private void ProcessKerberos(KerberosContextToken kerb, string source)
{
if (kerb.KrbApReq != null)
{
ExplodeObject(kerb.KrbApReq, $"Kerberos AP-REQ ({source})");
}
else if (kerb.KrbApRep != null)
{
ExplodeObject(kerb.KrbApRep, $"Kerberos AP-REP ({source})");
}
}
private static bool ParsedNonGssApiToken(ReadOnlyMemory <byte> data, out ContextToken token)
{
//
// A caller may try and pass a token that isn't wrapped by GSS-API semantics
// We should try and detect what it is and return that instead of treating
// it like GSS data
//
// We'll check if it's NTLM, NegoEx, or Kerberos
// Otherwise bail and try letting GssApiToken sort it out
//
// are we an NTLM token?
if (NtlmMessage.CanReadNtlmMessage(data))
{
token = new NtlmContextToken(data: data);
return(true);
}
// are we a NegoEx token?
if (NegotiateExtension.CanDecode(data))
{
token = new NegoExContextToken(data);
return(true);
}
// are we a Kerberos ticket?
if (KrbApChoice.CanDecode(data))
{
token = new KerberosContextToken(data: data);
return(true);
}
// we don't know what we are. Maybe we're GSS so figure it out later.
token = null;
return(false);
}
