[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-1723-g04ceabf
Stefan Metzmacher
metze at samba.org
Wed May 20 18:00:19 GMT 2009
The branch, master has been updated
via 04ceabf56f9372b953448d27ca18d9895b1d4c52 (commit)
via 540b7130750f82d52a514a5117237e1b3e90e97b (commit)
via 5b55e47b71382eed168038fe0f94b25628b611f9 (commit)
from f024ca961e55c76410cc952938f3efc173c746ec (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 04ceabf56f9372b953448d27ca18d9895b1d4c52
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 20 19:57:37 2009 +0200
s4:libcli/smb2: fix session setup with raw NTLMSSP
metze
commit 540b7130750f82d52a514a5117237e1b3e90e97b
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 20 17:17:07 2009 +0200
s4:libcli/smb2: use raw ntlmssp if the server didn't provide a sec blob
metze
commit 5b55e47b71382eed168038fe0f94b25628b611f9
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 20 19:51:40 2009 +0200
s4:libcli/smb2: fill in transport->negotiate.secblob with the correct data
metze
-----------------------------------------------------------------------
Summary of changes:
source4/libcli/smb2/connect.c | 2 ++
source4/libcli/smb2/session.c | 39 +++++++++++++++++++++++++--------------
2 files changed, 27 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/smb2/connect.c b/source4/libcli/smb2/connect.c
index b522a56..8d6ea04 100644
--- a/source4/libcli/smb2/connect.c
+++ b/source4/libcli/smb2/connect.c
@@ -105,6 +105,8 @@ static void continue_negprot(struct smb2_request *req)
c->status = smb2_negprot_recv(req, c, &state->negprot);
if (!composite_is_ok(c)) return;
+ transport->negotiate.secblob = state->negprot.out.secblob;
+ talloc_steal(transport, transport->negotiate.secblob.data);
transport->negotiate.system_time = state->negprot.out.system_time;
transport->negotiate.server_start_time = state->negprot.out.server_start_time;
transport->negotiate.security_mode = state->negprot.out.security_mode;
diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c
index 127bb9b..9db32c4 100644
--- a/source4/libcli/smb2/session.c
+++ b/source4/libcli/smb2/session.c
@@ -149,27 +149,31 @@ static void session_request_handler(struct smb2_request *req)
struct smb2_session_state *state = talloc_get_type(c->private_data,
struct smb2_session_state);
struct smb2_session *session = req->session;
+ NTSTATUS session_key_err;
+ DATA_BLOB session_key;
+ NTSTATUS peer_status;
c->status = smb2_session_setup_recv(req, c, &state->io);
- if (NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED) ||
- (NT_STATUS_IS_OK(c->status) &&
+ peer_status = c->status;
+
+ if (NT_STATUS_EQUAL(peer_status, NT_STATUS_MORE_PROCESSING_REQUIRED) ||
+ (NT_STATUS_IS_OK(peer_status) &&
NT_STATUS_EQUAL(state->gensec_status, NT_STATUS_MORE_PROCESSING_REQUIRED))) {
- NTSTATUS session_key_err;
- DATA_BLOB session_key;
c->status = gensec_update(session->gensec, c,
state->io.out.secblob,
&state->io.in.secblob);
state->gensec_status = c->status;
- session_key_err = gensec_session_key(session->gensec, &session_key);
- if (NT_STATUS_IS_OK(session_key_err)) {
- session->session_key = session_key;
- }
+ session->uid = state->io.out.uid;
}
- session->uid = state->io.out.uid;
+ if (!NT_STATUS_IS_OK(c->status) &&
+ !NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ composite_error(c, c->status);
+ return;
+ }
- if (NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ if (NT_STATUS_EQUAL(peer_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
state->req = smb2_session_setup_send(session, &state->io);
if (state->req == NULL) {
composite_error(c, NT_STATUS_NO_MEMORY);
@@ -181,9 +185,9 @@ static void session_request_handler(struct smb2_request *req)
return;
}
- if (!NT_STATUS_IS_OK(c->status)) {
- composite_error(c, c->status);
- return;
+ session_key_err = gensec_session_key(session->gensec, &session_key);
+ if (NT_STATUS_IS_OK(session_key_err)) {
+ session->session_key = session_key;
}
if (session->transport->signing_required) {
@@ -207,6 +211,7 @@ struct composite_context *smb2_session_setup_spnego_send(struct smb2_session *se
{
struct composite_context *c;
struct smb2_session_state *state;
+ const char *chosen_oid;
c = composite_create(session, session->transport->socket->event.ctx);
if (c == NULL) return NULL;
@@ -235,7 +240,13 @@ struct composite_context *smb2_session_setup_spnego_send(struct smb2_session *se
c->status = gensec_set_target_service(session->gensec, "cifs");
if (!composite_is_ok(c)) return c;
- c->status = gensec_start_mech_by_oid(session->gensec, GENSEC_OID_SPNEGO);
+ if (session->transport->negotiate.secblob.length > 0) {
+ chosen_oid = GENSEC_OID_SPNEGO;
+ } else {
+ chosen_oid = GENSEC_OID_NTLMSSP;
+ }
+
+ c->status = gensec_start_mech_by_oid(session->gensec, chosen_oid);
if (!composite_is_ok(c)) return c;
c->status = gensec_update(session->gensec, c,
--
Samba Shared Repository
More information about the samba-cvs
mailing list