rugged 0.27.10 → 0.27.10.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (420) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rugged/version.rb +1 -1
  3. data/vendor/libgit2/AUTHORS +0 -1
  4. data/vendor/libgit2/CMakeLists.txt +54 -98
  5. data/vendor/libgit2/COPYING +0 -28
  6. data/vendor/libgit2/cmake/Modules/AddCFlagIfSupported.cmake +1 -15
  7. data/vendor/libgit2/cmake/Modules/EnableWarnings.cmake +8 -9
  8. data/vendor/libgit2/cmake/Modules/FindCoreFoundation.cmake +2 -2
  9. data/vendor/libgit2/cmake/Modules/FindGSSAPI.cmake +1 -1
  10. data/vendor/libgit2/cmake/Modules/FindSecurity.cmake +2 -2
  11. data/vendor/libgit2/cmake/Modules/FindStatNsec.cmake +0 -6
  12. data/vendor/libgit2/deps/http-parser/CMakeLists.txt +0 -2
  13. data/vendor/libgit2/deps/http-parser/{COPYING → LICENSE-MIT} +0 -0
  14. data/vendor/libgit2/deps/http-parser/http_parser.c +6 -11
  15. data/vendor/libgit2/deps/regex/CMakeLists.txt +2 -0
  16. data/vendor/libgit2/deps/regex/config.h +7 -0
  17. data/vendor/libgit2/deps/regex/regcomp.c +3857 -0
  18. data/vendor/libgit2/deps/regex/regex.c +92 -0
  19. data/vendor/libgit2/deps/regex/regex.h +582 -0
  20. data/vendor/libgit2/deps/regex/regex_internal.c +1744 -0
  21. data/vendor/libgit2/deps/regex/regex_internal.h +819 -0
  22. data/vendor/libgit2/deps/regex/regexec.c +4369 -0
  23. data/vendor/libgit2/deps/zlib/CMakeLists.txt +0 -1
  24. data/vendor/libgit2/deps/zlib/adler32.c +7 -0
  25. data/vendor/libgit2/deps/zlib/crc32.c +7 -0
  26. data/vendor/libgit2/include/git2.h +0 -5
  27. data/vendor/libgit2/include/git2/annotated_commit.h +0 -9
  28. data/vendor/libgit2/include/git2/attr.h +20 -38
  29. data/vendor/libgit2/include/git2/blame.h +25 -42
  30. data/vendor/libgit2/include/git2/blob.h +13 -45
  31. data/vendor/libgit2/include/git2/branch.h +1 -1
  32. data/vendor/libgit2/include/git2/buffer.h +16 -22
  33. data/vendor/libgit2/include/git2/checkout.h +32 -65
  34. data/vendor/libgit2/include/git2/cherrypick.h +7 -9
  35. data/vendor/libgit2/include/git2/clone.h +10 -12
  36. data/vendor/libgit2/include/git2/commit.h +3 -53
  37. data/vendor/libgit2/include/git2/common.h +8 -60
  38. data/vendor/libgit2/include/git2/config.h +19 -30
  39. data/vendor/libgit2/include/git2/describe.h +9 -32
  40. data/vendor/libgit2/include/git2/diff.h +156 -208
  41. data/vendor/libgit2/include/git2/errors.h +46 -54
  42. data/vendor/libgit2/include/git2/filter.h +0 -8
  43. data/vendor/libgit2/include/git2/ignore.h +2 -2
  44. data/vendor/libgit2/include/git2/index.h +52 -74
  45. data/vendor/libgit2/include/git2/indexer.h +6 -76
  46. data/vendor/libgit2/include/git2/inttypes.h +309 -0
  47. data/vendor/libgit2/include/git2/merge.h +18 -35
  48. data/vendor/libgit2/include/git2/net.h +5 -0
  49. data/vendor/libgit2/include/git2/notes.h +1 -1
  50. data/vendor/libgit2/include/git2/object.h +29 -17
  51. data/vendor/libgit2/include/git2/odb.h +11 -12
  52. data/vendor/libgit2/include/git2/odb_backend.h +9 -10
  53. data/vendor/libgit2/include/git2/oid.h +2 -2
  54. data/vendor/libgit2/include/git2/pack.h +3 -14
  55. data/vendor/libgit2/include/git2/proxy.h +8 -14
  56. data/vendor/libgit2/include/git2/rebase.h +6 -53
  57. data/vendor/libgit2/include/git2/refs.h +15 -33
  58. data/vendor/libgit2/include/git2/refspec.h +0 -17
  59. data/vendor/libgit2/include/git2/remote.h +24 -123
  60. data/vendor/libgit2/include/git2/repository.h +39 -76
  61. data/vendor/libgit2/include/git2/revert.h +4 -6
  62. data/vendor/libgit2/include/git2/revwalk.h +7 -7
  63. data/vendor/libgit2/include/git2/signature.h +2 -2
  64. data/vendor/libgit2/include/git2/stash.h +12 -15
  65. data/vendor/libgit2/include/git2/status.h +20 -33
  66. data/vendor/libgit2/include/git2/submodule.h +12 -30
  67. data/vendor/libgit2/include/git2/sys/commit.h +1 -1
  68. data/vendor/libgit2/include/git2/sys/config.h +13 -13
  69. data/vendor/libgit2/include/git2/sys/filter.h +6 -6
  70. data/vendor/libgit2/include/git2/sys/index.h +0 -3
  71. data/vendor/libgit2/include/git2/sys/mempack.h +35 -35
  72. data/vendor/libgit2/include/git2/sys/merge.h +4 -9
  73. data/vendor/libgit2/include/git2/sys/odb_backend.h +22 -66
  74. data/vendor/libgit2/include/git2/sys/refdb_backend.h +40 -76
  75. data/vendor/libgit2/include/git2/sys/repository.h +1 -5
  76. data/vendor/libgit2/include/git2/sys/stream.h +12 -92
  77. data/vendor/libgit2/include/git2/sys/time.h +31 -0
  78. data/vendor/libgit2/include/git2/sys/transport.h +83 -129
  79. data/vendor/libgit2/include/git2/tag.h +4 -13
  80. data/vendor/libgit2/include/git2/trace.h +2 -2
  81. data/vendor/libgit2/include/git2/transaction.h +0 -1
  82. data/vendor/libgit2/include/git2/transport.h +311 -11
  83. data/vendor/libgit2/include/git2/tree.h +4 -4
  84. data/vendor/libgit2/include/git2/types.h +111 -33
  85. data/vendor/libgit2/include/git2/version.h +4 -4
  86. data/vendor/libgit2/include/git2/worktree.h +13 -48
  87. data/vendor/libgit2/libgit2.pc.in +13 -0
  88. data/vendor/libgit2/src/CMakeLists.txt +164 -96
  89. data/vendor/libgit2/src/annotated_commit.c +8 -15
  90. data/vendor/libgit2/src/apply.c +31 -537
  91. data/vendor/libgit2/src/apply.h +1 -3
  92. data/vendor/libgit2/src/array.h +2 -2
  93. data/vendor/libgit2/src/attr.c +75 -81
  94. data/vendor/libgit2/src/attr_file.c +121 -207
  95. data/vendor/libgit2/src/attr_file.h +9 -9
  96. data/vendor/libgit2/src/attrcache.c +53 -51
  97. data/vendor/libgit2/src/attrcache.h +1 -2
  98. data/vendor/libgit2/src/blame.c +20 -47
  99. data/vendor/libgit2/src/blame.h +1 -2
  100. data/vendor/libgit2/src/blame_git.c +20 -37
  101. data/vendor/libgit2/src/blob.c +42 -128
  102. data/vendor/libgit2/src/blob.h +2 -19
  103. data/vendor/libgit2/src/branch.c +43 -67
  104. data/vendor/libgit2/src/buf_text.c +6 -7
  105. data/vendor/libgit2/src/buffer.c +57 -69
  106. data/vendor/libgit2/src/buffer.h +1 -1
  107. data/vendor/libgit2/src/cache.c +45 -38
  108. data/vendor/libgit2/src/cache.h +3 -3
  109. data/vendor/libgit2/src/cc-compat.h +3 -20
  110. data/vendor/libgit2/src/checkout.c +90 -109
  111. data/vendor/libgit2/src/cherrypick.c +9 -15
  112. data/vendor/libgit2/src/clone.c +27 -49
  113. data/vendor/libgit2/src/clone.h +0 -4
  114. data/vendor/libgit2/src/commit.c +49 -117
  115. data/vendor/libgit2/src/commit.h +0 -7
  116. data/vendor/libgit2/src/commit_list.c +78 -30
  117. data/vendor/libgit2/src/commit_list.h +2 -2
  118. data/vendor/libgit2/src/common.h +91 -27
  119. data/vendor/libgit2/src/config.c +176 -194
  120. data/vendor/libgit2/src/config.h +20 -8
  121. data/vendor/libgit2/src/config_cache.c +35 -41
  122. data/vendor/libgit2/src/config_file.c +753 -439
  123. data/vendor/libgit2/src/config_file.h +73 -0
  124. data/vendor/libgit2/src/config_parse.c +63 -114
  125. data/vendor/libgit2/src/config_parse.h +16 -17
  126. data/vendor/libgit2/src/crlf.c +190 -219
  127. data/vendor/libgit2/src/delta.c +18 -25
  128. data/vendor/libgit2/src/describe.c +41 -42
  129. data/vendor/libgit2/src/diff.c +68 -53
  130. data/vendor/libgit2/src/diff.h +1 -2
  131. data/vendor/libgit2/src/diff_driver.c +49 -47
  132. data/vendor/libgit2/src/diff_file.c +17 -19
  133. data/vendor/libgit2/src/diff_file.h +1 -1
  134. data/vendor/libgit2/src/diff_generate.c +106 -162
  135. data/vendor/libgit2/src/diff_generate.h +3 -3
  136. data/vendor/libgit2/src/diff_parse.c +4 -4
  137. data/vendor/libgit2/src/diff_print.c +30 -42
  138. data/vendor/libgit2/src/diff_stats.c +7 -22
  139. data/vendor/libgit2/src/diff_tform.c +16 -16
  140. data/vendor/libgit2/src/diff_xdiff.c +3 -15
  141. data/vendor/libgit2/src/errors.c +39 -51
  142. data/vendor/libgit2/src/features.h.in +3 -11
  143. data/vendor/libgit2/src/fetch.c +5 -10
  144. data/vendor/libgit2/src/fetchhead.c +17 -17
  145. data/vendor/libgit2/src/filebuf.c +36 -32
  146. data/vendor/libgit2/src/filebuf.h +2 -2
  147. data/vendor/libgit2/src/{futils.c → fileops.c} +73 -80
  148. data/vendor/libgit2/src/{futils.h → fileops.h} +6 -6
