rubyntlm 0.6.1 → 0.6.2

data/lib/net/ntlm/message/type2.rb

@@ -1,102 +1,102 @@
-module Net
-  module NTLM
-    class Message
-
-      # @private false
-      class Type2 < Message
-
-        string          :sign,        { :size => 8, :value => SSP_SIGN }
-        int32LE         :type,        { :value => 2 }
-        security_buffer :target_name, { :size => 0, :value => "" }
-        int32LE         :flag,        { :value => DEFAULT_FLAGS[:TYPE2] }
-        int64LE         :challenge,   { :value => 0}
-        int64LE         :context,     { :value => 0, :active => false }
-        security_buffer :target_info, { :value => "", :active => false }
-        string          :os_version,  { :size => 8, :value => "", :active => false }
-
-        # Generates a Type 3 response based on the Type 2 Information
-        # @return [Type3]
-        # @option arg [String] :username The username to authenticate with
-        # @option arg [String] :password The user's password
-        # @option arg [String] :domain ('') The domain to authenticate to
-        # @option opt [String] :workstation (Socket.gethostname) The name of the calling workstation
-        # @option opt [Boolean] :use_default_target (false) Use the domain supplied by the server in the Type 2 packet
-        # @note An empty :domain option authenticates to the local machine.
-        # @note The :use_default_target has precedence over the :domain option
-        def response(arg, opt = {})
-          usr = arg[:user]
-          pwd = arg[:password]
-          domain = arg[:domain] ? arg[:domain].upcase : ""
-          if usr.nil? or pwd.nil?
-            raise ArgumentError, "user and password have to be supplied"
-          end
-
-          if opt[:workstation]
-            ws = opt[:workstation]
-          else
-            ws = Socket.gethostname
-          end
-
-          if opt[:client_challenge]
-            cc  = opt[:client_challenge]
-          else
-            cc = rand(MAX64)
-          end
-          cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
-          opt[:client_challenge] = cc
-
-          if has_flag?(:OEM) and opt[:unicode]
-            usr = NTLM::EncodeUtil.decode_utf16le(usr)
-            pwd = NTLM::EncodeUtil.decode_utf16le(pwd)
-            ws  = NTLM::EncodeUtil.decode_utf16le(ws)
-            domain = NTLM::EncodeUtil.decode_utf16le(domain)
-            opt[:unicode] = false
-          end
-
-          if has_flag?(:UNICODE) and !opt[:unicode]
-            usr = NTLM::EncodeUtil.encode_utf16le(usr)
-            pwd = NTLM::EncodeUtil.encode_utf16le(pwd)
-            ws  = NTLM::EncodeUtil.encode_utf16le(ws)
-            domain = NTLM::EncodeUtil.encode_utf16le(domain)
-            opt[:unicode] = true
-          end
-
-          if opt[:use_default_target]
-            domain = self.target_name
-          end
-
-          ti = self.target_info
-
-          chal = self[:challenge].serialize
-
-          if opt[:ntlmv2]
-            ar = {:ntlmv2_hash => NTLM::ntlmv2_hash(usr, pwd, domain, opt), :challenge => chal, :target_info => ti}
-            lm_res = NTLM::lmv2_response(ar, opt)
-            ntlm_res = NTLM::ntlmv2_response(ar, opt)
-          elsif has_flag?(:NTLM2_KEY)
-            ar = {:ntlm_hash => NTLM::ntlm_hash(pwd, opt), :challenge => chal}
-            lm_res, ntlm_res = NTLM::ntlm2_session(ar, opt)
-          else
-            ar = {:lm_hash => NTLM::lm_hash(pwd), :challenge => chal}
-            lm_res = NTLM::lm_response(ar)
-            ar = {:ntlm_hash => NTLM::ntlm_hash(pwd, opt), :challenge => chal}
-            ntlm_res = NTLM::ntlm_response(ar)
-          end
-
-          Type3.create({
-                           :lm_response => lm_res,
-                           :ntlm_response => ntlm_res,
-                           :domain => domain,
-                           :user => usr,
-                           :workstation => ws,
-                           :flag => self.flag
-                       })
-        end
-
-      end
-
-    end
-  end
-end
-
-
+module Net
+  module NTLM
+    class Message
+
+      # @private false
+      class Type2 < Message
+
+        string          :sign,        { :size => 8, :value => SSP_SIGN }
+        int32LE         :type,        { :value => 2 }
+        security_buffer :target_name, { :size => 0, :value => "" }
+        int32LE         :flag,        { :value => DEFAULT_FLAGS[:TYPE2] }
+        int64LE         :challenge,   { :value => 0}
+        int64LE         :context,     { :value => 0, :active => false }
+        security_buffer :target_info, { :value => "", :active => false }
+        string          :os_version,  { :size => 8, :value => "", :active => false }
+
+        # Generates a Type 3 response based on the Type 2 Information
+        # @return [Type3]
+        # @option arg [String] :username The username to authenticate with
+        # @option arg [String] :password The user's password
+        # @option arg [String] :domain ('') The domain to authenticate to
+        # @option opt [String] :workstation (Socket.gethostname) The name of the calling workstation
+        # @option opt [Boolean] :use_default_target (false) Use the domain supplied by the server in the Type 2 packet
+        # @note An empty :domain option authenticates to the local machine.
