Fixed kerberos path again. Default Ubuntu installs do indeed use /var/lib/krb5kdc. Really should try to autodetect that.
--- kcrap-0.2.3/test/Makefile.in 2007-12-13 15:52:14.000000000 -0500
+++ kcrap-0.2.3-patched/test/Makefile.in 2013-01-08 16:39:00.915926616 -0500
@@ -5,7 +5,7 @@
SRCS=kcraptest.c
-all: test-ntlm test-ntlmv2 test-ntlmv2s
+all: test-ntlm test-ntlmv2 test-ntlmv2s kcrapclient
test-ntlm: $(SRCS)
$(CC) -o $@ $(CFLAGS) -DT_NTLM $(SRCS) $(LDFLAGS) $(LIBS)
@@ -16,10 +16,13 @@
test-ntlmv2s: $(SRCS)
$(CC) -o $@ $(CFLAGS) -DT_NTLM2S $(SRCS) $(LDFLAGS) $(LIBS)
+kcrapclient: kcrapclient.c
+ $(CC) -o $@ $(CFLAGS) kcrapclient.c $(LDFLAGS) $(LIBS)
+
install:
clean:
- rm -f *.o *~ test-ntlm test-ntlmv2 test-ntlmv2s
+ rm -f *.o *~ test-ntlm test-ntlmv2 test-ntlmv2s kcrapclient
distclean: clean
rm -f Makefile
--- kcrap-0.2.3/test/kcrapclient.c 1969-12-31 19:00:00.000000000 -0500
+++ kcrap-0.2.3-patched/test/kcrapclient.c 2012-12-02 22:12:14.000000000 -0500
@@ -0,0 +1,130 @@
+/*
+ * Little KCRAP client based on kcraptest.c
+ * from http://www.spock.org/kcrap/
+ */
+
+/*
+ * Test KCRAP server with known challange/response pairs
+ * from http://davenport.sourceforge.net/ntlm.html
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+#include <string.h>
+#include <strings.h>
+#include <errno.h>
+#include <time.h>
+#include <poll.h>
+
+#include "../config.h"
+#include "kcrap.h"
+
+// #define OSTREAM stderr
+#define OSTREAM stdout
+
+#define SDATA(VAR,VAL) (VAR).data = (VAL), (VAR).length = strlen((VAR).data)
+
+static int fillhex(char *dst, char *src) {
+ int i = 0;
+ char tb[3];
+ tb[2] = 0;
+ for (i = 0; i*2 < strlen(src); i++) {
+ memcpy(tb, src+(i*2), 2);
+ if ((!isxdigit(tb[0])) || (!isxdigit(tb[1]))) return -1;
+ dst[i] = strtol(tb, NULL, 16);
+ }
+ return 0;
+}
+
+int main(int argc, char* argv[]) {
+ struct kcrap_context *context;
+ struct kcrap_auth_req_data req;
+ int ret;
+ char schal[8];
+ char cchal[130];
+ char resp[24];
+ int auth_status;
+
+ if (argc != 4) {
+ fprintf(OSTREAM, "Error: Invalid parameters...\n");
+ fprintf(OSTREAM, "Usage: %s <username> <challenge> <response>\n", argv[0]);
+ exit(1);
+ }
+
+ if (strlen(argv[2]) != 16) {
+ fprintf(OSTREAM, "Erroe: Invalid challenge length.\n");
+ exit(1);
+ }
+
+ if (strlen(argv[3]) != 48) {
+ fprintf(OSTREAM, "Error: Invalid response length.\n");
+ exit(1);
+ }
+
+ bzero(&req, sizeof(req));
+ bzero(&schal, sizeof(schal));
+ bzero(&cchal, sizeof(cchal));
+ bzero(&resp, sizeof(resp));
+ SDATA(req.chal_type, "NTLM");
+
+ // SDATA(req.principal, "user");
+ req.principal.data = argv[1];
+ req.principal.length = strlen(argv[1]);
+
+ req.server_challenge.length = 8;
+ req.server_challenge.data = schal;
+ // FILL(schal, "0123456789abcdef");
+ if (fillhex(schal, argv[2])) {
+ fprintf(OSTREAM, "Error: Invalid challenge string.\n");
+ exit(1);
+ }
+
+ req.response.length = 24;
+ req.response.data = resp;
+ // FILL(resp, "25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6");
+ if (fillhex(resp, argv[3])) {
+ fprintf(OSTREAM, "Error: Invalid response string.\n");
+ exit(1);
+ }
+
+ context = kcrap_init(NULL, NULL);
+ if (context == NULL) {
+ fprintf(OSTREAM, "Error: %s\n", kcrap_errmsg());
+ exit(1);
+ }
+
+ ret = kcrap_try(context, &req, &auth_status);
+ if (ret != 0) {
+ fprintf(OSTREAM, "Error: %s\n", kcrap_errmsg());
+ } else if (auth_status == 0) {
+ fprintf(OSTREAM, "Error: %s\n", kcrap_errmsg());
+ } else {
+ // fprintf(OSTREAM, "Authentication OK\n");
+
+ struct kcrap_data extra = kcrap_get_extra_data();
+
+ // echo "NT_KEY: 68ba2d7c88299a123457f6b11c97772f"
+
+ printf("NT_KEY: ");
+
+ int my_cnt = 0;
+ while (my_cnt < extra.length) printf("%02x", (unsigned char)extra.data[my_cnt++]);
+
+ printf("\n");
+
+ // Cancelliamo la chiave (md4(key21)) puntato dalla struttura "extra"
+ if (extra.length) {
+ memset(extra.data, 0, extra.length);
+ }
+ }
+
+ kcrap_free(context);
+ exit((ret!=0) || (auth_status==0));
+}