]>
Commit | Line | Data |
---|---|---|
e22489e5 JB |
1 | Index: squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c |
2 | diff -c squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1 squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.7 | |
3 | *** squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1 Fri Aug 20 02:09:58 2004 | |
4 | --- squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c Fri Jan 7 14:12:27 2005 | |
5 | *************** | |
6 | *** 38,47 **** | |
7 | #if HAVE_PWD_H | |
8 | #include <pwd.h> | |
9 | #endif | |
10 | ! | |
11 | ! | |
12 | ! #define ERR "ERR\n" | |
13 | ! #define OK "OK\n" | |
14 | ||
15 | #if 0 | |
16 | #define NTLM_STATIC_CHALLENGE "deadbeef" | |
17 | --- 38,46 ---- | |
18 | #if HAVE_PWD_H | |
19 | #include <pwd.h> | |
20 | #endif | |
21 | ! #if HAVE_ASSERT_H | |
22 | ! #include <assert.h> | |
23 | ! #endif | |
24 | ||
25 | #if 0 | |
26 | #define NTLM_STATIC_CHALLENGE "deadbeef" | |
27 | *************** | |
28 | *** 55,61 **** | |
29 | static void | |
30 | lc(char *string) | |
31 | { | |
32 | ! char *p = string, c; | |
33 | while ((c = *p)) { | |
34 | *p = tolower(c); | |
35 | p++; | |
36 | --- 54,61 ---- | |
37 | static void | |
38 | lc(char *string) | |
39 | { | |
40 | ! char *p = string; | |
41 | ! char c; | |
42 | while ((c = *p)) { | |
43 | *p = tolower(c); | |
44 | p++; | |
45 | *************** | |
46 | *** 65,71 **** | |
47 | ||
48 | /* | |
49 | * Generates a challenge request. The randomness of the 8 byte | |
50 | ! * challenge strings can be guarenteed to be poor at best. | |
51 | */ | |
52 | void | |
53 | ntlmMakeChallenge(struct ntlm_challenge *chal) | |
54 | --- 65,71 ---- | |
55 | ||
56 | /* | |
57 | * Generates a challenge request. The randomness of the 8 byte | |
58 | ! * challenge strings can be guaranteed to be poor at best. | |
59 | */ | |
60 | void | |
61 | ntlmMakeChallenge(struct ntlm_challenge *chal) | |
62 | *************** | |
63 | *** 89,95 **** | |
64 | if (authenticate_ntlm_domain != NULL) | |
65 | while (authenticate_ntlm_domain[i++]); | |
66 | ||
67 | - | |
68 | chal->target.offset = WSWAP(48); | |
69 | chal->target.maxlen = SSWAP(i); | |
70 | chal->target.len = chal->target.maxlen; | |
71 | --- 89,94 ---- | |
72 | *************** | |
73 | *** 110,116 **** | |
74 | } | |
75 | ||
76 | /* | |
77 | ! * Check the vailidity of a request header. Return -1 on error. | |
78 | */ | |
79 | int | |
80 | ntlmCheckHeader(ntlmhdr * hdr, int type) | |
81 | --- 109,115 ---- | |
82 | } | |
83 | ||
84 | /* | |
85 | ! * Check the validity of a request header. Return -1 on error. | |
86 | */ | |
87 | int | |
88 | ntlmCheckHeader(ntlmhdr * hdr, int type) | |
89 | *************** | |
90 | *** 127,135 **** | |
91 | return 0; | |
92 | ||
93 | if (WSWAP(hdr->type) != type) { | |
94 | ! /* don't report this error - it's ok as we do a if() around this function */ | |
95 | ! // fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n", | |
96 | ! // WSWAP(hdr->type), type); | |
97 | return (-1); | |
98 | } | |
99 | return (0); | |
100 | --- 126,133 ---- | |
101 | return 0; | |
102 | ||
103 | if (WSWAP(hdr->type) != type) { | |
104 | ! /* don't report this error - it's ok as we do a if() around this function */ | |
105 | ! /* fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n", WSWAP(hdr->type), type); */ | |
106 | return (-1); | |
107 | } | |
