[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1258-g9afd44d
Günther Deschner
gd at samba.org
Fri Aug 28 05:05:27 MDT 2009
The branch, master has been updated
via 9afd44d03ceef5efa242b5a5104b93ac6a7e9f2c (commit)
via 91df77d2cf2f83b8c6ed6c0d70ca75748a2a9a98 (commit)
from 2287849074dea6065b1229b61715478f821c867e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 9afd44d03ceef5efa242b5a5104b93ac6a7e9f2c
Author: Günther Deschner <gd at samba.org>
Date: Wed Aug 12 20:22:58 2009 +0200
s3-ntlmssp: use generated ntlmssp code for debugging purpose.
Guenther
commit 91df77d2cf2f83b8c6ed6c0d70ca75748a2a9a98
Author: Günther Deschner <gd at samba.org>
Date: Fri Aug 28 11:37:28 2009 +0200
s3-ntlmssp: add NDR helper routines for ntlmssp.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/Makefile.in | 7 ++-
source3/libsmb/ntlmssp.c | 69 ++++++++++++++++++++
source3/libsmb/ntlmssp_ndr.c | 145 ++++++++++++++++++++++++++++++++++++++++++
source3/libsmb/ntlmssp_ndr.h | 44 +++++++++++++
4 files changed, 264 insertions(+), 1 deletions(-)
create mode 100644 source3/libsmb/ntlmssp_ndr.c
create mode 100644 source3/libsmb/ntlmssp_ndr.h
Changeset truncated at 500 lines:
diff --git a/source3/Makefile.in b/source3/Makefile.in
index ff073a3..b183cfd 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -296,6 +296,9 @@ COMPRESSION_OBJ = ../lib/compression/mszip.o \
DRSUAPI_OBJ = $(LIBNDR_DRSUAPI_OBJ) \
$(COMPRESSION_OBJ)
+LIBNDR_NTLMSSP_OBJ = ../librpc/gen_ndr/ndr_ntlmssp.o \
+ ../librpc/ndr/ndr_ntlmssp.o
+
LIBNDR_OBJ = ../librpc/ndr/ndr_basic.o \
../librpc/ndr/ndr.o \
../librpc/ndr/ndr_misc.o \
@@ -470,7 +473,9 @@ LIBSMB_ERR_OBJ = $(LIBSMB_ERR_OBJ0) $(LIBSMB_ERR_OBJ1) \
LIBSMB_OBJ0 = \
../libcli/auth/ntlm_check.o \
libsmb/ntlmssp.o \
- libsmb/ntlmssp_sign.o
+ libsmb/ntlmssp_sign.o \
+ $(LIBNDR_NTLMSSP_OBJ) \
+ libsmb/ntlmssp_ndr.o
LIBSAMBA_OBJ = $(LIBSMB_OBJ0) \
$(LIBSMB_ERR_OBJ)
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 2e5d8cc..60c1d49 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -23,6 +23,8 @@
#include "includes.h"
#include "../libcli/auth/libcli_auth.h"
+#include "../librpc/gen_ndr/ndr_ntlmssp.h"
+#include "libsmb/ntlmssp_ndr.h"
static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
DATA_BLOB reply, DATA_BLOB *next_request);
@@ -516,6 +518,8 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
uint32 ntlmssp_command, chal_flags;
uint8_t cryptkey[8];
const char *target_name;
+ struct NEGOTIATE_MESSAGE negotiate;
+ struct CHALLENGE_MESSAGE challenge;
/* parse the NTLMSSP packet */
#if 0
@@ -533,6 +537,16 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
return NT_STATUS_INVALID_PARAMETER;
}
debug_ntlmssp_flags(neg_flags);
+
+ if (DEBUGLEVEL >= 10) {
+ if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(&request,
+ ntlmssp_state,
+ NULL,
+ &negotiate)))
+ {
+ NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate);
+ }
+ }
}
ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, lp_lanman_auth());
@@ -607,6 +621,16 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
cryptkey, 8,
0, 0,
struct_blob.data, struct_blob.length);
+
+ if (DEBUGLEVEL >= 10) {
+ if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(reply,