+        # @note The :use_default_target has precedence over the :domain option
+        def response(arg, opt = {})
+          usr = arg[:user]
+          pwd = arg[:password]
+          domain = arg[:domain] ? arg[:domain].upcase : ""
+          if usr.nil? or pwd.nil?
+            raise ArgumentError, "user and password have to be supplied"
+          end
+
+          if opt[:workstation]
+            ws = opt[:workstation]
+          else
+            ws = Socket.gethostname
+          end
+
+          if opt[:client_challenge]
+            cc  = opt[:client_challenge]
+          else
+            cc = rand(MAX64)
+          end
+          cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
+          opt[:client_challenge] = cc
+
+          if has_flag?(:OEM) and opt[:unicode]
+            usr = NTLM::EncodeUtil.decode_utf16le(usr)
+            pwd = NTLM::EncodeUtil.decode_utf16le(pwd)
+            ws  = NTLM::EncodeUtil.decode_utf16le(ws)
+            domain = NTLM::EncodeUtil.decode_utf16le(domain)
+            opt[:unicode] = false
+          end
+
+          if has_flag?(:UNICODE) and !opt[:unicode]
+            usr = NTLM::EncodeUtil.encode_utf16le(usr)
+            pwd = NTLM::EncodeUtil.encode_utf16le(pwd)
+            ws  = NTLM::EncodeUtil.encode_utf16le(ws)
+            domain = NTLM::EncodeUtil.encode_utf16le(domain)
+            opt[:unicode] = true
+          end
+
+          if opt[:use_default_target]
+            domain = self.target_name
+          end
+
+          ti = self.target_info
+
+          chal = self[:challenge].serialize
+
+          if opt[:ntlmv2]
+            ar = {:ntlmv2_hash => NTLM::ntlmv2_hash(usr, pwd, domain, opt), :challenge => chal, :target_info => ti}
+            lm_res = NTLM::lmv2_response(ar, opt)
+            ntlm_res = NTLM::ntlmv2_response(ar, opt)
+          elsif has_flag?(:NTLM2_KEY)
+            ar = {:ntlm_hash => NTLM::ntlm_hash(pwd, opt), :challenge => chal}
+            lm_res, ntlm_res = NTLM::ntlm2_session(ar, opt)
+          else
+            ar = {:lm_hash => NTLM::lm_hash(pwd), :challenge => chal}
+            lm_res = NTLM::lm_response(ar)
+            ar = {:ntlm_hash => NTLM::ntlm_hash(pwd, opt), :challenge => chal}
+            ntlm_res = NTLM::ntlm_response(ar)
+          end
+
+          Type3.create({
+                           :lm_response => lm_res,
+                           :ntlm_response => ntlm_res,
+                           :domain => domain,
+                           :user => usr,
+                           :workstation => ws,
+                           :flag => self.flag
+                       })
+        end
+
+      end
+
+    end
+  end
+end
+
+

data/lib/net/ntlm/message/type3.rb

@@ -1,131 +1,131 @@
-module Net
-  module NTLM
-    class Message
-
-      # @private false
-      class Type3 < Message
-
-        string          :sign,          {:size => 8, :value => SSP_SIGN}
-        int32LE         :type,          {:value => 3}
-        security_buffer :lm_response,   {:value => ""}
-        security_buffer :ntlm_response, {:value => ""}
-        security_buffer :domain,        {:value => ""}
-        security_buffer :user,          {:value => ""}
-        security_buffer :workstation,   {:value => ""}
