From 8087d844ef59a82617be51f7c887b9bafe362f80 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 3 Jun 2004 23:15:16 +0000 Subject: r995: - renamed many of our crypto routines to use the industry standard names rather than our crazy naming scheme. So DES is now called des_crypt() rather than smbhash() - added the code from the solution of the ADS crypto challenge that allows Samba to correctly handle a 128 bit session key in all of the netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard from PADL for solving this one! - restructured the server side rpc authentication to allow for other than NTLMSSP sign and seal. This commit just adds the structure, the next commit will add schannel server side support. - added 128 bit session key support to our client side code, and testing against w2k3 with smbtorture. Works well. (This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee) --- source4/auth/auth_util.c | 4 +- source4/lib/crypto/hmacmd5.c | 2 +- source4/libcli/auth/credentials.c | 106 +++++++++++++++------- source4/libcli/auth/credentials.h | 6 +- source4/libcli/auth/ntlmssp.c | 8 +- source4/libcli/auth/schannel.c | 10 +-- source4/libcli/auth/session.c | 2 +- source4/libcli/util/smbdes.c | 69 +++++++++------ source4/librpc/rpc/dcerpc_schannel.c | 3 +- source4/rpc_server/config.mk | 1 + source4/rpc_server/dcerpc_server.c | 2 +- source4/rpc_server/dcerpc_server.h | 2 +- source4/rpc_server/dcesrv_auth.c | 95 ++++++++------------ source4/rpc_server/dcesrv_crypto.c | 122 ++++++++++++++++++++++++++ source4/rpc_server/epmapper/rpc_epmapper.c | 4 +- source4/rpc_server/netlogon/dcerpc_netlogon.c | 9 +- source4/rpc_server/samr/samr_password.c | 8 +- source4/torture/rpc/netlogon.c | 12 ++- source4/torture/rpc/samr.c | 18 ++-- 19 files changed, 326 insertions(+), 157 deletions(-) create mode 100644 source4/rpc_server/dcesrv_crypto.c diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index 929390ad78..bdbc818822 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -222,10 +222,10 @@ BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info, #endif if (lm_interactive_pwd) - SamOEMhash((uint8_t *)lm_pwd, key, sizeof(lm_pwd)); + arcfour_crypt((uint8_t *)lm_pwd, key, sizeof(lm_pwd)); if (nt_interactive_pwd) - SamOEMhash((uint8_t *)nt_pwd, key, sizeof(nt_pwd)); + arcfour_crypt((uint8_t *)nt_pwd, key, sizeof(nt_pwd)); #ifdef DEBUG_PASSWORD DEBUG(100,("decrypt of lm owf password:")); diff --git a/source4/lib/crypto/hmacmd5.c b/source4/lib/crypto/hmacmd5.c index 0d52e36858..9b24279f71 100644 --- a/source4/lib/crypto/hmacmd5.c +++ b/source4/lib/crypto/hmacmd5.c @@ -28,7 +28,7 @@ /*********************************************************************** the rfc 2104 version of hmac_md5 initialisation. ***********************************************************************/ -void hmac_md5_init_rfc2104(uint8_t *key, int key_len, HMACMD5Context *ctx) +void hmac_md5_init_rfc2104(const uint8_t *key, int key_len, HMACMD5Context *ctx) { int i; diff --git a/source4/libcli/auth/credentials.c b/source4/libcli/auth/credentials.c index cf6d0cca62..27a3e32cf3 100644 --- a/source4/libcli/auth/credentials.c +++ b/source4/libcli/auth/credentials.c @@ -24,38 +24,66 @@ #include "includes.h" /* - initialise the credentials state + initialise the credentials state for old-style 64 bit session keys this call is made after the netr_ServerReqChallenge call */ -static void creds_init(struct creds_CredentialState *creds, - const struct netr_Credential *client_challenge, - const struct netr_Credential *server_challenge, - const uint8_t machine_password[16]) +static void creds_init_64bit(struct creds_CredentialState *creds, + const struct netr_Credential *client_challenge, + const struct netr_Credential *server_challenge, + const uint8_t machine_password[16]) { - struct netr_Credential time_cred; uint32_t sum[2]; uint8_t sum2[8]; - dump_data_pw("Client chall", client_challenge->data, sizeof(client_challenge->data)); - dump_data_pw("Server chall", server_challenge->data, sizeof(server_challenge->data)); - dump_data_pw("Machine Pass", machine_password, 16); - sum[0] = IVAL(client_challenge->data, 0) + IVAL(server_challenge->data, 0); sum[1] = IVAL(client_challenge->data, 4) + IVAL(server_challenge->data, 4); SIVAL(sum2,0,sum[0]); SIVAL(sum2,4,sum[1]); - cred_hash1(creds->session_key, sum2, machine_password); + ZERO_STRUCT(creds->session_key); - SIVAL(time_cred.data, 0, IVAL(client_challenge->data, 0)); - SIVAL(time_cred.data, 4, IVAL(client_challenge->data, 4)); - cred_hash2(creds->client.data, time_cred.data, creds->session_key, 1); + des_crypt128(creds->session_key, sum2, machine_password); - SIVAL(time_cred.data, 