1 /*

     2 /*

     2  * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.

     3  * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.

     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

     4  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

     4  *

     5  *

     5  * This code is free software; you can redistribute it and/or modify it

     6  * This code is free software; you can redistribute it and/or modify it

    90                     "nonce cannot be null");

    91                     "nonce cannot be null");

    91         }

    92         }

    92         debug("NTLM Server: Type 1 received\n");

    93         debug("NTLM Server: Type 1 received\n");

    93         if (type1 != null) debug(type1);

    94         if (type1 != null) debug(type1);

    94         Writer p = new Writer(2, 32);

    95         Writer p = new Writer(2, 32);

    96         p.writeSecurityBuffer(12, domain, true);

    99         p.writeSecurityBuffer(12, domain, true);

    97         p.writeInt(20, flags);

   100         p.writeInt(20, flags);

    98         p.writeBytes(24, nonce);

   101         p.writeBytes(24, nonce);

    99         debug("NTLM Server: Type 2 created\n");

   102         debug("NTLM Server: Type 2 created\n");

   100         debug(p.getBytes());

   103         debug(p.getBytes());

   125         /*if (incomingDomain != null && !incomingDomain.equals(domain)) {

   128         /*if (incomingDomain != null && !incomingDomain.equals(domain)) {

   126             throw new NTLMException(NTLMException.DOMAIN_UNMATCH,

   129             throw new NTLMException(NTLMException.DOMAIN_UNMATCH,

   127                     "Wrong domain: " + incomingDomain +

   130                     "Wrong domain: " + incomingDomain +

   128                     " vs " + domain); // Needed?

   131                     " vs " + domain); // Needed?

   129         }*/

   132         }*/

   130         boolean verified = false;

   134         boolean verified = false;

   132         if (password == null) {

   136         if (password == null) {

   133             throw new NTLMException(NTLMException.USER_UNKNOWN,

   137             throw new NTLMException(NTLMException.USER_UNKNOWN,

   134                     "Unknown user");

   138                     "Unknown user");

   135         }

   139         }

   136         byte[] incomingLM = r.readSecurityBuffer(12);

   140         byte[] incomingLM = r.readSecurityBuffer(12);

   177                 if (Arrays.equals(lmresponse, incomingLM)) {

   181                 if (Arrays.equals(lmresponse, incomingLM)) {

   178                     verified = true;

   182                     verified = true;

   179                 }

   183                 }

   180             }

   184             }

   181             if (incomingNTLM.length > 0) {

   185             if (incomingNTLM.length > 0) {

   182                 byte[] clientBlob = Arrays.copyOfRange(

   188                 byte[] clientBlob = Arrays.copyOfRange(

   183                         incomingNTLM, 16, incomingNTLM.length);

   189                         incomingNTLM, 16, incomingNTLM.length);

   184                 byte[] ntlmresponse = calcV2(nthash,

   190                 byte[] ntlmresponse = calcV2(nthash,

   185                         username.toUpperCase(Locale.US)+incomingDomain,

   191                         username.toUpperCase(Locale.US)+incomingDomain,

   186                         clientBlob, nonce);

   192                         clientBlob, nonce);