[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher metze at samba.org
Tue Dec 29 01:30:29 MST 2009


The branch, master has been updated
       via  4afb211... s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init()
       via  9d5f41c... s3:ntlmssp: move some indentation in ntlmssp_sign.c
       via  05f7a86... s3:ntlmssp: remove unused ntlmssp_stored_response()
       via  7cff7d9... s3:ntlmssp: remove unused ref_count from ntlmssp_state
       via  e78558a... s3:ntlmssp: fix whitespace in ntlmssp.h
       via  5541a91... s3:ntlmssp: fix spelling
       via  5ff127b... s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type
       via  8ab6279... s4:ntlmssp: fix whitespaces in ntlmssp.h
      from  e5fbff0... s3: Check for lp_winbind_trusted_domains_only in wb_gettoken()

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 4afb211f4ff8e74965451dd89d6d85b41f5aec52
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 24 22:42:03 2009 +0100

    s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init()
    
    metze

commit 9d5f41ca010650875de8c992a55939bf530144ab
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 24 22:30:42 2009 +0100

    s3:ntlmssp: move some indentation in ntlmssp_sign.c
    
    metze

commit 05f7a86a997be45eb23ffc349f79572d570f10ab
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 24 22:07:19 2009 +0100

    s3:ntlmssp: remove unused ntlmssp_stored_response()
    
    metze

commit 7cff7d937e067642f76a1785696653ec07a5495c
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 24 22:00:08 2009 +0100

    s3:ntlmssp: remove unused ref_count from ntlmssp_state
    
    metze

commit e78558a45b5f149603ac97139f1a1e421833969f
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 24 21:55:50 2009 +0100

    s3:ntlmssp: fix whitespace in ntlmssp.h
    
    metze

commit 5541a91dfffa9b615e22bd06b2e0848e484a0fa2
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 24 21:52:42 2009 +0100

    s3:ntlmssp: fix spelling
    
    metze

commit 5ff127b64102d4d240fafcb92de44e1aaf994a82
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 24 21:51:11 2009 +0100

    s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type
    
    metze

commit 8ab62799edc0f445350de73f0e8c9e2ee9ebe168
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Dec 24 21:47:53 2009 +0100

    s4:ntlmssp: fix whitespaces in ntlmssp.h
    
    metze

-----------------------------------------------------------------------

Summary of changes:
 source3/include/ntlmssp.h      |   12 ++--------
 source3/include/proto.h        |    2 -
 source3/libsmb/ntlmssp.c       |   44 +++++----------------------------------
 source3/libsmb/ntlmssp_sign.c  |   44 +++++++++++++++++++--------------------
 source4/auth/ntlmssp/ntlmssp.h |   32 ++++++++++++++--------------
 5 files changed, 46 insertions(+), 88 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h
index 6c91250..f30b53f 100644
--- a/source3/include/ntlmssp.h
+++ b/source3/include/ntlmssp.h
@@ -27,7 +27,7 @@ enum ntlmssp_role
 };
 
 /* NTLMSSP message types */
-enum NTLM_MESSAGE_TYPE
+enum ntlmssp_message_type
 {
 	NTLMSSP_INITIAL = 0 /* samba internal state */,
 	NTLMSSP_NEGOTIATE = 1,
@@ -43,7 +43,6 @@ enum NTLM_MESSAGE_TYPE
 
 struct ntlmssp_state
 {
-	unsigned int ref_count;
 	enum ntlmssp_role role;
 	enum server_types server_role;
 	uint32_t expected_state;
@@ -60,7 +59,7 @@ struct ntlmssp_state
 	DATA_BLOB internal_chal; /* Random challenge as supplied to the client for NTLM authentication */
 
 	DATA_BLOB chal; /* Random challenge as input into the actual NTLM (or NTLM2) authentication */
- 	DATA_BLOB lm_resp;
+	DATA_BLOB lm_resp;
 	DATA_BLOB nt_resp;
 	DATA_BLOB session_key;
 
