[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Tue Dec 29 01:30:29 MST 2009
The branch, master has been updated
via 4afb211... s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init()
via 9d5f41c... s3:ntlmssp: move some indentation in ntlmssp_sign.c
via 05f7a86... s3:ntlmssp: remove unused ntlmssp_stored_response()
via 7cff7d9... s3:ntlmssp: remove unused ref_count from ntlmssp_state
via e78558a... s3:ntlmssp: fix whitespace in ntlmssp.h
via 5541a91... s3:ntlmssp: fix spelling
via 5ff127b... s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type
via 8ab6279... s4:ntlmssp: fix whitespaces in ntlmssp.h
from e5fbff0... s3: Check for lp_winbind_trusted_domains_only in wb_gettoken()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 4afb211f4ff8e74965451dd89d6d85b41f5aec52
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 24 22:42:03 2009 +0100
s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init()
metze
commit 9d5f41ca010650875de8c992a55939bf530144ab
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 24 22:30:42 2009 +0100
s3:ntlmssp: move some indentation in ntlmssp_sign.c
metze
commit 05f7a86a997be45eb23ffc349f79572d570f10ab
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 24 22:07:19 2009 +0100
s3:ntlmssp: remove unused ntlmssp_stored_response()
metze
commit 7cff7d937e067642f76a1785696653ec07a5495c
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 24 22:00:08 2009 +0100
s3:ntlmssp: remove unused ref_count from ntlmssp_state
metze
commit e78558a45b5f149603ac97139f1a1e421833969f
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 24 21:55:50 2009 +0100
s3:ntlmssp: fix whitespace in ntlmssp.h
metze
commit 5541a91dfffa9b615e22bd06b2e0848e484a0fa2
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 24 21:52:42 2009 +0100
s3:ntlmssp: fix spelling
metze
commit 5ff127b64102d4d240fafcb92de44e1aaf994a82
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 24 21:51:11 2009 +0100
s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type
metze
commit 8ab62799edc0f445350de73f0e8c9e2ee9ebe168
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 24 21:47:53 2009 +0100
s4:ntlmssp: fix whitespaces in ntlmssp.h
metze
-----------------------------------------------------------------------
Summary of changes:
source3/include/ntlmssp.h | 12 ++--------
source3/include/proto.h | 2 -
source3/libsmb/ntlmssp.c | 44 +++++----------------------------------
source3/libsmb/ntlmssp_sign.c | 44 +++++++++++++++++++--------------------
source4/auth/ntlmssp/ntlmssp.h | 32 ++++++++++++++--------------
5 files changed, 46 insertions(+), 88 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h
index 6c91250..f30b53f 100644
--- a/source3/include/ntlmssp.h
+++ b/source3/include/ntlmssp.h
@@ -27,7 +27,7 @@ enum ntlmssp_role
};
/* NTLMSSP message types */
-enum NTLM_MESSAGE_TYPE
+enum ntlmssp_message_type
{
NTLMSSP_INITIAL = 0 /* samba internal state */,
NTLMSSP_NEGOTIATE = 1,
@@ -43,7 +43,6 @@ enum NTLM_MESSAGE_TYPE
struct ntlmssp_state
{
- unsigned int ref_count;
enum ntlmssp_role role;
enum server_types server_role;
uint32_t expected_state;
@@ -60,7 +59,7 @@ struct ntlmssp_state
DATA_BLOB internal_chal; /* Random challenge as supplied to the client for NTLM authentication */
DATA_BLOB chal; /* Random challenge as input into the actual NTLM (or NTLM2) authentication */
- DATA_BLOB lm_resp;
+ DATA_BLOB lm_resp;
DATA_BLOB nt_resp;
DATA_BLOB session_key;
@@ -72,7 +71,7 @@ struct ntlmssp_state
* Callback to get the 'challenge' used for NTLM authentication.
