[vlc-commits] contrib: smb2: backport anonymous login support

Thomas Guillem git at videolan.org
Tue Aug 6 11:51:54 CEST 2019


vlc | branch: master | Thomas Guillem <thomas at gllm.fr> | Tue Aug  6 08:51:31 2019 +0200| [758c04a0d4d629d92bc5c123c6316372e8b04c76] | committer: Thomas Guillem

contrib: smb2: backport anonymous login support

That was added after the 3.0.0 release.

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=758c04a0d4d629d92bc5c123c6316372e8b04c76
---

 ...-ntlmssp-add-support-for-Anonymous-logins.patch | 219 +++++++++++++++++++++
 contrib/src/smb2/rules.mak                         |   1 +
 2 files changed, 220 insertions(+)

diff --git a/contrib/src/smb2/0001-ntlmssp-add-support-for-Anonymous-logins.patch b/contrib/src/smb2/0001-ntlmssp-add-support-for-Anonymous-logins.patch
new file mode 100644
index 0000000000..433472086f
--- /dev/null
+++ b/contrib/src/smb2/0001-ntlmssp-add-support-for-Anonymous-logins.patch
@@ -0,0 +1,219 @@
+From 91e4b27ec265d2c08890fcee9043a15382d8a54f Mon Sep 17 00:00:00 2001
+From: Ronnie Sahlberg <ronniesahlberg at gmail.com>
+Date: Tue, 6 Aug 2019 13:30:51 +1000
+Subject: [PATCH] ntlmssp: add support for Anonymous logins
+
+Signed-off-by: Ronnie Sahlberg <ronniesahlberg at gmail.com>
+---
+ lib/ntlmssp.c | 131 +++++++++++++++++++++++++++++---------------------
+ 1 file changed, 77 insertions(+), 54 deletions(-)
+
+diff --git a/lib/ntlmssp.c b/lib/ntlmssp.c
+index 646a511..a34d119 100644
+--- a/lib/ntlmssp.c
++++ b/lib/ntlmssp.c
+@@ -96,6 +96,7 @@ struct auth_data {
+ #define NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY         0x00080000
+ #define NTLMSSP_TARGET_TYPE_SERVER                         0x00020000
+ #define NTLMSSP_NEGOTIATE_ALWAYS_SIGN                      0x00008000
++#define NTLMSSP_NEGOTIATE_ANONYMOUS                        0x00000800
+ #define NTLMSSP_NEGOTIATE_NTLM                             0x00000200
+ #define NTLMSSP_NEGOTIATE_SIGN                             0x00000010
+ #define NTLMSSP_REQUEST_TARGET                             0x00000004
+@@ -320,7 +321,7 @@ encode_ntlm_auth(struct smb2_context *smb2, time_t ti,
+         struct ucs2 *ucs2_domain = NULL;
+         struct ucs2 *ucs2_user = NULL;
+         struct ucs2 *ucs2_workstation = NULL;
+-        int NTChallengeResponse_len;
++        int NTChallengeResponse_len = 0;
+         unsigned char NTProofStr[16];
+         unsigned char LMStr[16];
+         uint64_t t;
+@@ -330,14 +331,15 @@ encode_ntlm_auth(struct smb2_context *smb2, time_t ti,
+         uint32_t u32;
+         uint32_t server_neg_flags;
+         unsigned char key_exch[SMB2_KEY_SIZE];
++        uint8_t anonymous = 0;
+ 
+         tv.tv_sec = ti;
+         tv.tv_usec = 0;
+         t = timeval_to_win(&tv);
+ 
+         if (auth_data->password == NULL) {
+-                smb2_set_error(smb2, "No password set, can not use NTLM\n");
+-                goto finished;
++                anonymous = 1;
++                goto encode;
+         }
+ 
+         /*
+@@ -383,6 +385,7 @@ encode_ntlm_auth(struct smb2_context *smb2, time_t ti,
+         smb2_hmac_md5(NTProofStr, 16, ResponseKeyNT, 16, key_exch);
+         memcpy(auth_data->exported_session_key, key_exch, 16);
+ 
++ encode:
+         /*
+          * Generate AUTHENTICATE_MESSAGE
+          */
+@@ -393,14 +396,20 @@ encode_ntlm_auth(struct smb2_context *smb2, time_t ti,
+         encoder(&u32, 4, auth_data);
+ 
+         /* lm challenge response fields */
