This patch does not introduce any functional or behavioural change.
The code in ntlm.c has been restyled to better to obey to the
new coding style and its readability has been a improved a bit.
Signed-off-by: Antonio Quartulli <a...@unstable.cc>
---
src/openvpn/ntlm.c | 74 +++++++++++++++++++++++++++++++++---------------------
1 file changed, 45 insertions(+), 29 deletions(-)
diff --git a/src/openvpn/ntlm.c b/src/openvpn/ntlm.c
index f18e0371..c0319287 100644
--- a/src/openvpn/ntlm.c
+++ b/src/openvpn/ntlm.c
@@ -60,13 +60,13 @@ static void
create_des_keys(const unsigned char *hash, unsigned char *key)
{
key[0] = hash[0];
- key[1] = ((hash[0]&1)<<7)|(hash[1]>>1);
- key[2] = ((hash[1]&3)<<6)|(hash[2]>>2);
- key[3] = ((hash[2]&7)<<5)|(hash[3]>>3);
- key[4] = ((hash[3]&15)<<4)|(hash[4]>>4);
- key[5] = ((hash[4]&31)<<3)|(hash[5]>>5);
- key[6] = ((hash[5]&63)<<2)|(hash[6]>>6);
- key[7] = ((hash[6]&127)<<1);
+ key[1] = ((hash[0] & 1) << 7) | (hash[1] >> 1);
+ key[2] = ((hash[1] & 3) << 6) | (hash[2] >> 2);
+ key[3] = ((hash[2] & 7) << 5) | (hash[3] >> 3);
+ key[4] = ((hash[3] & 15) << 4) | (hash[4] >> 4);
+ key[5] = ((hash[4] & 31) << 3) | (hash[5] >> 5);
+ key[6] = ((hash[5] & 63) << 2) | (hash[6] >> 6);
+ key[7] = ((hash[6] & 127) << 1);
key_des_fixup(key, 8, 1);
}
@@ -99,7 +99,8 @@ static void
gen_timestamp(uint8_t *timestamp)
{
/* Copies 8 bytes long timestamp into "timestamp" buffer.
- * Timestamp is Little-endian, 64-bit signed value representing the number
of tenths of a microsecond since January 1, 1601.
+ * Timestamp is Little-endian, 64-bit signed value representing the
+ * number of tenths of a microsecond since January 1, 1601.
*/
UINTEGER64 timestamp_ull;
@@ -151,16 +152,17 @@ unicodize(char *dst, const char *src)
{
dst[i++] = *src;
dst[i++] = 0;
- }
- while (*src++);
+ } while (*src++);
return i;
}
static void
-add_security_buffer(int sb_offset, void *data, int length, unsigned char
*msg_buf, int *msg_bufpos)
+add_security_buffer(int sb_offset, void *data, int length,
+ unsigned char *msg_buf, int *msg_bufpos)
{
- /* Adds security buffer data to a message and sets security buffer's
offset and length */
+ /* Adds security buffer data to a message and sets security buffer's
+ * offset and length */
msg_buf[sb_offset] = (unsigned char)length;
msg_buf[sb_offset + 2] = msg_buf[sb_offset];
msg_buf[sb_offset + 4] = (unsigned char)(*msg_bufpos & 0xff);
@@ -187,7 +189,8 @@ ntlm_phase_1(const struct http_proxy_info *p, struct
gc_arena *gc)
}
const char *
-ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2, struct
gc_arena *gc)
+ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2,
+ struct gc_arena *gc)
{
/* NTLM handshake
*
@@ -296,13 +299,16 @@ ntlm_phase_3(const struct http_proxy_info *p, const char
*phase_2, struct gc_are
ntlmv2_blob[0x18] = 0; /* Unknown, zero
should work */
/* Add target information block to the blob */
- if (( *((long *)&buf2[0x14]) & 0x00800000) == 0x00800000) /*
Check for Target Information block */
+
+ /* Check for Target Information block */
+ if ((*((long *)&buf2[0x14]) & 0x00800000) == 0x00800000)
{
tib_len = buf2[0x28]; /* Get Target Information block
size */
if (tib_len > 96)
{
tib_len = 96;
}
+
{
uint8_t *tib_ptr;
uint8_t tib_pos = buf2[0x2c];
@@ -310,8 +316,10 @@ ntlm_phase_3(const struct http_proxy_info *p, const char
*phase_2, struct gc_are
{
return NULL;
}
- tib_ptr = buf2 + tib_pos; /* Get
Target Information block pointer */
- memcpy(&ntlmv2_blob[0x1c], tib_ptr, tib_len); /*