0, IVAL(server_challenge->data, 0)); - SIVAL(time_cred.data, 4, IVAL(server_challenge->data, 4)); - cred_hash2(creds->server.data, time_cred.data, creds->session_key, 1); + des_crypt112(creds->client.data, client_challenge->data, creds->session_key, 1); + des_crypt112(creds->server.data, server_challenge->data, creds->session_key, 1); + + creds->seed = creds->client; +} + +/* + initialise the credentials state for ADS-style 128 bit session keys + + this call is made after the netr_ServerReqChallenge call +*/ +static void creds_init_128bit(struct creds_CredentialState *creds, + const struct netr_Credential *client_challenge, + const struct netr_Credential *server_challenge, + const uint8_t machine_password[16]) +{ + unsigned char zero[4], tmp[16]; + HMACMD5Context ctx; + struct MD5Context md5; + + ZERO_STRUCT(creds->session_key); + + memset(zero, 0, sizeof(zero)); + + hmac_md5_init_rfc2104(machine_password, 16, &ctx); + MD5Init(&md5); + MD5Update(&md5, zero, sizeof(zero)); + MD5Update(&md5, client_challenge->data, 8); + MD5Update(&md5, server_challenge->data, 8); + MD5Final(tmp, &md5); + hmac_md5_update(tmp, 16, &ctx); + hmac_md5_final(creds->session_key, &ctx); + + creds->client = *client_challenge; + creds->server = *server_challenge; + + des_crypt112(creds->client.data, client_challenge->data, creds->session_key, 1); + des_crypt112(creds->server.data, server_challenge->data, creds->session_key, 1); creds->seed = creds->client; } @@ -77,7 +105,7 @@ static void creds_step(struct creds_CredentialState *creds) DEBUG(5,("\tseed+time %08x:%08x\n", IVAL(time_cred.data, 0), IVAL(time_cred.data, 4))); - cred_hash2(creds->client.data, time_cred.data, creds->session_key, 1); + des_crypt112(creds->client.data, time_cred.data, creds->session_key, 1); DEBUG(5,("\tCLIENT %08x:%08x\n", IVAL(creds->client.data, 0), IVAL(creds->client.data, 4))); @@ -88,7 +116,7 @@ static void creds_step(struct creds_CredentialState *creds) DEBUG(5,("\tseed+time+1 %08x:%08x\n", IVAL(time_cred.data, 0), IVAL(time_cred.data, 4))); - cred_hash2(creds->server.data, time_cred.data, creds->session_key, 1); + des_crypt112(creds->server.data, time_cred.data, creds->session_key, 1); DEBUG(5,("\tSERVER %08x:%08x\n", IVAL(creds->server.data, 0), IVAL(creds->server.data, 4))); @@ -103,7 +131,7 @@ static void creds_step(struct creds_CredentialState *creds) void creds_des_encrypt(struct creds_CredentialState *creds, struct netr_Password *pass) { struct netr_Password tmp; - cred_hash3(tmp.data, pass->data, creds->session_key, 1); + des_crypt112_16(tmp.data, pass->data, creds->session_key, 1); *pass = tmp; } @@ -113,7 +141,7 @@ void creds_des_encrypt(struct creds_CredentialState *creds, struct netr_Password void creds_des_decrypt(struct creds_CredentialState *creds, struct netr_Password *pass) { struct netr_Password tmp; - cred_hash3(tmp.data, pass->data, creds->session_key, 0); + des_crypt112_16(tmp.data, pass->data, creds->session_key, 0); *pass = tmp; } @@ -122,12 +150,9 @@ void creds_des_decrypt(struct creds_CredentialState *creds, struct netr_Password */ void creds_arcfour_crypt(struct creds_CredentialState *creds, char *data, size_t len) { - DATA_BLOB session_key = data_blob(NULL, 16); - - memcpy(&session_key.data[0], creds->session_key, 8); - memset(&session_key.data[8], '\0', 8); + DATA_BLOB session_key = data_blob(creds->session_key, 16); - SamOEMhashBlob(data, len, &session_key); + arcfour_crypt_blob(data, len, &session_key); data_blob_free(&session_key); } @@ -145,10 +170,24 @@ void creds_client_init(struct creds_CredentialState *creds, const struct netr_Credential *client_challenge, const struct netr_Credential *server_challenge, const uint8_t machine_password[16], - struct netr_Credential *initial_credential) + struct netr_Credential *initial_credential, + uint32_t negotiate_flags) { creds->sequence = time(NULL); - creds_init(creds, client_challenge, server_challenge, machine_password); + creds->negotiate_flags = negotiate_flags; + + dump_data_pw("Client chall", client_challenge->data, sizeof(client_challenge->data)); + dump_data_pw("Server chall", server_challenge->data, sizeof(server_challenge->data)); + dump_data_pw("Machine Pass", machine_password, 16); + + if (negotiate_flags & NETLOGON_NEG_128BIT) { + creds_init_128bit(creds, client_challenge, server_challenge, machine_password); + } else { + creds_init_64bit(creds, client_challenge, server_challenge, machine_password); + } + + dump_data_pw("Session key", creds->session_key, 16); + dump_data_pw("Credential ", creds->client.data, 8); *initial_credential = creds->client; } @@ -198,9 +237,16 @@ void creds_server_init(struct creds_CredentialState *creds, const struct