2 Unix SMB/Netbios implementation.
4 handle NTLMSSP, server side
6 Copyright (C) Andrew Tridgell 2001
7 Copyright (C) Andrew Bartlett 2001-2010
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "auth/ntlmssp/ntlmssp.h"
25 #include "auth/ntlmssp/ntlmssp_private.h"
26 #include "../librpc/gen_ndr/ndr_ntlmssp.h"
27 #include "auth/ntlmssp/ntlmssp_ndr.h"
28 #include "../libcli/auth/libcli_auth.h"
29 #include "../lib/crypto/crypto.h"
30 #include "auth/gensec/gensec.h"
31 #include "auth/gensec/gensec_internal.h"
32 #include "auth/common_auth.h"
35 * Determine correct target name flags for reply, given server role
36 * and negotiated flags
38 * @param ntlmssp_state NTLMSSP State
39 * @param neg_flags The flags from the packet
40 * @param chal_flags The flags to be set in the reply packet
41 * @return The 'target name' string.
44 const char *ntlmssp_target_name(struct ntlmssp_state *ntlmssp_state,
45 uint32_t neg_flags, uint32_t *chal_flags)
47 if (neg_flags & NTLMSSP_REQUEST_TARGET) {
48 *chal_flags |= NTLMSSP_NEGOTIATE_TARGET_INFO;
49 *chal_flags |= NTLMSSP_REQUEST_TARGET;
50 if (ntlmssp_state->server.is_standalone) {
51 *chal_flags |= NTLMSSP_TARGET_TYPE_SERVER;
52 return ntlmssp_state->server.netbios_name;
54 *chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN;
55 return ntlmssp_state->server.netbios_domain;
63 * Next state function for the NTLMSSP Negotiate packet
65 * @param gensec_security GENSEC state
66 * @param out_mem_ctx Memory context for *out
67 * @param in The request, as a DATA_BLOB. reply.data must be NULL
68 * @param out The reply, as an allocated DATA_BLOB, caller to free.
69 * @return Errors or MORE_PROCESSING_REQUIRED if (normal) a reply is required.
72 NTSTATUS gensec_ntlmssp_server_negotiate(struct gensec_security *gensec_security,
73 TALLOC_CTX *out_mem_ctx,
74 const DATA_BLOB request, DATA_BLOB *reply)
76 struct gensec_ntlmssp_context *gensec_ntlmssp =
77 talloc_get_type_abort(gensec_security->private_data,
78 struct gensec_ntlmssp_context);
79 struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
80 struct auth4_context *auth_context = gensec_security->auth_context;
81 DATA_BLOB struct_blob;
82 uint32_t neg_flags = 0;
83 uint32_t ntlmssp_command, chal_flags;
85 const char *target_name;
88 /* parse the NTLMSSP packet */
90 file_save("ntlmssp_negotiate.dat", request.data, request.length);
94 if ((request.length < 16) || !msrpc_parse(ntlmssp_state, &request, "Cdd",
98 DEBUG(1, ("ntlmssp_server_negotiate: failed to parse NTLMSSP Negotiate of length %u\n",
99 (unsigned int)request.length));
100 dump_data(2, request.data, request.length);
101 return NT_STATUS_INVALID_PARAMETER;
103 debug_ntlmssp_flags(neg_flags);
105 if (DEBUGLEVEL >= 10) {
106 struct NEGOTIATE_MESSAGE *negotiate = talloc(
107 ntlmssp_state, struct NEGOTIATE_MESSAGE);
108 if (negotiate != NULL) {
109 status = ntlmssp_pull_NEGOTIATE_MESSAGE(
110 &request, negotiate, negotiate);
111 if (NT_STATUS_IS_OK(status)) {
112 NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE,