Copy Target Information block into the blob */
+ /* Get Target Information block pointer */
+ tib_ptr = buf2 + tib_pos;
+ /* Copy Target Information block into the blob */
+ memcpy(&ntlmv2_blob[0x1c], tib_ptr, tib_len);
}
}
else
@@ -319,7 +327,8 @@ ntlm_phase_3(const struct http_proxy_info *p, const char
*phase_2, struct gc_are
tib_len = 0;
}
- ntlmv2_blob[0x1c + tib_len] = 0; /* Unknown, zero
works */
+ /* Unknown, zero works */
+ ntlmv2_blob[0x1c + tib_len] = 0;
/* Get blob length */
ntlmv2_blob_size = 0x20 + tib_len;
@@ -328,15 +337,18 @@ ntlm_phase_3(const struct http_proxy_info *p, const char
*phase_2, struct gc_are
memcpy(&ntlmv2_response[8], challenge, 8);
/* hmac-md5 */
- gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash,
MD5_DIGEST_LENGTH, ntlmv2_hmacmd5);
-
- /* Add hmac-md5 result to the blob */
- memcpy(ntlmv2_response, ntlmv2_hmacmd5, MD5_DIGEST_LENGTH); /*
Note: This overwrites challenge previously written at ntlmv2_response[8..15] */
+ gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash,
+ MD5_DIGEST_LENGTH, ntlmv2_hmacmd5);
+ /* Add hmac-md5 result to the blob.
+ * Note: This overwrites challenge previously written at
+ * ntlmv2_response[8..15] */
+ memcpy(ntlmv2_response, ntlmv2_hmacmd5, MD5_DIGEST_LENGTH);
}
- else /* Generate NTLM response */
+ else /* Generate NTLM response */
{
- unsigned char key1[DES_KEY_LENGTH], key2[DES_KEY_LENGTH],
key3[DES_KEY_LENGTH];
+ unsigned char key1[DES_KEY_LENGTH], key2[DES_KEY_LENGTH];
+ unsigned char key3[DES_KEY_LENGTH];
create_des_keys(md4_hash, key1);
cipher_des_encrypt_ecb(key1, challenge, ntlm_response);
@@ -345,7 +357,8 @@ ntlm_phase_3(const struct http_proxy_info *p, const char
*phase_2, struct gc_are
cipher_des_encrypt_ecb(key2, challenge,
&ntlm_response[DES_KEY_LENGTH]);
create_des_keys(&md4_hash[2 * (DES_KEY_LENGTH - 1)], key3);
- cipher_des_encrypt_ecb(key3, challenge,
&ntlm_response[DES_KEY_LENGTH*2]);
+ cipher_des_encrypt_ecb(key3, challenge,
+ &ntlm_response[DES_KEY_LENGTH * 2]);
}
@@ -356,7 +369,8 @@ ntlm_phase_3(const struct http_proxy_info *p, const char
*phase_2, struct gc_are
if (ntlmv2_enabled) /* NTLMv2 response */
{
- add_security_buffer(0x14, ntlmv2_response, ntlmv2_blob_size + 16,
phase3, &phase3_bufpos);
+ add_security_buffer(0x14, ntlmv2_response, ntlmv2_blob_size + 16,
+ phase3, &phase3_bufpos);
}
else /* NTLM response */
{
@@ -364,12 +378,13 @@ ntlm_phase_3(const struct http_proxy_info *p, const char
*phase_2, struct gc_are
}
/* username in ascii */
- add_security_buffer(0x24, username, strlen(username), phase3,
&phase3_bufpos);
+ add_security_buffer(0x24, username, strlen(username), phase3,
+ &phase3_bufpos);
- /* Set domain. If <domain> is empty, default domain will be used (i.e.
proxy's domain) */
+ /* Set domain. If <domain> is empty, default domain will be used
+ * (i.e. proxy's domain) */
add_security_buffer(0x1c, domain, strlen(domain), phase3, &phase3_bufpos);
-
/* other security buffers will be empty */
phase3[0x10] = phase3_bufpos; /* lm not used */
phase3[0x30] = phase3_bufpos; /* no workstation name supplied */
@@ -379,7 +394,8 @@ ntlm_phase_3(const struct http_proxy_info *p, const char
*phase_2, struct gc_are
phase3[0x3c] = 0x02; /* negotiate oem */
phase3[0x3d] = 0x02; /* negotiate ntlm */
- return ((const char *)make_base64_string2((unsigned char *)phase3,
phase3_bufpos, gc));
+ return ((const char *)make_base64_string2((unsigned char *)phase3,
+ phase3_bufpos, gc));
}
#else /* if NTLM */
--
2.13.2
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