*
* @param ntlmssp_state This structure
- * @return 8 bytes of challnege data, determined by the server to be the challenge for NTLM authentication
+ * @return 8 bytes of challenge data, determined by the server to be the challenge for NTLM authentication
*
*/
void (*get_challenge)(const struct ntlmssp_state *ntlmssp_state,
@@ -132,9 +131,4 @@ struct ntlmssp_state
/* ntlmv1 */
struct arcfour_state ntlmv1_arc4_state;
uint32_t ntlmv1_seq_num;
-
- /* it turns out that we don't always get the
- response in at the time we want to process it.
- Store it here, until we need it */
- DATA_BLOB stored_response;
};
diff --git a/source3/include/proto.h b/source3/include/proto.h
index f81ab91..87701bf 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3218,8 +3218,6 @@ NTSTATUS ntlmssp_set_hashes(struct ntlmssp_state *ntlmssp_state,
NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *password) ;
NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *domain) ;
NTSTATUS ntlmssp_set_workstation(struct ntlmssp_state *ntlmssp_state, const char *workstation) ;
-NTSTATUS ntlmssp_store_response(struct ntlmssp_state *ntlmssp_state,
- DATA_BLOB response) ;
void ntlmssp_want_feature_list(struct ntlmssp_state *ntlmssp_state, char *feature_list);
void ntlmssp_want_feature(struct ntlmssp_state *ntlmssp_state, uint32 feature);
NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 065d3b9..aaa5031 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -43,7 +43,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
static const struct ntlmssp_callbacks {
enum ntlmssp_role role;
- enum NTLM_MESSAGE_TYPE ntlmssp_command;
+ enum ntlmssp_message_type ntlmssp_command;
NTSTATUS (*fn)(struct ntlmssp_state *ntlmssp_state,
DATA_BLOB in, DATA_BLOB *out);
} ntlmssp_callbacks[] = {
@@ -223,20 +223,6 @@ NTSTATUS ntlmssp_set_workstation(struct ntlmssp_state *ntlmssp_state, const char
}
/**
- * Store a DATA_BLOB containing an NTLMSSP response, for use later.
- * This copies the data blob
- */
-
-NTSTATUS ntlmssp_store_response(struct ntlmssp_state *ntlmssp_state,
- DATA_BLOB response)
-{
- ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state,
- response.data,
- response.length);
- return NT_STATUS_OK;
-}
-
-/**
* Request features for the NTLMSSP negotiation
*
* @param ntlmssp_state NTLMSSP state
@@ -290,9 +276,8 @@ void ntlmssp_want_feature(struct ntlmssp_state *ntlmssp_state, uint32 feature)
*/
NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
- const DATA_BLOB in, DATA_BLOB *out)
+ const DATA_BLOB input, DATA_BLOB *out)
{
- DATA_BLOB input;
uint32 ntlmssp_command;
int i;
@@ -304,15 +289,6 @@ NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
*out = data_blob_null;
- if (!in.length && ntlmssp_state->stored_response.length) {
- input = ntlmssp_state->stored_response;
-
- /* we only want to read the stored response once - overwrite it */
- ntlmssp_state->stored_response = data_blob_null;
- } else {
- input = in;
- }
-
if (!input.length) {
switch (ntlmssp_state->role) {
case NTLMSSP_CLIENT:
@@ -359,14 +335,10 @@ NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
void ntlmssp_end(struct ntlmssp_state **ntlmssp_state)
{
- (*ntlmssp_state)->ref_count--;
