/// <summary> /// Validate NL_AUTH_MESSAGE when the server receives token from client /// MessageType is not set to 0x00000000. /// contains at least one domain name and one computer name /// </summary> /// <param name="inToken">token from client</param> /// <returns>True if validate pass; otherwise, false</returns> /// <exception cref="ArgumentException">Thrown when length of inToken is not large enough.</exception> private bool ValidateNlAuthMessage(byte[] inToken) { if (inToken.Length <= (sizeof(MessageType_Values) + sizeof(NL_AUTH_MESSAGE_Flags_Value))) { throw new ArgumentException("The token is invalid", "inToken"); } NL_AUTH_MESSAGE nlAuthMessage = new NL_AUTH_MESSAGE(); // convert inToken to a NL_AUTH_MESSAGE structure int offset = 0; nlAuthMessage.MessageType = (MessageType_Values)BitConverter.ToInt32(inToken, offset); offset += sizeof(MessageType_Values); nlAuthMessage.Flags = (NL_AUTH_MESSAGE_Flags_Value)BitConverter.ToUInt32(inToken, offset); offset += sizeof(NL_AUTH_MESSAGE_Flags_Value); nlAuthMessage.Buffer = ArrayUtility.SubArray(inToken, offset, inToken.Length - offset); // check message type if (nlAuthMessage.MessageType != MessageType_Values.NegotiateRequest) { return(false); } // check domain name and computer name, must present both string domainName = null; string computerName = null; List <string> nameList = new List <string>(); foreach (string name in Encoding.ASCII.GetString(nlAuthMessage.Buffer).Split(NULL)) { if (!string.IsNullOrEmpty(name)) { nameList.Add(name); } } if (nameList.Count == 0) { return(false); } int index = 0; if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.NetbiosOemDomainName) != 0 && index < nameList.Count) { domainName = nameList[index++]; } if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.NetbiosOemComputerName) != 0 && index < nameList.Count) { computerName = nameList[index++]; } if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.DnsCompressedDomainName) != 0 && index < nameList.Count) { domainName = Rfc1035Utility.FromCompressedUtf8String(Encoding.ASCII.GetBytes(nameList[index++])); } if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.DnsCompressedHostName) != 0 && index < nameList.Count) { computerName = Rfc1035Utility.FromCompressedUtf8String(Encoding.ASCII.GetBytes(nameList[index++])); } if ((nlAuthMessage.Flags & NL_AUTH_MESSAGE_Flags_Value.NetbiosCompressedComputerName) != 0 && index < nameList.Count) { computerName = Rfc1035Utility.FromCompressedUtf8String(Encoding.ASCII.GetBytes(nameList[index++])); } if (domainName == null || computerName == null) { return(false); } return(true); }