[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Mon Jul 19 17:48:28 MDT 2010 

The branch, master has been updated
       via  8cba4a0... Move the addition of the 16 byte guid out of spnego_gen_negTokenInit() and into negprot_spnego() where it belongs (it's not an SPNEGO operation). Add a TALLOC_CTX for callers of negprot_spnego(). Closer to unifying all the gen_negTokenXXX calls.
      from  625a511... Remove parse_negTokenTarg(), as it's actually incorrect. We're processing negTokenInit's here. Use common code in spnego_parse_negTokenInit().

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 8cba4a0c9639c48ec2433a98529bd8352e9d06c9
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Jul 19 16:45:16 2010 -0700

    Move the addition of the 16 byte guid out of spnego_gen_negTokenInit() and
    into negprot_spnego() where it belongs (it's not an SPNEGO operation).
    Add a TALLOC_CTX for callers of negprot_spnego(). Closer to unifying all
    the gen_negTokenXXX calls.
    
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/include/proto.h     |    3 +-
 source3/libsmb/clispnego.c  |    6 +---
 source3/smbd/globals.h      |    2 +-
 source3/smbd/negprot.c      |   55 +++++++++++++++++++++++++------------------
 source3/smbd/smb2_negprot.c |    3 +-
 5 files changed, 37 insertions(+), 32 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/proto.h b/source3/include/proto.h
index ad0c11f..a0bb55c 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -2821,8 +2821,7 @@ bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descr
 
 /* The following definitions come from libsmb/clispnego.c  */
 
-DATA_BLOB spnego_gen_negTokenInit(char guid[16], 
-				  const char *OIDs[], 
+DATA_BLOB spnego_gen_negTokenInit(const char *OIDs[], 
 				  const char *principal);
 DATA_BLOB gen_negTokenInit(const char *OID, DATA_BLOB blob);
 bool spnego_parse_negTokenInit(DATA_BLOB blob,
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 1f2081c..2cf2764 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -24,11 +24,10 @@
 #include "smb_krb5.h"
 
 /*
-  generate a negTokenInit packet given a GUID, a list of supported
+  generate a negTokenInit packet given a list of supported
   OIDs (the mechanisms) and a principal name string 
 */
-DATA_BLOB spnego_gen_negTokenInit(char guid[16], 
-				  const char *OIDs[], 
+DATA_BLOB spnego_gen_negTokenInit(const char *OIDs[], 
 				  const char *principal)
 {
 	int i;
@@ -40,7 +39,6 @@ DATA_BLOB spnego_gen_negTokenInit(char guid[16],
 		return data_blob_null;
 	}
 
-	asn1_write(data, guid, 16);
 	asn1_push_tag(data,ASN1_APPLICATION(0));
 	asn1_write_OID(data,OID_SPNEGO);
 	asn1_push_tag(data,ASN1_CONTEXT(0));
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index c618efa..92a3f76 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -137,7 +137,7 @@ struct smbd_smb2_request;
 struct smbd_smb2_session;
 struct smbd_smb2_tcon;
 
-DATA_BLOB negprot_spnego(struct smbd_server_connection *sconn);
+DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn);
 
 void smbd_lock_socket(struct smbd_server_connection *sconn);
 void smbd_unlock_socket(struct smbd_server_connection *sconn);
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 4d73216..e7cf5b7 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -176,15 +176,15 @@ static void reply_lanman2(struct smb_request *req, uint16 choice)
  Generate the spnego negprot reply blob. Return the number of bytes used.
 ****************************************************************************/
 
