Lines Matching +full:data +full:- +full:out
2 * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47 {"ms-chap-v2", 1U << 5},
48 {"chap-md5", 1U << 4},
49 {"digest-md5", 1U << 3},
50 {"ntlm-v2", 1U << 2},
51 {"ntlm-v1-session", 1U << 1},
52 {"ntlm-v1", 1U << 0},
70 "digest-service", in get_digest_key()
75 return krb5_crypto_init(context, &key->key, 0, crypto); in get_digest_key()
89 client->entry.principal)); in get_ntlm_targetname()
105 krb5_data *data) in fill_targetinfo() argument
116 p = client->entry.principal; in fill_targetinfo()
133 data->data = d.data; in fill_targetinfo()
134 data->length = d.length; in fill_targetinfo()
185 ret = hdb_entry_get_password(context, db, &user->entry, password); in get_password_entry()
225 if(!config->enable_digest) { in _kdc_do_digest()
244 goto out; in _kdc_do_digest()
249 &req->apReq, in _kdc_do_digest()
255 goto out; in _kdc_do_digest()
264 goto out; in _kdc_do_digest()
271 goto out; in _kdc_do_digest()
275 goto out; in _kdc_do_digest()
281 goto out; in _kdc_do_digest()
286 goto out; in _kdc_do_digest()
290 goto out; in _kdc_do_digest()
297 goto out; in _kdc_do_digest()
308 goto out; in _kdc_do_digest()
313 goto out; in _kdc_do_digest()
320 goto out; in _kdc_do_digest()
322 if (client->entry.flags.allow_digest == 0) { in _kdc_do_digest()
330 goto out; in _kdc_do_digest()
340 goto out; in _kdc_do_digest()
344 goto out; in _kdc_do_digest()
350 goto out; in _kdc_do_digest()
354 &req->innerReq, &buf); in _kdc_do_digest()
358 goto out; in _kdc_do_digest()
360 ret = decode_DigestReqInner(buf.data, buf.length, &ireq, NULL); in _kdc_do_digest()
364 goto out; in _kdc_do_digest()
392 goto out; in _kdc_do_digest()
398 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
399 goto out; in _kdc_do_digest()
404 goto out; in _kdc_do_digest()
410 asprintf(&s, "%s-%s:%s", r.u.initReply.nonce, in _kdc_do_digest()
411 ireq.u.init.channel->cb_type, in _kdc_do_digest()
412 ireq.u.init.channel->cb_binding); in _kdc_do_digest()
417 goto out; in _kdc_do_digest()
426 goto out; in _kdc_do_digest()
434 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
435 goto out; in _kdc_do_digest()
441 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
442 goto out; in _kdc_do_digest()
452 goto out; in _kdc_do_digest()
459 goto out; in _kdc_do_digest()
464 goto out; in _kdc_do_digest()
470 buf.data, in _kdc_do_digest()
477 goto out; in _kdc_do_digest()
479 ASN1_MALLOC_ENCODE(Checksum, buf.data, buf.length, &res, &size, ret); in _kdc_do_digest()
484 goto out; in _kdc_do_digest()
489 hex_encode(buf.data, buf.length, &r.u.initReply.opaque); in _kdc_do_digest()
490 free(buf.data); in _kdc_do_digest()
495 goto out; in _kdc_do_digest()
507 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
508 goto out; in _kdc_do_digest()
513 goto out; in _kdc_do_digest()
522 goto out; in _kdc_do_digest()
527 buf.data = malloc(buf.length); in _kdc_do_digest()
528 if (buf.data == NULL) { in _kdc_do_digest()
530 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
531 goto out; in _kdc_do_digest()
534 ret = hex_decode(ireq.u.digestRequest.opaque, buf.data, buf.length); in _kdc_do_digest()
538 goto out; in _kdc_do_digest()
542 ret = decode_Checksum(buf.data, buf.length, &res, NULL); in _kdc_do_digest()
543 free(buf.data); in _kdc_do_digest()
548 goto out; in _kdc_do_digest()
554 goto out; in _kdc_do_digest()
558 serverNonce.data = malloc(serverNonce.length); in _kdc_do_digest()
559 if (serverNonce.data == NULL) { in _kdc_do_digest()
561 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
562 goto out; in _kdc_do_digest()
573 serverNonce.data, serverNonce.length); in _kdc_do_digest()
577 goto out; in _kdc_do_digest()
584 goto out; in _kdc_do_digest()
588 buf.data, buf.length, &res); in _kdc_do_digest()
594 goto out; in _kdc_do_digest()