108 | return (0); | |
109 | *************** | |
110 | *** 142,150 **** | |
111 | ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags) | |
112 | { | |
113 | static char buf[512]; | |
114 | ! u_short *s, c; | |
115 | ! char *d, *sc; | |
116 | ! int l, o; | |
117 | ||
118 | l = SSWAP(str->len); | |
119 | o = WSWAP(str->offset); | |
120 | --- 140,151 ---- | |
121 | ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags) | |
122 | { | |
123 | static char buf[512]; | |
124 | ! u_short *s; | |
125 | ! u_short c; | |
126 | ! char *d; | |
127 | ! char *sc; | |
128 | ! int l; | |
129 | ! int o; | |
130 | ||
131 | l = SSWAP(str->len); | |
132 | o = WSWAP(str->offset); | |
133 | *************** | |
134 | *** 195,256 **** | |
135 | int | |
136 | ntlmDecodeAuth(struct ntlm_authenticate *auth, char *buf, size_t size) | |
137 | { | |
138 | ! char *p, *origbuf; | |
139 | int s; | |
140 | ||
141 | ! if (!buf) { | |
142 | return 1; | |
143 | - } | |
144 | origbuf = buf; | |
145 | ! if (ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE)) { | |
146 | ||
147 | - fprintf(stderr, "ntlmDecodeAuth: header check fails\n"); | |
148 | - return -1; | |
149 | - } | |
150 | - /* only on when you need to debug | |
151 | - * fprintf(stderr,"ntlmDecodeAuth: size of %d\n", size); | |
152 | - * fprintf(stderr,"ntlmDecodeAuth: flg %08x\n", auth->flags); | |
153 | - * fprintf(stderr,"ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, auth->user.len); | |
154 | - */ | |
155 | if ((p = ntlmGetString(&auth->hdr, &auth->domain, 2)) == NULL) | |
156 | p = authenticate_ntlm_domain; | |
157 | ! // fprintf(stderr,"ntlmDecodeAuth: Domain '%s'.\n",p); | |
158 | if ((s = strlen(p) + 1) >= size) | |
159 | return 1; | |
160 | strcpy(buf, p); | |
161 | ! // fprintf(stdout,"ntlmDecodeAuth: Domain '%s'.\n",buf); | |
162 | ||
163 | size -= s; | |
164 | buf += (s - 1); | |
165 | *buf++ = '\\'; /* Using \ is more consistent with MS-proxy */ | |
166 | ||
167 | p = ntlmGetString(&auth->hdr, &auth->user, 2); | |
168 | if ((s = strlen(p) + 1) >= size) | |
169 | return 1; | |
170 | while (*p) | |
171 | ! *buf++ = (*p++); //tolower | |
172 | ||
173 | *buf++ = '\0'; | |
174 | size -= s; | |
175 | ! // fprintf(stderr, "ntlmDecodeAuth: user: %s%s\n",origbuf, p); | |
176 | ! | |
177 | ||
178 | return 0; | |
179 | } | |
180 | ||
181 | ||
182 | int | |
183 | ! main() | |
184 | { | |
185 | char buf[256]; | |
186 | ! char user[256], *p, *cleartext; | |
187 | struct ntlm_challenge chal; | |
188 | int len; | |
189 | char *data = NULL; | |
190 | ||
191 | setbuf(stdout, NULL); | |
192 | while (fgets(buf, 256, stdin) != NULL) { | |
193 | ! user[0] = '\0'; /*no usercode */ | |
194 | ||
195 | if ((p = strchr(buf, '\n')) != NULL) | |
196 | *p = '\0'; /* strip \n */ | |
197 | --- 196,265 ---- | |
198 | int | |
199 | ntlmDecodeAuth(struct ntlm_authenticate *auth, char *buf, size_t size) | |
200 | { | |
201 | ! char *p; | |
202 | ! char *origbuf; | |
203 | int s; | |
204 | ||
205 | ! if (!buf) | |
206 | return 1; | |
207 | origbuf = buf; | |
208 | ! assert (0 == ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE)); | |
209 | ! | |
210 | ! #if DEBUG_FAKEAUTH | |
211 | ! fprintf(stderr,"ntlmDecodeAuth: size of %d\n", size); | |
212 | ! fprintf(stderr,"ntlmDecodeAuth: flg %08x\n", auth->flags); | |
213 | ! fprintf(stderr,"ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, | |
