char *StrnCpy(char *dest,char *src,int n);
void strupper(char *s);
void E_P16(unsigned char *p14,unsigned char *p16);
void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24);
void mdfour(unsigned char *out, unsigned char *in, int n);
/*
This implements the X/Open SMB password encryption
It takes a password, a 8 byte "crypt key" and puts 24 bytes of
encrypted password into p24 */
void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24)
{
uchar p14[15], p21[21];
memset(p21,'\0',21);
memset(p14,'\0',14);
StrnCpy((char *)p14,(char *)passwd,14);
strupper((char *)p14);
E_P16(p14, p21);
smb/smbval/smbencrypt.c view on Meta::CPAN
SSVAL(dst,0,val);
dst++;
src++;
if(val == 0)
break;
}
return i;
}
/*
* Creates the MD4 Hash of the users password in NT UNICODE.
*/
void E_md4hash(uchar *passwd, uchar *p16)
{
int len;
int16 wpwd[129];
/* Password cannot be longer than 128 characters */
len = strlen((char *)passwd);
if(len > 128)
smb/smbval/smbencrypt.c view on Meta::CPAN
void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24)
{
uchar p21[21];
memset(p21,'\0',21);
E_md4hash(passwd, p21);
E_P24(p21, c8, p24);
}
/* Does both the NT and LM owfs of a user's password */
void nt_lm_owf_gen(char *pwd, char *nt_p16, char *p16)
{
char passwd[130];
StrnCpy(passwd, pwd, sizeof(passwd)-1);
/* Calculate the MD4 hash (NT compatible) of the password */
memset(nt_p16, '\0', 16);
E_md4hash((uchar *)passwd, (uchar *)nt_p16);
/* Mangle the passwords into Lanman format */
passwd[14] = '\0';
strupper(passwd);
/* Calculate the SMB (lanman) hash functions of the password */
memset(p16, '\0', 16);
E_P16((uchar *) passwd, (uchar *)p16);
/* clear out local copy of user's password (just being paranoid). */
bzero(passwd, sizeof(passwd));
}
/****************************************************************************
line strncpy but always null terminates. Make sure there is room!
****************************************************************************/
char *StrnCpy(char *dest,char *src,int n)
{
char *d = dest;
if (!dest) return(NULL);
smb/smbval/smblib-priv.h view on Meta::CPAN
#define SMB_delet_bcc_offset 35 /* bcc */
#define SMB_delet_buf_offset 37
#define SMB_delet_len 37
/* Offsets for SESSION_SETUP_ANDX for both LM and NT LM protocols */
#define SMB_ssetpLM_mbs_offset 37 /* Max buffer Size, allow for AndX */
#define SMB_ssetpLM_mmc_offset 39 /* max multiplex count */
#define SMB_ssetpLM_vcn_offset 41 /* VC number if new VC */
#define SMB_ssetpLM_snk_offset 43 /* Session Key */
#define SMB_ssetpLM_pwl_offset 47 /* password length */
#define SMB_ssetpLM_res_offset 49 /* reserved */
#define SMB_ssetpLM_bcc_offset 53 /* bcc */
#define SMB_ssetpLM_len 55 /* before data ... */
#define SMB_ssetpLM_buf_offset 55
#define SMB_ssetpNTLM_mbs_offset 37 /* Max Buffer Size for NT LM 0.12 */
/* and above */
#define SMB_ssetpNTLM_mmc_offset 39 /* Max Multiplex count */
#define SMB_ssetpNTLM_vcn_offset 41 /* VC Number */
#define SMB_ssetpNTLM_snk_offset 43 /* Session key */
smb/smbval/smblib-priv.h view on Meta::CPAN
struct SMB_Connect_Def {
SMB_Handle_Type Next_Con, Prev_Con; /* Next and previous conn */
int protocol; /* What is the protocol */
int prot_IDX; /* And what is the index */
