diff options
author | speidy <speidy@gmail.com> | 2016-04-14 00:35:55 +0300 |
---|---|---|
committer | speidy <speidy@gmail.com> | 2016-04-14 00:35:55 +0300 |
commit | 575c06297bd8385d323344fe1425daafe7346cf7 (patch) | |
tree | cb48bb8c98d3f538b6b306500f8b37169f346233 | |
parent | c9759d682d097d886d6f0a9f3ceddf3b490cb0b7 (diff) |
credssp: work in progress
-rw-r--r-- | libfreerdp-core/ber.c | 26 | ||||
-rw-r--r-- | libfreerdp-core/credssp.c | 29 | ||||
-rw-r--r-- | libfreerdp-core/ntlmssp.c | 4 |
3 files changed, 27 insertions, 32 deletions
diff --git a/libfreerdp-core/ber.c b/libfreerdp-core/ber.c index ea03135..6b83e6b 100644 --- a/libfreerdp-core/ber.c +++ b/libfreerdp-core/ber.c @@ -42,8 +42,7 @@ int ber_read_length(STREAM* s, int* length) { stream_read_uint8(s, *length); } - - if (byte == 2) + else if (byte == 2) { stream_read_uint16_be(s, *length); } @@ -77,7 +76,7 @@ int ber_write_length(STREAM* s, int length) if (length > 0x7F) { stream_write_uint8(s, 0x80 ^ 1); - stream_write_uint16_be(s, length); + stream_write_uint8(s, length); return 2; } stream_write_uint8(s, length); @@ -93,13 +92,13 @@ int _ber_sizeof_length(int length) return 1; } -int ber_get_content_length(int length) -{ - if (length - 1 > 0x7F) - return length - 4; - else - return length - 2; -} +//int ber_get_content_length(int length) +//{ +// if (length - 1 > 0x7F) +// return length - 4; +// else +// return length - 2; +//} /** * Read BER Universal tag. @@ -349,9 +348,7 @@ int ber_write_octet_string(STREAM* s, const uint8* oct_str, int length) size += ber_write_universal_tag(s, BER_TAG_OCTET_STRING, false); size += ber_write_length(s, length); - stream_write(s, oct_str, length); - size += length; return size; @@ -476,22 +473,24 @@ tbool ber_read_integer(STREAM* s, uint32* value) int ber_write_integer(STREAM* s, uint32 value) { - ber_write_universal_tag(s, BER_TAG_INTEGER, false); if (value < 0x80) { + ber_write_universal_tag(s, BER_TAG_INTEGER, false); ber_write_length(s, 1); stream_write_uint8(s, value); return 3; } else if (value < 0x8000) { + ber_write_universal_tag(s, BER_TAG_INTEGER, false); ber_write_length(s, 2); stream_write_uint16_be(s, value); return 4; } else if (value < 0x800000) { + ber_write_universal_tag(s, BER_TAG_INTEGER, false); ber_write_length(s, 3); stream_write_uint8(s, (value >> 16)); stream_write_uint16_be(s, (value & 0xFFFF)); @@ -499,6 +498,7 @@ int ber_write_integer(STREAM* s, uint32 value) } else if (value < 0x80000000) { + ber_write_universal_tag(s, BER_TAG_INTEGER, false); ber_write_length(s, 4); stream_write_uint32_be(s, value); return 6; diff --git a/libfreerdp-core/credssp.c b/libfreerdp-core/credssp.c index 913c527..d74f3f5 100644 --- a/libfreerdp-core/credssp.c +++ b/libfreerdp-core/credssp.c @@ -332,22 +332,11 @@ void credssp_encrypt_ts_credentials(rdpCredssp* credssp, rdpBlob* d) int credssp_sizeof_ts_password_creds(rdpCredssp* credssp) { - int length; - int ts_password_creds_length = 0; + int length = 0; - length = ber_sizeof_octet_string(credssp->ntlmssp->domain.length * 2); - length += ber_sizeof_contextual_tag(length); - ts_password_creds_length += length; - - length = ber_sizeof_octet_string(credssp->ntlmssp->username.length * 2); - length += ber_sizeof_contextual_tag(length); - ts_password_creds_length += length; - - length = ber_sizeof_octet_string(credssp->ntlmssp->password.length * 2); - length += ber_sizeof_contextual_tag(length); - ts_password_creds_length += length; - - length = ber_sizeof_sequence(ts_password_creds_length); + length += ber_sizeof_sequence_octet_string(credssp->ntlmssp->domain.length * 2); + length += ber_sizeof_sequence_octet_string(credssp->ntlmssp->username.length * 2); + length += ber_sizeof_sequence_octet_string(credssp->ntlmssp->password.length * 2); return length; } @@ -509,7 +498,7 @@ void credssp_send(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rd length -= ber_write_contextual_tag(s, 1, ber_sizeof_sequence(ber_sizeof_sequence(ber_sizeof_sequence_octet_string(credssp->negoToken.length))), true); /* NegoData */ length -= ber_write_sequence_tag(s, ber_sizeof_sequence(ber_sizeof_sequence_octet_string(credssp->negoToken.length))); /* SEQUENCE OF NegoDataItem */ length -= ber_write_sequence_tag(s, ber_sizeof_sequence_octet_string(credssp->negoToken.length)); /* NegoDataItem */ - length -= ber_write_octet_string(s, negoToken->data, negoToken->length); /* OCTET STRING */ + length -= ber_write_sequence_octet_string(s, 0, negoToken->data, negoToken->length); /* OCTET STRING */ } /* [2] authInfo (OCTET STRING) */ @@ -549,6 +538,7 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp s = stream_new(2048); status = tls_read(credssp->tls, s->data, stream_get_left(s)); + if (status < 0) return -1; @@ -558,12 +548,13 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp ber_read_integer(s, &version); /* [1] negoTokens (NegoData) */ + if (ber_read_contextual_tag(s, 1, &length, true) != false) { ber_read_sequence_tag(s, &length); /* SEQUENCE OF NegoDataItem */ ber_read_sequence_tag(s, &length); /* NegoDataItem */ ber_read_contextual_tag(s, 0, &length, true); /* [0] negoToken */ - ber_read_octet_string(s, &length); /* OCTET STRING */ + ber_read_octet_string_tag(s, &length); /* OCTET STRING */ freerdp_blob_alloc(negoToken, length); stream_read(s, negoToken->data, length); } @@ -571,7 +562,7 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp /* [2] authInfo (OCTET STRING) */ if (ber_read_contextual_tag(s, 2, &length, true) != false) { - ber_read_octet_string(s, &length); /* OCTET STRING */ + ber_read_octet_string_tag(s, &length); /* OCTET STRING */ freerdp_blob_alloc(authInfo, length); stream_read(s, authInfo->data, length); } @@ -579,7 +570,7 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp /* [3] pubKeyAuth (OCTET STRING) */ if (ber_read_contextual_tag(s, 3, &length, true) != false) { - ber_read_octet_string(s, &length); /* OCTET STRING */ + ber_read_octet_string_tag(s, &length); /* OCTET STRING */ freerdp_blob_alloc(pubKeyAuth, length); stream_read(s, pubKeyAuth->data, length); } diff --git a/libfreerdp-core/ntlmssp.c b/libfreerdp-core/ntlmssp.c index 0069cb4..8c92913 100644 --- a/libfreerdp-core/ntlmssp.c +++ b/libfreerdp-core/ntlmssp.c @@ -1198,8 +1198,10 @@ void ntlmssp_encrypt_message(NTLMSSP* ntlmssp, rdpBlob* msg, rdpBlob* encrypted_ /* Allocate space for encrypted message */ freerdp_blob_alloc(encrypted_msg, msg->length); + printf("rc4 %d % d %d %d\n", ntlmssp->send_rc4_seal, msg->length, msg->data, encrypted_msg->data); /* Encrypt message using with RC4 */ crypto_rc4(ntlmssp->send_rc4_seal, msg->length, msg->data, encrypted_msg->data); + printf("rc4 done\n"); } /* RC4-encrypt first 8 bytes of digest */ @@ -1816,7 +1818,9 @@ int ntlmssp_recv(NTLMSSP* ntlmssp, STREAM* s) stream_read_uint32(s, messageType); if (messageType == 2 && ntlmssp->state == NTLMSSP_STATE_CHALLENGE) + { ntlmssp_recv_challenge_message(ntlmssp, s); + } return 1; } |