zydronium/SMBLibrary
1
0
Fork 0
mirror of https://github.com/TalAloni/SMBLibrary.git synced 2025-08-14 19:23:46 +02:00
Code Issues Projects Releases Packages Wiki Activity

NTLMAuthenticationProviderBase: Properly handle invalid NegotiateMessage / AuthenticateMessage

Browse source
This commit is contained in:
Tal Aloni 2017-08-24 18:52:25 +03:00
parent 1a599c2cca
commit 477af8e690
1 changed files with 22 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

28
SMBLibrary/Authentication/NTLM/NTLMAuthenticationProviderBase.cs
View file

@ -25,16 +25,32 @@ namespace SMBLibrary.Authentication.NTLM
MessageTypeName messageType = AuthenticationMessageUtils.GetMessageType(inputToken); MessageTypeName messageType = AuthenticationMessageUtils.GetMessageType(inputToken);
if (messageType == MessageTypeName.Negotiate) if (messageType == MessageTypeName.Negotiate)
{ {
NegotiateMessage input = new NegotiateMessage(inputToken); NegotiateMessage negotiateMessage;
ChallengeMessage output; try
NTStatus status = GetChallengeMessage(out context, input, out output); {
outputToken = output.GetBytes(); negotiateMessage = new NegotiateMessage(inputToken);
}
catch
{
return NTStatus.SEC_E_INVALID_TOKEN;
}
ChallengeMessage challengeMessage;
NTStatus status = GetChallengeMessage(out context, negotiateMessage, out challengeMessage);
outputToken = challengeMessage.GetBytes();
return status; return status;
} }
else if (messageType == MessageTypeName.Authenticate) else if (messageType == MessageTypeName.Authenticate)
{ {
AuthenticateMessage message = new AuthenticateMessage(inputToken); AuthenticateMessage authenticateMessage;
return Authenticate(context, message); try
{
authenticateMessage = new AuthenticateMessage(inputToken);
}
catch
{
return NTStatus.SEC_E_INVALID_TOKEN;
}
return Authenticate(context, authenticateMessage);
} }
else else
{ {