void *Trans_Connect; /* The connection */
/* All these strings should be malloc'd */
char service[80], username[80], password[80], desthost[80], sock_options[80];
char address[80], myname[80];
SMB_Tree_Handle first_tree, last_tree; /* List of trees on this server */
int gid; /* Group ID, do we need it? */
int mid; /* Multiplex ID? We might need one per con */
int pid; /* Process ID */
int uid; /* Authenticated user id. */
/* It is pretty clear that we need to bust some of */
/* these out into a per TCon record, as there may */
/* be multiple TCon's per server, etc ... later */
int port; /* port to use in case not default, this is a TCPism! */
int max_xmit; /* Max xmit permitted by server */
int Security; /* 0 = share, 1 = user */
int Raw_Support; /* bit 0 = 1 = Read Raw supported, 1 = 1 Write raw */
BOOL encrypt_passwords; /* FALSE = don't */
int MaxMPX, MaxVC, MaxRaw;
unsigned int SessionKey, Capabilities;
int SvrTZ; /* Server Time Zone */
int Encrypt_Key_Len;
char Encrypt_Key[80], Domain[80], PDomain[80], OSName[80], LMType[40];
char Svr_OS[80], Svr_LMType[80], Svr_PDom[80];
};
#define SMBLIB_DEFAULT_DOMAIN "STAFF"
smb/smbval/smblib-priv.h view on Meta::CPAN
/* global Variables for the library */
extern SMB_State_Types SMBlib_State;
#ifndef SMBLIB_ERRNO
extern int SMBlib_errno;
extern int SMBlib_SMB_Error; /* last Error */
#endif
SMB_Tree_Handle SMB_TreeConnect(SMB_Handle_Type con, SMB_Tree_Handle tree,
char *path, char *password, char *dev);
smb/smbval/smblib-util.c view on Meta::CPAN
switch (CVAL(SMB_Hdr(pkt), SMB_hdr_wct_offset)) {
case 0x01: /* No more info ... */
break;
case 13: /* Up to and including LanMan 2.1 */
Con_Handle -> Security = SVAL(SMB_Hdr(pkt), SMB_negrLM_sec_offset);
Con_Handle -> encrypt_passwords = ((Con_Handle -> Security & SMB_sec_encrypt_mask) != 0x00);
Con_Handle -> Security = Con_Handle -> Security & SMB_sec_user_mask;
Con_Handle -> max_xmit = SVAL(SMB_Hdr(pkt), SMB_negrLM_mbs_offset);
Con_Handle -> MaxMPX = SVAL(SMB_Hdr(pkt), SMB_negrLM_mmc_offset);
Con_Handle -> MaxVC = SVAL(SMB_Hdr(pkt), SMB_negrLM_mnv_offset);
Con_Handle -> Raw_Support = SVAL(SMB_Hdr(pkt), SMB_negrLM_rm_offset);
Con_Handle -> SessionKey = IVAL(SMB_Hdr(pkt), SMB_negrLM_sk_offset);
Con_Handle -> SvrTZ = SVAL(SMB_Hdr(pkt), SMB_negrLM_stz_offset);
Con_Handle -> Encrypt_Key_Len = SVAL(SMB_Hdr(pkt), SMB_negrLM_ekl_offset);
smb/smbval/smblib-util.c view on Meta::CPAN
p = (SMB_Hdr(pkt) + SMB_negrLM_buf_offset + Con_Handle -> Encrypt_Key_Len);
strncpy(p, Con_Handle -> Svr_PDom, sizeof(Con_Handle -> Svr_PDom) - 1);
break;
case 17: /* NT LM 0.12 and LN LM 1.0 */
Con_Handle -> Security = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_sec_offset);
Con_Handle -> encrypt_passwords = ((Con_Handle -> Security & SMB_sec_encrypt_mask) != 0x00);
Con_Handle -> Security = Con_Handle -> Security & SMB_sec_user_mask;
Con_Handle -> max_xmit = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_mbs_offset);
Con_Handle -> MaxMPX = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_mmc_offset);
Con_Handle -> MaxVC = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_mnv_offset);
Con_Handle -> MaxRaw = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_mrs_offset);