@@ -72,7 +71,7 @@ struct ntlmssp_state
 	 * Callback to get the 'challenge' used for NTLM authentication.
 	 *
 	 * @param ntlmssp_state This structure
-	 * @return 8 bytes of challnege data, determined by the server to be the challenge for NTLM authentication
+	 * @return 8 bytes of challenge data, determined by the server to be the challenge for NTLM authentication
 	 *
 	 */
 	void (*get_challenge)(const struct ntlmssp_state *ntlmssp_state,
@@ -132,9 +131,4 @@ struct ntlmssp_state
 	/* ntlmv1 */
 	struct arcfour_state ntlmv1_arc4_state;
 	uint32_t ntlmv1_seq_num;
-
-	/* it turns out that we don't always get the
-	   response in at the time we want to process it.
-	   Store it here, until we need it */
-	DATA_BLOB stored_response;
 };
diff --git a/source3/include/proto.h b/source3/include/proto.h
index f81ab91..87701bf 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3218,8 +3218,6 @@ NTSTATUS ntlmssp_set_hashes(struct ntlmssp_state *ntlmssp_state,
 NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *password) ;
 NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *domain) ;
 NTSTATUS ntlmssp_set_workstation(struct ntlmssp_state *ntlmssp_state, const char *workstation) ;
-NTSTATUS ntlmssp_store_response(struct ntlmssp_state *ntlmssp_state,
-				DATA_BLOB response) ;
 void ntlmssp_want_feature_list(struct ntlmssp_state *ntlmssp_state, char *feature_list);
 void ntlmssp_want_feature(struct ntlmssp_state *ntlmssp_state, uint32 feature);
 NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 065d3b9..aaa5031 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -43,7 +43,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
 
 static const struct ntlmssp_callbacks {
 	enum ntlmssp_role role;
-	enum NTLM_MESSAGE_TYPE ntlmssp_command;
+	enum ntlmssp_message_type ntlmssp_command;
 	NTSTATUS (*fn)(struct ntlmssp_state *ntlmssp_state,
 		       DATA_BLOB in, DATA_BLOB *out);
 } ntlmssp_callbacks[] = {
@@ -223,20 +223,6 @@ NTSTATUS ntlmssp_set_workstation(struct ntlmssp_state *ntlmssp_state, const char
 }
 
 /**
- *  Store a DATA_BLOB containing an NTLMSSP response, for use later.
- *  This copies the data blob
- */
-
-NTSTATUS ntlmssp_store_response(struct ntlmssp_state *ntlmssp_state,
-				DATA_BLOB response)
-{
-	ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state,
-							  response.data,
-							  response.length);
-	return NT_STATUS_OK;
-}
-
-/**
  * Request features for the NTLMSSP negotiation
  *
  * @param ntlmssp_state NTLMSSP state
@@ -290,9 +276,8 @@ void ntlmssp_want_feature(struct ntlmssp_state *ntlmssp_state, uint32 feature)
  */
 
 NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
-			const DATA_BLOB in, DATA_BLOB *out)
+			const DATA_BLOB input, DATA_BLOB *out)
 {
-	DATA_BLOB input;
 	uint32 ntlmssp_command;
 	int i;
 
@@ -304,15 +289,6 @@ NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
 
 	*out = data_blob_null;
 
-	if (!in.length && ntlmssp_state->stored_response.length) {
-		input = ntlmssp_state->stored_response;
-
-		/* we only want to read the stored response once - overwrite it */
-		ntlmssp_state->stored_response = data_blob_null;
-	} else {
-		input = in;
-	}
-
 	if (!input.length) {
 		switch (ntlmssp_state->role) {
 		case NTLMSSP_CLIENT:
@@ -359,14 +335,10 @@ NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
 
 void ntlmssp_end(struct ntlmssp_state **ntlmssp_state)
 {
-	(*ntlmssp_state)->ref_count--;
-
-	if ((*ntlmssp_state)->ref_count == 0) {
-		data_blob_free(&(*ntlmssp_state)->chal);
-		data_blob_free(&(*ntlmssp_state)->lm_resp);
-		data_blob_free(&(*ntlmssp_state)->nt_resp);
-		TALLOC_FREE(*ntlmssp_state);
-	}
+	data_blob_free(&(*ntlmssp_state)->chal);
+	data_blob_free(&(*ntlmssp_state)->lm_resp);
+	data_blob_free(&(*ntlmssp_state)->nt_resp);
+	TALLOC_FREE(*ntlmssp_state);
 