  149. data/vendor/libgit2/src/filter.c +38 -46
  150. data/vendor/libgit2/src/filter.h +10 -0
  151. data/vendor/libgit2/src/fnmatch.c +248 -0
  152. data/vendor/libgit2/src/fnmatch.h +48 -0
  153. data/vendor/libgit2/src/global.c +63 -48
  154. data/vendor/libgit2/src/global.h +2 -0
  155. data/vendor/libgit2/src/hash.c +0 -61
  156. data/vendor/libgit2/src/hash.h +19 -20
  157. data/vendor/libgit2/src/hash/hash_collisiondetect.h +47 -0
  158. data/vendor/libgit2/src/hash/{sha1/common_crypto.c → hash_common_crypto.h} +17 -17
  159. data/vendor/libgit2/src/hash/{sha1/generic.c → hash_generic.c} +10 -22
  160. data/vendor/libgit2/src/hash/{sha1/generic.h → hash_generic.h} +10 -4
  161. data/vendor/libgit2/src/hash/hash_openssl.h +59 -0
  162. data/vendor/libgit2/src/hash/{sha1/win32.c → hash_win32.c} +37 -47
  163. data/vendor/libgit2/src/hash/{sha1/win32.h → hash_win32.h} +19 -6
  164. data/vendor/libgit2/src/hash/{sha1/sha1dc → sha1dc}/sha1.c +3 -14
  165. data/vendor/libgit2/src/hash/{sha1/sha1dc → sha1dc}/sha1.h +0 -0
  166. data/vendor/libgit2/src/hash/{sha1/sha1dc → sha1dc}/ubc_check.c +0 -0
  167. data/vendor/libgit2/src/hash/{sha1/sha1dc → sha1dc}/ubc_check.h +0 -0
  168. data/vendor/libgit2/src/hashsig.c +5 -5
  169. data/vendor/libgit2/src/idxmap.c +61 -107
  170. data/vendor/libgit2/src/idxmap.h +31 -153
  171. data/vendor/libgit2/src/ignore.c +47 -43
  172. data/vendor/libgit2/src/index.c +232 -337
  173. data/vendor/libgit2/src/index.h +1 -17
  174. data/vendor/libgit2/src/indexer.c +175 -346
  175. data/vendor/libgit2/src/integer.h +26 -71
  176. data/vendor/libgit2/src/iterator.c +70 -142
  177. data/vendor/libgit2/src/iterator.h +0 -15
  178. data/vendor/libgit2/src/khash.h +1 -3
  179. data/vendor/libgit2/src/map.h +1 -1
  180. data/vendor/libgit2/src/merge.c +100 -144
  181. data/vendor/libgit2/src/merge_driver.c +11 -11
  182. data/vendor/libgit2/src/merge_file.c +2 -2
  183. data/vendor/libgit2/src/mwindow.c +29 -24
  184. data/vendor/libgit2/src/mwindow.h +4 -4
  185. data/vendor/libgit2/src/netops.c +156 -55
  186. data/vendor/libgit2/src/netops.h +23 -3
  187. data/vendor/libgit2/src/notes.c +11 -16
  188. data/vendor/libgit2/src/object.c +69 -120
  189. data/vendor/libgit2/src/object.h +9 -22
  190. data/vendor/libgit2/src/object_api.c +8 -8
  191. data/vendor/libgit2/src/odb.c +93 -116
  192. data/vendor/libgit2/src/odb.h +7 -8
  193. data/vendor/libgit2/src/odb_loose.c +55 -62
  194. data/vendor/libgit2/src/odb_mempack.c +34 -21
  195. data/vendor/libgit2/src/odb_pack.c +14 -18
  196. data/vendor/libgit2/src/offmap.c +35 -53
  197. data/vendor/libgit2/src/offmap.h +21 -108
  198. data/vendor/libgit2/src/oid.c +7 -12
  199. data/vendor/libgit2/src/oidmap.c +47 -49
  200. data/vendor/libgit2/src/oidmap.h +24 -101
  201. data/vendor/libgit2/src/pack-objects.c +87 -88
  202. data/vendor/libgit2/src/pack-objects.h +8 -2
  203. data/vendor/libgit2/src/pack.c +101 -99
  204. data/vendor/libgit2/src/pack.h +19 -17
  205. data/vendor/libgit2/src/parse.c +0 -10
  206. data/vendor/libgit2/src/parse.h +3 -3
  207. data/vendor/libgit2/src/patch.c +4 -4
  208. data/vendor/libgit2/src/patch_generate.c +20 -20
  209. data/vendor/libgit2/src/patch_parse.c +63 -151
  210. data/vendor/libgit2/src/path.c +104 -117
  211. data/vendor/libgit2/src/path.h +71 -3
  212. data/vendor/libgit2/src/pathspec.c +19 -19
  213. data/vendor/libgit2/src/pool.c +22 -26
  214. data/vendor/libgit2/src/pool.h +7 -7
  215. data/vendor/libgit2/src/posix.c +10 -10
  216. data/vendor/libgit2/src/posix.h +1 -12
  217. data/vendor/libgit2/src/proxy.c +3 -8
  218. data/vendor/libgit2/src/push.c +31 -37
  219. data/vendor/libgit2/src/push.h +1 -2
  220. data/vendor/libgit2/src/rebase.c +59 -115
  221. data/vendor/libgit2/src/refdb.c +3 -15
  222. data/vendor/libgit2/src/refdb_fs.c +254 -381
  223. data/vendor/libgit2/src/reflog.c +15 -13
  224. data/vendor/libgit2/src/refs.c +88 -118
  225. data/vendor/libgit2/src/refs.h +3 -5
  226. data/vendor/libgit2/src/refspec.c +37 -56
  227. data/vendor/libgit2/src/refspec.h +1 -1
  228. data/vendor/libgit2/src/remote.c +215 -266
  229. data/vendor/libgit2/src/remote.h +2 -11
  230. data/vendor/libgit2/src/repository.c +225 -280
  231. data/vendor/libgit2/src/repository.h +40 -52
  232. data/vendor/libgit2/src/reset.c +8 -8
  233. data/vendor/libgit2/src/revert.c +9 -14
  234. data/vendor/libgit2/src/revparse.c +48 -47
  235. data/vendor/libgit2/src/revwalk.c +57 -120
  236. data/vendor/libgit2/src/revwalk.h +1 -22
  237. data/vendor/libgit2/src/settings.c +10 -47
  238. data/vendor/libgit2/src/signature.c +11 -11
  239. data/vendor/libgit2/src/sortedcache.c +36 -22
  240. data/vendor/libgit2/src/sortedcache.h +1 -1
  241. data/vendor/libgit2/src/stash.c +99 -125
  242. data/vendor/libgit2/src/status.c +22 -28
  243. data/vendor/libgit2/src/stream.h +2 -17
  244. data/vendor/libgit2/src/streams/curl.c +385 -0
  245. data/vendor/libgit2/src/{allocators/stdalloc.h → streams/curl.h} +5 -5
  246. data/vendor/libgit2/src/streams/openssl.c +114 -224
  247. data/vendor/libgit2/src/streams/openssl.h +108 -4
  248. data/vendor/libgit2/src/streams/socket.c +30 -55
  249. data/vendor/libgit2/src/streams/stransport.c +32 -57
  250. data/vendor/libgit2/src/streams/stransport.h +0 -5
  251. data/vendor/libgit2/src/streams/tls.c +19 -50
  252. data/vendor/libgit2/src/streams/tls.h +4 -12
  253. data/vendor/libgit2/src/strmap.c +74 -47
  254. data/vendor/libgit2/src/strmap.h +33 -108
  255. data/vendor/libgit2/src/submodule.c +216 -272
  256. data/vendor/libgit2/src/submodule.h +1 -1
  257. data/vendor/libgit2/src/sysdir.c +19 -29
  258. data/vendor/libgit2/src/tag.c +28 -41
  259. data/vendor/libgit2/src/tag.h +1 -2
  260. data/vendor/libgit2/src/trace.c +2 -2
  261. data/vendor/libgit2/src/trace.h +3 -3
  262. data/vendor/libgit2/src/trailer.c +38 -52
  263. data/vendor/libgit2/src/transaction.c +29 -30
  264. data/vendor/libgit2/src/transport.c +5 -5
  265. data/vendor/libgit2/src/transports/auth.c +11 -15
  266. data/vendor/libgit2/src/transports/auth.h +3 -10
  267. data/vendor/libgit2/src/transports/auth_negotiate.c +18 -33
  268. data/vendor/libgit2/src/transports/auth_negotiate.h +2 -2
  269. data/vendor/libgit2/src/transports/cred.c +24 -24
  270. data/vendor/libgit2/src/{allocators/win32_crtdbg.h → transports/cred.h} +4 -5
  271. data/vendor/libgit2/src/transports/git.c +31 -26
  272. data/vendor/libgit2/src/transports/http.c +348 -881
  273. data/vendor/libgit2/src/transports/http.h +0 -2
  274. data/vendor/libgit2/src/transports/local.c +35 -35
  275. data/vendor/libgit2/src/transports/smart.c +47 -70
  276. data/vendor/libgit2/src/transports/smart.h +4 -3
  277. data/vendor/libgit2/src/transports/smart_pkt.c +40 -43
  278. data/vendor/libgit2/src/transports/smart_protocol.c +116 -96
  279. data/vendor/libgit2/src/transports/ssh.c +66 -77
  280. data/vendor/libgit2/src/transports/winhttp.c +314 -318
  281. data/vendor/libgit2/src/tree-cache.c +12 -19
  282. data/vendor/libgit2/src/tree.c +142 -103
  283. data/vendor/libgit2/src/tree.h +12 -1
  284. data/vendor/libgit2/src/unix/map.c +3 -3
  285. data/vendor/libgit2/src/unix/posix.h +11 -1
  286. data/vendor/libgit2/src/userdiff.h +1 -3
  287. data/vendor/libgit2/src/util.c +56 -70
  288. data/vendor/libgit2/src/util.h +156 -28
  289. data/vendor/libgit2/src/vector.c +4 -4
  290. data/vendor/libgit2/src/win32/dir.c +3 -3
  291. data/vendor/libgit2/src/win32/findfile.c +3 -3
  292. data/vendor/libgit2/src/win32/map.c +11 -9
  293. data/vendor/libgit2/src/win32/msvc-compat.h +0 -6
  294. data/vendor/libgit2/src/win32/path_w32.c +9 -113
  295. data/vendor/libgit2/src/win32/path_w32.h +29 -18
  296. data/vendor/libgit2/src/win32/posix.h +4 -1
  297. data/vendor/libgit2/src/win32/posix_w32.c +45 -70
  298. data/vendor/libgit2/src/win32/precompiled.h +2 -0
  299. data/vendor/libgit2/src/win32/thread.c +10 -5
  300. data/vendor/libgit2/src/win32/w32_buffer.c +5 -9