netr_Credential *client_challenge, const struct netr_Credential *server_challenge, const uint8_t machine_password[16], - struct netr_Credential *initial_credential) + struct netr_Credential *initial_credential, + uint32_t negotiate_flags) { - creds_init(creds, client_challenge, server_challenge, machine_password); + if (negotiate_flags & NETLOGON_NEG_128BIT) { + creds_init_128bit(creds, client_challenge, server_challenge, + machine_password); + } else { + creds_init_64bit(creds, client_challenge, server_challenge, + machine_password); + } *initial_credential = creds->server; } diff --git a/source4/libcli/auth/credentials.h b/source4/libcli/auth/credentials.h index 20eed73cc0..de0e086278 100644 --- a/source4/libcli/auth/credentials.h +++ b/source4/libcli/auth/credentials.h @@ -21,7 +21,8 @@ */ struct creds_CredentialState { - uint8_t session_key[8]; + uint32_t negotiate_flags; + uint8_t session_key[16]; uint32_t sequence; struct netr_Credential seed; struct netr_Credential client; @@ -29,6 +30,9 @@ struct creds_CredentialState { }; +#define NETLOGON_NEG_128BIT 0x4000 + + /* for the timebeing, use the same neg flags as Samba3. */ /* The 7 here seems to be required to get Win2k not to downgrade us to NT4. Actually, anything other than 1ff would seem to do... */ diff --git a/source4/libcli/auth/ntlmssp.c b/source4/libcli/auth/ntlmssp.c index 49935f0acb..5916faf513 100644 --- a/source4/libcli/auth/ntlmssp.c +++ b/source4/libcli/auth/ntlmssp.c @@ -792,9 +792,9 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state, dump_data_pw("KEY_EXCH session key (enc):\n", ntlmssp_state->encrypted_session_key.data, ntlmssp_state->encrypted_session_key.length); - SamOEMhash(ntlmssp_state->encrypted_session_key.data, - session_key.data, - ntlmssp_state->encrypted_session_key.length); + arcfour_crypt(ntlmssp_state->encrypted_session_key.data, + session_key.data, + ntlmssp_state->encrypted_session_key.length); ntlmssp_state->session_key = data_blob_talloc(ntlmssp_state->mem_ctx, ntlmssp_state->encrypted_session_key.data, ntlmssp_state->encrypted_session_key.length); @@ -1191,7 +1191,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, encrypted_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, client_session_key, sizeof(client_session_key)); dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data, encrypted_session_key.length); - SamOEMhash(encrypted_session_key.data, session_key.data, encrypted_session_key.length); + arcfour_crypt(encrypted_session_key.data, session_key.data, encrypted_session_key.length); dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length); /* Mark the new session key as the 'real' session key */ diff --git a/source4/libcli/auth/schannel.c b/source4/libcli/auth/schannel.c index 666eb811ae..294873feff 100644 --- a/source4/libcli/auth/schannel.c +++ b/source4/libcli/auth/schannel.c @@ -35,7 +35,7 @@ static void netsec_deal_with_seq_num(struct schannel_state *state, hmac_md5(state->session_key, zeros, sizeof(zeros), digest1); hmac_md5(digest1, packet_digest, 8, sequence_key); - SamOEMhash(seq_num, sequence_key, 8); + arcfour_crypt(seq_num, sequence_key, 8); state->seq_num++; } @@ -113,8 +113,8 @@ NTSTATUS schannel_unseal_packet(struct schannel_state *state, SIVAL(seq_num, 4, state->initiator?0:0x80); netsec_get_sealing_key(state->session_key, seq_num, sealing_key); - SamOEMhash(confounder, sealing_key, 8); - SamOEMhash(data, sealing_key, length); + arcfour_crypt(confounder, sealing_key, 8); + arcfour_crypt(data, sealing_key, length); schannel_digest(state->session_key, netsec_sig, confounder, @@ -204,8 +204,8 @@ NTSTATUS schannel_seal_packet(struct schannel_state *state, data, length, digest_final); netsec_get_sealing_key(state->session_key, seq_num, sealing_key); - SamOEMhash(confounder, sealing_key, 8); - SamOEMhash(data, sealing_key, length); + arcfour_crypt(confounder, sealing_key, 8); + arcfour_crypt(data, sealing_key, length); netsec_deal_with_seq_num(state, digest_final, seq_num); diff --git a/source4/libcli/auth/session.c b/source4/libcli/auth/session.c index 1176d7fd0d..598f2d4f28 100644 --- a/source4/libcli/auth/session.c +++ b/source4/libcli/auth/session.c @@ -47,7 +47,7 @@ void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *sessi } memcpy(key, &session_key->data[k], 7); - smbhash(bout, bin, key, forward?1:0); + des_crypt56(bout, bin, key, forward?1:0); memcpy(&out->data[i], bout, MIN(8, in->length-i)); } diff --git a/source4/libcli/util/smbdes.c b/source4/libcli/util/smbdes.c index 967d0ffb82..2492f9a1ba 100644 --- a/source4/libcli/util/smbdes.c +++ b/source4/libcli/util/smbdes.c @@ -273,8 +273,10 @@ static void str_to_key(const uint8_t *str,uint8_t *key) } } - -void smbhash(uint8_t *out, const uint8_t *in, const uint8_t *key, int forw) +/* + basic des crypt using a 56 bit (7 byte) key +*/ +void des_crypt56(uint8_t out[8], const uint8_t in[8], const uint8_t key[7], int forw) { int i; char outb[64]; @@ -305,58 +307,67 @@ void smbhash(uint8_t *out, const uint8_t *in, const uint8_t *key, int forw) void E_P16(const uint8_t *p14,uint8_t *p16) { const uint8_t sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; - smbhash(p16, sp8, p14, 1); - smbhash(p16+8, sp8, p14+7, 1); + des_crypt56(p16, sp8, p14, 1); + des_crypt56(p16+8, sp8, p14+7, 1); } void E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24) { - smbhash(p24, c8, p21, 1); - smbhash(p24+8, c8, p21+7, 1); - smbhash(p24+16, c8, p21+14, 1); + des_crypt56(p24, c8, p21, 1); + des_crypt56(p24+8, c8, p21+7, 1); + des_crypt56(p24+16, c8, p21+14, 1); } void D_P16(const uint8_t *p14, const uint8_t *in, uint8_t *out) { - smbhash(out, in, p14, 0); - smbhash(out+8, in+8, p14+7, 0); + des_crypt56(out, in, p14, 0); + des_crypt56(out+8, in+8, p14+7, 0); } void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out) { - smbhash(out, in, p14, 1); - smbhash(out+8, in+8, p14+7, 1); + des_crypt56(out, in, p14, 1); + des_crypt56(out+8, in+8, p14+7, 1); } -void cred_hash1(uint8_t *out, const uint8_t *in, const uint8_t *key) +/* des encryption with a 128 bit key */ +void des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16]) { uint8_t buf[8]; - - smbhash(buf, in, key, 1); - smbhash(out, buf, key+9, 1); + des_crypt56(buf, in, key, 1); + des_crypt56(out, buf, key+9, 1); } -void cred_hash2(uint8_t *out, const uint8_t *in, const uint8_t *key, int forw) +/* des encryption with a 64 bit key */ +void des_crypt64(uint8_t out[8], const uint8_t in[8], const uint8_t key[8], int forw) { uint8_t buf[8]; uint8_t key2[8]; ZERO_STRUCT(key2); - smbhash(buf, in, key, forw); + des_crypt56(buf, in, key, forw); key2[0] = key[7]; - smbhash(out, buf, key2, forw); + des_crypt56(out, buf, key2, forw); } -void cred_hash3(uint8_t *out, uint8_t *in, const uint8_t *key, int forw) +/* des encryption with a 112 bit (14 byte) key */ +void des_crypt112(uint8_t out[8], const uint8_t in[8], const uint8_t key[14], int forw) { - uint8_t key2[8]; - ZERO_STRUCT(key2); - smbhash(out, in, key, forw); - key2[0] = key[7]; - smbhash(out + 8, in + 8, key2, forw); + uint8_t buf[8]; + des_crypt56(buf, in, key, forw); + des_crypt56(out, buf, key+7, forw); } +/* des encryption of a 16 byte lump of data with a 112 bit key */ +void des_crypt112_16(uint8_t out[16], uint8_t in[16], const uint8_t key[14], int forw) +{ + des_crypt56(out, in, key, forw); + des_crypt56(out + 8, in + 8, key+7, forw); +} -void SamOEMhashBlob(uint8_t *data, int len, const DATA_BLOB *key) +/* + arcfour encryption with a blob key +*/ +void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key) { uint8_t s_box[256]; uint8_t index_i = 0; @@ -397,11 +408,11 @@ void SamOEMhashBlob(uint8_t *data, int len, const DATA_BLOB *key) a varient that assumes a 16 byte key. This should be removed when the last user is gone */ -void SamOEMhash(uint8_t *data, const uint8_t keystr[16], int len) +void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len) { DATA_BLOB key = data_blob(keystr, 16); - SamOEMhashBlob(data, len, &key); + arcfour_crypt_blob(data, len, &key); data_blob_free(&key); } @@ -419,6 +430,6 @@ void sam_pwd_hash(uint_t rid, const uint8_t *in, uint8_t *out, int forw) s[2] = s[6] = s[10] = (uint8_t)((rid >> 16) & 0xFF); s[3] = s[7] = s[11] = (uint8_t)((rid >> 24) & 0xFF); - smbhash(out, in, s, forw); - smbhash(out+8, in+8, s+7, forw); + des_crypt56(out, in, s, forw); + des_crypt56(out+8, in+8, s+7, forw); } diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c index 1874de726b..b4dbfbb5a5 100644 --- a/source4/librpc/rpc/dcerpc_schannel.c +++ b/source4/librpc/rpc/dcerpc_schannel.c @@ -124,7 +124,8 @@ NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p, step 3 - authenticate on the netlogon pipe */ E_md4hash(password, mach_pwd); - creds_client_init(&creds, &credentials1, &credentials2, mach_pwd, &credentials3); + creds_client_init(&creds, &credentials1, &credentials2, mach_pwd, &credentials3, + negotiate_flags); a.in.server_name = r.in.server_name; a.in.username = talloc_asprintf(p->mem_ctx, "%s$", workstation); diff --git a/source4/rpc_server/config.mk b/source4/rpc_server/config.mk index da6adaa220..4f8b4796fd 100644 --- a/source4/rpc_server/config.mk +++ b/source4/rpc_server/config.mk @@ -122,6 +122,7 @@ INIT_OBJ_FILES = \ ADD_OBJ_FILES = \ rpc_server/dcerpc_tcp.o \ rpc_server/dcesrv_auth.o \ + rpc_server/dcesrv_crypto.o \ rpc_server/handles.o # # End