more logging
This commit is contained in:
@@ -3,7 +3,6 @@ package ntlmssp
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"encoding/binary"
|
||||
"errors"
|
||||
"time"
|
||||
@@ -83,22 +82,22 @@ func (m authenicateMessage) MarshalBinary() ([]byte, error) {
|
||||
// that was received from the server
|
||||
func ProcessChallenge(challengeMessageData []byte, user, password string) ([]byte, error) {
|
||||
if user == "" && password == "" {
|
||||
PrintDebug("User %s, Pass Length %d", user, len(password))
|
||||
return nil, errors.New("Anonymous authentication not supported")
|
||||
}
|
||||
|
||||
// debugging
|
||||
PrintDebug("Received NTLM Type 2 Challenge: %s", base64.StdEncoding.EncodeToString(challengeMessageData))
|
||||
DecodeNTLMMessage(challengeMessageData)
|
||||
|
||||
var cm challengeMessage
|
||||
if err := cm.UnmarshalBinary(challengeMessageData); err != nil {
|
||||
PrintDebug("Failed to unmarshal challenge data")
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if cm.NegotiateFlags.Has(negotiateFlagNTLMSSPNEGOTIATELMKEY) {
|
||||
PrintDebug("server requested NTLM v1")
|
||||
return nil, errors.New("Only NTLM v2 is supported, but server requested v1 (NTLMSSP_NEGOTIATE_LM_KEY)")
|
||||
}
|
||||
if cm.NegotiateFlags.Has(negotiateFlagNTLMSSPNEGOTIATEKEYEXCH) {
|
||||
PrintDebug("Key exchange requested but not supported")
|
||||
return nil, errors.New("Key exchange requested but not supported (NTLMSSP_NEGOTIATE_KEY_EXCH)")
|
||||
}
|
||||
|
||||
@@ -120,6 +119,7 @@ func ProcessChallenge(challengeMessageData []byte, user, password string) ([]byt
|
||||
rand.Reader.Read(clientChallenge)
|
||||
|
||||
ntlmV2Hash := getNtlmV2Hash(password, user, cm.TargetName)
|
||||
PrintDebug("NTLM V2 hash '%s'", ntlmV2Hash)
|
||||
|
||||
am.NtChallengeResponse = computeNtlmV2Response(ntlmV2Hash,
|
||||
cm.ServerChallenge[:], clientChallenge, timestamp, cm.TargetInfoRaw)
|
||||
@@ -129,5 +129,7 @@ func ProcessChallenge(challengeMessageData []byte, user, password string) ([]byt
|
||||
cm.ServerChallenge[:], clientChallenge)
|
||||
}
|
||||
|
||||
PrintDebug("Challenge response: NT %s; LM %s", am.NtChallengeResponse, am.LmChallengeResponse)
|
||||
|
||||
return am.MarshalBinary()
|
||||
}
|
||||
|
||||
@@ -121,8 +121,14 @@ func (l Negotiator) RoundTrip(req *http.Request) (res *http.Response, err error)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// debugging
|
||||
PrintDebug("Received NTLM Type 2 Challenge: %s", base64.StdEncoding.EncodeToString(challengeMessage))
|
||||
DecodeNTLMMessage(challengeMessage)
|
||||
|
||||
if !(resauth.IsNegotiate() || resauth.IsNTLM()) || len(challengeMessage) == 0 {
|
||||
// Negotiation failed, let client deal with response
|
||||
PrintDebug("Negotiation failed")
|
||||
return res, nil
|
||||
}
|
||||
io.Copy(io.Discard, res.Body)
|
||||
|
||||
Reference in New Issue
Block a user