  301. data/vendor/libgit2/src/win32/w32_crtdbg_stacktrace.c +2 -3
  302. data/vendor/libgit2/src/win32/w32_crtdbg_stacktrace.h +75 -26
  303. data/vendor/libgit2/src/win32/w32_stack.c +11 -6
  304. data/vendor/libgit2/src/win32/w32_stack.h +3 -3
  305. data/vendor/libgit2/src/win32/w32_util.c +64 -27
  306. data/vendor/libgit2/src/win32/w32_util.h +49 -5
  307. data/vendor/libgit2/src/worktree.c +60 -95
  308. data/vendor/libgit2/src/worktree.h +0 -2
  309. data/vendor/libgit2/src/xdiff/xdiffi.c +5 -7
  310. data/vendor/libgit2/src/xdiff/xhistogram.c +1 -1
  311. data/vendor/libgit2/src/xdiff/xmerge.c +15 -27
  312. data/vendor/libgit2/src/xdiff/xpatience.c +0 -3
  313. data/vendor/libgit2/src/zstream.c +4 -4
  314. metadata +33 -122
  315. data/vendor/libgit2/cmake/Modules/FindGSSFramework.cmake +0 -28
  316. data/vendor/libgit2/cmake/Modules/FindPCRE.cmake +0 -38
  317. data/vendor/libgit2/cmake/Modules/FindPCRE2.cmake +0 -37
  318. data/vendor/libgit2/cmake/Modules/FindmbedTLS.cmake +0 -93
  319. data/vendor/libgit2/cmake/Modules/PkgBuildConfig.cmake +0 -110
  320. data/vendor/libgit2/cmake/Modules/SelectGSSAPI.cmake +0 -53
  321. data/vendor/libgit2/cmake/Modules/SelectHTTPSBackend.cmake +0 -124
  322. data/vendor/libgit2/cmake/Modules/SelectHashes.cmake +0 -66
  323. data/vendor/libgit2/deps/ntlmclient/CMakeLists.txt +0 -21
  324. data/vendor/libgit2/deps/ntlmclient/compat.h +0 -33
  325. data/vendor/libgit2/deps/ntlmclient/crypt.h +0 -64
  326. data/vendor/libgit2/deps/ntlmclient/crypt_commoncrypto.c +0 -120
  327. data/vendor/libgit2/deps/ntlmclient/crypt_commoncrypto.h +0 -18
  328. data/vendor/libgit2/deps/ntlmclient/crypt_mbedtls.c +0 -145
  329. data/vendor/libgit2/deps/ntlmclient/crypt_mbedtls.h +0 -18
  330. data/vendor/libgit2/deps/ntlmclient/crypt_openssl.c +0 -130
  331. data/vendor/libgit2/deps/ntlmclient/crypt_openssl.h +0 -21
  332. data/vendor/libgit2/deps/ntlmclient/ntlm.c +0 -1420
  333. data/vendor/libgit2/deps/ntlmclient/ntlm.h +0 -174
  334. data/vendor/libgit2/deps/ntlmclient/ntlmclient.h +0 -320
  335. data/vendor/libgit2/deps/ntlmclient/unicode.h +0 -36
  336. data/vendor/libgit2/deps/ntlmclient/unicode_builtin.c +0 -445
  337. data/vendor/libgit2/deps/ntlmclient/unicode_iconv.c +0 -201
  338. data/vendor/libgit2/deps/ntlmclient/utf8.h +0 -1257
  339. data/vendor/libgit2/deps/ntlmclient/util.c +0 -21
  340. data/vendor/libgit2/deps/ntlmclient/util.h +0 -14
  341. data/vendor/libgit2/deps/pcre/CMakeLists.txt +0 -140
  342. data/vendor/libgit2/deps/pcre/COPYING +0 -5
  343. data/vendor/libgit2/deps/pcre/cmake/COPYING-CMAKE-SCRIPTS +0 -22
  344. data/vendor/libgit2/deps/pcre/cmake/FindEditline.cmake +0 -17
  345. data/vendor/libgit2/deps/pcre/cmake/FindPackageHandleStandardArgs.cmake +0 -58
  346. data/vendor/libgit2/deps/pcre/cmake/FindReadline.cmake +0 -29
  347. data/vendor/libgit2/deps/pcre/config.h.in +0 -57
  348. data/vendor/libgit2/deps/pcre/pcre.h +0 -641
  349. data/vendor/libgit2/deps/pcre/pcre_byte_order.c +0 -319
  350. data/vendor/libgit2/deps/pcre/pcre_chartables.c +0 -198
  351. data/vendor/libgit2/deps/pcre/pcre_compile.c +0 -9800
  352. data/vendor/libgit2/deps/pcre/pcre_config.c +0 -190
  353. data/vendor/libgit2/deps/pcre/pcre_dfa_exec.c +0 -3676
  354. data/vendor/libgit2/deps/pcre/pcre_exec.c +0 -7173
  355. data/vendor/libgit2/deps/pcre/pcre_fullinfo.c +0 -245
  356. data/vendor/libgit2/deps/pcre/pcre_get.c +0 -669
  357. data/vendor/libgit2/deps/pcre/pcre_globals.c +0 -86
  358. data/vendor/libgit2/deps/pcre/pcre_internal.h +0 -2787
  359. data/vendor/libgit2/deps/pcre/pcre_jit_compile.c +0 -11913
  360. data/vendor/libgit2/deps/pcre/pcre_maketables.c +0 -156
  361. data/vendor/libgit2/deps/pcre/pcre_newline.c +0 -210
  362. data/vendor/libgit2/deps/pcre/pcre_ord2utf8.c +0 -94
  363. data/vendor/libgit2/deps/pcre/pcre_printint.c +0 -834
  364. data/vendor/libgit2/deps/pcre/pcre_refcount.c +0 -92
  365. data/vendor/libgit2/deps/pcre/pcre_string_utils.c +0 -211
  366. data/vendor/libgit2/deps/pcre/pcre_study.c +0 -1686
  367. data/vendor/libgit2/deps/pcre/pcre_tables.c +0 -727
  368. data/vendor/libgit2/deps/pcre/pcre_ucd.c +0 -3644
  369. data/vendor/libgit2/deps/pcre/pcre_valid_utf8.c +0 -301
  370. data/vendor/libgit2/deps/pcre/pcre_version.c +0 -98
  371. data/vendor/libgit2/deps/pcre/pcre_xclass.c +0 -268
  372. data/vendor/libgit2/deps/pcre/pcreposix.c +0 -421
  373. data/vendor/libgit2/deps/pcre/pcreposix.h +0 -117
  374. data/vendor/libgit2/deps/pcre/ucp.h +0 -224
  375. data/vendor/libgit2/deps/winhttp/COPYING.GPL +0 -993
  376. data/vendor/libgit2/deps/winhttp/COPYING.LGPL +0 -502
  377. data/vendor/libgit2/deps/zlib/COPYING +0 -27
  378. data/vendor/libgit2/include/git2/apply.h +0 -149
  379. data/vendor/libgit2/include/git2/cert.h +0 -135
  380. data/vendor/libgit2/include/git2/cred.h +0 -308
  381. data/vendor/libgit2/include/git2/deprecated.h +0 -493
  382. data/vendor/libgit2/include/git2/mailmap.h +0 -115
  383. data/vendor/libgit2/include/git2/sys/alloc.h +0 -101
  384. data/vendor/libgit2/include/git2/sys/cred.h +0 -90
  385. data/vendor/libgit2/include/git2/sys/path.h +0 -64
  386. data/vendor/libgit2/src/alloc.c +0 -43
  387. data/vendor/libgit2/src/alloc.h +0 -40
  388. data/vendor/libgit2/src/allocators/stdalloc.c +0 -119
  389. data/vendor/libgit2/src/allocators/win32_crtdbg.c +0 -118
  390. data/vendor/libgit2/src/config_backend.h +0 -96
  391. data/vendor/libgit2/src/config_entries.c +0 -229
  392. data/vendor/libgit2/src/config_entries.h +0 -24
  393. data/vendor/libgit2/src/config_mem.c +0 -220
  394. data/vendor/libgit2/src/config_snapshot.c +0 -206
  395. data/vendor/libgit2/src/errors.h +0 -81
  396. data/vendor/libgit2/src/hash/sha1.h +0 -38
  397. data/vendor/libgit2/src/hash/sha1/collisiondetect.c +0 -48
  398. data/vendor/libgit2/src/hash/sha1/collisiondetect.h +0 -19
  399. data/vendor/libgit2/src/hash/sha1/common_crypto.h +0 -19
  400. data/vendor/libgit2/src/hash/sha1/mbedtls.c +0 -46
  401. data/vendor/libgit2/src/hash/sha1/mbedtls.h +0 -19
  402. data/vendor/libgit2/src/hash/sha1/openssl.c +0 -59
  403. data/vendor/libgit2/src/hash/sha1/openssl.h +0 -19
  404. data/vendor/libgit2/src/mailmap.c +0 -485
  405. data/vendor/libgit2/src/mailmap.h +0 -35
  406. data/vendor/libgit2/src/net.c +0 -184
  407. data/vendor/libgit2/src/net.h +0 -36
  408. data/vendor/libgit2/src/reader.c +0 -265
  409. data/vendor/libgit2/src/reader.h +0 -107
  410. data/vendor/libgit2/src/regexp.c +0 -221
  411. data/vendor/libgit2/src/regexp.h +0 -97
  412. data/vendor/libgit2/src/streams/mbedtls.c +0 -483
  413. data/vendor/libgit2/src/streams/mbedtls.h +0 -23
  414. data/vendor/libgit2/src/streams/registry.c +0 -118
  415. data/vendor/libgit2/src/streams/registry.h +0 -19
  416. data/vendor/libgit2/src/transports/auth_ntlm.c +0 -223
  417. data/vendor/libgit2/src/transports/auth_ntlm.h +0 -35
  418. data/vendor/libgit2/src/wildmatch.c +0 -320
  419. data/vendor/libgit2/src/wildmatch.h +0 -23
  420. data/vendor/libgit2/src/win32/w32_common.h +0 -39
@@ -1,21 +0,0 @@
1
- /*
2
- * Copyright (c) Edward Thomson. All rights reserved.
3
- *
4
- * This file is part of ntlmclient, distributed under the MIT license.
5
- * For full terms and copyright information, and for third-party
6
- * copyright information, see the included LICENSE.txt file.
7
- */
8
-
9
- #ifndef PRIVATE_CRYPT_OPENSSL_H__
10
- #define PRIVATE_CRYPT_OPENSSL_H__
11
-
12
- #include <openssl/hmac.h>
13
-
14
- /* OpenSSL 1.1.0 uses opaque structs, we'll reuse these. */
15
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
16
- typedef struct hmac_ctx_st ntlm_hmac_ctx;
17
- #else
18
- # define ntlm_hmac_ctx HMAC_CTX
19
- #endif
20
-
21
- #endif /* PRIVATE_CRYPT_OPENSSL_H__ */
@@ -1,1420 +0,0 @@
1
- /*
2
- * Copyright (c) Edward Thomson. All rights reserved.
3
- *
4
- * This file is part of ntlmclient, distributed under the MIT license.
5
- * For full terms and copyright information, and for third-party
6
- * copyright information, see the included LICENSE.txt file.
