zydronium/SMBLibrary
1
0
Fork 0
mirror of https://github.com/TalAloni/SMBLibrary.git synced 2025-08-04 15:01:28 +02:00
Code Issues Projects Releases Packages Wiki Activity

NTLMAuthenticationProviderBase: Properly handle invalid NegotiateMessage / AuthenticateMessage

Browse source
This commit is contained in:
Tal Aloni 2017-08-24 18:52:25 +03:00
parent 1a599c2cca
commit 477af8e690
1 changed files with 22 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

28
SMBLibrary/Authentication/NTLM/NTLMAuthenticationProviderBase.cs
View file

@ -25,16 +25,32 @@ namespace SMBLibrary.Authentication.NTLM
MessageTypeName messageType = AuthenticationMessageUtils.GetMessageType(inputToken);
if (messageType == MessageTypeName.Negotiate)
{
NegotiateMessage input = new NegotiateMessage(inputToken);
ChallengeMessage output;
NTStatus status = GetChallengeMessage(out context, input, out output);
outputToken = output.GetBytes();
NegotiateMessage negotiateMessage;
try
{
negotiateMessage = new NegotiateMessage(inputToken);
}
catch
{
return NTStatus.SEC_E_INVALID_TOKEN;
}
ChallengeMessage challengeMessage;
NTStatus status = GetChallengeMessage(out context, negotiateMessage, out challengeMessage);
outputToken = challengeMessage.GetBytes();
return status;
}
else if (messageType == MessageTypeName.Authenticate)
{
AuthenticateMessage message = new AuthenticateMessage(inputToken);
return Authenticate(context, message);
AuthenticateMessage authenticateMessage;
try
{
authenticateMessage = new AuthenticateMessage(inputToken);
}
catch
{
return NTStatus.SEC_E_INVALID_TOKEN;
}
return Authenticate(context, authenticateMessage);
}
else
{