SUBSYSTEM DCERPC diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 683be7225b..fd806c5289 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -268,7 +268,7 @@ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx, (*p)->cli_max_recv_frag = 0; (*p)->handles = NULL; (*p)->partial_input = data_blob(NULL, 0); - (*p)->auth_state.ntlmssp_state = NULL; + (*p)->auth_state.crypto_state = NULL; (*p)->auth_state.auth_info = NULL; (*p)->session_key = data_blob(NULL, 0); diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h index 2d833ebd58..bdda8f252f 100644 --- a/source4/rpc_server/dcerpc_server.h +++ b/source4/rpc_server/dcerpc_server.h @@ -95,7 +95,7 @@ struct dcesrv_handle { /* hold the authentication state information */ struct dcesrv_auth { - struct auth_ntlmssp_state *ntlmssp_state; + void *crypto_state; struct dcerpc_auth *auth_info; }; diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c index 48792180c6..7aa296c245 100644 --- a/source4/rpc_server/dcesrv_auth.c +++ b/source4/rpc_server/dcesrv_auth.c @@ -22,7 +22,6 @@ #include "includes.h" - /* parse any auth information from a dcerpc bind request return False if we can't handle the auth request for some @@ -52,24 +51,11 @@ BOOL dcesrv_auth_bind(struct dcesrv_call_state *call) return False; } - if (dce_conn->auth_state.auth_info->auth_type != DCERPC_AUTH_TYPE_NTLMSSP) { - /* only do NTLMSSP for now */ - DEBUG(2,("auth_type %d not supported\n", dce_conn->auth_state.auth_info->auth_type)); - return False; - } - - if (dce_conn->auth_state.auth_info->auth_level != DCERPC_AUTH_LEVEL_INTEGRITY && - dce_conn->auth_state.auth_info->auth_level != DCERPC_AUTH_LEVEL_PRIVACY) { - DEBUG(2,("auth_level %d not supported\n", dce_conn->auth_state.auth_info->auth_level)); - return False; - } - - status = auth_ntlmssp_start(&dce_conn->auth_state.ntlmssp_state); + status = dcesrv_crypto_startup(dce_conn, &dce_conn->auth_state); if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("Failed to start NTLMSSP subsystem!\n")); return False; } - + return True; } @@ -81,17 +67,17 @@ BOOL dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct dcerpc_packet * struct dcesrv_connection *dce_conn = call->conn; NTSTATUS status; - if (!call->conn->auth_state.ntlmssp_state) { + if (!call->conn->auth_state.crypto_state) { return True; } - status = auth_ntlmssp_update(dce_conn->auth_state.ntlmssp_state, - call->mem_ctx, - dce_conn->auth_state.auth_info->credentials, - &dce_conn->auth_state.auth_info->credentials); + status = dcesrv_crypto_update(&dce_conn->auth_state, + call->mem_ctx, + dce_conn->auth_state.auth_info->credentials, + &dce_conn->auth_state.auth_info->credentials); if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - DEBUG(2, ("Failed to start NTLMSSP process NTLMSSP negotiate: %s\n", nt_errstr(status))); + DEBUG(2, ("Failed to start dcesrv auth negotiate: %s\n", nt_errstr(status))); return False; } @@ -103,7 +89,7 @@ BOOL dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct dcerpc_packet * /* - process the final stage of a NTLMSSP auth request + process the final stage of a auth request */ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call) { @@ -112,7 +98,7 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call) NTSTATUS status; if (!dce_conn->auth_state.auth_info || - !dce_conn->auth_state.ntlmssp_state || + !dce_conn->auth_state.crypto_state || pkt->u.auth.auth_info.length == 0) { return False; } @@ -125,20 +111,13 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call) return False; } - if (dce_conn->auth_state.auth_info->auth_type != DCERPC_AUTH_TYPE_NTLMSSP) { - return False; - } - if (dce_conn->auth_state.auth_info->auth_level != DCERPC_AUTH_LEVEL_INTEGRITY && - dce_conn->auth_state.auth_info->auth_level != DCERPC_AUTH_LEVEL_PRIVACY) { - return False; - } - - status = auth_ntlmssp_update(dce_conn->auth_state.ntlmssp_state, - call->mem_ctx, - dce_conn->auth_state.auth_info->credentials, - &dce_conn->auth_state.auth_info->credentials); + status = dcesrv_crypto_update(&dce_conn->auth_state, + call->mem_ctx, + dce_conn->auth_state.auth_info->credentials, + &dce_conn->auth_state.auth_info->credentials); if (!NT_STATUS_IS_OK(status)) { - DEBUG(4, ("User failed to authenticated with NTLMSSP: %s\n", nt_errstr(status))); + DEBUG(4, ("dcesrv_auth_auth3: failed to authenticate: %s\n", + nt_errstr(status))); return False; } @@ -159,7 +138,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call) NTSTATUS status; if (!dce_conn->auth_state.auth_info || - !dce_conn->auth_state.ntlmssp_state) { + !dce_conn->auth_state.crypto_state) { return True; } @@ -193,21 +172,21 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call) /* check