7
- */
8
-
9
- #include <stdlib.h>
10
- #include <stdint.h>
11
- #include <string.h>
12
- #include <assert.h>
13
- #include <errno.h>
14
- #include <ctype.h>
15
- #include <unistd.h>
16
- #include <fcntl.h>
17
- #include <time.h>
18
- #include <arpa/inet.h>
19
-
20
- #include "ntlm.h"
21
- #include "unicode.h"
22
- #include "utf8.h"
23
- #include "crypt.h"
24
- #include "compat.h"
25
- #include "util.h"
26
-
27
- unsigned char ntlm_client_signature[] = NTLM_SIGNATURE;
28
-
29
- static bool supports_unicode(ntlm_client *ntlm)
30
- {
31
- return (ntlm->flags & NTLM_CLIENT_DISABLE_UNICODE) ?
32
- false : true;
33
- }
34
-
35
- static inline bool increment_size(size_t *out, size_t incr)
36
- {
37
- if (SIZE_MAX - *out < incr) {
38
- *out = (size_t)-1;
39
- return false;
40
- }
41
-
42
- *out = *out + incr;
43
- return true;
44
- }
45
-
46
- ntlm_client *ntlm_client_init(ntlm_client_flags flags)
47
- {
48
- ntlm_client *ntlm = NULL;
49
-
50
- if ((ntlm = malloc(sizeof(ntlm_client))) == NULL)
51
- return NULL;
52
-
53
- memset(ntlm, 0, sizeof(ntlm_client));
54
-
55
- ntlm->flags = flags;
56
-
57
- if ((ntlm->hmac_ctx = ntlm_hmac_ctx_init()) == NULL ||
58
- (ntlm->unicode_ctx = ntlm_unicode_ctx_init(ntlm)) == NULL) {
59
- ntlm_hmac_ctx_free(ntlm->hmac_ctx);
60
- ntlm_unicode_ctx_free(ntlm->unicode_ctx);
61
- free(ntlm);
62
- return NULL;
63
- }
64
-
65
- return ntlm;
66
- }
67
-
68
- void ntlm_client_set_errmsg(ntlm_client *ntlm, const char *errmsg)
69
- {
70
- ntlm->state = NTLM_STATE_ERROR;
71
- ntlm->errmsg = errmsg;
72
- }
73
-
74
- const char *ntlm_client_errmsg(ntlm_client *ntlm)
75
- {
76
- assert(ntlm);
77
- return ntlm->errmsg ? ntlm->errmsg : "no error";
78
- }
79
-
80
- int ntlm_client_set_version(
81
- ntlm_client *ntlm,
82
- uint8_t major,
83
- uint8_t minor,
84
- uint16_t build)
85
- {
86
- assert(ntlm);
87
-
88
- ntlm->host_version.major = major;
89
- ntlm->host_version.minor = minor;
90
- ntlm->host_version.build = build;
91
- ntlm->host_version.reserved = 0x0f000000;
92
-
93
- ntlm->flags |= NTLM_ENABLE_HOSTVERSION;
94
-
95
- return 0;
96
- }
97
-
98
- int ntlm_client_set_hostname(
99
- ntlm_client *ntlm,
100
- const char *hostname,
101
- const char *domain)
102
- {
103
- assert(ntlm);
104
-
105
- free(ntlm->hostname);
106
- free(ntlm->hostdomain);
107
- free(ntlm->hostname_utf16);
108
-
109
- ntlm->hostname = NULL;
110
- ntlm->hostdomain = NULL;
111
- ntlm->hostname_utf16 = NULL;
112
-
113
- if (hostname && (ntlm->hostname = strdup(hostname)) == NULL) {
114
- ntlm_client_set_errmsg(ntlm, "out of memory");
115
- return -1;
116
- }
117
-
118
- if (domain && (ntlm->hostdomain = strdup(domain)) == NULL) {
119
- ntlm_client_set_errmsg(ntlm, "out of memory");
120
- return -1;
121
- }
122
-
123
- if (hostname && supports_unicode(ntlm) && !ntlm_unicode_utf8_to_16(
124
- &ntlm->hostname_utf16,
125
- &ntlm->hostname_utf16_len,
126
- ntlm->unicode_ctx,
127
- hostname,
128
- strlen(hostname)))
129
- return -1;
130
-
131
- return 0;
132
- }
133
-
134
- static void free_credentials(ntlm_client *ntlm)
135
- {
136
- if (ntlm->password)
137
- memzero(ntlm->password, strlen(ntlm->password));
138
-
139
- if (ntlm->password_utf16)
140
- memzero(ntlm->password_utf16, ntlm->password_utf16_len);
141
-
142
- free(ntlm->username);
143
- free(ntlm->username_upper);
144
- free(ntlm->userdomain);
145
- free(ntlm->password);
146
-
147
- free(ntlm->username_utf16);
148
- free(ntlm->username_upper_utf16);
149
- free(ntlm->userdomain_utf16);
150
- free(ntlm->password_utf16);
151
-
152
- ntlm->username = NULL;
153
- ntlm->username_upper = NULL;
154
- ntlm->userdomain = NULL;
155
- ntlm->password = NULL;
156
-
157
- ntlm->username_utf16 = NULL;
158
- ntlm->username_upper_utf16 = NULL;
159
- ntlm->userdomain_utf16 = NULL;
160
- ntlm->password_utf16 = NULL;
161
- }
162
-
163
- int ntlm_client_set_credentials(
164
- ntlm_client *ntlm,
165
- const char *username,
166
- const char *domain,
167
- const char *password)
168
- {
169
- assert(ntlm);
170
-
171
- free_credentials(ntlm);
172
-
173
- if ((username && (ntlm->username = strdup(username)) == NULL) ||
174
- (domain && (ntlm->userdomain = strdup(domain)) == NULL) ||
175
- (password && (ntlm->password = strdup(password)) == NULL)) {
176
- ntlm_client_set_errmsg(ntlm, "out of memory");
177
- return -1;
178
- }
179
-
180
- if (username && supports_unicode(ntlm)) {
181
- if ((ntlm->username_upper = strdup(username)) == NULL) {
182
- ntlm_client_set_errmsg(ntlm, "out of memory");
183
- return -1;
184
- }
185
- utf8upr(ntlm->username_upper);
186
-
187
- if (!ntlm_unicode_utf8_to_16(
188
- &ntlm->username_utf16,
189
- &ntlm->username_utf16_len,
190
- ntlm->unicode_ctx,
191
- ntlm->username,
192
- strlen(ntlm->username)))
193
- return -1;
194
-
195
- if (!ntlm_unicode_utf8_to_16(
196
- &ntlm->username_upper_utf16,
197
- &ntlm->username_upper_utf16_len,
198
- ntlm->unicode_ctx,
199
- ntlm->username_upper,
200
- strlen(ntlm->username_upper)))
201
- return -1;
202
- }
203
-
204
- if (domain && supports_unicode(ntlm) && !ntlm_unicode_utf8_to_16(
205
- &ntlm->userdomain_utf16,
206
- &ntlm->userdomain_utf16_len,
207
- ntlm->unicode_ctx,
208
- ntlm->userdomain,
209
- strlen(ntlm->userdomain)))
210
- return -1;
211
-
212
- return 0;
213
- }
214
-
215
- int ntlm_client_set_target(ntlm_client *ntlm, const char *target)
216
- {
217
- assert(ntlm);
218
-
219
- free(ntlm->target);
220
- free(ntlm->target_utf16);
221
-
222
- ntlm->target = NULL;
223
- ntlm->target_utf16 = NULL;
224
-
225
- if (target) {
226
- if ((ntlm->target = strdup(target)) == NULL) {
227
- ntlm_client_set_errmsg(ntlm, "out of memory");
228
- return -1;
229
- }
230
-
231
- if (supports_unicode(ntlm) && !ntlm_unicode_utf8_to_16(
232
- &ntlm->target_utf16,
233
- &ntlm->target_utf16_len,
234
- ntlm->unicode_ctx,
235
- ntlm->target,
236
- strlen(ntlm->target)))
237
- return -1;
238
- }
239
-
240
- return 0;
241
- }
242
-
243
- int ntlm_client_set_nonce(ntlm_client *ntlm, uint64_t nonce)
244
- {
245
- assert(ntlm);
246
- ntlm->nonce = nonce;
247
- return 0;
248
- }
249
-
250
- int ntlm_client_set_timestamp(ntlm_client *ntlm, uint64_t timestamp)
251
- {
252
- assert(ntlm);
253
- ntlm->timestamp = timestamp;
254
- return 0;
255
- }
256
-
257
- static inline bool write_buf(
258
- ntlm_client *ntlm,
259
- ntlm_buf *out,
260
- const unsigned char *buf,
261
- size_t len)
262
- {
263
- if (out->len - out->pos < len) {
264
- ntlm_client_set_errmsg(ntlm, "out of buffer space");
265
- return false;
266
- }
267
-
268
- memcpy(&out->buf[out->pos], buf, len);
269
- out->pos += len;
270
- return true;
271
- }
272
-
273
- static inline bool write_byte(
274
- ntlm_client *ntlm,
275
- ntlm_buf *out,
276
- uint8_t value)
277
- {
278
- if (out->len - out->pos < 1) {
279
- ntlm_client_set_errmsg(ntlm, "out of buffer space");
280
- return false;
281
- }
282
-
283
- out->buf[out->pos++] = value;
284
- return true;
285
- }
286
-
287
- static inline bool write_int16(
288
- ntlm_client *ntlm,
289
- ntlm_buf *out,
290
- uint16_t value)
291
- {
292
- if (out->len - out->pos < 2) {
293
- ntlm_client_set_errmsg(ntlm, "out of buffer space");
294
- return false;
295
- }
296
-
297
- out->buf[out->pos++] = (value & 0x000000ff);
298
- out->buf[out->pos++] = (value & 0x0000ff00) >> 8;
299
- return true;
300
- }
301
-
302
- static inline bool write_int32(
303
- ntlm_client *ntlm,
304
- ntlm_buf *out,
305
- uint32_t value)
306
- {
307
- if (out->len - out->pos < 2) {
308
- ntlm_client_set_errmsg(ntlm, "out of buffer space");
309
- return false;
310
- }
311
-
312
- out->buf[out->pos++] = (value & 0x000000ff);
313
- out->buf[out->pos++] = (value & 0x0000ff00) >> 8;
314
- out->buf[out->pos++] = (value & 0x00ff0000) >> 16;
315
- out->buf[out->pos++] = (value & 0xff000000) >> 24;
316
- return true;
317
- }
318
-
319
- static inline bool write_version(
320
- ntlm_client *ntlm,
321
- ntlm_buf *out,
322
- ntlm_version *version)
323
- {
324
- return write_byte(ntlm, out, version->major) &&
325
- write_byte(ntlm, out, version->minor) &&
326
- write_int16(ntlm, out, version->build) &&
327
- write_int32(ntlm, out, version->reserved);
328
- }
329
-
330
- static inline bool write_bufinfo(
331
- ntlm_client *ntlm,
332
- ntlm_buf *out,
333
- size_t len,
334
- size_t offset)
335
- {
336
- if (len > UINT16_MAX) {
337
- ntlm_client_set_errmsg(ntlm, "invalid string, too long");
338
- return false;
339
- }
340
-
341