214 | ! auth->user.len); | |
215 | ! #endif | |
216 | ||
217 | if ((p = ntlmGetString(&auth->hdr, &auth->domain, 2)) == NULL) | |
218 | p = authenticate_ntlm_domain; | |
219 | ! #if DEBUG_FAKEAUTH | |
220 | ! fprintf(stderr,"ntlmDecodeAuth: Domain '%s'.\n",p); | |
221 | ! #endif | |
222 | if ((s = strlen(p) + 1) >= size) | |
223 | return 1; | |
224 | strcpy(buf, p); | |
225 | ! #if DEBUG_FAKEAUTH | |
226 | ! fprintf(stdout,"ntlmDecodeAuth: Domain '%s'.\n",buf); | |
227 | ! #endif | |
228 | ||
229 | size -= s; | |
230 | buf += (s - 1); | |
231 | *buf++ = '\\'; /* Using \ is more consistent with MS-proxy */ | |
232 | ||
233 | p = ntlmGetString(&auth->hdr, &auth->user, 2); | |
234 | + if (NULL == p) | |
235 | + return 1; | |
236 | if ((s = strlen(p) + 1) >= size) | |
237 | return 1; | |
238 | while (*p) | |
239 | ! *buf++ = (*p++); /* tolower */ | |
240 | ||
241 | *buf++ = '\0'; | |
242 | size -= s; | |
243 | ! #if DEBUG_FAKEAUTH | |
244 | ! fprintf(stderr, "ntlmDecodeAuth: user: %s%s\n",origbuf, p); | |
245 | ! #endif | |
246 | ||
247 | return 0; | |
248 | } | |
249 | ||
250 | ||
251 | int | |
252 | ! main(int argc, char *argv[]) | |
253 | { | |
254 | char buf[256]; | |
255 | ! char user[256]; | |
256 | ! char *p; | |
257 | ! char *cleartext = NULL; | |
258 | struct ntlm_challenge chal; | |
259 | int len; | |
260 | char *data = NULL; | |
261 | ||
262 | setbuf(stdout, NULL); | |
263 | while (fgets(buf, 256, stdin) != NULL) { | |
264 | ! memset(user, '\0', sizeof(user)); /* no usercode */ | |
265 | ||
266 | if ((p = strchr(buf, '\n')) != NULL) | |
267 | *p = '\0'; /* strip \n */ | |
268 | *************** | |
269 | *** 270,280 **** | |
270 | printf("AF %s\n", user); | |
271 | } else { | |
272 | lc(user); | |
273 | ! printf("NA invalid credentials%s\n", user); | |
274 | } | |
275 | } else { | |
276 | lc(user); | |
277 | ! printf("BH wrong packet type!%s\n", user); | |
278 | } | |
279 | } | |
280 | #endif | |
281 | --- 279,289 ---- | |
282 | printf("AF %s\n", user); | |
283 | } else { | |
284 | lc(user); | |
285 | ! printf("NA invalid credentials, user=%s\n", user); | |
286 | } | |
287 | } else { | |
288 | lc(user); | |
289 | ! printf("BH wrong packet type! user=%s\n", user); | |
290 | } | |
291 | } | |
292 | #endif | |
293 | *************** | |
294 | *** 291,300 **** | |
295 | SSWAP(chal.target.maxlen); | |
296 | data = (char *) base64_encode_bin((char *) &chal, len); | |
297 | printf("CH %s\n", data); | |
298 | ! } else if (!ntlmCheckHeader | |
299 | ! ((struct ntlmhdr *) cleartext, NTLM_AUTHENTICATE)) { | |
300 | ! if (!ntlmDecodeAuth | |
301 | ! ((struct ntlm_authenticate *) cleartext, user, 256)) { | |
302 | lc(user); | |
303 | printf("OK %s\n", user); | |
304 | } else { | |
305 | --- 300,307 ---- | |
306 | SSWAP(chal.target.maxlen); | |
307 | data = (char *) base64_encode_bin((char *) &chal, len); | |
308 | printf("CH %s\n", data); | |
309 | ! } else if (!ntlmCheckHeader ((struct ntlmhdr *) cleartext, NTLM_AUTHENTICATE)) { | |
310 | ! if (!ntlmDecodeAuth ((struct ntlm_authenticate *) cleartext, user, 256)) { | |
311 | lc(user); | |
312 | printf("OK %s\n", user); | |
313 | } else { | |
314 | *************** | |
315 | *** 307,312 **** | |
316 | --- 314,321 ---- | |
317 | } | |
318 | } | |
319 | #endif /*v2 */ | |
320 | + free(cleartext); | |
321 | + cleartext = NULL; | |
322 | } | |
323 | exit(0); | |
324 | } |