12b65585e720714b31036daaa2b30eb76014048eGordon Ross * This file and its contents are supplied under the terms of the
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Common Development and Distribution License ("CDDL"), version 1.0.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * You may only use this file in accordance with the terms of version
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * 1.0 of the CDDL.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * A full copy of the text of the CDDL should have accompanied this
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * source. A copy of the CDDL is also available via the Internet at
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * SPNEGO back-end for NTLMSSP. See [MS-NLMP]
12b65585e720714b31036daaa2b30eb76014048eGordon Ross/* A shorter alias for a crazy long name from [MS-NLMP] */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross/* Need this in a header somewhere */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross/* little-endian values on little-endian */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross#else /* (BYTE_ORDER == LITTLE_ENDIAN) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross/* little-endian values on big-endian (swap) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross#endif /* (BYTE_ORDER == LITTLE_ENDIAN) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* workstation domain, name (place holders) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross struct sec_buf h_essn_key; /* encrypted session key */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* Version struct (optional) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* MIC hash (optional) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross/* Allow turning these off for debugging, etc. */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88 };
12b65585e720714b31036daaa2b30eb76014048eGordon Rossstatic int smbd_ntlmssp_negotiate(authsvc_context_t *);
12b65585e720714b31036daaa2b30eb76014048eGordon Rossstatic int smbd_ntlmssp_authenticate(authsvc_context_t *);
12b65585e720714b31036daaa2b30eb76014048eGordon Rossstatic int encode_avpair_str(smb_msgbuf_t *, uint16_t, char *);
12b65585e720714b31036daaa2b30eb76014048eGordon Rossstatic int decode_secbuf_bin(smb_msgbuf_t *, struct sec_buf *, void **);
12b65585e720714b31036daaa2b30eb76014048eGordon Rossstatic int decode_secbuf_str(smb_msgbuf_t *, struct sec_buf *, char **);
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Initialize this context for NTLMSSP, if possible.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Handle an auth message
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* Sent by servers, not received. */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Handle an NTLMSSP_MSGTYPE_NEGOTIATE message, and reply
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * with an NTLMSSP_MSGTYPE_CHALLENGE message.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * See: [MS-NLMP] 2.2.1.1, 3.2.5.1.1
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Looks like we can ignore ws_dom, ws_name.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Otherwise would parse those here.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross randomize(be->srv_challenge, sizeof (be->srv_challenge));
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Compute srv_flags
12b65585e720714b31036daaa2b30eb76014048eGordon Ross else if (be->clnt_flags & NTLMSSP_NEGOTIATE_OEM)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* LM Key is mutually exclusive with NTLM2 */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if ((be->srv_flags & NTLMSSP_NEGOTIATE_NTLM2) == 0 &&
12b65585e720714b31036daaa2b30eb76014048eGordon Ross (be->clnt_flags & NTLMSSP_NEGOTIATE_LM_KEY) != 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* Get our "target name" */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross rc = smb_getdomainname(tmp_name, NETBIOS_NAME_SZ);
12b65585e720714b31036daaa2b30eb76014048eGordon Ross rc = smb_getnetbiosname(tmp_name, NETBIOS_NAME_SZ);
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Build the NTLMSSP_MSGTYPE_CHALLENGE message.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross smb_msgbuf_init(&mb, ctx->ctx_obodybuf, ctx->ctx_obodylen, mbflags);
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Fixed size parts
12b65585e720714b31036daaa2b30eb76014048eGordon Ross 0, 0, 0, /* filled later: 12: target name (wwl) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross 0, 0, /* 32: reserved (ll) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross 0, 0, 0); /* filled later: 40: target info (wwl) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Variable length parts.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Target name
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* overwrite target name offset+lengths */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross (void) smb_msgbuf_encode(&mb, "wwl", var_size, var_size, var_start);
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Target info (AvPairList)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * These AV pairs are like our name/value pairs, but have
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * numeric identifiers instead of names. There are many
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * of these, but we put only the four expected by Windows:
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * NetBIOS computer name
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * NetBIOS domain name
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * DNS computer name
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * DNS domain name
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Note that "domain" above (even "DNS domain") refers to
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * the AD domain of which we're a member, which may be
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * _different_ from the configured DNS domain.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Also note that in "workgroup" mode (not a domain member)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * all "domain" fields should be set to the same values as
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * the "computer" fields ("bare" host name, not FQDN).
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* NetBIOS Computer Name */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (smb_getnetbiosname(tmp_name, NETBIOS_NAME_SZ))
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (encode_avpair_str(&mb, MsvAvNbComputerName, tmp_name) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Workgroup mode. Set all to hostname.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * tmp_name = netbios hostname from above.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (encode_avpair_str(&mb, MsvAvNbDomainName, tmp_name) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Want the bare computer name here (not FQDN).