-DATA_BLOB negprot_spnego(struct smbd_server_connection *sconn)
+DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
 {
-	DATA_BLOB blob;
+	DATA_BLOB blob = data_blob_null;
+	DATA_BLOB blob_out = data_blob_null;
 	nstring dos_name;
 	fstring unix_name;
 #ifdef DEVELOPER
 	size_t slen;
 #endif
-	char guid[17];
 	const char *OIDs_krb5[] = {OID_KERBEROS5,
 				   OID_KERBEROS5_OLD,
 				   OID_NTLMSSP,
@@ -192,22 +192,6 @@ DATA_BLOB negprot_spnego(struct smbd_server_connection *sconn)
 	const char *OIDs_plain[] = {OID_NTLMSSP, NULL};
 
 	sconn->smb1.negprot.spnego = true;
-
-	memset(guid, '\0', sizeof(guid));
-
-	safe_strcpy(unix_name, global_myname(), sizeof(unix_name)-1);
-	strlower_m(unix_name);
-	push_ascii_nstring(dos_name, unix_name);
-	safe_strcpy(guid, dos_name, sizeof(guid)-1);
-
-#ifdef DEVELOPER
-	/* Fix valgrind 'uninitialized bytes' issue. */
-	slen = strlen(dos_name);
-	if (slen < sizeof(guid)) {
-		memset(guid+slen, '\0', sizeof(guid) - slen);
-	}
-#endif
-
 	/* strangely enough, NT does not sent the single OID NTLMSSP when
 	   not a ADS member, it sends no OIDs at all
 
@@ -227,7 +211,7 @@ DATA_BLOB negprot_spnego(struct smbd_server_connection *sconn)
 		blob = data_blob(guid, 16);
 #else
 		/* Code for standalone WXP client */
-		blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE");
+		blob = spnego_gen_negTokenInit(OIDs_plain, "NONE");
 #endif
 	} else {
 		fstring myname;
@@ -238,11 +222,36 @@ DATA_BLOB negprot_spnego(struct smbd_server_connection *sconn)
 		    == -1) {
 			return data_blob_null;
 		}
-		blob = spnego_gen_negTokenInit(guid, OIDs_krb5, host_princ_s);
+		blob = spnego_gen_negTokenInit(OIDs_krb5, host_princ_s);
 		SAFE_FREE(host_princ_s);
 	}
 
-	return blob;
+	blob_out = data_blob_talloc(ctx, NULL, 16 + blob.length);
+	if (blob_out.data == NULL) {
+		data_blob_free(&blob);
+		return data_blob_null;
+	}
+
+	memset(blob_out.data, '\0', 16);
+
+	safe_strcpy(unix_name, global_myname(), sizeof(unix_name)-1);
+	strlower_m(unix_name);
+	push_ascii_nstring(dos_name, unix_name);
+	safe_strcpy((char *)blob_out.data, dos_name, 16);
+
+#ifdef DEVELOPER
+	/* Fix valgrind 'uninitialized bytes' issue. */
+	slen = strlen(dos_name);
+	if (slen < sizeof(16)) {
+		memset(blob_out.data+slen, '\0', 16 - slen);
+	}
+#endif
+
+	memcpy(&blob_out.data[16], blob.data, blob.length);
+
+	data_blob_free(&blob);
+
+	return blob_out;
 }
 
 /****************************************************************************
@@ -381,7 +390,7 @@ static void reply_nt1(struct smb_request *req, uint16 choice)
 		}
 		DEBUG(3,("not using SPNEGO\n"));
 	} else {
-		DATA_BLOB spnego_blob = negprot_spnego(req->sconn);
+		DATA_BLOB spnego_blob = negprot_spnego(req, req->sconn);
 
 		if (spnego_blob.data == NULL) {
 			reply_nterror(req, NT_STATUS_NO_MEMORY);
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index fc20eac..db392f4 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -119,11 +119,10 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 	}
 
 	/* negprot_spnego() returns a the server guid in the first 16 bytes */
-	negprot_spnego_blob = negprot_spnego(req->sconn);
+	negprot_spnego_blob = negprot_spnego(req, req->sconn);
 	if (negprot_spnego_blob.data == NULL) {
 		return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
 	}
-	talloc_steal(req, negprot_spnego_blob.data);
 
 	if (negprot_spnego_blob.length < 16) {
 		return smbd_smb2_request_error(req, NT_STATUS_INTERNAL_ERROR);


-- 
Samba Shared Repository

More information about the samba-cvs mailing list