equal
deleted
inserted
replaced
|
1 |
1 /* |
2 /* |
2 * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved. |
3 * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
5 * |
5 * This code is free software; you can redistribute it and/or modify it |
6 * This code is free software; you can redistribute it and/or modify it |
90 "nonce cannot be null"); |
91 "nonce cannot be null"); |
91 } |
92 } |
92 debug("NTLM Server: Type 1 received\n"); |
93 debug("NTLM Server: Type 1 received\n"); |
93 if (type1 != null) debug(type1); |
94 if (type1 != null) debug(type1); |
94 Writer p = new Writer(2, 32); |
95 Writer p = new Writer(2, 32); |
95 int flags = 0x80205; |
96 // Negotiate NTLM2 Key, Target Type Domain, |
|
97 // Negotiate NTLM, Request Target, Negotiate unicode |
|
98 int flags = 0x90205; |
96 p.writeSecurityBuffer(12, domain, true); |
99 p.writeSecurityBuffer(12, domain, true); |
97 p.writeInt(20, flags); |
100 p.writeInt(20, flags); |
98 p.writeBytes(24, nonce); |
101 p.writeBytes(24, nonce); |
99 debug("NTLM Server: Type 2 created\n"); |
102 debug("NTLM Server: Type 2 created\n"); |
100 debug(p.getBytes()); |
103 debug(p.getBytes()); |
125 /*if (incomingDomain != null && !incomingDomain.equals(domain)) { |
128 /*if (incomingDomain != null && !incomingDomain.equals(domain)) { |
126 throw new NTLMException(NTLMException.DOMAIN_UNMATCH, |
129 throw new NTLMException(NTLMException.DOMAIN_UNMATCH, |
127 "Wrong domain: " + incomingDomain + |
130 "Wrong domain: " + incomingDomain + |
128 " vs " + domain); // Needed? |
131 " vs " + domain); // Needed? |
129 }*/ |
132 }*/ |
|
133 |
130 boolean verified = false; |
134 boolean verified = false; |
131 char[] password = getPassword(domain, username); |
135 char[] password = getPassword(incomingDomain, username); |
132 if (password == null) { |
136 if (password == null) { |
133 throw new NTLMException(NTLMException.USER_UNKNOWN, |
137 throw new NTLMException(NTLMException.USER_UNKNOWN, |
134 "Unknown user"); |
138 "Unknown user"); |
135 } |
139 } |
136 byte[] incomingLM = r.readSecurityBuffer(12); |
140 byte[] incomingLM = r.readSecurityBuffer(12); |
177 if (Arrays.equals(lmresponse, incomingLM)) { |
181 if (Arrays.equals(lmresponse, incomingLM)) { |
178 verified = true; |
182 verified = true; |
179 } |
183 } |
180 } |
184 } |
181 if (incomingNTLM.length > 0) { |
185 if (incomingNTLM.length > 0) { |
|
186 // We didn't sent alist in type2(), so there |
|
187 // is nothing to check here. |
182 byte[] clientBlob = Arrays.copyOfRange( |
188 byte[] clientBlob = Arrays.copyOfRange( |
183 incomingNTLM, 16, incomingNTLM.length); |
189 incomingNTLM, 16, incomingNTLM.length); |
184 byte[] ntlmresponse = calcV2(nthash, |
190 byte[] ntlmresponse = calcV2(nthash, |
185 username.toUpperCase(Locale.US)+incomingDomain, |
191 username.toUpperCase(Locale.US)+incomingDomain, |
186 clientBlob, nonce); |
192 clientBlob, nonce); |