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (smb_gethostname(tmp_name, MAXHOSTNAMELEN, SMB_CASE_LOWER))
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (encode_avpair_str(&mb, MsvAvDnsComputerName, tmp_name) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (encode_avpair_str(&mb, MsvAvDnsDomainName, tmp_name) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Domain mode. Use real host and domain values.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* NetBIOS Domain Name */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (smb_getdomainname(tmp_name, NETBIOS_NAME_SZ))
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (encode_avpair_str(&mb, MsvAvNbDomainName, tmp_name) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* DNS Computer Name */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (smb_getfqhostname(tmp_name, MAXHOSTNAMELEN))
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (encode_avpair_str(&mb, MsvAvDnsComputerName, tmp_name) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* DNS Domain Name */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (smb_getfqdomainname(tmp_name, MAXHOSTNAMELEN))
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (encode_avpair_str(&mb, MsvAvDnsDomainName, tmp_name) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* End marker */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (smb_msgbuf_encode(&mb, "ww", MsvAvEOL, 0) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* overwrite target offset+lengths */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross (void) smb_msgbuf_encode(&mb, "wwl", var_size, var_size, var_start);
12b65585e720714b31036daaa2b30eb76014048eGordon Rossencode_avpair_str(smb_msgbuf_t *mb, uint16_t AvId, char *name)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross rc = smb_msgbuf_encode(mb, "wwU", AvId, len, name);
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Handle an NTLMSSP_MSGTYPE_AUTHENTICATE message.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * See: [MS-NLMP] 2.2.1.3, 3.2.5.1.2
12b65585e720714b31036daaa2b30eb76014048eGordon Rosssmbd_ntlmssp_authenticate(authsvc_context_t *ctx)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross void *essn_key; /* encrypted session key (optional) */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Parse the NTLMSSP_MSGTYPE_AUTHENTICATE message.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross smb_msgbuf_init(&mb, ctx->ctx_ibodybuf, ctx->ctx_ibodylen, mbflags);
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (decode_secbuf_bin(&mb, &hdr.h_lm_resp, &lm_resp) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (decode_secbuf_bin(&mb, &hdr.h_nt_resp, &nt_resp) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (decode_secbuf_str(&mb, &hdr.h_domain, &domain) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (decode_secbuf_str(&mb, &hdr.h_user, &user) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (decode_secbuf_str(&mb, &hdr.h_wksta, &wksta) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (decode_secbuf_bin(&mb, &hdr.h_essn_key, &essn_key) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (smb_msgbuf_decode(&mb, "l", &be->clnt_flags) < 0)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (be->clnt_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (hdr.h_essn_key.sb_length < 16 || essn_key == NULL)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross user_info.lg_workstation = (wksta) ? wksta : "";
12b65585e720714b31036daaa2b30eb76014048eGordon Ross user_info.lg_challenge_key.len = SMBAUTH_CHAL_SZ;
12b65585e720714b31036daaa2b30eb76014048eGordon Ross user_info.lg_challenge_key.val = (uint8_t *)be->srv_challenge;
12b65585e720714b31036daaa2b30eb76014048eGordon Ross user_info.lg_nt_password.len = hdr.h_nt_resp.sb_length;
12b65585e720714b31036daaa2b30eb76014048eGordon Ross user_info.lg_lm_password.len = hdr.h_lm_resp.sb_length;
12b65585e720714b31036daaa2b30eb76014048eGordon Ross user_info.lg_native_os = ctx->ctx_clinfo.lci_native_os;
12b65585e720714b31036daaa2b30eb76014048eGordon Ross user_info.lg_native_lm = ctx->ctx_clinfo.lci_native_lm;
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * If we're doing extended session security, the challenge
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * this OWF was computed with is different. [MS-NLMP 3.3.1]
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * It's: MD5(concat(ServerChallenge,ClientChallenge))
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * where the ClientChallenge is in the LM resp. field.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (user_info.lg_nt_password.len == SMBAUTH_LM_RESP_SZ &&
12b65585e720714b31036daaa2b30eb76014048eGordon Ross user_info.lg_lm_password.len >= SMBAUTH_CHAL_SZ &&
12b65585e720714b31036daaa2b30eb76014048eGordon Ross (be->clnt_flags & NTLMSSP_NEGOTIATE_NTLM2) != 0) {
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * This (indirectly) calls smb_auth_validate() to
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * check that the client gave us a valid hash.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * At this point, token->tkn_session_key is the
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * "Session Base Key" [MS-NLMP] 3.2.5.1.2
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Compute the final session key. First need the
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * "Key Exchange Key" [MS-NLMP] 3.4.5.1
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* KXKEY is the Session Base Key. */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * If the client give us an encrypted session key,
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * decrypt it (RC4) using the "key exchange key".
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if (be->clnt_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* RC4 args: result, key, data */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross /* Final key is the KXKEY */
12b65585e720714b31036daaa2b30eb76014048eGordon Rossdecode_secbuf_bin(smb_msgbuf_t *mb, struct sec_buf *sb, void **binp)
12b65585e720714b31036daaa2b30eb76014048eGordon Rossdecode_secbuf_str(smb_msgbuf_t *mb, struct sec_buf *sb, char **cpp)
12b65585e720714b31036daaa2b30eb76014048eGordon Ross rc = smb_msgbuf_decode(mb, "#u", (int)sb->sb_length, cpp);