* All the original code used here was torn by Marc Prud'hommeaux out of the
* Samba project (by Andrew Tridgell, Jeremy Allison, and others).
+ *
+ * Copyright (c) The Exim Maintainers 2021 - 2023
+ * SPDX-License-Identifier: GPL-2.0-or-later
* Tom Kistner provided additional code, adding spa_build_auth_challenge() to
* support server authentication mode.
up with a different answer to the one above)
*/
+#ifndef MACRO_PREDEF
+
+
#define DEBUG_X(a,b) ;
extern int DEBUGLEVEL;
#define spa_bytes_add(ptr, header, buf, count) \
{ \
-if (buf && (count) != 0) /* we hate -Wint-in-bool-contex */ \
+if ( buf && (count) != 0 /* we hate -Wint-in-bool-contex */ \
+ && ptr->bufIndex + count < sizeof(ptr->buffer) \
+ ) \
{ \
SSVAL(&ptr->header.len,0,count); \
SSVAL(&ptr->header.maxlen,0,count); \
#define spa_string_add(ptr, header, string) \
{ \
-char *p = string; \
+uschar * p = string; \
int len = 0; \
-if (p) len = strlen(p); \
-spa_bytes_add(ptr, header, (US p), len); \
+if (p) len = Ustrlen(p); \
+spa_bytes_add(ptr, header, p, len); \
}
#define spa_unicode_add_string(ptr, header, string) \
{ \
-char *p = string; \
-uschar *b = NULL; \
+uschar * p = string; \
+uschar * b = NULL; \
int len = 0; \
if (p) \
{ \
- len = strlen(p); \
- b = strToUnicode(p); \
+ len = Ustrlen(p); \
+ b = US strToUnicode(CS p); \
} \
spa_bytes_add(ptr, header, b, len*2); \
}
-#define GetUnicodeString(structPtr, header) \
-unicodeToString(((char*)structPtr) + IVAL(&structPtr->header.offset,0) , SVAL(&structPtr->header.len,0)/2)
-#define GetString(structPtr, header) \
-toString(((CS structPtr) + IVAL(&structPtr->header.offset,0)), SVAL(&structPtr->header.len,0))
-
#ifdef notdef
#define DumpBuffer(fp, structPtr, header) \
-dumpRaw(fp,(US structPtr)+IVAL(&structPtr->header.offset,0),SVAL(&structPtr->header.len,0))
+ dumpRaw(fp,(US structPtr)+IVAL(&structPtr->header.offset,0),SVAL(&structPtr->header.len,0))
static void
return buf;
}
+static inline uschar *
+get_challenge_unistr(SPAAuthChallenge * challenge, SPAStrHeader * hdr)
+{
+int off = IVAL(&hdr->offset, 0);
+int len = SVAL(&hdr->len, 0);
+return off + len < sizeof(SPAAuthChallenge)
+ ? US unicodeToString(CS challenge + off, len/2) : US"";
+}
+
+static inline uschar *
+get_challenge_str(SPAAuthChallenge * challenge, SPAStrHeader * hdr)
+{
+int off = IVAL(&hdr->offset, 0);
+int len = SVAL(&hdr->len, 0);
+return off + len < sizeof(SPAAuthChallenge)
+ ? US toString(CS challenge + off, len) : US"";
+}
+
#ifdef notdef
+#define GetUnicodeString(structPtr, header) \
+ unicodeToString(((char*)structPtr) + IVAL(&structPtr->header.offset,0) , SVAL(&structPtr->header.len,0)/2)
+
+#define GetString(structPtr, header) \
+ toString(((CS structPtr) + IVAL(&structPtr->header.offset,0)), SVAL(&structPtr->header.len,0))
+
+
void
dumpSmbNtlmAuthRequest (FILE * fp, SPAAuthRequest * request)
{
#endif
void
-spa_build_auth_request (SPAAuthRequest * request, char *user, char *domain)
+spa_build_auth_request (SPAAuthRequest * request, uschar * user, uschar * domain)
{
-char *u = strdup (user);
-char *p = strchr (u, '@');
+uschar * u = string_copy(user);
+uschar * p = Ustrchr(u, '@');
if (p)
{
if (!domain)
- domain = p + 1;
+ domain = p + 1;
*p = '\0';
}
SIVAL (&request->flags, 0, 0x0000b207); /* have to figure out what these mean */
spa_string_add (request, user, u);
spa_string_add (request, domain, domain);
-free (u);
}
void
spa_build_auth_response (SPAAuthChallenge * challenge,
- SPAAuthResponse * response, char *user,
- char *password)
+ SPAAuthResponse * response, uschar * user,
+ uschar * password)
{
uint8x lmRespData[24];
uint8x ntRespData[24];
uint32x cf = IVAL(&challenge->flags, 0);
-char *u = strdup (user);
-char *p = strchr (u, '@');
-char *d = NULL;
-char *domain;
+uschar * u = string_copy(user);
+uschar * p = Ustrchr(u, '@');
+uschar * d = NULL;
+uschar * domain;
if (p)
{
*p = '\0';
}
-else domain = d = strdup((cf & 0x1)?
- CCS GetUnicodeString(challenge, uDomain) :
- CCS GetString(challenge, uDomain));
+else domain = d = string_copy(cf & 0x1
+ ? CUS get_challenge_unistr(challenge, &challenge->uDomain)
+ : CUS get_challenge_str(challenge, &challenge->uDomain));
-spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
-spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);
+spa_smb_encrypt(password, challenge->challengeData, lmRespData);
+spa_smb_nt_encrypt(password, challenge->challengeData, ntRespData);
response->bufIndex = 0;
memcpy (response->ident, "NTLMSSP\0\0\0", 8);
SIVAL (&response->msgType, 0, 3);
-spa_bytes_add (response, lmResponse, lmRespData, (cf & 0x200) ? 24 : 0);
-spa_bytes_add (response, ntResponse, ntRespData, (cf & 0x8000) ? 24 : 0);
+spa_bytes_add(response, lmResponse, lmRespData, cf & 0x200 ? 24 : 0);
+spa_bytes_add(response, ntResponse, ntRespData, cf & 0x8000 ? 24 : 0);
if (cf & 0x1) { /* Unicode Text */
- spa_unicode_add_string (response, uDomain, domain);
- spa_unicode_add_string (response, uUser, u);
- spa_unicode_add_string (response, uWks, u);
+ spa_unicode_add_string(response, uDomain, domain);
+ spa_unicode_add_string(response, uUser, u);
+ spa_unicode_add_string(response, uWks, u);
} else { /* OEM Text */
- spa_string_add (response, uDomain, domain);
- spa_string_add (response, uUser, u);
- spa_string_add (response, uWks, u);
+ spa_string_add(response, uDomain, domain);
+ spa_string_add(response, uUser, u);
+ spa_string_add(response, uWks, u);
}
-spa_string_add (response, sessionKey, NULL);
+spa_string_add(response, sessionKey, NULL);
response->flags = challenge->flags;
-
-if (d != NULL) free (d);
-free (u);
}
+
+
+#endif /*!MACRO_PREDEF*/
git://git.exim.org / exim.git / blobdiff