signature or unseal the packet */ switch (dce_conn->auth_state.auth_info->auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: - status = ntlmssp_unseal_packet(dce_conn->auth_state.ntlmssp_state->ntlmssp_state, - call->mem_ctx, - pkt->u.request.stub_and_verifier.data, - pkt->u.request.stub_and_verifier.length, - &auth.credentials); - break; - - case DCERPC_AUTH_LEVEL_INTEGRITY: - status = ntlmssp_check_packet(dce_conn->auth_state.ntlmssp_state->ntlmssp_state, + status = dcesrv_crypto_unseal(&dce_conn->auth_state, call->mem_ctx, pkt->u.request.stub_and_verifier.data, pkt->u.request.stub_and_verifier.length, &auth.credentials); break; + case DCERPC_AUTH_LEVEL_INTEGRITY: + status = dcesrv_crypto_check_sig(&dce_conn->auth_state, + call->mem_ctx, + pkt->u.request.stub_and_verifier.data, + pkt->u.request.stub_and_verifier.length, + &auth.credentials); + break; + default: status = NT_STATUS_INVALID_LEVEL; break; @@ -234,7 +213,7 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call, struct ndr_push *ndr; /* non-signed packets are simple */ - if (!dce_conn->auth_state.auth_info || !dce_conn->auth_state.ntlmssp_state) { + if (!dce_conn->auth_state.auth_info || !dce_conn->auth_state.crypto_state) { status = dcerpc_push_auth(blob, call->mem_ctx, pkt, NULL); return NT_STATUS_IS_OK(status); } @@ -260,19 +239,19 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call, /* sign or seal the packet */ switch (dce_conn->auth_state.auth_info->auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: - status = ntlmssp_seal_packet(dce_conn->auth_state.ntlmssp_state->ntlmssp_state, - call->mem_ctx, - ndr->data + DCERPC_REQUEST_LENGTH, - ndr->offset - DCERPC_REQUEST_LENGTH, - &dce_conn->auth_state.auth_info->credentials); + status = dcesrv_crypto_seal(&dce_conn->auth_state, + call->mem_ctx, + ndr->data + DCERPC_REQUEST_LENGTH, + ndr->offset - DCERPC_REQUEST_LENGTH, + &dce_conn->auth_state.auth_info->credentials); break; case DCERPC_AUTH_LEVEL_INTEGRITY: - status = ntlmssp_sign_packet(dce_conn->auth_state.ntlmssp_state->ntlmssp_state, - call->mem_ctx, - ndr->data + DCERPC_REQUEST_LENGTH, - ndr->offset - DCERPC_REQUEST_LENGTH, - &dce_conn->auth_state.auth_info->credentials); + status = dcesrv_crypto_sign(&dce_conn->auth_state, + call->mem_ctx, + ndr->data + DCERPC_REQUEST_LENGTH, + ndr->offset - DCERPC_REQUEST_LENGTH, + &dce_conn->auth_state.auth_info->credentials); break; default: status = NT_STATUS_INVALID_LEVEL; diff --git a/source4/rpc_server/dcesrv_crypto.c b/source4/rpc_server/dcesrv_crypto.c new file mode 100644 index 0000000000..64ff4ee30b --- /dev/null +++ b/source4/rpc_server/dcesrv_crypto.c @@ -0,0 +1,122 @@ +/* + Unix SMB/CIFS implementation. + + server side dcerpc authentication code - crypto support + + Copyright (C) Andrew Tridgell 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/* + this provides a crypto interface to the various backends (such as + NTLMSSP and SCHANNEL) for the rpc server code +*/ + +#include "includes.h" + +/* + startup the cryptographic side of an authenticated dcerpc server +*/ +NTSTATUS dcesrv_crypto_startup(struct dcesrv_connection *dce_conn, + struct dcesrv_auth *auth) +{ + struct auth_ntlmssp_state *ntlmssp = NULL; + NTSTATUS status; + + if (auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_INTEGRITY && + auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_PRIVACY) { + DEBUG(2,("auth_level %d not supported in dcesrv auth\n", + auth->auth_info->auth_level)); + return NT_STATUS_INVALID_PARAMETER; + } + + switch (auth->auth_info->auth_type) { +/* + case DCERPC_AUTH_TYPE_SCHANNEL: + return auth_schannel_start(); +*/ + + case DCERPC_AUTH_TYPE_NTLMSSP: + status = auth_ntlmssp_start(&ntlmssp); + auth->crypto_state = ntlmssp; + break; + + default: + DEBUG(2,("dcesrv auth_type %d not supported\n", auth->auth_info->auth_type)); + status = NT_STATUS_INVALID_PARAMETER; + } + + DEBUG(4,("dcesrv_crypto_startup: %s\n", nt_errstr(status))); + + return status; +} + +/* + update crypto state +*/ +NTSTATUS dcesrv_crypto_update(struct dcesrv_auth *auth, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB in, DATA_BLOB *out) +{ + AUTH_NTLMSSP_STATE *ntlmssp = auth->crypto_state; + + return ntlmssp_update(ntlmssp->ntlmssp_state, out_mem_ctx, in, out); +} + + +/* + seal a packet +*/ +NTSTATUS dcesrv_crypto_seal(struct dcesrv_auth *auth, + TALLOC_CTX *sig_mem_ctx, uint8_t *data, size_t length, DATA_BLOB *sig) +{ + AUTH_NTLMSSP_STATE *ntlmssp = auth->crypto_state; + + return ntlmssp_seal_packet(ntlmssp->ntlmssp_state, sig_mem_ctx, data, length, sig); +} + +/* + sign a packet +*/ +NTSTATUS dcesrv_crypto_sign(struct dcesrv_auth *auth, + TALLOC_CTX *sig_mem_ctx, const