Ejemplo n.º 1
0
        /// <summary>
        /// Validate NL_AUTH_MESSAGE when the server receives token from client
        /// MessageType is not set to 0x00000000.
        /// contains at least one domain name and one computer name
        /// </summary>
        /// <param name="inToken">token from client</param>
        /// <returns>True if validate pass; otherwise, false</returns>
        /// <exception cref="ArgumentException">Thrown when length of inToken is not large enough.</exception>
        private bool ValidateNlAuthMessage(byte[] inToken)
        {
            if (inToken.Length <= (sizeof(MessageType_Values) + sizeof(NL_AUTH_MESSAGE_Flags_Value)))
            {
                throw new ArgumentException("The token is invalid", "inToken");
            }

            NL_AUTH_MESSAGE nlAuthMessage = new NL_AUTH_MESSAGE();

            // convert inToken to a NL_AUTH_MESSAGE structure
            int offset = 0;

            nlAuthMessage.MessageType = (MessageType_Values)BitConverter.ToInt32(inToken, offset);
            offset += sizeof(MessageType_Values);
            nlAuthMessage.Flags = (NL_AUTH_MESSAGE_Flags_Value)BitConverter.ToUInt32(inToken, offset);
            offset += sizeof(NL_AUTH_MESSAGE_Flags_Value);
            nlAuthMessage.Buffer = ArrayUtility.SubArray(inToken, offset, inToken.Length - offset);

            // check message type
            if (nlAuthMessage.MessageType != MessageType_Values.NegotiateRequest)
            {
                return(false);
            }

            // check domain name and computer name, must present both
            string        domainName   = null;
            string        computerName = null;
            List <string> nameList     = new List <string>();

            foreach (string name in Encoding.ASCII.GetString(nlAuthMessage.Buffer).Split(NULL))
            {
                if (!string.IsNullOrEmpty(name))
                {
                    nameList.Add(name);
                }
            }

            if (nameList.Count == 0)
            {
                return(false);
            }

            int index = 0;

            if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.NetbiosOemDomainName) != 0 &&
                index < nameList.Count)
            {
                domainName = nameList[index++];
            }
            if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.NetbiosOemComputerName) != 0 &&
                index < nameList.Count)
            {
                computerName = nameList[index++];
            }
            if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.DnsCompressedDomainName) != 0 &&
                index < nameList.Count)
            {
                domainName =
                    Rfc1035Utility.FromCompressedUtf8String(Encoding.ASCII.GetBytes(nameList[index++]));
            }
            if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.DnsCompressedHostName) != 0 &&
                index < nameList.Count)
            {
                computerName =
                    Rfc1035Utility.FromCompressedUtf8String(Encoding.ASCII.GetBytes(nameList[index++]));
            }
            if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.NetbiosCompressedComputerName) != 0 &&
                index < nameList.Count)
            {
                computerName =
                    Rfc1035Utility.FromCompressedUtf8String(Encoding.ASCII.GetBytes(nameList[index++]));
            }

            if (domainName == null || computerName == null)
            {
                return(false);
            }

            return(true);
        }