SPNEGO: Assume NegTokenInit2 SPNEGO extension was sent for server-initiated negotiation

2025-07-14 13:25:03 +02:00 · 2018-12-23 19:11:53 +02:00 · 2018-12-23 19:11:53 +02:00 · 268b9e9527
commit 268b9e9527
parent 86afb5af33
3 changed files with 18 additions and 9 deletions
--- a/SMBLibrary/Authentication/GSSAPI/GSSProvider.cs
+++ b/SMBLibrary/Authentication/GSSAPI/GSSProvider.cs
@ -1,4 +1,4 @@
-/* Copyright (C) 2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
+/* Copyright (C) 2017-2018 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
 * 
 * You can redistribute this program and/or modify it under the terms of
 * the GNU Lesser Public License as published by the Free Software Foundation,
@ -57,7 +57,7 @@ namespace SMBLibrary.Authentication.GSSAPI
            SimpleProtectedNegotiationToken spnegoToken = null;
            try
            {
-                spnegoToken = SimpleProtectedNegotiationToken.ReadToken(inputToken, 0);
+                spnegoToken = SimpleProtectedNegotiationToken.ReadToken(inputToken, 0, false);
            }
            catch
            {
--- a/SMBLibrary/Authentication/GSSAPI/SPNEGO/SimpleProtectedNegotiationToken.cs
+++ b/SMBLibrary/Authentication/GSSAPI/SPNEGO/SimpleProtectedNegotiationToken.cs
@ -1,4 +1,4 @@
-/* Copyright (C) 2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
+/* Copyright (C) 2017-2018 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
 * 
 * You can redistribute this program and/or modify it under the terms of
 * the GNU Lesser Public License as published by the Free Software Foundation,
@ -6,7 +6,6 @@
 */
 using System;
 using System.Collections.Generic;
-using System.Text;
 using Utilities;

 namespace SMBLibrary.Authentication.GSSAPI
@ -49,7 +48,7 @@ namespace SMBLibrary.Authentication.GSSAPI
        /// https://tools.ietf.org/html/rfc2743
        /// </summary>
        /// <exception cref="System.IO.InvalidDataException"></exception>
-        public static SimpleProtectedNegotiationToken ReadToken(byte[] tokenBytes, int offset)
+        public static SimpleProtectedNegotiationToken ReadToken(byte[] tokenBytes, int offset, bool serverInitiatedNegotiation)
        {
            byte tag = ByteReader.ReadByte(tokenBytes, ref offset);
            if (tag == ApplicationTag)
@ -70,9 +69,19 @@ namespace SMBLibrary.Authentication.GSSAPI
                    {
                        tag = ByteReader.ReadByte(tokenBytes, ref offset);
                        if (tag == SimpleProtectedNegotiationTokenInit.NegTokenInitTag)
+                        {
+                            if (serverInitiatedNegotiation)
+                            {
+                                // [MS-SPNG] Standard GSS has a strict notion of client (initiator) and server (acceptor).
+                                // If the client has not sent a negTokenInit ([RFC4178] section 4.2.1) message, no context establishment token is expected from the server.
+                                // The [NegTokenInit2] SPNEGO extension allows the server to generate a context establishment token message [..] and send it to the client.
+                                return new SimpleProtectedNegotiationTokenInit2(tokenBytes, offset);
+                            }
+                            else
                            {
                                return new SimpleProtectedNegotiationTokenInit(tokenBytes, offset);
                            }
+                        }
                        else if (tag == SimpleProtectedNegotiationTokenResponse.NegTokenRespTag)
                        {
                            return new SimpleProtectedNegotiationTokenResponse(tokenBytes, offset);
--- a/SMBLibrary/Client/Helpers/NTLMAuthenticationHelper.cs
+++ b/SMBLibrary/Client/Helpers/NTLMAuthenticationHelper.cs
@ -1,4 +1,4 @@
-/* Copyright (C) 2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
+/* Copyright (C) 2017-2018 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
 * 
 * You can redistribute this program and/or modify it under the terms of
 * the GNU Lesser Public License as published by the Free Software Foundation,
@ -23,7 +23,7 @@ namespace SMBLibrary.Client
                SimpleProtectedNegotiationTokenInit inputToken = null;
                try
                {
-                    inputToken = SimpleProtectedNegotiationToken.ReadToken(securityBlob, 0) as SimpleProtectedNegotiationTokenInit;
+                    inputToken = SimpleProtectedNegotiationToken.ReadToken(securityBlob, 0, true) as SimpleProtectedNegotiationTokenInit;
                }
                catch
                {
@ -82,7 +82,7 @@ namespace SMBLibrary.Client
            SimpleProtectedNegotiationTokenResponse inputToken = null;
            try
            {
-                inputToken = SimpleProtectedNegotiationToken.ReadToken(securityBlob, 0) as SimpleProtectedNegotiationTokenResponse;
+                inputToken = SimpleProtectedNegotiationToken.ReadToken(securityBlob, 0, false) as SimpleProtectedNegotiationTokenResponse;
            }
            catch
            {