115 TALLOC_FREE(negotiate);
120 ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, ntlmssp_state->allow_lm_key);
122 /* Ask our caller what challenge they would like in the packet */
123 if (auth_context->get_ntlm_challenge) {
124 status = auth_context->get_ntlm_challenge(auth_context, cryptkey);
125 if (!NT_STATUS_IS_OK(status)) {
126 DEBUG(1, ("gensec_ntlmssp_server_negotiate: failed to get challenge: %s\n",
131 DEBUG(1, ("gensec_ntlmssp_server_negotiate: backend doesn't give a challenge\n"));
132 return NT_STATUS_NOT_IMPLEMENTED;
135 /* The flags we send back are not just the negotiated flags,
136 * they are also 'what is in this packet'. Therfore, we
137 * operate on 'chal_flags' from here on
140 chal_flags = ntlmssp_state->neg_flags;
142 /* get the right name to fill in as 'target' */
143 target_name = ntlmssp_target_name(ntlmssp_state,
144 neg_flags, &chal_flags);
145 if (target_name == NULL)
146 return NT_STATUS_INVALID_PARAMETER;
148 ntlmssp_state->chal = data_blob_talloc(ntlmssp_state, cryptkey, 8);
149 ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state,
152 /* This creates the 'blob' of names that appears at the end of the packet */
153 if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO)
155 status = msrpc_gen(ntlmssp_state, &struct_blob, "aaaaa",
156 MsvAvNbDomainName, target_name,
157 MsvAvNbComputerName, ntlmssp_state->server.netbios_name,
158 MsvAvDnsDomainName, ntlmssp_state->server.dns_domain,
159 MsvAvDnsComputerName, ntlmssp_state->server.dns_name,
161 if (!NT_STATUS_IS_OK(status)) {
165 struct_blob = data_blob_null;
169 /* Marshal the packet in the right format, be it unicode or ASCII */
170 const char *gen_string;
171 const DATA_BLOB version_blob = ntlmssp_version_blob();
173 if (ntlmssp_state->unicode) {
174 gen_string = "CdUdbddBb";
176 gen_string = "CdAdbddBb";
179 status = msrpc_gen(out_mem_ctx, reply, gen_string,
186 struct_blob.data, struct_blob.length,
187 version_blob.data, version_blob.length);
189 if (!NT_STATUS_IS_OK(status)) {
190 data_blob_free(&struct_blob);
194 if (DEBUGLEVEL >= 10) {
195 struct CHALLENGE_MESSAGE *challenge = talloc(
196 ntlmssp_state, struct CHALLENGE_MESSAGE);
197 if (challenge != NULL) {
198 challenge->NegotiateFlags = chal_flags;
199 status = ntlmssp_pull_CHALLENGE_MESSAGE(
200 reply, challenge, challenge);
201 if (NT_STATUS_IS_OK(status)) {
202 NDR_PRINT_DEBUG(CHALLENGE_MESSAGE,
205 TALLOC_FREE(challenge);
210 data_blob_free(&struct_blob);
212 ntlmssp_state->expected_state = NTLMSSP_AUTH;
214 return NT_STATUS_MORE_PROCESSING_REQUIRED;
217 struct ntlmssp_server_auth_state {
218 DATA_BLOB user_session_key;
219 DATA_BLOB lm_session_key;
220 /* internal variables used by KEY_EXCH (client-supplied user session key */
221 DATA_BLOB encrypted_session_key;
223 /* internal variables used by NTLM2 */
224 uint8_t session_nonce[16];
228 * Next state function for the Authenticate packet
230 * @param ntlmssp_state NTLMSSP State
231 * @param request The request, as a DATA_BLOB
232 * @return Errors or NT_STATUS_OK.
