svn commit: samba r8915 - in trunk/source/smbd: .

Tue Aug 2 07:11:43 GMT 2005

Author: abartlet
Date: 2005-08-02 07:11:41 +0000 (Tue, 02 Aug 2005)
New Revision: 8915

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8915

Log:
Merge 'raw' NTLMSSP support from 3.0 to trunk.

Andrew Bartlett

Modified:
   trunk/source/smbd/sesssetup.c


Changeset:
Modified: trunk/source/smbd/sesssetup.c
===================================================================

--- trunk/source/smbd/sesssetup.c	2005-08-02 07:08:04 UTC (rev 8914)
+++ trunk/source/smbd/sesssetup.c	2005-08-02 07:11:41 UTC (rev 8915)
@@ -353,7 +353,8 @@
 static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *outbuf,
 				 uint16 vuid,
 				 AUTH_NTLMSSP_STATE **auth_ntlmssp_state,
-				 DATA_BLOB *ntlmssp_blob, NTSTATUS nt_status) 
+				 DATA_BLOB *ntlmssp_blob, NTSTATUS nt_status, 
+				 BOOL wrap) 
 {
 	BOOL ret;
 	DATA_BLOB response;
@@ -406,9 +407,16 @@
 		}
 	}
 
-        response = spnego_gen_auth_response(ntlmssp_blob, nt_status, OID_NTLMSSP);
+	if (wrap) {
+		response = spnego_gen_auth_response(ntlmssp_blob, nt_status, OID_NTLMSSP);
+	} else {
+		response = *ntlmssp_blob;
+	}
+
 	ret = reply_sesssetup_blob(conn, outbuf, response, nt_status);
-	data_blob_free(&response);
+	if (wrap) {
+		data_blob_free(&response);
+	}
 
 	/* NT_STATUS_MORE_PROCESSING_REQUIRED from our NTLMSSP code tells us,
 	   and the other end, that we are not finished yet. */
@@ -504,8 +512,8 @@
 	data_blob_free(&secblob);
 
 	reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid, auth_ntlmssp_state,
-			     &chal, nt_status);
-		
+			     &chal, nt_status, True);
+
 	data_blob_free(&chal);
 
 	/* already replied */
@@ -550,7 +558,7 @@
 
 	reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid, 
 			     auth_ntlmssp_state,
-			     &auth_reply, nt_status);
+			     &auth_reply, nt_status, True);
 		
 	data_blob_free(&auth_reply);
 
@@ -652,6 +660,31 @@
 		return ret;
 	}
 
+	if (strncmp(blob1.data, "NTLMSSP", 7) == 0) {
+		DATA_BLOB chal;
+		NTSTATUS nt_status;
+		if (!vuser->auth_ntlmssp_state) {
+			nt_status = auth_ntlmssp_start(&vuser->auth_ntlmssp_state);
+			if (!NT_STATUS_IS_OK(nt_status)) {
+				/* Kill the intermediate vuid */
+				invalidate_vuid(vuid);
+				
+				return ERROR_NT(nt_status);
+			}
+		}
+
+		nt_status = auth_ntlmssp_update(vuser->auth_ntlmssp_state,
+						blob1, &chal);
+		
+		data_blob_free(&blob1);
+		
+		reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid, 
+					   &vuser->auth_ntlmssp_state,
+					   &chal, nt_status, False);
+		data_blob_free(&chal);
+		return -1;
+	}
+
 	/* what sort of packet is this? */
 	DEBUG(1,("Unknown packet in reply_sesssetup_and_X_spnego\n"));
 