- if (offset > UINT32_MAX) {
342
- ntlm_client_set_errmsg(ntlm, "invalid string, invalid offset");
343
- return false;
344
- }
345
-
346
- return write_int16(ntlm, out, (uint16_t)len) &&
347
- write_int16(ntlm, out, (uint16_t)len) &&
348
- write_int32(ntlm, out, (uint32_t)offset);
349
- }
350
-
351
- static inline bool read_buf(
352
- unsigned char *out,
353
- ntlm_client *ntlm,
354
- ntlm_buf *message,
355
- size_t len)
356
- {
357
- if (message->len - message->pos < len) {
358
- ntlm_client_set_errmsg(ntlm, "truncated message");
359
- return false;
360
- }
361
-
362
- memcpy(out, &message->buf[message->pos], len);
363
- message->pos += len;
364
-
365
- return true;
366
- }
367
-
368
- static inline bool read_byte(
369
- uint8_t *out,
370
- ntlm_client *ntlm,
371
- ntlm_buf *message)
372
- {
373
- if (message->len - message->pos < 1) {
374
- ntlm_client_set_errmsg(ntlm, "truncated message");
375
- return false;
376
- }
377
-
378
- *out = message->buf[message->pos++];
379
- return true;
380
- }
381
-
382
- static inline bool read_int16(
383
- uint16_t *out,
384
- ntlm_client *ntlm,
385
- ntlm_buf *message)
386
- {
387
- if (message->len - message->pos < 2) {
388
- ntlm_client_set_errmsg(ntlm, "truncated message");
389
- return false;
390
- }
391
-
392
- *out =
393
- ((message->buf[message->pos] & 0xff)) |
394
- ((message->buf[message->pos+1] & 0xff) << 8);
395
-
396
- message->pos += 2;
397
- return true;
398
- }
399
-
400
- static inline bool read_int32(
401
- uint32_t *out,
402
- ntlm_client *ntlm,
403
- ntlm_buf *message)
404
- {
405
- if (message->len - message->pos < 4) {
406
- ntlm_client_set_errmsg(ntlm, "truncated message");
407
- return false;
408
- }
409
-
410
- *out =
411
- ((message->buf[message->pos] & 0xff)) |
412
- ((message->buf[message->pos+1] & 0xff) << 8) |
413
- ((message->buf[message->pos+2] & 0xff) << 16) |
414
- ((message->buf[message->pos+3] & 0xff) << 24);
415
-
416
- message->pos += 4;
417
- return true;
418
- }
419
-
420
- static inline bool read_int64(
421
- uint64_t *out,
422
- ntlm_client *ntlm,
423
- ntlm_buf *message)
424
- {
425
- if (message->len - message->pos < 8) {
426
- ntlm_client_set_errmsg(ntlm, "truncated message");
427
- return false;
428
- }
429
-
430
- *out =
431
- ((uint64_t)(message->buf[message->pos] & 0xff)) |
432
- ((uint64_t)(message->buf[message->pos+1] & 0xff) << 8) |
433
- ((uint64_t)(message->buf[message->pos+2] & 0xff) << 16) |
434
- ((uint64_t)(message->buf[message->pos+3] & 0xff) << 24) |
435
- ((uint64_t)(message->buf[message->pos+4] & 0xff) << 32) |
436
- ((uint64_t)(message->buf[message->pos+5] & 0xff) << 40) |
437
- ((uint64_t)(message->buf[message->pos+6] & 0xff) << 48) |
438
- ((uint64_t)(message->buf[message->pos+7] & 0xff) << 56);
439
-
440
- message->pos += 8;
441
- return true;
442
- }
443
-
444
- static inline bool read_version(
445
- ntlm_version *out,
446
- ntlm_client *ntlm,
447
- ntlm_buf *message)
448
- {
449
- return read_byte(&out->major, ntlm, message) &&
450
- read_byte(&out->minor, ntlm, message) &&
451
- read_int16(&out->build, ntlm, message) &&
452
- read_int32(&out->reserved, ntlm, message);
453
- }
454
-
455
- static inline bool read_bufinfo(
456
- uint16_t *out_len,
457
- uint32_t *out_offset,
458
- ntlm_client *ntlm,
459
- ntlm_buf *message)
460
- {
461
- uint16_t allocated;
462
-
463
- return read_int16(out_len, ntlm, message) &&
464
- read_int16(&allocated, ntlm, message) &&
465
- read_int32(out_offset, ntlm, message);
466
- }
467
-
468
- static inline bool read_string_unicode(
469
- char **out,
470
- ntlm_client *ntlm,
471
- ntlm_buf *message,
472
- uint8_t string_len)
473
- {
474
- size_t out_len;
475
- int ret = ntlm_unicode_utf16_to_8(out,
476
- &out_len,
477
- ntlm->unicode_ctx,
478
- (char *)&message->buf[message->pos],
479
- string_len);
480
-
481
- message->pos += string_len;
482
-
483
- return ret;
484
- }
485
-
486
- static inline bool read_string_ascii(
487
- char **out,
488
- ntlm_client *ntlm,
489
- ntlm_buf *message,
490
- uint8_t string_len)
491
- {
492
- char *str;
493
-
494
- if ((str = malloc(string_len + 1)) == NULL) {
495
- ntlm_client_set_errmsg(ntlm, "out of memory");
496
- return false;
497
- }
498
-
499
- memcpy(str, &message->buf[message->pos], string_len);
500
- str[string_len] = '\0';
501
-
502
- message->pos += string_len;
503
-
504
- *out = str;
505
- return true;
506
- }
507
-
508
- static inline bool read_string(
509
- char **out,
510
- ntlm_client *ntlm,
511
- ntlm_buf *message,
512
- uint8_t string_len,
513
- bool unicode)
514
- {
515
- if (unicode)
516
- return read_string_unicode(out, ntlm, message, string_len);
517
- else
518
- return read_string_ascii(out, ntlm, message, string_len);
519
- }
520
-
521
- static inline bool read_target_info(
522
- char **server_out,
523
- char **domain_out,
524
- char **server_dns_out,
525
- char **domain_dns_out,
526
- ntlm_client *ntlm,
527
- ntlm_buf *message,
528
- bool unicode)
529
- {
530
- uint16_t block_type, block_len;
531
- bool done = false;
532
-
533
- *server_out = NULL;
534
- *domain_out = NULL;
535
- *server_dns_out = NULL;
536
- *domain_dns_out = NULL;
537
-
538
- while (!done && (message->len - message->pos) >= 4) {
539
- if (!read_int16(&block_type, ntlm, message) ||
540
- !read_int16(&block_len, ntlm, message)) {
541
- ntlm_client_set_errmsg(ntlm, "truncated target info block");
542
- return false;
543
- }
544
-
545
- if (!block_type && block_len) {
546
- ntlm_client_set_errmsg(ntlm, "invalid target info block");
547
- return -1;
548
- }
549
-
550
- switch (block_type) {
551
- case NTLM_TARGET_INFO_DOMAIN:
552
- if (!read_string(domain_out, ntlm, message, block_len, unicode))
553
- return -1;
554
- break;
555
- case NTLM_TARGET_INFO_SERVER:
556
- if (!read_string(server_out, ntlm, message, block_len, unicode))
557
- return -1;
558
- break;
559
- case NTLM_TARGET_INFO_DOMAIN_DNS:
560
- if (!read_string(domain_dns_out, ntlm, message, block_len, unicode))
561
- return -1;
562
- break;
563
- case NTLM_TARGET_INFO_SERVER_DNS:
564
- if (!read_string(server_dns_out, ntlm, message, block_len, unicode))
565
- return -1;
566
- break;
567
- case NTLM_TARGET_INFO_END:
568
- done = true;
569
- break;
570
- default:
571
- ntlm_client_set_errmsg(ntlm, "unknown target info block type");
572
- return -1;
573
- }
574
- }
575
-
576
- if (message->len != message->pos) {
577
- ntlm_client_set_errmsg(ntlm,
578
- "invalid extra data in target info section");
579
- return false;
580
- }
581
-
582
- return true;
583
- }
584
-
585
- int ntlm_client_negotiate(
586
- const unsigned char **out,
587
- size_t *out_len,
588
- ntlm_client *ntlm)
589
- {
590
- size_t hostname_len, hostname_offset, domain_len, domain_offset;
591
- uint32_t flags = 0;
592
-
593
- assert(out && out_len && ntlm);
594
-
595
- *out = NULL;
596
- *out_len = 0;
597
-
598
- if (ntlm->state != NTLM_STATE_NEGOTIATE) {
599
- ntlm_client_set_errmsg(ntlm, "ntlm handle in invalid state");
600
- return -1;
601
- }
602
-
603
- flags |= NTLM_NEGOTIATE_OEM;
604
-
605
- if (supports_unicode(ntlm))
606
- flags |= NTLM_NEGOTIATE_UNICODE;
607
-
608
- if (!(ntlm->flags & NTLM_CLIENT_DISABLE_NTLM2) ||
609
- (ntlm->flags & NTLM_CLIENT_ENABLE_NTLM))
610
- flags |= NTLM_NEGOTIATE_NTLM;
611
-
612
- if (!(ntlm->flags & NTLM_CLIENT_DISABLE_REQUEST_TARGET))
613
- flags |= NTLM_NEGOTIATE_REQUEST_TARGET;
614
-
615
- hostname_len = ntlm->hostname ? strlen(ntlm->hostname) : 0;
616
- domain_len = ntlm->hostdomain ? strlen(ntlm->hostdomain) : 0;
617
-
618
- /* Minimum header size */
619
- ntlm->negotiate.len = 16;
620
-
621
- /* Include space for security buffer descriptors */
622
- if (domain_len)
623
- increment_size(&ntlm->negotiate.len, 8);
624
-
625
- if (hostname_len)
626
- increment_size(&ntlm->negotiate.len, 8);
627
-
628
- if (ntlm->flags & NTLM_ENABLE_HOSTVERSION)
629
- increment_size(&ntlm->negotiate.len, 8);
630
-
631
- /* Location of security buffers */
632
- if (hostname_len) {
633
- flags |= NTLM_NEGOTIATE_WORKSTATION_SUPPLIED;
634
- hostname_offset = ntlm->negotiate.len;
635
- increment_size(&ntlm->negotiate.len, hostname_len);
636
- }
637
-
638
- if (domain_len) {
639
- flags |= NTLM_NEGOTIATE_DOMAIN_SUPPLIED;
640
- domain_offset = ntlm->negotiate.len;
641
- increment_size(&ntlm->negotiate.len, domain_len);
642
- }
643
-
644
- if (ntlm->negotiate.len == (size_t)-1) {
645
- ntlm_client_set_errmsg(ntlm, "message too large");
646
- return -1;
