[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1258-g9afd44d

Günther Deschner gd at samba.org
Fri Aug 28 05:05:27 MDT 2009


The branch, master has been updated
       via  9afd44d03ceef5efa242b5a5104b93ac6a7e9f2c (commit)
       via  91df77d2cf2f83b8c6ed6c0d70ca75748a2a9a98 (commit)
      from  2287849074dea6065b1229b61715478f821c867e (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 9afd44d03ceef5efa242b5a5104b93ac6a7e9f2c
Author: Günther Deschner <gd at samba.org>
Date:   Wed Aug 12 20:22:58 2009 +0200

    s3-ntlmssp: use generated ntlmssp code for debugging purpose.
    
    Guenther

commit 91df77d2cf2f83b8c6ed6c0d70ca75748a2a9a98
Author: Günther Deschner <gd at samba.org>
Date:   Fri Aug 28 11:37:28 2009 +0200

    s3-ntlmssp: add NDR helper routines for ntlmssp.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/Makefile.in          |    7 ++-
 source3/libsmb/ntlmssp.c     |   69 ++++++++++++++++++++
 source3/libsmb/ntlmssp_ndr.c |  145 ++++++++++++++++++++++++++++++++++++++++++
 source3/libsmb/ntlmssp_ndr.h |   44 +++++++++++++
 4 files changed, 264 insertions(+), 1 deletions(-)
 create mode 100644 source3/libsmb/ntlmssp_ndr.c
 create mode 100644 source3/libsmb/ntlmssp_ndr.h


Changeset truncated at 500 lines:

diff --git a/source3/Makefile.in b/source3/Makefile.in
index ff073a3..b183cfd 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -296,6 +296,9 @@ COMPRESSION_OBJ = ../lib/compression/mszip.o \
 DRSUAPI_OBJ = $(LIBNDR_DRSUAPI_OBJ) \
 	      $(COMPRESSION_OBJ)
 
+LIBNDR_NTLMSSP_OBJ = ../librpc/gen_ndr/ndr_ntlmssp.o \
+		     ../librpc/ndr/ndr_ntlmssp.o
+
 LIBNDR_OBJ = ../librpc/ndr/ndr_basic.o \
 	     ../librpc/ndr/ndr.o \
 	     ../librpc/ndr/ndr_misc.o \
@@ -470,7 +473,9 @@ LIBSMB_ERR_OBJ = $(LIBSMB_ERR_OBJ0) $(LIBSMB_ERR_OBJ1) \
 LIBSMB_OBJ0 = \
 	       ../libcli/auth/ntlm_check.o \
 	       libsmb/ntlmssp.o \
-	       libsmb/ntlmssp_sign.o
+	       libsmb/ntlmssp_sign.o \
+	       $(LIBNDR_NTLMSSP_OBJ) \
+	       libsmb/ntlmssp_ndr.o
 
 LIBSAMBA_OBJ = $(LIBSMB_OBJ0) \
 	       $(LIBSMB_ERR_OBJ)
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 2e5d8cc..60c1d49 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -23,6 +23,8 @@
 
 #include "includes.h"
 #include "../libcli/auth/libcli_auth.h"
+#include "../librpc/gen_ndr/ndr_ntlmssp.h"
+#include "libsmb/ntlmssp_ndr.h"
 
 static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
 				       DATA_BLOB reply, DATA_BLOB *next_request);
@@ -516,6 +518,8 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
 	uint32 ntlmssp_command, chal_flags;
 	uint8_t cryptkey[8];
 	const char *target_name;
+	struct NEGOTIATE_MESSAGE negotiate;
+	struct CHALLENGE_MESSAGE challenge;
 
 	/* parse the NTLMSSP packet */
 #if 0
@@ -533,6 +537,16 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
 			return NT_STATUS_INVALID_PARAMETER;
 		}
 		debug_ntlmssp_flags(neg_flags);
+
+		if (DEBUGLEVEL >= 10) {
+			if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(&request,
+						       ntlmssp_state,
+						       NULL,
+						       &negotiate)))
+			{
+				NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate);
+			}
+		}
 	}
 
 	ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, lp_lanman_auth());
@@ -607,6 +621,16 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
 			  cryptkey, 8,
 			  0, 0,
 			  struct_blob.data, struct_blob.length);
+
+		if (DEBUGLEVEL >= 10) {
+			if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(reply,
+						       ntlmssp_state,
+						       NULL,
+						       &challenge)))
+			{
+				NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge);
+			}
+		}
 	}
 
 	data_blob_free(&struct_blob);
@@ -634,6 +658,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 	DATA_BLOB session_key = data_blob_null;
 	uint32 ntlmssp_command, auth_flags;
 	NTSTATUS nt_status = NT_STATUS_OK;
+	struct AUTHENTICATE_MESSAGE authenticate;
 
