[SCM] Samba Shared Repository - branch master updated -
8ac5db124630586605bd3972975ea47ee1cb34c0
Stefan Metzmacher
metze at samba.org
Fri Sep 19 16:04:19 GMT 2008
The branch, master has been updated
via 8ac5db124630586605bd3972975ea47ee1cb34c0 (commit)
via d173644f1080b8dc575998c1202018930320f635 (commit)
from acae07bc17d3e8dbafa5667711d25616f99a91a9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8ac5db124630586605bd3972975ea47ee1cb34c0
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Wed Sep 17 17:55:02 2008 +0200
LDAP Server: Don't create the SASL SECBLOB output object twice
Removes one "talloc" creation of the output object.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit d173644f1080b8dc575998c1202018930320f635
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Wed Sep 17 17:55:52 2008 +0200
NTLMSSP Server: Correctly fills in the DNS server name and server domain
Don't rely on "get*" system calls but rather on SAMBA "lp_*" calls.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source4/auth/ntlmssp/ntlmssp_server.c | 38 ++++++++++++++------------------
source4/ldap_server/ldap_bind.c | 3 --
2 files changed, 17 insertions(+), 24 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 838596e..bf91be3 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -25,7 +25,6 @@
#include "auth/ntlmssp/ntlmssp.h"
#include "auth/ntlmssp/msrpc_parse.h"
#include "lib/crypto/crypto.h"
-#include "system/filesys.h"
#include "libcli/auth/libcli_auth.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
@@ -125,8 +124,6 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
{
struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
DATA_BLOB struct_blob;
- char dnsname[MAXHOSTNAMELEN], dnsdomname[MAXHOSTNAMELEN];
- const char *p;
uint32_t neg_flags = 0;
uint32_t ntlmssp_command, chal_flags;
const uint8_t *cryptkey;
@@ -183,25 +180,24 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
gensec_ntlmssp_state->chal = data_blob_talloc(gensec_ntlmssp_state, cryptkey, 8);
gensec_ntlmssp_state->internal_chal = data_blob_talloc(gensec_ntlmssp_state, cryptkey, 8);
- dnsname[0] = '\0';
- if (gethostname(dnsname, sizeof(dnsname)) == -1) {
- DEBUG(0,("gethostname failed\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- /* This should be a 'netbios domain -> DNS domain' mapping */
- p = strchr(dnsname, '.');
- if (p != NULL) {
- safe_strcpy(dnsdomname, p+1, sizeof(dnsdomname));
- strlower_m(dnsdomname);
- } else {
- dnsdomname[0] = '\0';
- }
-
/* This creates the 'blob' of names that appears at the end of the packet */
- if (chal_flags & NTLMSSP_CHAL_TARGET_INFO)
- {
+ if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) {
+ char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN];
const char *target_name_dns = "";
+
+ /* Find out the DNS domain name */
+ dnsdomname[0] = '\0';
+ safe_strcpy(dnsdomname, lp_realm(gensec_security->lp_ctx), sizeof(dnsdomname) - 1);
+ strlower_m(dnsdomname);
+
+ /* Find out the DNS host name */
+ safe_strcpy(dnsname, gensec_ntlmssp_state->server_name, sizeof(dnsname) - 1);
+ if (dnsdomname[0] != '\0') {
+ safe_strcat(dnsname, ".", sizeof(dnsname) - 1);
+ safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1);
+ }
+ strlower_m(dnsname);
+
if (chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN) {
target_name_dns = dnsdomname;
} else if (chal_flags |= NTLMSSP_TARGET_TYPE_SERVER) {
@@ -221,7 +217,7 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
}
{
- /* Marshel the packet in the right format, be it unicode or ASCII */
+ /* Marshal the packet in the right format, be it unicode or ASCII */
const char *gen_string;
if (gensec_ntlmssp_state->unicode) {
gen_string = "CdUdbddB";
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index f37ef31..8357251 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -180,9 +180,6 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
input = *req->creds.SASL.secblob;
}
- resp->SASL.secblob = talloc(reply, DATA_BLOB);
- NT_STATUS_HAVE_NO_MEMORY(resp->SASL.secblob);
-
status = gensec_update(conn->gensec, reply,
input, &output);
--
Samba Shared Repository
More information about the samba-cvs
mailing list