uint8_t *data, size_t length, DATA_BLOB *sig) +{ + AUTH_NTLMSSP_STATE *ntlmssp = auth->crypto_state; + + return ntlmssp_sign_packet(ntlmssp->ntlmssp_state, sig_mem_ctx, data, length, sig); +} + +/* + check a packet signature +*/ +NTSTATUS dcesrv_crypto_check_sig(struct dcesrv_auth *auth, + TALLOC_CTX *sig_mem_ctx, const uint8_t *data, size_t length, const DATA_BLOB *sig) +{ + AUTH_NTLMSSP_STATE *ntlmssp = auth->crypto_state; + + return ntlmssp_check_packet(ntlmssp->ntlmssp_state, sig_mem_ctx, data, length, sig); +} + +/* + unseal a packet +*/ +NTSTATUS dcesrv_crypto_unseal(struct dcesrv_auth *auth, + TALLOC_CTX *sig_mem_ctx, uint8_t *data, size_t length, DATA_BLOB *sig) +{ + AUTH_NTLMSSP_STATE *ntlmssp = auth->crypto_state; + + return ntlmssp_unseal_packet(ntlmssp->ntlmssp_state, sig_mem_ctx, data, length, sig); +} diff --git a/source4/rpc_server/epmapper/rpc_epmapper.c b/source4/rpc_server/epmapper/rpc_epmapper.c index b5113a881b..891876c2d8 100644 --- a/source4/rpc_server/epmapper/rpc_epmapper.c +++ b/source4/rpc_server/epmapper/rpc_epmapper.c @@ -102,6 +102,8 @@ static BOOL fill_protocol_tower(TALLOC_CTX *mem_ctx, struct epm_towers *twr, twr->floors[4].lhs.protocol = EPM_PROTOCOL_IP; twr->floors[4].lhs.info.lhs_data = data_blob(NULL, 0); twr->floors[4].rhs.rhs_data = data_blob_talloc_zero(mem_ctx, 4); + /* TODO: we should fill in our IP address here as a hint to the + client */ break; } @@ -247,7 +249,7 @@ static NTSTATUS epm_Map(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, count = build_ep_list(mem_ctx, dce_call->conn->dce_ctx->endpoint_list, &eps); - ZERO_STRUCTP(r->out.entry_handle); + ZERO_STRUCT(*r->out.entry_handle); r->out.num_towers = 1; r->out.status = 0; r->out.towers = talloc_p(mem_ctx, struct epm_twr_p_t); diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 81d37d0984..5f4717a5c6 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -148,7 +148,7 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL ZERO_STRUCTP(r->out.credentials); *r->out.rid = 0; - *r->out.negotiate_flags = *r->in.negotiate_flags & NETLOGON_NEG_AUTH2_FLAGS; + *r->out.negotiate_flags = *r->in.negotiate_flags; if (!pipe_state) { DEBUG(1, ("No challange requested by client, cannot authenticate\n")); @@ -228,8 +228,9 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL creds_server_init(pipe_state->creds, &pipe_state->client_challenge, &pipe_state->server_challenge, mach_pwd, - r->out.credentials); - + r->out.credentials, + *r->in.negotiate_flags); + if (!creds_server_check(pipe_state->creds, r->in.credentials)) { return NT_STATUS_ACCESS_DENIED; } @@ -249,8 +250,6 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL } pipe_state->computer_name = talloc_strdup(pipe_state->mem_ctx, r->in.computer_name); - - *r->out.negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; return NT_STATUS_OK; } diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index 89deaa2f09..228b8b53c0 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -169,7 +169,7 @@ NTSTATUS samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call, TALLOC_ } /* decrypt the password we have been given */ - SamOEMhash(pwbuf->data, lm_pwd, 516); + arcfour_crypt(pwbuf->data, lm_pwd, 516); if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass), &new_pass_len, STR_ASCII)) { @@ -284,7 +284,7 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, } /* decrypt the password we have been given */ - SamOEMhash(r->in.nt_password->data, nt_pwd, 516); + arcfour_crypt(r->in.nt_password->data, nt_pwd, 516); if (!decode_pw_buffer(r->in.nt_password->data, new_pass, sizeof(new_pass), &new_pass_len, STR_UNICODE)) { @@ -684,7 +684,7 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call, uint32_t new_pass_len; DATA_BLOB session_key = dce_call->conn->session_key; - SamOEMhashBlob(pwbuf->data, 516, &session_key); + arcfour_crypt_blob(pwbuf->data, 516, &session_key); if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass), &new_pass_len, STR_UNICODE)) { @@ -731,7 +731,7 @@ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call, MD5Update(&ctx, session_key.data, session_key.length); MD5Final(co_session_key.data, &ctx); - SamOEMhashBlob(pwbuf->data, 516, &co_session_key); + arcfour_crypt_blob(pwbuf->data, 516, &co_session_key); if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass), &new_pass_len, STR_UNICODE)) { diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c index 58c071dcdb..bfa63c2af7 100644 --- a/source4/torture/rpc/netlogon.c +++ b/source4/torture/rpc/netlogon.c @@ -147,7 +147,7 @@ again: return False; } - SamOEMhashBlob(u.info24.password.data, 516, &session_key); + arcfour_crypt_blob(u.info24.password.data, 