598 unsigned char *p = serverNonce.data; in _kdc_do_digest()
604 goto out; in _kdc_do_digest()
608 if (abs((kdc_time & 0xffffffff) - t) > context->max_skew) { in _kdc_do_digest()
611 goto out; in _kdc_do_digest()
621 if ((config->digests_allowed & CHAP_MD5) == 0) { in _kdc_do_digest()
623 goto out; in _kdc_do_digest()
630 goto out; in _kdc_do_digest()
636 goto out; in _kdc_do_digest()
643 goto out; in _kdc_do_digest()
650 EVP_DigestUpdate(ctx, serverNonce.data, serverNonce.length); in _kdc_do_digest()
659 goto out; in _kdc_do_digest()
675 } else if (strcasecmp(ireq.u.digestRequest.type, "SASL-DIGEST-MD5") == 0) { in _kdc_do_digest()
681 if ((config->digests_allowed & DIGEST_MD5) == 0) { in _kdc_do_digest()
683 goto out; in _kdc_do_digest()
687 goto out; in _kdc_do_digest()
689 goto out; in _kdc_do_digest()
691 goto out; in _kdc_do_digest()
693 goto out; in _kdc_do_digest()
730 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
737 "AUTHENTICATE:", sizeof("AUTHENTICATE:") - 1); in _kdc_do_digest()
744 EVP_DigestUpdate(ctx, conf_zeros, sizeof(conf_zeros) - 1); in _kdc_do_digest()
752 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
785 goto out; in _kdc_do_digest()
795 "DIGEST-MD5 reply mismatch for %s", in _kdc_do_digest()
800 } else if (strcasecmp(ireq.u.digestRequest.type, "MS-CHAP-V2") == 0) { in _kdc_do_digest()
809 if ((config->digests_allowed & MS_CHAP_V2) == 0) { in _kdc_do_digest()
810 kdc_log(context, config, 0, "MS-CHAP-V2 not allowed"); in _kdc_do_digest()
817 "MS-CHAP-V2 clientNonce missing"); in _kdc_do_digest()
823 "MS-CHAP-V2 serverNonce wrong length"); in _kdc_do_digest()
843 clientNonce.data = malloc(clientNonce.length); in _kdc_do_digest()
844 if (clientNonce.data == NULL) { in _kdc_do_digest()
847 "malloc: out of memory"); in _kdc_do_digest()
849 goto out; in _kdc_do_digest()
853 clientNonce.data, clientNonce.length); in _kdc_do_digest()
859 goto out; in _kdc_do_digest()
861 EVP_DigestUpdate(ctp, clientNonce.data, ssize); in _kdc_do_digest()
862 free(clientNonce.data); in _kdc_do_digest()
864 EVP_DigestUpdate(ctp, serverNonce.data, serverNonce.length); in _kdc_do_digest()
881 "MS-CHAP-V2 user %s not in database", in _kdc_do_digest()
886 ret = hdb_enctype2key(context, &user->entry, in _kdc_do_digest()
890 "MS-CHAP-V2 missing arcfour key %s", in _kdc_do_digest()
896 ret = heim_ntlm_calculate_ntlm1(key->key.keyvalue.data, in _kdc_do_digest()
897 key->key.keyvalue.length, in _kdc_do_digest()
904 hex_encode(answer.data, answer.length, &mdx); in _kdc_do_digest()
906 free(answer.data); in _kdc_do_digest()
909 goto out; in _kdc_do_digest()
918 "MS-CHAP-V2 hash mismatch for %s", in _kdc_do_digest()
934 key->key.keyvalue.data, in _kdc_do_digest()
935 key->key.keyvalue.length); in _kdc_do_digest()
942 EVP_DigestUpdate(ctxp, answer.data, answer.length); in _kdc_do_digest()
956 free(answer.data); in _kdc_do_digest()
960 goto out; in _kdc_do_digest()
965 free(answer.data); in _kdc_do_digest()
969 goto out; in _kdc_do_digest()
975 EVP_DigestUpdate(ctxp, answer.data, answer.length); in _kdc_do_digest()
980 free(answer.data); in _kdc_do_digest()
989 goto out; in _kdc_do_digest()
995 goto out; in _kdc_do_digest()
1005 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1006 goto out; in _kdc_do_digest()
1018 if ((config->digests_allowed & (NTLM_V1|NTLM_V1_SESSION|NTLM_V2)) == 0) { in _kdc_do_digest()
1059 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1060 goto out; in _kdc_do_digest()
1062 r.u.ntlmInitReply.challange.data = malloc(8); in _kdc_do_digest()
1063 if (r.u.ntlmInitReply.challange.data == NULL) { in _kdc_do_digest()
1065 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1066 goto out; in _kdc_do_digest()
1069 if (RAND_bytes(r.u.ntlmInitReply.challange.data, in _kdc_do_digest()
