diff options
Diffstat (limited to 'daemon/ntlmssp.c')
-rw-r--r-- | daemon/ntlmssp.c | 61 |
1 files changed, 31 insertions, 30 deletions
diff --git a/daemon/ntlmssp.c b/daemon/ntlmssp.c index 8078842..ca8c5a8 100644 --- a/daemon/ntlmssp.c +++ b/daemon/ntlmssp.c @@ -175,67 +175,67 @@ ntlm_msg1_getntlmssp_flags(unsigned char *raw_msg, } static int -ntlm_msg1_gethostname(unsigned char *raw_msg, - unsigned msglen, unsigned char *hostname) +ntlm_msg1_gethostname(unsigned char *raw_msg, unsigned msglen, + unsigned char *hostname, unsigned n_hostname) { struct ntlm_msg1 *msg = (struct ntlm_msg1 *) raw_msg; if (ntlm_extract_string(hostname, (unsigned char*) msg, msglen, - msg->host_off, msg->host_len, MAX_HOSTLEN)) + msg->host_off, msg->host_len, n_hostname)) return 1; return 0; } static int -ntlm_msg1_getdomainname(unsigned char *raw_msg, - unsigned msglen, unsigned char *domainname) +ntlm_msg1_getdomainname(unsigned char *raw_msg, unsigned msglen, + unsigned char *domainname, unsigned n_domainname) { struct ntlm_msg1 *msg = (struct ntlm_msg1 *) raw_msg; if (ntlm_extract_string(domainname, (unsigned char*) msg, - msglen, msg->dom_off, msg->dom_len, MAX_DOMLEN)) + msglen, msg->dom_off, msg->dom_len, n_domainname)) return 2; return 0; } static int ntlm_msg3_getlm(unsigned char *raw_msg, unsigned msglen, - unsigned char *lm) + unsigned char *lm, unsigned n_lm) { struct ntlm_msg3 *msg = (struct ntlm_msg3 *) raw_msg; if (ntlm_extract_mem(lm, (unsigned char*) msg, msglen, msg->lm_off, - msg->lm_len, RESP_LEN)) + msg->lm_len, n_lm)) return 4; return 0; } static int ntlm_msg3_getnt(unsigned char *raw_msg, unsigned msglen, - unsigned char *nt) + unsigned char *nt, unsigned n_nt) { struct ntlm_msg3 *msg = (struct ntlm_msg3 *) raw_msg; if (ntlm_extract_mem(nt, (unsigned char*) msg, msglen, msg->nt_off, - msg->nt_len, RESP_LEN)) + msg->nt_len, n_nt)) /* Win9x: we can't extract nt ... so we use lm... */ if (ntlm_extract_mem(nt, (unsigned char*) msg, msglen, msg->lm_off, - msg->lm_len, RESP_LEN)) + msg->lm_len, n_nt)) return 8; return 0; } static int -ntlm_msg3_getusername(unsigned char *raw_msg, - unsigned msglen, unsigned char *username, +ntlm_msg3_getusername(unsigned char *raw_msg, unsigned msglen, + unsigned char *username, unsigned n_username, unsigned ntlmssp_flags) { struct ntlm_msg3 *msg = (struct ntlm_msg3 *) raw_msg; int c; if (ntlmssp_flags & NTLMSSP_NEGOTIATE_UNICODE) { if (ntlm_extract_unicode(username, (unsigned char*)msg, msglen, - msg->user_off, msg->user_len, MAX_USERLEN)) + msg->user_off, msg->user_len, n_username)) return 16; } else { /* ascii */ if (ntlm_extract_string(username, (unsigned char*)msg, msglen, - msg->user_off, msg->user_len, MAX_USERLEN)) + msg->user_off, msg->user_len, n_username)) return 16; else { /* Win9x client leave username in uppercase...fix it: */ @@ -251,18 +251,19 @@ ntlm_msg3_getusername(unsigned char *raw_msg, static int