 	*ntlmssp_state = NULL;
 	return;
@@ -924,8 +896,6 @@ NTSTATUS ntlmssp_server_start(struct ntlmssp_state **ntlmssp_state)
 
 	(*ntlmssp_state)->expected_state = NTLMSSP_NEGOTIATE;
 
-	(*ntlmssp_state)->ref_count = 1;
-
 	(*ntlmssp_state)->neg_flags =
 		NTLMSSP_NEGOTIATE_128 |
 		NTLMSSP_NEGOTIATE_56 |
@@ -1260,8 +1230,6 @@ NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state)
 
 	(*ntlmssp_state)->expected_state = NTLMSSP_INITIAL;
 
-	(*ntlmssp_state)->ref_count = 1;
-
 	(*ntlmssp_state)->neg_flags =
 		NTLMSSP_NEGOTIATE_128 |
 		NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c
index f27cac3..3fd22ce 100644
--- a/source3/libsmb/ntlmssp_sign.c
+++ b/source3/libsmb/ntlmssp_sign.c
@@ -77,27 +77,27 @@ static NTSTATUS ntlmssp_make_packet_signature(struct ntlmssp_state *ntlmssp_stat
 		}
 
 		switch (direction) {
-			case NTLMSSP_SEND:
-	                        DEBUG(100,("ntlmssp_make_packet_signature: SEND seq = %u, len = %u, pdu_len = %u\n",
-					ntlmssp_state->ntlm2_send_seq_num,
-					(unsigned int)length,
-					(unsigned int)pdu_length));
-
-				SIVAL(seq_num, 0, ntlmssp_state->ntlm2_send_seq_num);
-				ntlmssp_state->ntlm2_send_seq_num++;
-				hmac_md5_init_limK_to_64(ntlmssp_state->send_sign_key, 16, &ctx);
-				break;
-			case NTLMSSP_RECEIVE:
+		case NTLMSSP_SEND:
+			DEBUG(100,("ntlmssp_make_packet_signature: SEND seq = %u, len = %u, pdu_len = %u\n",
+				ntlmssp_state->ntlm2_send_seq_num,
+				(unsigned int)length,
+				(unsigned int)pdu_length));
+
+			SIVAL(seq_num, 0, ntlmssp_state->ntlm2_send_seq_num);
+			ntlmssp_state->ntlm2_send_seq_num++;
+			hmac_md5_init_limK_to_64(ntlmssp_state->send_sign_key, 16, &ctx);
+			break;
+		case NTLMSSP_RECEIVE:
 
-				DEBUG(100,("ntlmssp_make_packet_signature: RECV seq = %u, len = %u, pdu_len = %u\n",
-					ntlmssp_state->ntlm2_recv_seq_num,
-					(unsigned int)length,
-					(unsigned int)pdu_length));
+			DEBUG(100,("ntlmssp_make_packet_signature: RECV seq = %u, len = %u, pdu_len = %u\n",
+				ntlmssp_state->ntlm2_recv_seq_num,
+				(unsigned int)length,
+				(unsigned int)pdu_length));
 
-				SIVAL(seq_num, 0, ntlmssp_state->ntlm2_recv_seq_num);
-				ntlmssp_state->ntlm2_recv_seq_num++;
-				hmac_md5_init_limK_to_64(ntlmssp_state->recv_sign_key, 16, &ctx);
-				break;
+			SIVAL(seq_num, 0, ntlmssp_state->ntlm2_recv_seq_num);
+			ntlmssp_state->ntlm2_recv_seq_num++;
+			hmac_md5_init_limK_to_64(ntlmssp_state->recv_sign_key, 16, &ctx);
+			break;
                 }
 
 		dump_data_pw("pdu data ", whole_pdu, pdu_length);
@@ -332,9 +332,7 @@ NTSTATUS ntlmssp_unseal_packet(struct ntlmssp_state *ntlmssp_state,
 */
 NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state)
 {
-	unsigned char p24[24];
 	TALLOC_CTX *mem_ctx;
-	ZERO_STRUCT(p24);
 
