From dbd6149e01a88962daafe9dee883acbe2c578c03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= Date: Mon, 30 Jul 2012 14:52:50 -0400 Subject: [PATCH] libwinpr-sspi: fix NTLM registry loading --- libfreerdp-crypto/nla.c | 2 +- winpr/registry/registry_reg.c | 8 ++++++-- winpr/sspi/NTLM/ntlm.c | 2 +- winpr/sspi/NTLM/ntlm_message.c | 32 +++++++++++++++++++++----------- 4 files changed, 29 insertions(+), 15 deletions(-) diff --git a/libfreerdp-crypto/nla.c b/libfreerdp-crypto/nla.c index 7346082a2..a88eb2582 100644 --- a/libfreerdp-crypto/nla.c +++ b/libfreerdp-crypto/nla.c @@ -289,7 +289,7 @@ int credssp_client_authenticate(rdpCredssp* credssp) #ifdef WITH_DEBUG_CREDSSP printf("Sending Authentication Token\n"); - //winpr_HexDump(credssp->negoToken.pvBuffer, credssp->negoToken.cbBuffer); + winpr_HexDump(credssp->negoToken.pvBuffer, credssp->negoToken.cbBuffer); #endif credssp_send(credssp); diff --git a/winpr/registry/registry_reg.c b/winpr/registry/registry_reg.c index c07bd4618..feeab5684 100644 --- a/winpr/registry/registry_reg.c +++ b/winpr/registry/registry_reg.c @@ -27,6 +27,9 @@ #define WINPR_HKLM_HIVE "/etc/winpr/HKLM.reg" +void reg_print_key(Reg* reg, RegKey* key); +void reg_print_value(Reg* reg, RegVal* value); + struct reg_data_type { char* tag; @@ -197,11 +200,12 @@ void reg_insert_key(Reg* reg, RegKey* key, RegKey* subkey) { char* name; char* path; + char* save; int length; path = _strdup(subkey->name); - name = strtok(path, "\\"); + name = strtok_r(path, "\\", &save); while (name != NULL) { @@ -212,7 +216,7 @@ void reg_insert_key(Reg* reg, RegKey* key, RegKey* subkey) subkey->subname = _strdup(name); } - name = strtok(NULL, "\\"); + name = strtok_r(NULL, "\\", &save); } free(path); diff --git a/winpr/sspi/NTLM/ntlm.c b/winpr/sspi/NTLM/ntlm.c index 6474328d6..1a518651a 100644 --- a/winpr/sspi/NTLM/ntlm.c +++ b/winpr/sspi/NTLM/ntlm.c @@ -108,7 +108,7 @@ NTLM_CONTEXT* ntlm_ContextNew() DWORD dwSize; DWORD dwValue; - context->NTLMv2 = FALSE; + context->NTLMv2 = TRUE; context->UseMIC = FALSE; context->SendVersionInfo = TRUE; diff --git a/winpr/sspi/NTLM/ntlm_message.c b/winpr/sspi/NTLM/ntlm_message.c index aba9dbfcd..8f5348d37 100644 --- a/winpr/sspi/NTLM/ntlm_message.c +++ b/winpr/sspi/NTLM/ntlm_message.c @@ -398,6 +398,12 @@ SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buf ntlm_print_message_fields(&(message.TargetName), "TargetName"); ntlm_print_message_fields(&(message.TargetInfo), "TargetInfo"); + + if (context->ChallengeTargetInfo.cbBuffer > 0) + { + printf("ChallengeTargetInfo (%d):\n", (int) context->ChallengeTargetInfo.cbBuffer); + ntlm_print_av_pair_list(context->ChallengeTargetInfo.pvBuffer); + } #endif /* AV_PAIRs */ @@ -862,11 +868,15 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer { message.NegotiateFlags |= NTLMSSP_NEGOTIATE_56; message.NegotiateFlags |= NTLMSSP_NEGOTIATE_VERSION; + message.NegotiateFlags |= NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED; } if (context->UseMIC) message.NegotiateFlags |= NTLMSSP_NEGOTIATE_TARGET_INFO; + if (context->confidentiality) + message.NegotiateFlags |= NTLMSSP_NEGOTIATE_SEAL; + message.NegotiateFlags |= NTLMSSP_NEGOTIATE_KEY_EXCH; message.NegotiateFlags |= NTLMSSP_NEGOTIATE_128; message.NegotiateFlags |= NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY; @@ -879,14 +889,11 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION) ntlm_get_version_info(&(message.Version)); - message.Workstation.Len = context->Workstation.Length; - message.Workstation.Buffer = (BYTE*) context->Workstation.Buffer; - - if (!context->NTLMv2) - message.Workstation.Len = 0; - - if (message.Workstation.Len > 0) - message.NegotiateFlags |= NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED; + if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED) + { + message.Workstation.Len = context->Workstation.Length; + message.Workstation.Buffer = (BYTE*) context->Workstation.Buffer; + } message.DomainName.Len = (UINT16) context->identity.DomainLength * 2; message.DomainName.Buffer = (BYTE*) context->identity.Domain; @@ -906,9 +913,6 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer message.EncryptedRandomSessionKey.Len = 16; message.EncryptedRandomSessionKey.Buffer = context->EncryptedRandomSessionKey; - if (context->confidentiality) - message.NegotiateFlags |= NTLMSSP_NEGOTIATE_SEAL; - PayloadBufferOffset = 64; if (context->UseMIC) @@ -1006,6 +1010,12 @@ SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer if (message.NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION) ntlm_print_version_info(&(message.Version)); + if (context->AuthenticateTargetInfo.cbBuffer > 0) + { + printf("AuthenticateTargetInfo (%d):\n", (int) context->AuthenticateTargetInfo.cbBuffer); + ntlm_print_av_pair_list(context->AuthenticateTargetInfo.pvBuffer); + } + ntlm_print_message_fields(&(message.DomainName), "DomainName"); ntlm_print_message_fields(&(message.UserName), "UserName"); ntlm_print_message_fields(&(message.Workstation), "Workstation");