235 static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
236 struct gensec_ntlmssp_context *gensec_ntlmssp,
237 struct ntlmssp_server_auth_state *state,
238 const DATA_BLOB request)
240 struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
241 struct auth4_context *auth_context = gensec_security->auth_context;
242 uint32_t ntlmssp_command, auth_flags;
245 uint8_t session_nonce_hash[16];
247 const char *parse_string;
250 file_save("ntlmssp_auth.dat", request.data, request.length);
253 if (ntlmssp_state->unicode) {
254 parse_string = "CdBBUUUBd";
256 parse_string = "CdBBAAABd";
260 data_blob_free(&ntlmssp_state->session_key);
261 data_blob_free(&ntlmssp_state->lm_resp);
262 data_blob_free(&ntlmssp_state->nt_resp);
264 ntlmssp_state->user = NULL;
265 ntlmssp_state->domain = NULL;
266 ntlmssp_state->client.netbios_name = NULL;
268 /* now the NTLMSSP encoded auth hashes */
269 if (!msrpc_parse(ntlmssp_state, &request, parse_string,
272 &ntlmssp_state->lm_resp,
273 &ntlmssp_state->nt_resp,
274 &ntlmssp_state->domain,
275 &ntlmssp_state->user,
276 &ntlmssp_state->client.netbios_name,
277 &state->encrypted_session_key,
279 DEBUG(10, ("ntlmssp_server_auth: failed to parse NTLMSSP (nonfatal):\n"));
280 dump_data(10, request.data, request.length);
283 data_blob_free(&state->encrypted_session_key);
286 /* Try again with a shorter string (Win9X truncates this packet) */
287 if (ntlmssp_state->unicode) {
288 parse_string = "CdBBUUU";
290 parse_string = "CdBBAAA";
293 /* now the NTLMSSP encoded auth hashes */
294 if (!msrpc_parse(ntlmssp_state, &request, parse_string,
297 &ntlmssp_state->lm_resp,
298 &ntlmssp_state->nt_resp,
299 &ntlmssp_state->domain,
300 &ntlmssp_state->user,
301 &ntlmssp_state->client.netbios_name)) {
302 DEBUG(1, ("ntlmssp_server_auth: failed to parse NTLMSSP (tried both formats):\n"));
303 dump_data(2, request.data, request.length);
305 return NT_STATUS_INVALID_PARAMETER;
309 talloc_steal(state, state->encrypted_session_key.data);
312 ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, ntlmssp_state->allow_lm_key);
314 if (DEBUGLEVEL >= 10) {
315 struct AUTHENTICATE_MESSAGE *authenticate = talloc(
316 ntlmssp_state, struct AUTHENTICATE_MESSAGE);
317 if (authenticate != NULL) {
319 authenticate->NegotiateFlags = auth_flags;
320 status = ntlmssp_pull_AUTHENTICATE_MESSAGE(
321 &request, authenticate, authenticate);
322 if (NT_STATUS_IS_OK(status)) {
323 NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE,
326 TALLOC_FREE(authenticate);
330 DEBUG(3,("Got user=[%s] domain=[%s] workstation=[%s] len1=%lu len2=%lu\n",
331 ntlmssp_state->user, ntlmssp_state->domain,
332 ntlmssp_state->client.netbios_name,
333 (unsigned long)ntlmssp_state->lm_resp.length,
334 (unsigned long)ntlmssp_state->nt_resp.length));
337 file_save("nthash1.dat", &ntlmssp_state->nt_resp.data, &ntlmssp_state->nt_resp.length);
338 file_save("lmhash1.dat", &ntlmssp_state->lm_resp.data, &ntlmssp_state->lm_resp.length);
341 /* NTLM2 uses a 'challenge' that is made of up both the server challenge, and a
344 However, the NTLM2 flag may still be set for the real NTLMv2 logins, be careful.
346 if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
347 if (ntlmssp_state->nt_resp.length == 24 && ntlmssp_state->lm_resp.length == 24) {
348 MD5_CTX md5_session_nonce_ctx;
349 state->doing_ntlm2 = true;
351 memcpy(state->session_nonce, ntlmssp_state->internal_chal.data, 8);
352 memcpy(&state->session_nonce[8], ntlmssp_state->lm_resp.data, 8);
354 SMB_ASSERT(ntlmssp_state->internal_chal.data && ntlmssp_state->internal_chal.length == 8);
356 MD5Init(&md5_session_nonce_ctx);
357 MD5Update(&md5_session_nonce_ctx, state->session_nonce, 16);
358 MD5Final(session_nonce_hash, &md5_session_nonce_ctx);
360 /* LM response is no longer useful */
361 data_blob_free(&ntlmssp_state->lm_resp);
363 /* We changed the effective challenge - set it */
364 if (auth_context->set_ntlm_challenge) {
365 nt_status = auth_context->set_ntlm_challenge(auth_context,
367 "NTLMSSP callback (NTLM2)");
368 if (!NT_STATUS_IS_OK(nt_status)) {
369 DEBUG(1, ("gensec_ntlmssp_server_negotiate: failed to get challenge: %s\n",
370 nt_errstr(nt_status)));
374 DEBUG(1, ("gensec_ntlmssp_server_negotiate: backend doesn't have facility for challenge to be set\n"));
376 return NT_STATUS_NOT_IMPLEMENTED;
379 /* LM Key is incompatible. */
380 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
387 * Check the password on an NTLMSSP login.