 	/* used by NTLM2 */
 	bool doing_ntlm2 = False;
@@ -702,6 +727,16 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 	if (auth_flags)
 		ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, lp_lanman_auth());
 
+	if (DEBUGLEVEL >= 10) {
+		if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(&request,
+						  ntlmssp_state,
+						  NULL,
+						  &authenticate)))
+		{
+			NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate);
+		}
+	}
+
 	DEBUG(3,("Got user=[%s] domain=[%s] workstation=[%s] len1=%lu len2=%lu\n",
 		 ntlmssp_state->user, ntlmssp_state->domain, ntlmssp_state->workstation, (unsigned long)ntlmssp_state->lm_resp.length, (unsigned long)ntlmssp_state->nt_resp.length));
 
@@ -920,6 +955,8 @@ NTSTATUS ntlmssp_server_start(NTLMSSP_STATE **ntlmssp_state)
 static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
 				  DATA_BLOB reply, DATA_BLOB *next_request)
 {
+	struct NEGOTIATE_MESSAGE negotiate;
+
 	if (ntlmssp_state->unicode) {
 		ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
 	} else {
@@ -938,6 +975,16 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
 		  ntlmssp_state->get_domain(),
 		  ntlmssp_state->get_global_myname());
 
+	if (DEBUGLEVEL >= 10) {
+		if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(next_request,
+					       ntlmssp_state,
+					       NULL,
+					       &negotiate)))
+		{
+			NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate);
+		}
+	}
+
 	ntlmssp_state->expected_state = NTLMSSP_CHALLENGE;
 
 	return NT_STATUS_MORE_PROCESSING_REQUIRED;
@@ -967,6 +1014,8 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 	DATA_BLOB session_key = data_blob_null;
 	DATA_BLOB encrypted_session_key = data_blob_null;
 	NTSTATUS nt_status = NT_STATUS_OK;
+	struct CHALLENGE_MESSAGE challenge;
+	struct AUTHENTICATE_MESSAGE authenticate;
 
 	if (!msrpc_parse(ntlmssp_state, &reply, "CdBd",
 			 "NTLMSSP",
@@ -979,6 +1028,16 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
+	if (DEBUGLEVEL >= 10) {
+		if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(&reply,
+					       ntlmssp_state,
+					       NULL,
+					       &challenge)))
+		{
+			NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge);
+		}
+	}
+
 	data_blob_free(&server_domain_blob);
 
 	DEBUG(3, ("Got challenge flags:\n"));
@@ -1151,6 +1210,16 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	if (DEBUGLEVEL >= 10) {
+		if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(next_request,
+						  ntlmssp_state,
+						  NULL,
+						  &authenticate)))
+		{
+			NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate);
+		}
+	}
+
 	data_blob_free(&encrypted_session_key);
 
