From 4cf0dc1004abca3376536c0114e6a7f64b51632a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= <marcandre.moreau@gmail.com>
Date: Sun, 6 Jan 2013 16:05:20 -0500
Subject: [PATCH] libwinpr-sspi: improve attempted channel binding token
 computation

---
 winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c | 49 +++++++++++++++++++++++-
 winpr/libwinpr/sspi/test/CMakeLists.txt  |  3 +-
 winpr/libwinpr/sspi/test/TestNTLM.c      |  9 +++++
 3 files changed, 59 insertions(+), 2 deletions(-)
 create mode 100644 winpr/libwinpr/sspi/test/TestNTLM.c

diff --git a/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c b/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
index e2ee412bf..5315ea367 100644
--- a/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
@@ -303,10 +303,29 @@ int test_CertificateHashLength = 32;
 
 char TlsServerEndPointPrefix[] = "tls-server-end-point:";
 
+void ntlm_uint32_to_big_endian(UINT32 num, BYTE be32[4])
+{
+	be32[0] = (num >> 0) & 0xFF;
+	be32[1] = (num >> 8) & 0xFF;
+	be32[2] = (num >> 16) & 0xFF;
+	be32[3] = (num >> 24) & 0xFF;
+}
+
+/*
+typedef struct gss_channel_bindings_struct {
+        OM_uint32 initiator_addrtype;
+        gss_buffer_desc initiator_address;
+        OM_uint32 acceptor_addrtype;
+        gss_buffer_desc acceptor_address;
+        gss_buffer_desc application_data;
+} *gss_channel_bindings_t;
+ */
+
 void ntlm_compute_channel_bindings(NTLM_CONTEXT* context)
 {
 #if 0
 	MD5_CTX md5;
+	BYTE be32[4];
 	int HashLength;
 	int PrefixLength;
 	BYTE* pChannelBindingToken;
@@ -340,11 +359,39 @@ void ntlm_compute_channel_bindings(NTLM_CONTEXT* context)
 	winpr_HexDump((BYTE*) ChannelBindings, context->EndpointBindings.BindingsLength);
 
 	MD5_Init(&md5);
-	MD5_Update(&md5, (void*) context->EndpointBindings.Bindings, context->EndpointBindings.BindingsLength);
+
+	ntlm_uint32_to_big_endian(ChannelBindings->dwInitiatorAddrType, be32);
+	MD5_Update(&md5, be32, 4);
+
+	ntlm_uint32_to_big_endian(ChannelBindings->cbInitiatorLength, be32);
+	MD5_Update(&md5, be32, 4);
+
+	//ntlm_uint32_to_big_endian(ChannelBindings->dwInitiatorOffset, be32);
+	//MD5_Update(&md5, be32, 4);
+
+	ntlm_uint32_to_big_endian(ChannelBindings->dwAcceptorAddrType, be32);
+	MD5_Update(&md5, be32, 4);
+
+	ntlm_uint32_to_big_endian(ChannelBindings->cbAcceptorLength, be32);
+	MD5_Update(&md5, be32, 4);
+
+	//ntlm_uint32_to_big_endian(ChannelBindings->dwAcceptorOffset, be32);
+	//MD5_Update(&md5, be32, 4);
+
+	ntlm_uint32_to_big_endian(ChannelBindings->cbApplicationDataLength, be32);
+	MD5_Update(&md5, be32, 4);
+
+	//ntlm_uint32_to_big_endian(ChannelBindings->dwApplicationDataOffset, be32);
+	//MD5_Update(&md5, be32, 4);
+
+	MD5_Update(&md5, (void*) pChannelBindingToken, ChannelBindingTokenLength);
+
 	MD5_Final(context->ChannelBindingsHash, &md5);
 
 	printf("ChannelBindingsHash:\n");
 	winpr_HexDump(context->ChannelBindingsHash, 16);
+
+	printf("\n\n");
 #endif
 }
 
diff --git a/winpr/libwinpr/sspi/test/CMakeLists.txt b/winpr/libwinpr/sspi/test/CMakeLists.txt
index e1e660e94..694ae997f 100644
--- a/winpr/libwinpr/sspi/test/CMakeLists.txt
+++ b/winpr/libwinpr/sspi/test/CMakeLists.txt
@@ -9,7 +9,8 @@ set(${MODULE_PREFIX}_TESTS
 	TestEnumerateSecurityPackages.c
 	TestInitializeSecurityContext.c
 	TestAcquireCredentialsHandle.c
-	TestSchannel.c)
+	TestSchannel.c
+	TestNTLM.c)
 
 create_test_sourcelist(${MODULE_PREFIX}_SRCS
 	${${MODULE_PREFIX}_DRIVER}
diff --git a/winpr/libwinpr/sspi/test/TestNTLM.c b/winpr/libwinpr/sspi/test/TestNTLM.c
new file mode 100644
index 000000000..f7cf4ad77
--- /dev/null
+++ b/winpr/libwinpr/sspi/test/TestNTLM.c
@@ -0,0 +1,9 @@
+
+#include <winpr/crt.h>
+#include <winpr/sspi.h>
+
+int TestNTLM(int argc, char* argv[])
+{
+	return 0;
+}
+