+-        memcpy(&lm_buf[0], server_challenge, 8);
+-        memcpy(&lm_buf[8], auth_data->client_challenge, 8);
+-        smb2_hmac_md5(&lm_buf[0], 16,
+-                 ResponseKeyNT, 16, LMStr);
+-        u32 = htole32(0x00180018);
+-        encoder(&u32, 4, auth_data);
+-        u32 = 0;
+-        encoder(&u32, 4, auth_data);
++        if (!anonymous) {
++                memcpy(&lm_buf[0], server_challenge, 8);
++                memcpy(&lm_buf[8], auth_data->client_challenge, 8);
++                smb2_hmac_md5(&lm_buf[0], 16,
++                              ResponseKeyNT, 16, LMStr);
++                u32 = htole32(0x00180018);
++                encoder(&u32, 4, auth_data);
++                u32 = 0;
++                encoder(&u32, 4, auth_data);
++        } else {
++                u32 = 0;
++                encoder(&u32, 4, auth_data);
++                encoder(&u32, 4, auth_data);
++        }
+ 
+         /* nt challenge response fields */
+         u32 = htole32((NTChallengeResponse_len<<16)|
+@@ -410,7 +419,7 @@ encode_ntlm_auth(struct smb2_context *smb2, time_t ti,
+         encoder(&u32, 4, auth_data);
+ 
+         /* domain name fields */
+-        if (auth_data->domain) {
++        if (!anonymous && auth_data->domain) {
+                 ucs2_domain = utf8_to_ucs2(auth_data->domain);
+                 if (ucs2_domain == NULL) {
+                         goto finished;
+@@ -427,18 +436,24 @@ encode_ntlm_auth(struct smb2_context *smb2, time_t ti,
+         }
+ 
+         /* user name fields */
+-        ucs2_user = utf8_to_ucs2(auth_data->user);
+-        if (ucs2_user == NULL) {
+-                goto finished;
++        if (!anonymous) {
++                ucs2_user = utf8_to_ucs2(auth_data->user);
++                if (ucs2_user == NULL) {
++                        goto finished;
++                }
++                u32 = ucs2_user->len * 2;
++                u32 = htole32((u32 << 16) | u32);
++                encoder(&u32, 4, auth_data);
++                u32 = 0;
++                encoder(&u32, 4, auth_data);
++        } else {
++                u32 = 0;
++                encoder(&u32, 4, auth_data);
++                encoder(&u32, 4, auth_data);
+         }
+-        u32 = ucs2_user->len * 2;
+-        u32 = htole32((u32 << 16) | u32);
+-        encoder(&u32, 4, auth_data);
+-        u32 = 0;
+-        encoder(&u32, 4, auth_data);
+ 
+         /* workstation name fields */
+-        if (auth_data->workstation) {
++        if (!anonymous && auth_data->workstation) {
+                 ucs2_workstation = utf8_to_ucs2(auth_data->workstation);
+                 if (ucs2_workstation == NULL) {
+                         goto finished;
+@@ -460,45 +475,53 @@ encode_ntlm_auth(struct smb2_context *smb2, time_t ti,
+         encoder(&u32, 4, auth_data);
+ 
+         /* negotiate flags */
+-        u32 = htole32(NTLMSSP_NEGOTIATE_56|NTLMSSP_NEGOTIATE_128|
+-                      NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY|
+-                      //NTLMSSP_NEGOTIATE_ALWAYS_SIGN|
+-                      NTLMSSP_NEGOTIATE_NTLM|
+-                      //NTLMSSP_NEGOTIATE_SIGN|
+-                      NTLMSSP_REQUEST_TARGET|NTLMSSP_NEGOTIATE_OEM|
+-                      NTLMSSP_NEGOTIATE_UNICODE);
++        u32 = NTLMSSP_NEGOTIATE_56|NTLMSSP_NEGOTIATE_128|
++                NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY|
++                //NTLMSSP_NEGOTIATE_ALWAYS_SIGN|