1073 krb5_set_error_message(context, ret, "out of random error"); in _kdc_do_digest()
1074 goto out; in _kdc_do_digest()
1080 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1081 goto out; in _kdc_do_digest()
1090 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1091 goto out; in _kdc_do_digest()
1095 * Save data encryted in opaque for the second part of the in _kdc_do_digest()
1101 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1102 goto out; in _kdc_do_digest()
1105 ret = krb5_storage_write(sp, r.u.ntlmInitReply.challange.data, 8); in _kdc_do_digest()
1109 goto out; in _kdc_do_digest()
1114 goto out; in _kdc_do_digest()
1120 goto out; in _kdc_do_digest()
1125 goto out; in _kdc_do_digest()
1128 buf.data, buf.length, &r.u.ntlmInitReply.opaque); in _kdc_do_digest()
1133 goto out; in _kdc_do_digest()
1174 ireq.u.ntlmRequest.opaque.data, in _kdc_do_digest()
1187 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1188 goto out; in _kdc_do_digest()
1195 goto out; in _kdc_do_digest()
1200 goto out; in _kdc_do_digest()
1209 goto out; in _kdc_do_digest()
1212 ret = hdb_enctype2key(context, &user->entry, in _kdc_do_digest()
1216 goto out; in _kdc_do_digest()
1224 if ((config->digests_allowed & NTLM_V2) == 0) { in _kdc_do_digest()
1226 goto out; in _kdc_do_digest()
1234 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1235 goto out; in _kdc_do_digest()
1239 answer.data = ireq.u.ntlmRequest.ntlm.data; in _kdc_do_digest()
1241 ret = heim_ntlm_verify_ntlm2(key->key.keyvalue.data, in _kdc_do_digest()
1242 key->key.keyvalue.length, in _kdc_do_digest()
1258 free(infotarget.data); in _kdc_do_digest()
1270 if ((config->digests_allowed & NTLM_V1_SESSION) == 0) { in _kdc_do_digest()
1271 kdc_log(context, config, 0, "NTLM v1-session not allowed"); in _kdc_do_digest()
1288 EVP_DigestUpdate(ctx, ireq.u.ntlmRequest.lm.data, 8); in _kdc_do_digest()
1295 if ((config->digests_allowed & NTLM_V1) == 0) { in _kdc_do_digest()
1301 ret = heim_ntlm_calculate_ntlm1(key->key.keyvalue.data, in _kdc_do_digest()
1302 key->key.keyvalue.length, in _kdc_do_digest()
1310 memcmp(ireq.u.ntlmRequest.ntlm.data, answer.data, answer.length) != 0) in _kdc_do_digest()
1312 free(answer.data); in _kdc_do_digest()
1317 free(answer.data); in _kdc_do_digest()
1326 key->key.keyvalue.data, in _kdc_do_digest()
1327 key->key.keyvalue.length); in _kdc_do_digest()
1347 len = ireq.u.ntlmRequest.sessionkey->length; in _kdc_do_digest()
1366 masterkey, ireq.u.ntlmRequest.sessionkey->data, in _kdc_do_digest()
1374 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1375 goto out; in _kdc_do_digest()
1381 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1382 goto out; in _kdc_do_digest()
1398 if (config->digests_allowed & NTLM_V1) in _kdc_do_digest()
1400 if (config->digests_allowed & NTLM_V1_SESSION) in _kdc_do_digest()
1402 if (config->digests_allowed & NTLM_V2) in _kdc_do_digest()
1404 if (config->digests_allowed & DIGEST_MD5) in _kdc_do_digest()
1406 if (config->digests_allowed & CHAP_MD5) in _kdc_do_digest()
1408 if (config->digests_allowed & MS_CHAP_V2) in _kdc_do_digest()
1422 goto out; in _kdc_do_digest()
1432 krb5_set_error_message(context, ret, "malloc: out of memory"); in _kdc_do_digest()
1433 goto out; in _kdc_do_digest()
1440 ASN1_MALLOC_ENCODE(DigestRepInner, buf.data, buf.length, &r, &size, ret); in _kdc_do_digest()
1443 goto out; in _kdc_do_digest()
1452 goto out; in _kdc_do_digest()
1459 goto out; in _kdc_do_digest()
1464 goto out; in _kdc_do_digest()
1468 buf.data, buf.length, 0, in _kdc_do_digest()
1472 goto out; in _kdc_do_digest()
1475 ASN1_MALLOC_ENCODE(DigestREP, reply->data, reply->length, &rep, &size, ret); in _kdc_do_digest()
1478 goto out; in _kdc_do_digest()
1480 if (size != reply->length) in _kdc_do_digest()
1484 out: in _kdc_do_digest()