647
- }
648
-
649
- if ((ntlm->negotiate.buf = malloc(ntlm->negotiate.len)) == NULL) {
650
- ntlm_client_set_errmsg(ntlm, "out of memory");
651
- return -1;
652
- }
653
-
654
- memset(ntlm->negotiate.buf, 0, ntlm->negotiate.len);
655
-
656
- if (!write_buf(ntlm, &ntlm->negotiate,
657
- ntlm_client_signature, sizeof(ntlm_client_signature)) ||
658
- !write_int32(ntlm, &ntlm->negotiate, 1) ||
659
- !write_int32(ntlm, &ntlm->negotiate, flags))
660
- return -1;
661
-
662
- /* Domain information */
663
- if (domain_len > 0 &&
664
- !write_bufinfo(ntlm, &ntlm->negotiate, domain_len, domain_offset))
665
- return -1;
666
-
667
- /* Workstation information */
668
- if (hostname_len > 0 &&
669
- !write_bufinfo(ntlm, &ntlm->negotiate, hostname_len, hostname_offset))
670
- return -1;
671
-
672
- /* Version number */
673
- if (!!(ntlm->flags & NTLM_ENABLE_HOSTVERSION) &&
674
- !write_version(ntlm, &ntlm->negotiate, &ntlm->host_version))
675
- return -1;
676
-
677
- if (hostname_len > 0) {
678
- assert(hostname_offset == ntlm->negotiate.pos);
679
- if (!write_buf(ntlm, &ntlm->negotiate,
680
- (const unsigned char *)ntlm->hostname, hostname_len))
681
- return -1;
682
- }
683
-
684
- if (domain_len > 0) {
685
- assert(domain_offset == ntlm->negotiate.pos);
686
- if (!write_buf(ntlm, &ntlm->negotiate,
687
- (const unsigned char *)ntlm->hostdomain, domain_len))
688
- return -1;
689
- }
690
-
691
- assert(ntlm->negotiate.pos == ntlm->negotiate.len);
692
-
693
- ntlm->state = NTLM_STATE_CHALLENGE;
694
-
695
- *out = ntlm->negotiate.buf;
696
- *out_len = ntlm->negotiate.len;
697
-
698
- return 0;
699
- }
700
-
701
- int ntlm_client_set_challenge(
702
- ntlm_client *ntlm,
703
- const unsigned char *challenge_msg,
704
- size_t challenge_msg_len)
705
- {
706
- unsigned char signature[8];
707
- ntlm_buf challenge;
708
- uint32_t type_indicator, header_end;
709
- uint16_t name_len, info_len = 0;
710
- uint32_t name_offset, info_offset = 0;
711
- bool unicode, has_target_info = false;
712
-
713
- assert(ntlm && (challenge_msg || !challenge_msg_len));
714
-
715
- if (ntlm->state != NTLM_STATE_NEGOTIATE &&
716
- ntlm->state != NTLM_STATE_CHALLENGE) {
717
- ntlm_client_set_errmsg(ntlm, "ntlm handle in invalid state");
718
- return -1;
719
- }
720
-
721
- challenge.buf = (unsigned char *)challenge_msg;
722
- challenge.len = challenge_msg_len;
723
- challenge.pos = 0;
724
-
725
- if (!read_buf(signature, ntlm, &challenge, 8) ||
726
- !read_int32(&type_indicator, ntlm, &challenge) ||
727
- !read_bufinfo(&name_len, &name_offset, ntlm, &challenge) ||
728
- !read_int32(&ntlm->challenge.flags, ntlm, &challenge) ||
729
- !read_int64(&ntlm->challenge.nonce, ntlm, &challenge))
730
- return -1;
731
-
732
- if (memcmp(signature,
733
- ntlm_client_signature, sizeof(ntlm_client_signature)) != 0) {
734
- ntlm_client_set_errmsg(ntlm, "invalid message signature");
735
- return -1;
736
- }
737
-
738
- if (type_indicator != 2) {
739
- ntlm_client_set_errmsg(ntlm, "invalid message indicator");
740
- return -1;
741
- }
742
-
743
- /*
744
- * If there's additional space before the data section, that's the
745
- * target information description section.
746
- */
747
- header_end = challenge.len;
748
-
749
- if (name_offset && name_offset < header_end)
750
- header_end = name_offset;
751
-
752
- if ((header_end - challenge.pos) >= 16) {
753
- has_target_info = true;
754
- }
755
-
756
- if (!has_target_info &&
757
- (ntlm->challenge.flags & NTLM_NEGOTIATE_TARGET_INFO)) {
758
- ntlm_client_set_errmsg(ntlm,
759
- "truncated message; expected target info");
760
- return -1;
761
- }
762
-
763
- /*
764
- * If there's a target info section then advanced over the reserved
765
- * space and read the target information.
766
- */
767
- if (has_target_info) {
768
- uint64_t reserved;
769
-
770
- if (!read_int64(&reserved, ntlm, &challenge)) {
771
- ntlm_client_set_errmsg(ntlm,
772
- "truncated message; expected reserved space");
773
- return -1;
774
- }
775
-
776
- if (reserved != 0) {
777
- ntlm_client_set_errmsg(ntlm,
778
- "invalid message; expected reserved space to be empty");
779
- return -1;
780
- }
781
-
782
- if (!read_bufinfo(&info_len, &info_offset, ntlm, &challenge)) {
783
- ntlm_client_set_errmsg(ntlm,
784
- "truncated message; expected target info");
785
- return -1;
786
- }
787
- }
788
-
789
- unicode = !!(ntlm->challenge.flags & NTLM_NEGOTIATE_UNICODE);
790
-
791
- /*
792
- * If there's still additional space before the data section,
793
- * that's the server's version information.
794
- */
795
- if (info_offset && info_offset < header_end)
796
- header_end = info_offset;
797
-
798
- if (ntlm->challenge.flags & NTLM_NEGOTIATE_VERSION) {
799
- if ((header_end - challenge.pos) != sizeof(ntlm_version) ||
800
- !read_version(&ntlm->challenge.target_version,
801
- ntlm, &challenge)) {
802
- ntlm_client_set_errmsg(ntlm,
803
- "truncated message; expected version");
804
- return -1;
805
- }
806
- }
807
-
808
- /* validate data section */
809
- if ((name_offset && name_offset < challenge.pos) ||
810
- challenge.len < name_len ||
811
- (challenge.len - name_len) < name_offset) {
812
- ntlm_client_set_errmsg(ntlm,
813
- "invalid message; invalid target name buffer");
814
- return -1;
815
- }
816
- if ((info_offset && info_offset < challenge.pos) ||
817
- challenge.len < info_len ||
818
- (challenge.len - info_len) < info_offset) {
819
- ntlm_client_set_errmsg(ntlm,
820
- "invalid message; invalid target info buffer");
821
- return -1;
822
- }
823
-
824
- /* advance to the data section */
825
- if (name_len && name_offset) {
826
- challenge.pos = name_offset;
827
-
828
- if (!read_string(&ntlm->challenge.target,
829
- ntlm, &challenge, name_len, unicode)) {
830
- ntlm_client_set_errmsg(ntlm,
831
- "truncated message; truncated target name");
832
- return -1;
833
- }
834
- }
835
-
836
- if (info_len && info_offset) {
837
- ntlm_buf info_buf;
838
-
839
- challenge.pos = info_offset;
840
-
841
- /* create a copy of the target info; we need the literal data */
842
- if ((ntlm->challenge.target_info = malloc(info_len)) == NULL) {
843
- ntlm_client_set_errmsg(ntlm, "out of memory");
844
- return -1;
845
- }
846
-
847
- if (!read_buf(ntlm->challenge.target_info,
848
- ntlm, &challenge, info_len)) {
849
- ntlm_client_set_errmsg(ntlm,
850
- "truncated message; truncated target info");
851
- return -1;
852
- }
853
-
854
- info_buf.buf = ntlm->challenge.target_info;
855
- info_buf.pos = 0;
856
- info_buf.len = info_len;
857
-
858
- /* then set up the target info and parse it */
859
- if (!read_target_info(&ntlm->challenge.target_server,
860
- &ntlm->challenge.target_domain,
861
- &ntlm->challenge.target_server_dns,
862
- &ntlm->challenge.target_domain_dns,
863
- ntlm, &info_buf, unicode))
864
- return -1;
865
-
866
- ntlm->challenge.target_info_len = info_len;
867
- }
868
-
869
- ntlm->state = NTLM_STATE_RESPONSE;
870
-
871
- return 0;
872
- }
873
-
874
- uint64_t ntlm_client_challenge_nonce(ntlm_client *ntlm)
875
- {
876
- return ntlm->challenge.nonce;
877
- }
878
-
879
- const char *ntlm_client_target(ntlm_client *ntlm)
880
- {
881
- return ntlm->challenge.target;
882
- }
883
-
884
- const char *ntlm_client_target_server(ntlm_client *ntlm)
885
- {
886
- return ntlm->challenge.target_server;
887
- }
888
-
889
- const char *ntlm_client_target_domain(ntlm_client *ntlm)
890
- {
891
- return ntlm->challenge.target_domain;
892
- }
893
-
894
- const char *ntlm_client_target_server_dns(ntlm_client *ntlm)
895
- {
896
- return ntlm->challenge.target_server_dns;
897
- }
898
-
899
- const char *ntlm_client_target_domain_dns(ntlm_client *ntlm)
900
- {
901
- return ntlm->challenge.target_domain_dns;
902
- }
903
-
904
- #define EVEN_PARITY(a) \
905
- (!!((a) & 0x01ll) ^ !!((a) & 0x02ll) ^ \
906
- !!((a) & 0x04ll) ^ !!((a) & 0x08ll) ^ \
907
- !!((a) & 0x10ll) ^ !!((a) & 0x20ll) ^ \
908
- !!((a) & 0x40ll) ^ !!((a) & 0x80ll))
909
-
910
- static void generate_odd_parity(ntlm_des_block *block)
911
- {
912
- size_t i;
913
-
914
- for (i = 0; i < sizeof(ntlm_des_block); i++)
915
- (*block)[i] |= (1 ^ EVEN_PARITY((*block)[i]));
916
- }
917
-
918
- static void des_key_from_password(
919
- ntlm_des_block *out,
920
- const unsigned char *plaintext,
921
- size_t plaintext_len)
922
- {
923
- size_t i;
924
-
925
- plaintext_len = MIN(plaintext_len, 7);
926
-
927
- memset(*out, 0, sizeof(ntlm_des_block));
928
-
929
- for (i = 0; i < plaintext_len; i++) {