Con_Handle -> SessionKey = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_sk_offset);
Con_Handle -> SvrTZ = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_stz_offset);
Con_Handle -> Encrypt_Key_Len = CVAL(SMB_Hdr(pkt), SMB_negrNTLM_ekl_offset);
smb/smbval/smblib-util.c view on Meta::CPAN
/* only keep the portion up to the first "." */
}
/* Send a TCON to the remote server ... */
SMB_Tree_Handle SMB_TreeConnect(SMB_Handle_Type Con_Handle,
SMB_Tree_Handle Tree_Handle,
char *path,
char *password,
char *device)
{ struct RFCNB_Pkt *pkt;
int param_len, i, pkt_len;
char *p;
SMB_Tree_Handle tree;
/* Figure out how much space is needed for path, password, dev ... */
if (path == NULL || password == NULL || device == NULL) {
#ifdef DEBUG
fprintf(stderr, "Bad parameter passed to SMB_TreeConnect\n");
#endif
SMBlib_errno = SMBlibE_BadParam;
return(NULL);
}
/* The + 2 is because of the \0 and the marker ... */
param_len = strlen(path) + 2 + strlen(password) + 2 + strlen(device) + 2;
/* The -1 accounts for the one byte smb_buf we have because some systems */
/* don't like char msg_buf[] */
pkt_len = SMB_tcon_len + param_len;
pkt = (struct RFCNB_Pkt *)RFCNB_Alloc_Pkt(pkt_len);
if (pkt == NULL) {
smb/smbval/smblib-util.c view on Meta::CPAN
SSVAL(SMB_Hdr(pkt), SMB_tcon_bcc_offset, param_len);
/* Now copy the param strings in with the right stuff */
p = (char *)(SMB_Hdr(pkt) + SMB_tcon_buf_offset);
*p = SMBasciiID;
strcpy(p + 1, path);
p = p + strlen(path) + 2;
*p = SMBasciiID;
strcpy(p + 1, password);
p = p + strlen(password) + 2;
*p = SMBasciiID;
strcpy(p + 1, device);
/* Now send the packet and sit back ... */
if (RFCNB_Send(Con_Handle -> Trans_Connect, pkt, pkt_len) < 0){
#ifdef DEBUG
fprintf(stderr, "Error sending TCon request\n");
#endif
smb/smbval/smblib.c view on Meta::CPAN
SMBlib_errno = SMBlibE_NoSpace;
return NULL;
}
}
/* Init some things ... */
strcpy(con -> service, "");
strcpy(con -> username, "");
strcpy(con -> password, "");
strcpy(con -> sock_options, "");
strcpy(con -> address, "");
strcpy(con -> desthost, server);
strcpy(con -> PDomain, NTdomain);
strcpy(con -> OSName, SMBLIB_DEFAULT_OSNAME);
strcpy(con -> LMType, SMBLIB_DEFAULT_LMTYPE);
con -> first_tree = con -> last_tree = NULL;
SMB_Get_My_Name(con -> myname, sizeof(con -> myname));
smb/smbval/smblib.c view on Meta::CPAN
/* use the handle passed */
char *SMB_Prots_Restrict[] = {"PC NETWORK PROGRAM 1.0",
NULL};
SMB_Handle_Type SMB_Connect(SMB_Handle_Type Con_Handle,
SMB_Tree_Handle *tree,
char *service,
char *username,
char *password)
{ SMB_Handle_Type con;
char *host, *address;
char temp[80], called[80], calling[80];
int i;
/* Get a connection structure if one does not exist */
con = Con_Handle;
smb/smbval/smblib.c view on Meta::CPAN
SMBlib_errno = SMBlibE_NoSpace;
return NULL;
}
}
/* Init some things ... */
strcpy(con -> service, service);
strcpy(con -> username, username);
strcpy(con -> password, password);
strcpy(con -> sock_options, "");
strcpy(con -> address, "");
strcpy(con -> PDomain, SMBLIB_DEFAULT_DOMAIN);
strcpy(con -> OSName, SMBLIB_DEFAULT_OSNAME);
strcpy(con -> LMType, SMBLIB_DEFAULT_LMTYPE);
con -> first_tree = con -> last_tree = NULL;
SMB_Get_My_Name(con -> myname, sizeof(con -> myname));
con -> port = 0; /* No port selected */