++                NTLMSSP_NEGOTIATE_NTLM|
++                //NTLMSSP_NEGOTIATE_SIGN|
++                NTLMSSP_REQUEST_TARGET|NTLMSSP_NEGOTIATE_OEM|
++                NTLMSSP_NEGOTIATE_UNICODE;
++        if (anonymous)
++                u32 |= NTLMSSP_NEGOTIATE_ANONYMOUS;
++        u32 = htole32(u32);
+         encoder(&u32, 4, auth_data);
+ 
+-        /* append domain */
+-        u32 = htole32(auth_data->len);
+-        memcpy(&auth_data->buf[32], &u32, 4);
+-        if (ucs2_domain) {
+-                encoder(ucs2_domain->val, ucs2_domain->len * 2, auth_data);
+-        }
++        if (!anonymous) {
++                /* append domain */
++                u32 = htole32(auth_data->len);
++                memcpy(&auth_data->buf[32], &u32, 4);
++                if (ucs2_domain) {
++                        encoder(ucs2_domain->val, ucs2_domain->len * 2,
++                                auth_data);
++                }
+ 
+-        /* append user */
+-        u32 = htole32(auth_data->len);
+-        memcpy(&auth_data->buf[40], &u32, 4);
+-        encoder(ucs2_user->val, ucs2_user->len * 2, auth_data);
++                /* append user */
++                u32 = htole32(auth_data->len);
++                memcpy(&auth_data->buf[40], &u32, 4);
++                encoder(ucs2_user->val, ucs2_user->len * 2, auth_data);
++
++                /* append workstation */
++                u32 = htole32(auth_data->len);
++                memcpy(&auth_data->buf[48], &u32, 4);
++                if (ucs2_workstation) {
++                        encoder(ucs2_workstation->val,
++                                ucs2_workstation->len * 2, auth_data);
++                }
+ 
+-        /* append workstation */
+-        u32 = htole32(auth_data->len);
+-        memcpy(&auth_data->buf[48], &u32, 4);
+-        if (ucs2_workstation) {
+-                encoder(ucs2_workstation->val, ucs2_workstation->len * 2, auth_data);
++                /* append LMChallengeResponse */
++                u32 = htole32(auth_data->len);
++                memcpy(&auth_data->buf[16], &u32, 4);
++                encoder(LMStr, 16, auth_data);
++                encoder(auth_data->client_challenge, 8, auth_data);
++
++                /* append NTChallengeResponse */
++                u32 = htole32(auth_data->len);
++                memcpy(&auth_data->buf[24], &u32, 4);
++                encoder(NTChallengeResponse_buf, NTChallengeResponse_len,
++                        auth_data);
+         }
+ 
+-        /* append LMChallengeResponse */
+-        u32 = htole32(auth_data->len);
+-        memcpy(&auth_data->buf[16], &u32, 4);
+-        encoder(LMStr, 16, auth_data);
+-        encoder(auth_data->client_challenge, 8, auth_data);
+-
+-        /* append NTChallengeResponse */
+-        u32 = htole32(auth_data->len);
+-        memcpy(&auth_data->buf[24], &u32, 4);
+-        encoder(NTChallengeResponse_buf, NTChallengeResponse_len, auth_data);
+-
+         ret = 0;
+ finished:
+         free(ucs2_domain);
+-- 
+2.20.1
+
diff --git a/contrib/src/smb2/rules.mak b/contrib/src/smb2/rules.mak
index 4bb0af018d..52dfdcb15a 100644
--- a/contrib/src/smb2/rules.mak
+++ b/contrib/src/smb2/rules.mak
@@ -18,6 +18,7 @@ $(TARBALLS)/libsmb2-$(SMB2_VERSION).tar.gz:
 
 smb2: libsmb2-$(SMB2_VERSION).tar.gz .sum-smb2
 	$(UNPACK)
+	$(APPLY) $(SRC)/smb2/0001-ntlmssp-add-support-for-Anonymous-logins.patch
 	$(MOVE)
 
 .smb2: smb2



More information about the vlc-commits mailing list