930
- size_t j = (7 - i);
931
- uint8_t mask = (0xff >> j);
932
-
933
- (*out)[i] |= ((plaintext[i] & (0xff - mask)) >> i);
934
- (*out)[i+1] |= ((plaintext[i] & mask) << j);
935
- }
936
-
937
- generate_odd_parity(out);
938
- }
939
-
940
- static inline bool generate_lm_hash(
941
- ntlm_des_block out[2],
942
- const char *password)
943
- {
944
- /* LM encrypts this known plaintext using the password as a key */
945
- ntlm_des_block plaintext = NTLM_LM_PLAINTEXT;
946
- ntlm_des_block keystr1, keystr2;
947
- size_t keystr1_len, keystr2_len;
948
- ntlm_des_block key1, key2;
949
- size_t password_len, i;
950
-
951
- /* Copy the first 14 characters of the password, uppercased */
952
- memset(&keystr1, 0, sizeof(keystr1));
953
- memset(&keystr2, 0, sizeof(keystr2));
954
-
955
- password_len = password ? strlen(password) : 0;
956
-
957
- /* Split the password into two 7 byte chunks */
958
- keystr1_len = MIN(7, password_len);
959
- keystr2_len = (password_len > 7) ? MIN(14, password_len) - 7 : 0;
960
-
961
- for (i = 0; i < keystr1_len; i++)
962
- keystr1[i] = (unsigned char)toupper(password[i]);
963
- for (i = 0; i < keystr2_len; i++)
964
- keystr2[i] = (unsigned char)toupper(password[i+7]);
965
-
966
- /* DES encrypt the LM constant using the password as the key */
967
- des_key_from_password(&key1, keystr1, keystr1_len);
968
- des_key_from_password(&key2, keystr2, keystr2_len);
969
-
970
- return ntlm_des_encrypt(&out[0], &plaintext, &key1) &&
971
- ntlm_des_encrypt(&out[1], &plaintext, &key2);
972
- }
973
-
974
- static void des_keys_from_lm_hash(ntlm_des_block out[3], ntlm_des_block lm_hash[2])
975
- {
976
- ntlm_des_block split[3];
977
-
978
- memcpy(&split[0][0], &lm_hash[0][0], 7);
979
-
980
- memcpy(&split[1][0], &lm_hash[0][7], 1);
981
- memcpy(&split[1][1], &lm_hash[1][0], 6);
982
-
983
- memcpy(&split[2][0], &lm_hash[1][6], 2);
984
-
985
- des_key_from_password(&out[0], split[0], 7);
986
- des_key_from_password(&out[1], split[1], 7);
987
- des_key_from_password(&out[2], split[2], 2);
988
- }
989
-
990
- static bool generate_lm_response(ntlm_client *ntlm)
991
- {
992
- ntlm_des_block lm_hash[2], key[3], lm_response[3];
993
- ntlm_des_block *challenge = (ntlm_des_block *)&ntlm->challenge.nonce;
994
-
995
- /* Generate the LM hash from the password */
996
- if (!generate_lm_hash(lm_hash, ntlm->password))
997
- return false;
998
-
999
- /* Convert that LM hash to three DES keys */
1000
- des_keys_from_lm_hash(key, lm_hash);
1001
-
1002
- /* Finally, encrypt the challenge with each of these keys */
1003
- if (!ntlm_des_encrypt(&lm_response[0], challenge, &key[0]) ||
1004
- !ntlm_des_encrypt(&lm_response[1], challenge, &key[1]) ||
1005
- !ntlm_des_encrypt(&lm_response[2], challenge, &key[2]))
1006
- return false;
1007
-
1008
- memcpy(&ntlm->lm_response[0], lm_response[0], 8);
1009
- memcpy(&ntlm->lm_response[8], lm_response[1], 8);
1010
- memcpy(&ntlm->lm_response[16], lm_response[2], 8);
1011
-
1012
- ntlm->lm_response_len = sizeof(ntlm->lm_response);
1013
-
1014
- return true;
1015
- }
1016
-
1017
- static bool generate_ntlm_hash(
1018
- unsigned char out[NTLM_NTLM_HASH_LEN], ntlm_client *ntlm)
1019
- {
1020
- /* Generate the LM hash from the (Unicode) password */
1021
- if (ntlm->password && !ntlm_unicode_utf8_to_16(
1022
- &ntlm->password_utf16,
1023
- &ntlm->password_utf16_len,
1024
- ntlm->unicode_ctx,
1025
- ntlm->password,
1026
- strlen(ntlm->password)))
1027
- return false;
1028
-
1029
- return ntlm_md4_digest(out,
1030
- (const unsigned char *)ntlm->password_utf16,
1031
- ntlm->password_utf16_len);
1032
- }
1033
-
1034
- static bool generate_ntlm_response(ntlm_client *ntlm)
1035
- {
1036
- unsigned char ntlm_hash[NTLM_NTLM_HASH_LEN] = {0};
1037
- ntlm_des_block key[3], ntlm_response[3];
1038
- ntlm_des_block *challenge =
1039
- (ntlm_des_block *)&ntlm->challenge.nonce;
1040
-
1041
- if (!generate_ntlm_hash(ntlm_hash, ntlm))
1042
- return false;
1043
-
1044
- /* Convert that LM hash to three DES keys */
1045
- des_key_from_password(&key[0], &ntlm_hash[0], 7);
1046
- des_key_from_password(&key[1], &ntlm_hash[7], 7);
1047
- des_key_from_password(&key[2], &ntlm_hash[14], 2);
1048
-
1049
- /* Finally, encrypt the challenge with each of these keys */
1050
- if (!ntlm_des_encrypt(&ntlm_response[0], challenge, &key[0]) ||
1051
- !ntlm_des_encrypt(&ntlm_response[1], challenge, &key[1]) ||
1052
- !ntlm_des_encrypt(&ntlm_response[2], challenge, &key[2]))
1053
- return false;
1054
-
1055
- memcpy(&ntlm->ntlm_response[0], ntlm_response[0], 8);
1056
- memcpy(&ntlm->ntlm_response[8], ntlm_response[1], 8);
1057
- memcpy(&ntlm->ntlm_response[16], ntlm_response[2], 8);
1058
-
1059
- ntlm->ntlm_response_len = sizeof(ntlm->ntlm_response);
1060
- return true;
1061
- }
1062
-
1063
- static bool generate_ntlm2_hash(
1064
- unsigned char out[NTLM_NTLM2_HASH_LEN], ntlm_client *ntlm)
1065
- {
1066
- unsigned char ntlm_hash[NTLM_NTLM_HASH_LEN] = {0};
1067
- const unsigned char *username = NULL, *target = NULL;
1068
- size_t username_len = 0, target_len = 0, out_len = NTLM_NTLM2_HASH_LEN;
1069
-
1070
- if (!generate_ntlm_hash(ntlm_hash, ntlm))
1071
- return false;
1072
-
1073
- if (ntlm->username_upper_utf16) {
1074
- username = (const unsigned char *)ntlm->username_upper_utf16;
1075
- username_len = ntlm->username_upper_utf16_len;
1076
- }
1077
-
1078
- if (ntlm->target_utf16) {
1079
- target = (const unsigned char *)ntlm->target_utf16;
1080
- target_len = ntlm->target_utf16_len;
1081
- }
1082
-
1083
- if (!ntlm_hmac_ctx_reset(ntlm->hmac_ctx) ||
1084
- !ntlm_hmac_md5_init(ntlm->hmac_ctx, ntlm_hash, sizeof(ntlm_hash)) ||
1085
- !ntlm_hmac_md5_update(ntlm->hmac_ctx, username, username_len) ||
1086
- !ntlm_hmac_md5_update(ntlm->hmac_ctx, target, target_len) ||
1087
- !ntlm_hmac_md5_final(out, &out_len, ntlm->hmac_ctx)) {
1088
- ntlm_client_set_errmsg(ntlm, "failed to create HMAC-MD5");
1089
- return false;
1090
- }
1091
-
1092
- assert(out_len == NTLM_NTLM2_HASH_LEN);
1093
- return true;
1094
- }
1095
-
1096
- static bool generate_ntlm2_challengehash(
1097
- unsigned char out[16],
1098
- ntlm_client *ntlm,
1099
- unsigned char ntlm2_hash[NTLM_NTLM2_HASH_LEN],
1100
- const unsigned char *blob,
1101
- size_t blob_len)
1102
- {
1103
- size_t out_len = 16;
1104
-
1105
- if (!ntlm_hmac_ctx_reset(ntlm->hmac_ctx) ||
1106
- !ntlm_hmac_md5_init(ntlm->hmac_ctx,
1107
- ntlm2_hash, NTLM_NTLM2_HASH_LEN) ||
1108
- !ntlm_hmac_md5_update(ntlm->hmac_ctx,
1109
- (const unsigned char *)&ntlm->challenge.nonce, 8) ||
1110
- !ntlm_hmac_md5_update(ntlm->hmac_ctx, blob, blob_len) ||
1111
- !ntlm_hmac_md5_final(out, &out_len, ntlm->hmac_ctx)) {
1112
- ntlm_client_set_errmsg(ntlm, "failed to create HMAC-MD5");
1113
- return false;
1114
- }
1115
-
1116
- assert(out_len == 16);
1117
- return true;
1118
- }
1119
-
1120
- static bool generate_lm2_response(ntlm_client *ntlm,
1121
- unsigned char ntlm2_hash[NTLM_NTLM2_HASH_LEN])
1122
- {
1123
- unsigned char lm2_challengehash[16];
1124
- size_t lm2_len = 16;
1125
- uint64_t local_nonce;
1126
-
1127
- local_nonce = htonll(ntlm->nonce);
1128
-
1129
- if (!ntlm_hmac_ctx_reset(ntlm->hmac_ctx) ||
1130
- !ntlm_hmac_md5_init(ntlm->hmac_ctx,
1131
- ntlm2_hash, NTLM_NTLM2_HASH_LEN) ||
1132
- !ntlm_hmac_md5_update(ntlm->hmac_ctx,
1133
- (const unsigned char *)&ntlm->challenge.nonce, 8) ||
1134
- !ntlm_hmac_md5_update(ntlm->hmac_ctx,
1135
- (const unsigned char *)&local_nonce, 8) ||
1136
- !ntlm_hmac_md5_final(lm2_challengehash, &lm2_len, ntlm->hmac_ctx)) {
1137
- ntlm_client_set_errmsg(ntlm, "failed to create HMAC-MD5");
1138
- return false;
1139
- }
1140
-
1141
- assert(lm2_len == 16);
1142
-
1143
- memcpy(&ntlm->lm_response[0], lm2_challengehash, 16);
1144
- memcpy(&ntlm->lm_response[16], &local_nonce, 8);
1145
-
1146
- ntlm->lm_response_len = 24;
1147
- return true;
1148
- }
1149
-
1150
- static bool generate_timestamp(ntlm_client *ntlm)
1151
- {
1152
- if (!ntlm->timestamp)
1153
- ntlm->timestamp = (time(NULL) + 11644473600) * 10000000;
1154
-
1155
- return true;
1156
- }
1157
-
1158
- static bool generate_nonce(ntlm_client *ntlm)
1159
- {
1160
- unsigned char buf[8];
1161
-
1162
- if (ntlm->nonce)
1163
- return true;
1164
-
1165
- if (!ntlm_random_bytes(ntlm, buf, 8))
1166
- return false;
1167
-
1168
- memcpy(&ntlm->nonce, buf, sizeof(uint64_t));
1169
- return true;
1170
- }
1171
-
1172
- static bool generate_ntlm2_response(ntlm_client *ntlm)