-        security_buffer :session_key,   {:value => "", :active => false }
-        int32LE         :flag,          {:value => 0, :active => false }
-        string          :os_version,    {:size => 8, :active => false }
-
-        class << Type3
-          # Builds a Type 3 packet
-          # @note All options must be properly encoded with either unicode or oem encoding
-          # @return [Type3]
-          # @option arg [String] :lm_response The LM hash
-          # @option arg [String] :ntlm_response The NTLM hash
-          # @option arg [String] :domain The domain to authenticate to
-          # @option arg [String] :workstation The name of the calling workstation
-          # @option arg [String] :session_key The session key
-          # @option arg [Integer] :flag Flags for the packet
-          def create(arg, opt ={})
-            t = new
-            t.lm_response = arg[:lm_response]
-            t.ntlm_response = arg[:ntlm_response]
-            t.domain = arg[:domain]
-            t.user = arg[:user]
-
-            if arg[:workstation]
-              t.workstation = arg[:workstation]
-            end
-
-            if arg[:session_key]
-              t.enable(:session_key)
-              t.session_key = arg[:session_key]
-            end
-
-            if arg[:flag]
-              t.enable(:session_key)
-              t.enable(:flag)
-              t.flag = arg[:flag]
-            end
-            t
-          end
-        end
-
-        # @param server_challenge (see #password?)
-        def blank_password?(server_challenge)
-          password?('', server_challenge)
-        end
-
-        # @param password [String]
-        # @param server_challenge [String] The server's {Type2#challenge challenge} from the
-        #   {Type2} message for which this object is a response.
-        # @return [true] if +password+ was the password used to generate this
-        #   {Type3} message
-        # @return [false] otherwise
-        def password?(password, server_challenge)
-          case ntlm_version
-          when :ntlm2_session
-            ntlm2_session_password?(password, server_challenge)
-          when :ntlmv2
-            ntlmv2_password?(password, server_challenge)
-          else
-            raise
-          end
-        end
-
-        # @return [Symbol]
-        def ntlm_version
-          if ntlm_response.size == 24 && lm_response[0,8] != "\x00"*8 && lm_response[8,16] == "\x00"*16
-            :ntlm2_session
-          elsif ntlm_response.size == 24
-            :ntlmv1
-          elsif ntlm_response.size > 24
-            :ntlmv2
-          end
-        end
-
-        private
-
-        def ntlm2_session_password?(password, server_challenge)
-          hash = ntlm_response
-          _lm, empty_hash = NTLM.ntlm2_session(
-            {
-              :ntlm_hash => NTLM.ntlm_hash(password),
-              :challenge => server_challenge,
-            },
-            {
-              :client_challenge => lm_response[0,8]
-            }
-          )
-          hash == empty_hash
-        end
-
-        def ntlmv2_password?(password, server_challenge)
-
-          # The first 16 bytes of the ntlm_response are the HMAC of the blob
-          # that follows it.