ntlm_msg3_gethostname(unsigned char *raw_msg, unsigned msglen, - unsigned char *hostname,unsigned ntlmssp_flags) + unsigned char *hostname, unsigned n_hostname, + unsigned ntlmssp_flags) { struct ntlm_msg3 *msg = (struct ntlm_msg3 *) raw_msg; if (ntlmssp_flags & NTLMSSP_NEGOTIATE_UNICODE) { if (ntlm_extract_unicode(hostname, (unsigned char*) msg, msglen, - msg->host_off, msg->host_len, MAX_HOSTLEN)) + msg->host_off, msg->host_len, n_hostname)) return 0; /* this one FAILS, but since the value is not used, * we just pretend it was ok. */ } else { /* ascii */ if (ntlm_extract_string(hostname, (unsigned char*) msg, msglen, - msg->host_off, msg->host_len, MAX_HOSTLEN)) + msg->host_off, msg->host_len, n_hostname)) return 0; /* this one FAILS, but since the value is not used, * we just pretend it was ok. */ } @@ -270,19 +271,19 @@ ntlm_msg3_gethostname(unsigned char *raw_msg, unsigned msglen, } static int -ntlm_msg3_getdomainname(unsigned char *raw_msg, - unsigned msglen, unsigned char *domainname, - unsigned ntlmssp_flags) +ntlm_msg3_getdomainname(unsigned char *raw_msg, unsigned msglen, + unsigned char *domainname, unsigned n_domainname, + unsigned ntlmssp_flags) { struct ntlm_msg3 *msg = (struct ntlm_msg3 *) raw_msg; if (ntlmssp_flags & NTLMSSP_NEGOTIATE_UNICODE) { if (ntlm_extract_unicode(domainname, (unsigned char*) msg, msglen, - msg->dom_off, msg->dom_len, MAX_DOMLEN)) + msg->dom_off, msg->dom_len, n_domainname)) return 64; } else { /* asii */ if (ntlm_extract_string(domainname, (unsigned char*) msg, msglen, - msg->dom_off, msg->dom_len, MAX_DOMLEN)) + msg->dom_off, msg->dom_len, n_domainname)) return 64; } return 0; @@ -295,14 +296,14 @@ ntlmssp_decode_msg(struct ntlmssp_info *info, switch (info->msg_type = ntlm_msg_type(raw_msg, msglen)) { case 1: return ntlm_msg1_getntlmssp_flags(raw_msg,(unsigned char*)ntlmssp_flags) - + ntlm_msg1_gethostname(raw_msg, msglen, info->host) - + ntlm_msg1_getdomainname(raw_msg, msglen, info->domain); + + ntlm_msg1_gethostname(raw_msg, msglen, info->host, sizeof (info->host) - 1) + + ntlm_msg1_getdomainname(raw_msg, msglen, info->domain, sizeof (info->domain) - 1); case 3: - return ntlm_msg3_getlm(raw_msg, msglen, info->lm) - + ntlm_msg3_getnt(raw_msg, msglen, info->nt) - + ntlm_msg3_getusername(raw_msg, msglen, info->user,*ntlmssp_flags) - + ntlm_msg3_gethostname(raw_msg, msglen, info->host,*ntlmssp_flags) - + ntlm_msg3_getdomainname(raw_msg, msglen, info->domain,*ntlmssp_flags); + return ntlm_msg3_getlm(raw_msg, msglen, info->lm, sizeof (info->lm)) + + ntlm_msg3_getnt(raw_msg, msglen, info->nt, sizeof (info->nt)) + + ntlm_msg3_getusername(raw_msg, msglen, info->user, sizeof (info->user) - 1, *ntlmssp_flags) + + ntlm_msg3_gethostname(raw_msg, msglen, info->host, sizeof (info->host) - 1, *ntlmssp_flags) + + ntlm_msg3_getdomainname(raw_msg, msglen, info->domain, sizeof (info->domain) - 1, *ntlmssp_flags); } return -1; } |