smb/smbval/smblib.c view on Meta::CPAN
/* Hmmm what should we do here ... We have a connection, but could not
negotiate ... */
return NULL;
}
/* Now connect to the service ... */
if ((*tree = SMB_TreeConnect(con, NULL, service, password, "A:")) == NULL) {
return NULL;
}
return(con);
}
/* Logon to the server. That is, do a session setup if we can. We do not do */
smb/smbval/smblib.c view on Meta::CPAN
SMBlib_errno = SMBlibE_ProtLow;
return(SMBlibE_BAD);
}
strcpy(pword, PassWord);
if (precrypted) {
pass_len=24;
memcpy(pword, PassWord, 24);
} else if (Con_Handle -> encrypt_passwords)
{
pass_len=24;
SMBencrypt((uchar *) PassWord, (uchar *)Con_Handle -> Encrypt_Key,(uchar *)pword);
}
else
pass_len=strlen(pword);
/* Now build the correct structure */
smb/smbval/smblib.c view on Meta::CPAN
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_vcn_offset, 1); /* must be one, otherwise server will close all other connections!!! */
SIVAL(SMB_Hdr(pkt), SMB_ssetpLM_snk_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_pwl_offset, pass_len + 1);
SIVAL(SMB_Hdr(pkt), SMB_ssetpLM_res_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_bcc_offset, param_len);
/* Now copy the param strings in with the right stuff */
p = (char *)(SMB_Hdr(pkt) + SMB_ssetpLM_buf_offset);
/* Copy in password, then the rest. Password has a null at end */
memcpy(p, pword, pass_len);
p = p + pass_len + 1;
strcpy(p, UserName);
p = p + strlen(UserName);
*p = 0;
p = p + 1;
smb/smbval/smblib.c view on Meta::CPAN
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cipl_offset, pass_len);
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cspl_offset, 0);
SIVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_res_offset, 0);
SIVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cap_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_bcc_offset, param_len);
/* Now copy the param strings in with the right stuff */
p = (char *)(SMB_Hdr(pkt) + SMB_ssetpNTLM_buf_offset);
/* Copy in password, then the rest. Password has no null at end */
memcpy(p, pword, pass_len);
p = p + pass_len;
strcpy(p, UserName);
p = p + strlen(UserName);
*p = 0;
p = p + 1;
smb/smbval/smblib.h view on Meta::CPAN
void *SMB_Connect(void *Con, void **tree,
char *name, char *User, char *Password);
/* Negotiate a protocol */
int SMB_Negotiate(void *Con_Handle, char *Prots[]);
/* Connect to a tree ... */
void *SMB_TreeConnect(void *con_handle, void *tree_handle,
char *path, char *password, char *dev);
/* Disconnect a tree ... */
int SMB_TreeDisconect(void *tree_handle);
/* Open a file */
void *SMB_Open(void *tree_handle,
void *file_handle,
char *file_name,
smb/smbval/valid.h view on Meta::CPAN
#ifndef _VALID_H_
#define _VALID_H_
/* SMB User verification function */
#define NTV_NO_ERROR 0
#define NTV_SERVER_ERROR 1
#define NTV_PROTOCOL_ERROR 2
#define NTV_LOGON_ERROR 3
int Valid_User(char *username,char *password,char *server, char *backup, char *domain);
void *Valid_User_Connect(char *server,char *backup, char *domain, char *nonce) ;
int Valid_User_Auth(void *handle, char *username,char *password,int precrypt, char * domain) ;
void Valid_User_Disconnect(void *handle) ;
#endif
( run in 1.311 second using v1.01-cache-2.11-cpan-49f99fa48dc )