1173
- {
1174
- size_t blob_len, ntlm2_response_len;
1175
- uint32_t signature;
1176
- uint64_t timestamp, nonce;
1177
- unsigned char ntlm2_hash[NTLM_NTLM2_HASH_LEN];
1178
- unsigned char challengehash[16];
1179
- unsigned char *blob;
1180
-
1181
- if (!generate_timestamp(ntlm) ||
1182
- !generate_nonce(ntlm) ||
1183
- !generate_ntlm2_hash(ntlm2_hash, ntlm))
1184
- return false;
1185
-
1186
- blob_len = ntlm->challenge.target_info_len + 32;
1187
- ntlm2_response_len = blob_len + 16;
1188
-
1189
- if ((ntlm->ntlm2_response = malloc(ntlm2_response_len)) == NULL) {
1190
- ntlm_client_set_errmsg(ntlm, "out of memory");
1191
- return false;
1192
- }
1193
-
1194
- /* position the blob in the response; we'll use it then return it */
1195
- blob = ntlm->ntlm2_response + 16;
1196
-
1197
- /* the blob's integer values are in network byte order */
1198
- signature = htonl(0x01010000);
1199
- timestamp = htonll(ntlm->timestamp);
1200
- nonce = htonll(ntlm->nonce);
1201
-
1202
- /* construct the blob */
1203
- memcpy(&blob[0], &signature, 4);
1204
- memset(&blob[4], 0, 4);
1205
- memcpy(&blob[8], &timestamp, 8);
1206
- memcpy(&blob[16], &nonce, 8);
1207
- memset(&blob[24], 0, 4);
1208
- memcpy(&blob[28], ntlm->challenge.target_info, ntlm->challenge.target_info_len);
1209
- memset(&blob[28 + ntlm->challenge.target_info_len], 0, 4);
1210
-
1211
- if (!generate_ntlm2_challengehash(challengehash, ntlm, ntlm2_hash, blob, blob_len))
1212
- return false;
1213
-
1214
- memcpy(ntlm->ntlm2_response, challengehash, 16);
1215
- ntlm->ntlm2_response_len = ntlm2_response_len;
1216
-
1217
- if (!generate_lm2_response(ntlm, ntlm2_hash))
1218
- return false;
1219
-
1220
- return true;
1221
- }
1222
-
1223
- int ntlm_client_response(
1224
- const unsigned char **out,
1225
- size_t *out_len,
1226
- ntlm_client *ntlm)
1227
- {
1228
- unsigned char *domain, *username, *hostname, *ntlm_rep, *session;
1229
- size_t lm_rep_len, lm_rep_offset, ntlm_rep_len, ntlm_rep_offset,
1230
- domain_len, domain_offset, username_len, username_offset,
1231
- hostname_len, hostname_offset, session_len, session_offset;
1232
- uint32_t flags = 0;
1233
- bool unicode;
1234
-
1235
- assert(out && out_len && ntlm);
1236
-
1237
- *out = NULL;
1238
- *out_len = 0;
1239
-
1240
- if (ntlm->state != NTLM_STATE_RESPONSE) {
1241
- ntlm_client_set_errmsg(ntlm, "ntlm handle in invalid state");
1242
- return -1;
1243
- }
1244
-
1245
- /*
1246
- * Minimum message size is 64 bytes:
1247
- * 8 byte signature,
1248
- * 4 byte message indicator,
1249
- * 6x8 byte security buffers
1250
- * 4 byte flags
1251
- */
1252
- ntlm->response.len = 64;
1253
-
1254
- unicode = supports_unicode(ntlm) &&
1255
- (ntlm->challenge.flags & NTLM_NEGOTIATE_UNICODE);
1256
-
1257
- if (unicode)
1258
- flags |= NTLM_NEGOTIATE_UNICODE;
1259
- else
1260
- flags |= NTLM_NEGOTIATE_OEM;
1261
-
1262
- if (unicode) {
1263
- domain = (unsigned char *)ntlm->userdomain_utf16;
1264
- domain_len = ntlm->userdomain_utf16_len;
1265
-
1266
- username = (unsigned char *)ntlm->username_utf16;
1267
- username_len = ntlm->username_utf16_len;
1268
-
1269
- hostname = (unsigned char *)ntlm->hostname_utf16;
1270
- hostname_len = ntlm->hostname_utf16_len;
1271
- } else {
1272
- domain = (unsigned char *)ntlm->userdomain;
1273
- domain_len = ntlm->userdomain ? strlen(ntlm->userdomain) : 0;
1274
-
1275
- username = (unsigned char *)ntlm->username;
1276
- username_len = ntlm->username ? strlen(ntlm->username) : 0;
1277
-
1278
- hostname = (unsigned char *)ntlm->hostname;
1279
- hostname_len = ntlm->hostname ? strlen(ntlm->hostname) : 0;
1280
- }
1281
-
1282
- /* Negotiate our requested authentication type with the server's */
1283
- if (!(ntlm->flags & NTLM_CLIENT_DISABLE_NTLM2) &&
1284
- (ntlm->challenge.flags & NTLM_NEGOTIATE_NTLM)) {
1285
- flags |= NTLM_NEGOTIATE_NTLM;
1286
-
1287
- if (!generate_ntlm2_response(ntlm))
1288
- return -1;
1289
- } else if ((ntlm->flags & NTLM_CLIENT_ENABLE_NTLM) &&
1290
- (ntlm->challenge.flags & NTLM_NEGOTIATE_NTLM)) {
1291
- flags |= NTLM_NEGOTIATE_NTLM;
1292
-
1293
- if (!generate_ntlm_response(ntlm) ||
1294
- !generate_lm_response(ntlm))
1295
- return -1;
1296
- } else if (ntlm->flags & NTLM_CLIENT_ENABLE_LM) {
1297
- if (!generate_lm_response(ntlm))
1298
- return -1;
1299
- } else {
1300
- ntlm_client_set_errmsg(ntlm,
1301
- "no encryption options could be negotiated");
1302
- return -1;
1303
- }
1304
-
1305
- domain_offset = ntlm->response.len;
1306
- increment_size(&ntlm->response.len, domain_len);
1307
-
1308
- username_offset = ntlm->response.len;
1309
- increment_size(&ntlm->response.len, username_len);
1310
-
1311
- hostname_offset = ntlm->response.len;
1312
- increment_size(&ntlm->response.len, hostname_len);
1313
-
1314
- lm_rep_len = ntlm->lm_response_len;
1315
- lm_rep_offset = ntlm->response.len;
1316
- increment_size(&ntlm->response.len, lm_rep_len);
1317
-
1318
- ntlm_rep = ntlm->ntlm2_response_len ?
1319
- ntlm->ntlm2_response : ntlm->ntlm_response;
1320
- ntlm_rep_len = ntlm->ntlm2_response_len ?
1321
- ntlm->ntlm2_response_len : ntlm->ntlm_response_len;
1322
- ntlm_rep_offset = ntlm->response.len;
1323
- increment_size(&ntlm->response.len, ntlm_rep_len);
1324
-
1325
- session = NULL;
1326
- session_len = 0;
1327
- session_offset = ntlm->response.len;
1328
- increment_size(&ntlm->response.len, session_len);
1329
-
1330
- if (ntlm->response.len == (size_t)-1) {
1331
- ntlm_client_set_errmsg(ntlm, "message too large");
1332
- return -1;
1333
- }
1334
-
1335
- if ((ntlm->response.buf = malloc(ntlm->response.len)) == NULL) {
1336
- ntlm_client_set_errmsg(ntlm, "out of memory");
1337
- return -1;
1338
- }
1339
-
1340
- memset(ntlm->response.buf, 0, ntlm->response.len);
1341
-
1342
- if (!write_buf(ntlm, &ntlm->response,
1343
- ntlm_client_signature, sizeof(ntlm_client_signature)) ||
1344
- !write_int32(ntlm, &ntlm->response, 3) ||
1345
- !write_bufinfo(ntlm, &ntlm->response, lm_rep_len, lm_rep_offset) ||
1346
- !write_bufinfo(ntlm, &ntlm->response, ntlm_rep_len, ntlm_rep_offset) ||
1347
- !write_bufinfo(ntlm, &ntlm->response, domain_len, domain_offset) ||
1348
- !write_bufinfo(ntlm, &ntlm->response, username_len, username_offset) ||
1349
- !write_bufinfo(ntlm, &ntlm->response, hostname_len, hostname_offset) ||
1350
- !write_bufinfo(ntlm, &ntlm->response, session_len, session_offset) ||
1351
- !write_int32(ntlm, &ntlm->response, flags) ||
1352
- !write_buf(ntlm, &ntlm->response, domain, domain_len) ||
1353
- !write_buf(ntlm, &ntlm->response, username, username_len) ||
1354
- !write_buf(ntlm, &ntlm->response, hostname, hostname_len) ||
1355
- !write_buf(ntlm, &ntlm->response, ntlm->lm_response, lm_rep_len) ||
1356
- !write_buf(ntlm, &ntlm->response, ntlm_rep, ntlm_rep_len) ||
1357
- !write_buf(ntlm, &ntlm->response, session, session_len))
1358
- return -1;
1359
-
1360
- assert(ntlm->response.pos == ntlm->response.len);
1361
-
1362
- ntlm->state = NTLM_STATE_COMPLETE;
1363
-
1364
- *out = ntlm->response.buf;
1365
- *out_len = ntlm->response.len;
1366
-
1367
- return 0;
1368
- }
1369
-
1370
- void ntlm_client_reset(ntlm_client *ntlm)
1371
- {
1372
- ntlm_client_flags flags;
1373
- ntlm_hmac_ctx *hmac_ctx;
1374
- ntlm_unicode_ctx *unicode_ctx;
1375
-
1376
- assert(ntlm);
1377
-
1378
- free(ntlm->negotiate.buf);
1379
- free(ntlm->challenge.target_info);
1380
- free(ntlm->challenge.target);
1381
- free(ntlm->challenge.target_domain);
1382
- free(ntlm->challenge.target_domain_dns);
1383
- free(ntlm->challenge.target_server);
1384
- free(ntlm->challenge.target_server_dns);
1385
- free(ntlm->response.buf);
1386
-
1387
- free(ntlm->hostname);
1388
- free(ntlm->hostname_utf16);
1389
- free(ntlm->hostdomain);
1390
-
1391
- free(ntlm->target);
1392
- free(ntlm->target_utf16);
1393
-
1394
- free(ntlm->ntlm2_response);
1395
-
1396
- free_credentials(ntlm);
1397
-
1398
- flags = ntlm->flags;
1399
- hmac_ctx = ntlm->hmac_ctx;
1400
- unicode_ctx = ntlm->unicode_ctx;
1401
-
1402
- memset(ntlm, 0, sizeof(struct ntlm_client));
1403
-
1404
- ntlm->flags = flags;
1405
- ntlm->hmac_ctx = hmac_ctx;
1406
- ntlm->unicode_ctx = unicode_ctx;
1407
- }
1408
-
1409
- void ntlm_client_free(ntlm_client *ntlm)
1410
- {
1411
- if (!ntlm)
1412
- return;
1413
-
1414
- ntlm_client_reset(ntlm);
1415
-
1416
- ntlm_hmac_ctx_free(ntlm->hmac_ctx);
1417
- ntlm_unicode_ctx_free(ntlm->unicode_ctx);
1418
-
1419
- free(ntlm);
1420
- }