389 * Return the session keys used on the connection.
392 static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
393 struct gensec_ntlmssp_context *gensec_ntlmssp,
395 DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
397 struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
398 struct auth4_context *auth_context = gensec_security->auth_context;
399 NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
400 struct auth_usersupplied_info *user_info;
402 user_info = talloc_zero(ntlmssp_state, struct auth_usersupplied_info);
404 return NT_STATUS_NO_MEMORY;
407 user_info->logon_parameters = MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT | MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT;
408 user_info->flags = 0;
409 user_info->mapped_state = false;
410 user_info->client.account_name = ntlmssp_state->user;
411 user_info->client.domain_name = ntlmssp_state->domain;
412 user_info->workstation_name = ntlmssp_state->client.netbios_name;
413 user_info->remote_host = gensec_get_remote_address(gensec_security);
415 user_info->password_state = AUTH_PASSWORD_RESPONSE;
416 user_info->password.response.lanman = ntlmssp_state->lm_resp;
417 user_info->password.response.lanman.data = talloc_steal(user_info, ntlmssp_state->lm_resp.data);
418 user_info->password.response.nt = ntlmssp_state->nt_resp;
419 user_info->password.response.nt.data = talloc_steal(user_info, ntlmssp_state->nt_resp.data);
421 if (auth_context->check_ntlm_password) {
422 nt_status = auth_context->check_ntlm_password(auth_context,
425 &gensec_ntlmssp->server_returned_info,
426 user_session_key, lm_session_key);
429 if (!NT_STATUS_IS_OK(nt_status)) {
430 DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s failed: %s\n", user_info->client.domain_name, user_info->client.account_name, nt_errstr(nt_status)));
432 TALLOC_FREE(user_info);
434 NT_STATUS_NOT_OK_RETURN(nt_status);
436 talloc_steal(mem_ctx, user_session_key->data);
437 talloc_steal(mem_ctx, lm_session_key->data);
443 * Next state function for the Authenticate packet
444 * (after authentication - figures out the session keys etc)
446 * @param ntlmssp_state NTLMSSP State
447 * @return Errors or NT_STATUS_OK.
450 static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
451 struct gensec_ntlmssp_context *gensec_ntlmssp,
452 struct ntlmssp_server_auth_state *state)
454 struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
455 DATA_BLOB user_session_key = state->user_session_key;
456 DATA_BLOB lm_session_key = state->lm_session_key;
457 NTSTATUS nt_status = NT_STATUS_OK;
458 DATA_BLOB session_key = data_blob(NULL, 0);
460 dump_data_pw("NT session key:\n", user_session_key.data, user_session_key.length);
461 dump_data_pw("LM first-8:\n", lm_session_key.data, lm_session_key.length);
463 /* Handle the different session key derivation for NTLM2 */
464 if (state->doing_ntlm2) {
465 if (user_session_key.data && user_session_key.length == 16) {
466 session_key = data_blob_talloc(ntlmssp_state,
468 hmac_md5(user_session_key.data, state->session_nonce,
469 sizeof(state->session_nonce), session_key.data);
470 DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n"));
471 dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length);
474 DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM2 session key.\n"));
475 session_key = data_blob_null;
477 } else if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY)
478 /* Ensure we can never get here on NTLMv2 */
479 && (ntlmssp_state->nt_resp.length == 0 || ntlmssp_state->nt_resp.length == 24)) {
481 if (lm_session_key.data && lm_session_key.length >= 8) {
482 if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
483 session_key = data_blob_talloc(ntlmssp_state,
485 if (session_key.data == NULL) {
486 return NT_STATUS_NO_MEMORY;
488 SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data,
490 DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
492 static const uint8_t zeros[24] = {0, };
493 session_key = data_blob_talloc(
494 ntlmssp_state, NULL, 16);
495 if (session_key.data == NULL) {
496 return NT_STATUS_NO_MEMORY;
498 SMBsesskeygen_lm_sess_key(zeros, zeros,
500 DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
502 dump_data_pw("LM session key:\n", session_key.data,