-          blob = Blob.new
-          blob.parse(ntlm_response[16..-1])
-
-          empty_hash = NTLM.ntlmv2_response(
-            {
-              # user and domain came from the serialized data here, so
-              # they're already unicode
-              :ntlmv2_hash => NTLM.ntlmv2_hash(user, '', domain, :unicode => true),
-              :challenge => server_challenge,
-              :target_info => blob.target_info
-            },
-            {
-              :client_challenge => blob.challenge,
-              # The blob's timestamp is already in milliseconds since 1601,
-              # so convert it back to epoch time first
-              :timestamp => (blob.timestamp / 10_000_000) - NTLM::TIME_OFFSET,
-            }
-          )
-
-          empty_hash == ntlm_response
-        end
-      end
-    end
-  end
-end
+module Net
+  module NTLM
+    class Message
+
+      # @private false
+      class Type3 < Message
+
+        string          :sign,          {:size => 8, :value => SSP_SIGN}
+        int32LE         :type,          {:value => 3}
+        security_buffer :lm_response,   {:value => ""}
+        security_buffer :ntlm_response, {:value => ""}
+        security_buffer :domain,        {:value => ""}
+        security_buffer :user,          {:value => ""}
+        security_buffer :workstation,   {:value => ""}
+        security_buffer :session_key,   {:value => "", :active => false }
+        int32LE         :flag,          {:value => 0, :active => false }
+        string          :os_version,    {:size => 8, :active => false }
+
+        class << Type3
+          # Builds a Type 3 packet
+          # @note All options must be properly encoded with either unicode or oem encoding
+          # @return [Type3]
+          # @option arg [String] :lm_response The LM hash
+          # @option arg [String] :ntlm_response The NTLM hash
+          # @option arg [String] :domain The domain to authenticate to
+          # @option arg [String] :workstation The name of the calling workstation
+          # @option arg [String] :session_key The session key
+          # @option arg [Integer] :flag Flags for the packet
+          def create(arg, opt ={})
+            t = new
+            t.lm_response = arg[:lm_response]
+            t.ntlm_response = arg[:ntlm_response]
+            t.domain = arg[:domain]
+            t.user = arg[:user]
+
+            if arg[:workstation]
+              t.workstation = arg[:workstation]
+            end
+
+            if arg[:session_key]
+              t.enable(:session_key)
+              t.session_key = arg[:session_key]
+            end
+
+            if arg[:flag]
+              t.enable(:session_key)
+              t.enable(:flag)
+              t.flag = arg[:flag]
+            end
+            t
+          end
+        end
+
+        # @param server_challenge (see #password?)
+        def blank_password?(server_challenge)
+          password?('', server_challenge)
+        end
+
+        # @param password [String]
+        # @param server_challenge [String] The server's {Type2#challenge challenge} from the
+        #   {Type2} message for which this object is a response.
+        # @return [true] if +password+ was the password used to generate this
+        #   {Type3} message
+        # @return [false] otherwise
+        def password?(password, server_challenge)
+          case ntlm_version
+          when :ntlm2_session
+            ntlm2_session_password?(password, server_challenge)
+          when :ntlmv2
+            ntlmv2_password?(password, server_challenge)
+          else
+            raise
+          end
+        end
+
+        # @return [Symbol]
+        def ntlm_version
+          if ntlm_response.size == 24 && lm_response[0,8] != "\x00"*8 && lm_response[8,16] == "\x00"*16
+            :ntlm2_session
+          elsif ntlm_response.size == 24
+            :ntlmv1
+          elsif ntlm_response.size > 24
+            :ntlmv2
+          end
+        end
+
+        private
+
+        def ntlm2_session_password?(password, server_challenge)
+          hash = ntlm_response
+          _lm, empty_hash = NTLM.ntlm2_session(
+            {
+              :ntlm_hash => NTLM.ntlm_hash(password),
+              :challenge => server_challenge,
+            },
+            {
+              :client_challenge => lm_response[0,8]
+            }
+          )
+          hash == empty_hash
+        end
+
+        def ntlmv2_password?(password, server_challenge)
+
+          # The first 16 bytes of the ntlm_response are the HMAC of the blob
+          # that follows it.
+          blob = Blob.new
+          blob.parse(ntlm_response[16..-1])
+
+          empty_hash = NTLM.ntlmv2_response(
+            {
+              # user and domain came from the serialized data here, so
+              # they're already unicode
+              :ntlmv2_hash => NTLM.ntlmv2_hash(user, '', domain, :unicode => true),
+              :challenge => server_challenge,
+              :target_info => blob.target_info
+            },
+            {
+              :client_challenge => blob.challenge,
+              # The blob's timestamp is already in milliseconds since 1601,
+              # so convert it back to epoch time first
+              :timestamp => (blob.timestamp / 10_000_000) - NTLM::TIME_OFFSET,
+            }
+          )
+
+          empty_hash == ntlm_response
+        end
+      end
+    end
+  end
+end