-
- if ((*ntlmssp_state)->ref_count == 0) {
- data_blob_free(&(*ntlmssp_state)->chal);
- data_blob_free(&(*ntlmssp_state)->lm_resp);
- data_blob_free(&(*ntlmssp_state)->nt_resp);
- TALLOC_FREE(*ntlmssp_state);
- }
+ data_blob_free(&(*ntlmssp_state)->chal);
+ data_blob_free(&(*ntlmssp_state)->lm_resp);
+ data_blob_free(&(*ntlmssp_state)->nt_resp);
+ TALLOC_FREE(*ntlmssp_state);
*ntlmssp_state = NULL;
return;
@@ -924,8 +896,6 @@ NTSTATUS ntlmssp_server_start(struct ntlmssp_state **ntlmssp_state)
(*ntlmssp_state)->expected_state = NTLMSSP_NEGOTIATE;
- (*ntlmssp_state)->ref_count = 1;
-
(*ntlmssp_state)->neg_flags =
NTLMSSP_NEGOTIATE_128 |
NTLMSSP_NEGOTIATE_56 |
@@ -1260,8 +1230,6 @@ NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state)
(*ntlmssp_state)->expected_state = NTLMSSP_INITIAL;
- (*ntlmssp_state)->ref_count = 1;
-
(*ntlmssp_state)->neg_flags =
NTLMSSP_NEGOTIATE_128 |
NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c
index f27cac3..3fd22ce 100644
--- a/source3/libsmb/ntlmssp_sign.c
+++ b/source3/libsmb/ntlmssp_sign.c
@@ -77,27 +77,27 @@ static NTSTATUS ntlmssp_make_packet_signature(struct ntlmssp_state *ntlmssp_stat
}
switch (direction) {
- case NTLMSSP_SEND:
- DEBUG(100,("ntlmssp_make_packet_signature: SEND seq = %u, len = %u, pdu_len = %u\n",
- ntlmssp_state->ntlm2_send_seq_num,
- (unsigned int)length,
- (unsigned int)pdu_length));
-
- SIVAL(seq_num, 0, ntlmssp_state->ntlm2_send_seq_num);
- ntlmssp_state->ntlm2_send_seq_num++;
- hmac_md5_init_limK_to_64(ntlmssp_state->send_sign_key, 16, &ctx);
- break;
- case NTLMSSP_RECEIVE:
+ case NTLMSSP_SEND:
+ DEBUG(100,("ntlmssp_make_packet_signature: SEND seq = %u, len = %u, pdu_len = %u\n",
+ ntlmssp_state->ntlm2_send_seq_num,
+ (unsigned int)length,
+ (unsigned int)pdu_length));
+
+ SIVAL(seq_num, 0, ntlmssp_state->ntlm2_send_seq_num);
+ ntlmssp_state->ntlm2_send_seq_num++;
+ hmac_md5_init_limK_to_64(ntlmssp_state->send_sign_key, 16, &ctx);
+ break;
+ case NTLMSSP_RECEIVE:
- DEBUG(100,("ntlmssp_make_packet_signature: RECV seq = %u, len = %u, pdu_len = %u\n",
- ntlmssp_state->ntlm2_recv_seq_num,
- (unsigned int)length,
- (unsigned int)pdu_length));
+ DEBUG(100,("ntlmssp_make_packet_signature: RECV seq = %u, len = %u, pdu_len = %u\n",
+ ntlmssp_state->ntlm2_recv_seq_num,
+ (unsigned int)length,
+ (unsigned int)pdu_length));
- SIVAL(seq_num, 0, ntlmssp_state->ntlm2_recv_seq_num);
- ntlmssp_state->ntlm2_recv_seq_num++;
- hmac_md5_init_limK_to_64(ntlmssp_state->recv_sign_key, 16, &ctx);
- break;
+ SIVAL(seq_num, 0, ntlmssp_state->ntlm2_recv_seq_num);
+ ntlmssp_state->ntlm2_recv_seq_num++;
+ hmac_md5_init_limK_to_64(ntlmssp_state->recv_sign_key, 16, &ctx);
+ break;
}
dump_data_pw("pdu data ", whole_pdu, pdu_length);
@@ -332,9 +332,7 @@ NTSTATUS ntlmssp_unseal_packet(struct ntlmssp_state *ntlmssp_state,
*/
NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state)
{
- unsigned char p24[24];
TALLOC_CTX *mem_ctx;
- ZERO_STRUCT(p24);
mem_ctx = talloc_init("weak_keys");
if (!mem_ctx) {
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index 7743e76..f596cb8 100644
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -1,20 +1,20 @@
-/*
+/*
Unix SMB/CIFS implementation.