 	data_blob_free(&ntlmssp_state->chal);
diff --git a/source3/libsmb/ntlmssp_ndr.c b/source3/libsmb/ntlmssp_ndr.c
new file mode 100644
index 0000000..92cd677
--- /dev/null
+++ b/source3/libsmb/ntlmssp_ndr.c
@@ -0,0 +1,145 @@
+/*
+   Unix SMB/Netbios implementation.
+   NTLMSSP ndr functions
+
+   Copyright (C) Guenther Deschner 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../librpc/gen_ndr/ndr_ntlmssp.h"
+#include "libsmb/ntlmssp_ndr.h"
+
+#define NTLMSSP_PULL_MESSAGE(type, blob, mem_ctx, ic, r) \
+do { \
+	enum ndr_err_code __ndr_err; \
+	__ndr_err = ndr_pull_struct_blob(blob, mem_ctx, ic, r, \
+			(ndr_pull_flags_fn_t)ndr_pull_ ##type); \
+	if (!NDR_ERR_CODE_IS_SUCCESS(__ndr_err)) { \
+		return ndr_map_error2ntstatus(__ndr_err); \
+	} \
+	if (memcmp(r->Signature, "NTLMSSP\0", 8)) {\
+		return NT_STATUS_INVALID_PARAMETER; \
+	} \
+	return NT_STATUS_OK; \
+} while(0);
+
+#define NTLMSSP_PUSH_MESSAGE(type, blob, mem_ctx, ic, r) \
+do { \
+	enum ndr_err_code __ndr_err; \
+	__ndr_err = ndr_push_struct_blob(blob, mem_ctx, ic, r, \
+			(ndr_push_flags_fn_t)ndr_push_ ##type); \
+	if (!NDR_ERR_CODE_IS_SUCCESS(__ndr_err)) { \
+		return ndr_map_error2ntstatus(__ndr_err); \
+	} \
+	return NT_STATUS_OK; \
+} while(0);
+
+
+/**
+ * Pull NTLMSSP NEGOTIATE_MESSAGE struct from a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP NEGOTIATE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_pull_NEGOTIATE_MESSAGE(const DATA_BLOB *blob,
+					TALLOC_CTX *mem_ctx,
+					struct smb_iconv_convenience *ic,
+					struct NEGOTIATE_MESSAGE *r)
+{
+	NTLMSSP_PULL_MESSAGE(NEGOTIATE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Pull NTLMSSP CHALLENGE_MESSAGE struct from a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP CHALLENGE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_pull_CHALLENGE_MESSAGE(const DATA_BLOB *blob,
+					TALLOC_CTX *mem_ctx,
+					struct smb_iconv_convenience *ic,
+					struct CHALLENGE_MESSAGE *r)
+{
+	NTLMSSP_PULL_MESSAGE(CHALLENGE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Pull NTLMSSP AUTHENTICATE_MESSAGE struct from a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP AUTHENTICATE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_pull_AUTHENTICATE_MESSAGE(const DATA_BLOB *blob,
+					   TALLOC_CTX *mem_ctx,
+					   struct smb_iconv_convenience *ic,
+					   struct AUTHENTICATE_MESSAGE *r)
+{
+	NTLMSSP_PULL_MESSAGE(AUTHENTICATE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Push NTLMSSP NEGOTIATE_MESSAGE struct into a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP NEGOTIATE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_push_NEGOTIATE_MESSAGE(DATA_BLOB *blob,
+					TALLOC_CTX *mem_ctx,
+					struct smb_iconv_convenience *ic,
+					const struct NEGOTIATE_MESSAGE *r)
+{
+	NTLMSSP_PUSH_MESSAGE(NEGOTIATE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Push NTLMSSP CHALLENGE_MESSAGE struct into a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP CHALLENGE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_push_CHALLENGE_MESSAGE(DATA_BLOB *blob,
+					TALLOC_CTX *mem_ctx,
+					struct smb_iconv_convenience *ic,
+					const struct CHALLENGE_MESSAGE *r)
+{
+	NTLMSSP_PUSH_MESSAGE(CHALLENGE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Push NTLMSSP AUTHENTICATE_MESSAGE struct into a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP AUTHENTICATE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_push_AUTHENTICATE_MESSAGE(DATA_BLOB *blob,
+					   TALLOC_CTX *mem_ctx,
+					   struct smb_iconv_convenience *ic,
+					   const struct AUTHENTICATE_MESSAGE *r)
+{
+	NTLMSSP_PUSH_MESSAGE(AUTHENTICATE_MESSAGE, blob, mem_ctx, ic, r);
+}
diff --git a/source3/libsmb/ntlmssp_ndr.h b/source3/libsmb/ntlmssp_ndr.h
new file mode 100644
index 0000000..52990b2
--- /dev/null
+++ b/source3/libsmb/ntlmssp_ndr.h
@@ -0,0 +1,44 @@
+/*
+   Unix SMB/Netbios implementation.
+   NTLMSSP ndr functions
+
+   Copyright (C) Guenther Deschner 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+NTSTATUS ntlmssp_pull_NEGOTIATE_MESSAGE(const DATA_BLOB *blob,
+					TALLOC_CTX *mem_ctx,
+					struct smb_iconv_convenience *ic,
+					struct NEGOTIATE_MESSAGE *r);
+NTSTATUS ntlmssp_pull_CHALLENGE_MESSAGE(const DATA_BLOB *blob,
+					TALLOC_CTX *mem_ctx,
+					struct smb_iconv_convenience *ic,
+					struct CHALLENGE_MESSAGE *r);
+NTSTATUS ntlmssp_pull_AUTHENTICATE_MESSAGE(const DATA_BLOB *blob,
+					   TALLOC_CTX *mem_ctx,
+					   struct smb_iconv_convenience *ic,
+					   struct AUTHENTICATE_MESSAGE *r);
+NTSTATUS ntlmssp_push_NEGOTIATE_MESSAGE(DATA_BLOB *blob,
+					TALLOC_CTX *mem_ctx,
+					struct smb_iconv_convenience *ic,
+					const struct NEGOTIATE_MESSAGE *r);
+NTSTATUS ntlmssp_push_CHALLENGE_MESSAGE(DATA_BLOB *blob,
+					TALLOC_CTX *mem_ctx,
+					struct smb_iconv_convenience *ic,
+					const struct CHALLENGE_MESSAGE *r);
+NTSTATUS ntlmssp_push_AUTHENTICATE_MESSAGE(DATA_BLOB *blob,
+					   TALLOC_CTX *mem_ctx,
+					   struct smb_iconv_convenience *ic,
+					   const struct AUTHENTICATE_MESSAGE *r);


-- 
Samba Shared Repository


More information about the samba-cvs mailing list