516, &session_key); status = dcerpc_samr_SetUserInfo(join.p, mem_ctx, &s); if (!NT_STATUS_IS_OK(status)) { @@ -274,7 +274,8 @@ static BOOL test_SetupCredentials(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, a.in.credentials = &credentials3; a.out.credentials = &credentials3; - creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3); + creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3, + NETLOGON_NEG_AUTH2_FLAGS); printf("Testing ServerAuthenticate\n"); @@ -335,7 +336,8 @@ static BOOL test_SetupCredentials2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, a.in.credentials = &credentials3; a.out.credentials = &credentials3; - creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3); + creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3, + negotiate_flags); printf("Testing ServerAuthenticate2\n"); @@ -374,6 +376,7 @@ static BOOL test_SetupCredentials3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.computer_name = TEST_MACHINE_NAME; r.in.credentials = &credentials1; r.out.credentials = &credentials2; + generate_random_buffer(credentials1.data, sizeof(credentials1.data), False); status = dcerpc_netr_ServerReqChallenge(p, mem_ctx, &r); @@ -400,7 +403,8 @@ static BOOL test_SetupCredentials3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, a.out.negotiate_flags = &negotiate_flags; a.out.rid = &rid; - creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3); + creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3, + negotiate_flags); printf("Testing ServerAuthenticate3\n"); diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 3a243abfce..dab1b3bed5 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -364,7 +364,7 @@ static BOOL test_SetUserPass(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return False; } - SamOEMhashBlob(u.info24.password.data, 516, &session_key); + arcfour_crypt_blob(u.info24.password.data, 516, &session_key); printf("Testing SetUserInfo level 24 (set password)\n"); @@ -408,7 +408,7 @@ static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return False; } - SamOEMhashBlob(u.info23.password.data, 516, &session_key); + arcfour_crypt_blob(u.info23.password.data, 516, &session_key); printf("Testing SetUserInfo level 23 (set password)\n"); @@ -459,7 +459,7 @@ static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, MD5Update(&ctx, session_key.data, session_key.length); MD5Final(confounded_session_key.data, &ctx); - SamOEMhashBlob(u.info26.password.data, 516, &confounded_session_key); + arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key); memcpy(&u.info26.password.data[516], confounder, 16); printf("Testing SetUserInfo level 26 (set password ex)\n"); @@ -513,7 +513,7 @@ static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, MD5Update(&ctx, session_key.data, session_key.length); MD5Final(confounded_session_key.data, &ctx); - SamOEMhashBlob(u.info25.password.data, 516, &confounded_session_key); + arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key); memcpy(&u.info25.password.data[516], confounder, 16); printf("Testing SetUserInfo level 25 (set password ex)\n"); @@ -810,7 +810,7 @@ static BOOL test_OemChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_c E_deshash(newpass, new_lm_hash); encode_pw_buffer(lm_pass.data, newpass, STR_ASCII); - SamOEMhash(lm_pass.data, old_lm_hash, 516); + arcfour_crypt(lm_pass.data, old_lm_hash, 516); E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash); r.in.server = &server; @@ -856,11 +856,11 @@ static BOOL test_ChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, E_deshash(newpass, new_lm_hash); encode_pw_buffer(lm_pass.data, newpass, STR_ASCII|STR_TERMINATE); - SamOEMhash(lm_pass.data, old_lm_hash, 516); + arcfour_crypt(lm_pass.data, old_lm_hash, 516); E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash); encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE); - SamOEMhash(nt_pass.data, old_nt_hash, 516); + arcfour_crypt(nt_pass.data, old_nt_hash, 516); E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash); r.in.server = &server; @@ -909,11 +909,11 @@ static BOOL test_ChangePasswordUser3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, E_deshash(newpass, new_lm_hash); encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE); - SamOEMhash(lm_pass.data, old_nt_hash, 516); + arcfour_crypt(lm_pass.data, old_nt_hash, 516); E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash); encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE); - SamOEMhash(nt_pass.data, old_nt_hash, 516); + arcfour_crypt(nt_pass.data, old_nt_hash, 516); E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash); r.in.server = &server; -- cgit