505 /* LM Key not selected */
506 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
508 DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n"));
509 session_key = data_blob_null;
512 } else if (user_session_key.data) {
513 session_key = user_session_key;
514 DEBUG(10,("ntlmssp_server_auth: Using unmodified nt session key.\n"));
515 dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
517 /* LM Key not selected */
518 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
520 } else if (lm_session_key.data) {
521 /* Very weird to have LM key, but no user session key, but anyway.. */
522 session_key = lm_session_key;
523 DEBUG(10,("ntlmssp_server_auth: Using unmodified lm session key.\n"));
524 dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
526 /* LM Key not selected */
527 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
530 DEBUG(10,("ntlmssp_server_auth: Failed to create unmodified session key.\n"));
531 session_key = data_blob_null;
533 /* LM Key not selected */
534 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
537 /* With KEY_EXCH, the client supplies the proposed session key,
538 but encrypts it with the long-term key */
539 if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
540 if (!state->encrypted_session_key.data
541 || state->encrypted_session_key.length != 16) {
542 DEBUG(1, ("Client-supplied KEY_EXCH session key was of invalid length (%u)!\n",
543 (unsigned)state->encrypted_session_key.length));
544 return NT_STATUS_INVALID_PARAMETER;
545 } else if (!session_key.data || session_key.length != 16) {
546 DEBUG(5, ("server session key is invalid (len == %u), cannot do KEY_EXCH!\n",
547 (unsigned int)session_key.length));
548 ntlmssp_state->session_key = session_key;
549 talloc_steal(ntlmssp_state, session_key.data);
551 dump_data_pw("KEY_EXCH session key (enc):\n",
552 state->encrypted_session_key.data,
553 state->encrypted_session_key.length);
554 arcfour_crypt(state->encrypted_session_key.data,
556 state->encrypted_session_key.length);
557 ntlmssp_state->session_key = data_blob_talloc(ntlmssp_state,
558 state->encrypted_session_key.data,
559 state->encrypted_session_key.length);
560 dump_data_pw("KEY_EXCH session key:\n",
561 state->encrypted_session_key.data,
562 state->encrypted_session_key.length);
565 ntlmssp_state->session_key = session_key;
566 talloc_steal(ntlmssp_state, session_key.data);
569 if (ntlmssp_state->session_key.length) {
570 nt_status = ntlmssp_sign_init(ntlmssp_state);
573 ntlmssp_state->expected_state = NTLMSSP_DONE;
580 * Next state function for the NTLMSSP Authenticate packet
582 * @param gensec_security GENSEC state
583 * @param out_mem_ctx Memory context for *out
584 * @param in The request, as a DATA_BLOB. reply.data must be NULL
585 * @param out The reply, as an allocated DATA_BLOB, caller to free.
586 * @return Errors or NT_STATUS_OK if authentication sucessful
589 NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security,
590 TALLOC_CTX *out_mem_ctx,
591 const DATA_BLOB in, DATA_BLOB *out)
593 struct gensec_ntlmssp_context *gensec_ntlmssp =
594 talloc_get_type_abort(gensec_security->private_data,
595 struct gensec_ntlmssp_context);
596 struct ntlmssp_server_auth_state *state;
599 /* zero the outbound NTLMSSP packet */
600 *out = data_blob_null;
602 state = talloc_zero(gensec_ntlmssp, struct ntlmssp_server_auth_state);
604 return NT_STATUS_NO_MEMORY;
607 nt_status = ntlmssp_server_preauth(gensec_security, gensec_ntlmssp, state, in);
608 if (!NT_STATUS_IS_OK(nt_status)) {
614 * Note we don't check here for NTLMv2 auth settings. If NTLMv2 auth
615 * is required (by "ntlm auth = no" and "lm auth = no" being set in the
616 * smb.conf file) and no NTLMv2 response was sent then the password check
617 * will fail here. JRA.
620 /* Finally, actually ask if the password is OK */
621 nt_status = ntlmssp_server_check_password(gensec_security, gensec_ntlmssp,
623 &state->user_session_key,
624 &state->lm_session_key);
625 if (!NT_STATUS_IS_OK(nt_status)) {
630 /* When we get more async in the auth code behind
631 ntlmssp_state->check_password, the ntlmssp_server_postpath
632 can be done in a callback */
634 nt_status = ntlmssp_server_postauth(gensec_security, gensec_ntlmssp, state);