+ ntlmssp_state,
+ NULL,
+ &challenge)))
+ {
+ NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge);
+ }
+ }
}
data_blob_free(&struct_blob);
@@ -634,6 +658,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
DATA_BLOB session_key = data_blob_null;
uint32 ntlmssp_command, auth_flags;
NTSTATUS nt_status = NT_STATUS_OK;
+ struct AUTHENTICATE_MESSAGE authenticate;
/* used by NTLM2 */
bool doing_ntlm2 = False;
@@ -702,6 +727,16 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
if (auth_flags)
ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, lp_lanman_auth());
+ if (DEBUGLEVEL >= 10) {
+ if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(&request,
+ ntlmssp_state,
+ NULL,
+ &authenticate)))
+ {
+ NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate);
+ }
+ }
+
DEBUG(3,("Got user=[%s] domain=[%s] workstation=[%s] len1=%lu len2=%lu\n",
ntlmssp_state->user, ntlmssp_state->domain, ntlmssp_state->workstation, (unsigned long)ntlmssp_state->lm_resp.length, (unsigned long)ntlmssp_state->nt_resp.length));
@@ -920,6 +955,8 @@ NTSTATUS ntlmssp_server_start(NTLMSSP_STATE **ntlmssp_state)
static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
DATA_BLOB reply, DATA_BLOB *next_request)
{
+ struct NEGOTIATE_MESSAGE negotiate;
+
if (ntlmssp_state->unicode) {
ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
} else {
@@ -938,6 +975,16 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
ntlmssp_state->get_domain(),
ntlmssp_state->get_global_myname());
+ if (DEBUGLEVEL >= 10) {
+ if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(next_request,
+ ntlmssp_state,
+ NULL,
+ &negotiate)))
+ {
+ NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate);
+ }
+ }
+
ntlmssp_state->expected_state = NTLMSSP_CHALLENGE;
return NT_STATUS_MORE_PROCESSING_REQUIRED;
@@ -967,6 +1014,8 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
DATA_BLOB session_key = data_blob_null;
DATA_BLOB encrypted_session_key = data_blob_null;
NTSTATUS nt_status = NT_STATUS_OK;
+ struct CHALLENGE_MESSAGE challenge;
+ struct AUTHENTICATE_MESSAGE authenticate;
if (!msrpc_parse(ntlmssp_state, &reply, "CdBd",
"NTLMSSP",
@@ -979,6 +1028,16 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
return NT_STATUS_INVALID_PARAMETER;
}
+ if (DEBUGLEVEL >= 10) {
+ if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(&reply,
+ ntlmssp_state,
+ NULL,
+ &challenge)))
+ {
+ NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge);
+ }
+ }
+
data_blob_free(&server_domain_blob);
DEBUG(3, ("Got challenge flags:\n"));
@@ -1151,6 +1210,16 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
return NT_STATUS_NO_MEMORY;
}
+ if (DEBUGLEVEL >= 10) {
+ if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(next_request,
+ ntlmssp_state,
+ NULL,
+ &authenticate)))
+ {
+ NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate);
+ }
+ }
+
data_blob_free(&encrypted_session_key);
data_blob_free(&ntlmssp_state->chal);
diff --git a/source3/libsmb/ntlmssp_ndr.c b/source3/libsmb/ntlmssp_ndr.c
new file mode 100644
index 0000000..92cd677
--- /dev/null
+++ b/source3/libsmb/ntlmssp_ndr.c
@@ -0,0 +1,145 @@
+/*
+ Unix SMB/Netbios implementation.