SMB parameters and setup
Copyright (C) Andrew Tridgell 1992-1997
Copyright (C) Luke Kenneth Casson Leighton 1996-1997
Copyright (C) Paul Ashton 1997
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -37,7 +37,7 @@ enum ntlmssp_message_type
NTLMSSP_CHALLENGE = 2,
NTLMSSP_AUTH = 3,
NTLMSSP_UNKNOWN = 4,
- NTLMSSP_DONE = 5 /* samba final state */
+ NTLMSSP_DONE = 5 /* samba final state */
};
struct gensec_ntlmssp_state
@@ -65,17 +65,17 @@ struct gensec_ntlmssp_state
DATA_BLOB internal_chal; /* Random challenge as supplied to the client for NTLM authentication */
DATA_BLOB chal; /* Random challenge as input into the actual NTLM (or NTLM2) authentication */
- DATA_BLOB lm_resp;
+ DATA_BLOB lm_resp;
DATA_BLOB nt_resp;
DATA_BLOB session_key;
-
+
uint32_t neg_flags; /* the current state of negotiation with the NTLMSSP partner */
/* internal variables used by KEY_EXCH (client-supplied user session key */
DATA_BLOB encrypted_session_key;
/**
- * Callback to get the 'challenge' used for NTLM authentication.
+ * Callback to get the 'challenge' used for NTLM authentication.
*
* @param ntlmssp_state This structure
* @return 8 bytes of challenge data, determined by the server to be the challenge for NTLM authentication
@@ -84,10 +84,10 @@ struct gensec_ntlmssp_state
const uint8_t *(*get_challenge)(const struct gensec_ntlmssp_state *);
/**
- * Callback to find if the challenge used by NTLM authentication may be modified
+ * Callback to find if the challenge used by NTLM authentication may be modified
*
* The NTLM2 authentication scheme modifies the effective challenge, but this is not compatiable with the
- * current 'security=server' implementation..
+ * current 'security=server' implementation..
*
* @param ntlmssp_state This structure
* @return Can the challenge be set to arbitary values?
@@ -96,7 +96,7 @@ struct gensec_ntlmssp_state
bool (*may_set_challenge)(const struct gensec_ntlmssp_state *);
/**
- * Callback to set the 'challenge' used for NTLM authentication.
+ * Callback to set the 'challenge' used for NTLM authentication.
*
* The callback may use the void *auth_context to store state information, but the same value is always available
* from the DATA_BLOB chal on this structure.
@@ -108,21 +108,21 @@ struct gensec_ntlmssp_state
NTSTATUS (*set_challenge)(struct gensec_ntlmssp_state *, DATA_BLOB *challenge);
/**
- * Callback to check the user's password.
+ * Callback to check the user's password.
*
- * The callback must reads the feilds of this structure for the information it needs on the user
+ * The callback must reads the feilds of this structure for the information it needs on the user
* @param ntlmssp_state This structure
* @param nt_session_key If an NT session key is returned by the authentication process, return it here
* @param lm_session_key If an LM session key is returned by the authentication process, return it here
*
*/
- NTSTATUS (*check_password)(struct gensec_ntlmssp_state *,
- TALLOC_CTX *mem_ctx,
+ NTSTATUS (*check_password)(struct gensec_ntlmssp_state *,
+ TALLOC_CTX *mem_ctx,
DATA_BLOB *nt_session_key, DATA_BLOB *lm_session_key);
const char *server_name;
- bool doing_ntlm2;
+ bool doing_ntlm2;
union {
/* NTLM */
--
Samba Shared Repository
More information about the samba-cvs
mailing list