 	mem_ctx = talloc_init("weak_keys");
 	if (!mem_ctx) {
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index 7743e76..f596cb8 100644
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -1,20 +1,20 @@
-/* 
+/*
    Unix SMB/CIFS implementation.
    SMB parameters and setup
    Copyright (C) Andrew Tridgell 1992-1997
    Copyright (C) Luke Kenneth Casson Leighton 1996-1997
    Copyright (C) Paul Ashton 1997
-   
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
@@ -37,7 +37,7 @@ enum ntlmssp_message_type
 	NTLMSSP_CHALLENGE = 2,
 	NTLMSSP_AUTH      = 3,
 	NTLMSSP_UNKNOWN   = 4,
-	NTLMSSP_DONE   = 5 /* samba final state */
+	NTLMSSP_DONE      = 5 /* samba final state */
 };
 
 struct gensec_ntlmssp_state
@@ -65,17 +65,17 @@ struct gensec_ntlmssp_state
 	DATA_BLOB internal_chal; /* Random challenge as supplied to the client for NTLM authentication */
 
 	DATA_BLOB chal; /* Random challenge as input into the actual NTLM (or NTLM2) authentication */
- 	DATA_BLOB lm_resp;
+	DATA_BLOB lm_resp;
 	DATA_BLOB nt_resp;
 	DATA_BLOB session_key;
-	
+
 	uint32_t neg_flags; /* the current state of negotiation with the NTLMSSP partner */
 
 	/* internal variables used by KEY_EXCH (client-supplied user session key */
 	DATA_BLOB encrypted_session_key;
 	
 	/**
-	 * Callback to get the 'challenge' used for NTLM authentication.  
+	 * Callback to get the 'challenge' used for NTLM authentication.
 	 *
 	 * @param ntlmssp_state This structure
 	 * @return 8 bytes of challenge data, determined by the server to be the challenge for NTLM authentication
@@ -84,10 +84,10 @@ struct gensec_ntlmssp_state
 	const uint8_t *(*get_challenge)(const struct gensec_ntlmssp_state *);
 
 	/**
-	 * Callback to find if the challenge used by NTLM authentication may be modified 
+	 * Callback to find if the challenge used by NTLM authentication may be modified
 	 *
 	 * The NTLM2 authentication scheme modifies the effective challenge, but this is not compatiable with the
-	 * current 'security=server' implementation..  
+	 * current 'security=server' implementation..
 	 *
 	 * @param ntlmssp_state This structure
 	 * @return Can the challenge be set to arbitary values?
@@ -96,7 +96,7 @@ struct gensec_ntlmssp_state
 	bool (*may_set_challenge)(const struct gensec_ntlmssp_state *);
 
 	/**
-	 * Callback to set the 'challenge' used for NTLM authentication.  
+	 * Callback to set the 'challenge' used for NTLM authentication.
 	 *
 	 * The callback may use the void *auth_context to store state information, but the same value is always available
 	 * from the DATA_BLOB chal on this structure.
@@ -108,21 +108,21 @@ struct gensec_ntlmssp_state
 	NTSTATUS (*set_challenge)(struct gensec_ntlmssp_state *, DATA_BLOB *challenge);
 
 	/**
-	 * Callback to check the user's password.  
+	 * Callback to check the user's password.
 	 *
-	 * The callback must reads the feilds of this structure for the information it needs on the user 
+	 * The callback must reads the feilds of this structure for the information it needs on the user
 	 * @param ntlmssp_state This structure
 	 * @param nt_session_key If an NT session key is returned by the authentication process, return it here
 	 * @param lm_session_key If an LM session key is returned by the authentication process, return it here
 	 *
 	 */
-	NTSTATUS (*check_password)(struct gensec_ntlmssp_state *, 
-				   TALLOC_CTX *mem_ctx, 
+	NTSTATUS (*check_password)(struct gensec_ntlmssp_state *,
+				   TALLOC_CTX *mem_ctx,
 				   DATA_BLOB *nt_session_key, DATA_BLOB *lm_session_key);
 
 	const char *server_name;
 
-	bool doing_ntlm2; 
+	bool doing_ntlm2;
 
 	union {
 		/* NTLM */


-- 
Samba Shared Repository


More information about the samba-cvs mailing list