+ NTLMSSP ndr functions
+
+ Copyright (C) Guenther Deschner 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../librpc/gen_ndr/ndr_ntlmssp.h"
+#include "libsmb/ntlmssp_ndr.h"
+
+#define NTLMSSP_PULL_MESSAGE(type, blob, mem_ctx, ic, r) \
+do { \
+ enum ndr_err_code __ndr_err; \
+ __ndr_err = ndr_pull_struct_blob(blob, mem_ctx, ic, r, \
+ (ndr_pull_flags_fn_t)ndr_pull_ ##type); \
+ if (!NDR_ERR_CODE_IS_SUCCESS(__ndr_err)) { \
+ return ndr_map_error2ntstatus(__ndr_err); \
+ } \
+ if (memcmp(r->Signature, "NTLMSSP\0", 8)) {\
+ return NT_STATUS_INVALID_PARAMETER; \
+ } \
+ return NT_STATUS_OK; \
+} while(0);
+
+#define NTLMSSP_PUSH_MESSAGE(type, blob, mem_ctx, ic, r) \
+do { \
+ enum ndr_err_code __ndr_err; \
+ __ndr_err = ndr_push_struct_blob(blob, mem_ctx, ic, r, \
+ (ndr_push_flags_fn_t)ndr_push_ ##type); \
+ if (!NDR_ERR_CODE_IS_SUCCESS(__ndr_err)) { \
+ return ndr_map_error2ntstatus(__ndr_err); \
+ } \
+ return NT_STATUS_OK; \
+} while(0);
+
+
+/**
+ * Pull NTLMSSP NEGOTIATE_MESSAGE struct from a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP NEGOTIATE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_pull_NEGOTIATE_MESSAGE(const DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ struct NEGOTIATE_MESSAGE *r)
+{
+ NTLMSSP_PULL_MESSAGE(NEGOTIATE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Pull NTLMSSP CHALLENGE_MESSAGE struct from a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP CHALLENGE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_pull_CHALLENGE_MESSAGE(const DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ struct CHALLENGE_MESSAGE *r)
+{
+ NTLMSSP_PULL_MESSAGE(CHALLENGE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Pull NTLMSSP AUTHENTICATE_MESSAGE struct from a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP AUTHENTICATE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_pull_AUTHENTICATE_MESSAGE(const DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ struct AUTHENTICATE_MESSAGE *r)
+{
+ NTLMSSP_PULL_MESSAGE(AUTHENTICATE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Push NTLMSSP NEGOTIATE_MESSAGE struct into a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP NEGOTIATE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_push_NEGOTIATE_MESSAGE(DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ const struct NEGOTIATE_MESSAGE *r)
+{
+ NTLMSSP_PUSH_MESSAGE(NEGOTIATE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Push NTLMSSP CHALLENGE_MESSAGE struct into a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP CHALLENGE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_push_CHALLENGE_MESSAGE(DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ const struct CHALLENGE_MESSAGE *r)
+{
+ NTLMSSP_PUSH_MESSAGE(CHALLENGE_MESSAGE, blob, mem_ctx, ic, r);
+}
+
+/**
+ * Push NTLMSSP AUTHENTICATE_MESSAGE struct into a blob
+ * @param blob The plain packet blob
+ * @param mem_ctx A talloc context
+ * @param ic Iconv convenience structure
+ * @param r Pointer to a NTLMSSP AUTHENTICATE_MESSAGE structure
+ */
+
+NTSTATUS ntlmssp_push_AUTHENTICATE_MESSAGE(DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ const struct AUTHENTICATE_MESSAGE *r)
+{
+ NTLMSSP_PUSH_MESSAGE(AUTHENTICATE_MESSAGE, blob, mem_ctx, ic, r);
+}
diff --git a/source3/libsmb/ntlmssp_ndr.h b/source3/libsmb/ntlmssp_ndr.h
new file mode 100644
index 0000000..52990b2
--- /dev/null
+++ b/source3/libsmb/ntlmssp_ndr.h
@@ -0,0 +1,44 @@
+/*
+ Unix SMB/Netbios implementation.
+ NTLMSSP ndr functions
+
+ Copyright (C) Guenther Deschner 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+NTSTATUS ntlmssp_pull_NEGOTIATE_MESSAGE(const DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ struct NEGOTIATE_MESSAGE *r);
+NTSTATUS ntlmssp_pull_CHALLENGE_MESSAGE(const DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ struct CHALLENGE_MESSAGE *r);
+NTSTATUS ntlmssp_pull_AUTHENTICATE_MESSAGE(const DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ struct AUTHENTICATE_MESSAGE *r);
+NTSTATUS ntlmssp_push_NEGOTIATE_MESSAGE(DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ const struct NEGOTIATE_MESSAGE *r);
+NTSTATUS ntlmssp_push_CHALLENGE_MESSAGE(DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ const struct CHALLENGE_MESSAGE *r);
+NTSTATUS ntlmssp_push_AUTHENTICATE_MESSAGE(DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct smb_iconv_convenience *ic,
+ const struct AUTHENTICATE_MESSAGE *r);
--
Samba Shared Repository
More information about the samba-cvs
mailing list