[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Wed Aug 3 04:46:02 MDT 2011
The branch, master has been updated
via fec25c3 ntlmssp: Add ntlmssp_blob_matches_magic()
via d811862 s3-ntlmssp Remove rudundent comment
via 1dbdddf s3-ntlmssp Remove a level of nesting in if/else statement
via 7b1d6a6 selftest: test plugin_s4_dc against all ncacn_np tests
via 7c4eb9e s3-ntlmssp clarify session key behaviour after create_local_token() changes
via 3f0b5d0 s3-ntlmssp Remove auth_ntlmssp_state_destructor, use the talloc tree instead
via 2ed17af ldb-samba: Explain the current behaviour of ldif_canonicalise_objectCategory
via 8131dd9 s3-auth directly return the result of make_server_info_guest()
via 8fca974 s3-auth rename auth_ntlmssp_steal_session_info()
via 4379738 selftest: print %U in smbclient -L output to allow testing
via b0dd2cd s3-smbd Be consistent with %U subs on guest logins
via 41ee4e8 selftest: Add kerberos tests to plugin_s4_dc tests
via d3524f2 s3-auth use auth_generic_start to get full GENSEC in Samba3 session setup
via 9f66327 s3-auth Add function to start any GENSEC mech by OID
via 23bbf4e s3-smbd clarify behaviour by not passing an OID that will not be used
via 36112a4 s3-smbd Ensure we do not read past the end of a possible NTLMSSP blob
via ef69e14 s3-auth clarify the role of these session keys
via 1aced1e s3-auth remove sanitized_username from auth_serversupplied_info
via 9a45bf3 s3-auth set session_info->sanitized_username in create_local_token()
via 8b983d2 s3-ntlmssp Split auth_ntlmssp_start into two functions
via 902df83 s3-ntlmssp Split calls to gensec plugin into prepare and start
via 643d058 gensec: Don't keep a second copy of the auth4_context in gensec_ntlmssp_state
via 1231b78 s3-ntlmssp Remove auth_ntlmssp_and_flags()
via da4345a s3-ntlmssp Remove rpccli_get_pwd_hash and auth_ntlmssp_get_nt_hash
via 779573a selftest: Test encrypted RPC pipes against plugin_s4_dc
via 4806eda selftest: use the s4 winbindd in plugin_s4_dc test
via 63cb805 s3-auth Add hook to start a GENSEC mech to auth_samba4
via bba5f0a s3-ntlmssp Remove auth_ntlmssp_or_flags
via 778bf87 s3-ntlmssp Remove calls to auth_ntlmssp_and_flags from the server
via 6d7ac4f s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_update
via 763243d s3-ntlmssp NTLMSSP sealing implies signing, so set both flags
via d69843c s3-ntlmssp Add hooks to optionally call into GENSEC in auth_ntlmssp
via dee845e s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key()
via 6bcaba6 s3-auth Allow auth modules to provide an initialised GENSEC context
via a942401 s3-ntlmssp Use auth_ntlmssp_*() functions in more places
via 9edb976 s3-ntlmssp Remove unused auth_ntlmssp_get_domain()
via 3185eca s3-ntlmssp Remove unused auth_ntlmssp_get_client
via 8e50c69 s3-rpc_server use session_info to print user details
via c9bde9a s3-auth Use else if in do_map_to_guest_server_info
via 8a65024 s3-auth Move map to guest to directly after the check_password calls
via 35b309f gensec: clarify memory ownership for gensec_session_info() and gensec_session_key()
via d3fe48b gensec: Remove mem_ctx from calls that do not return memory
via 16b2118 gensec: split GENSEC into mechanism-dependent and runtime functions
from de71a67 s3:libsmb/clifile: make use of cli_set_timeout()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit fec25c3a627bfbb14cf0aaf8773f54e0e5017517
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 3 09:33:29 2011 +1000
ntlmssp: Add ntlmssp_blob_matches_magic()
This avoids having the same check in 3 different parts of the code
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet at samba.org>
Autobuild-Date: Wed Aug 3 12:45:04 CEST 2011 on sn-devel-104
commit d811862b453cc616650cdc10f4d69b239d66943a
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 3 09:26:55 2011 +1000
s3-ntlmssp Remove rudundent comment
This is explained where SESSION_KEY maps to SIGN at the NTLMSSP layer
Andrew Bartlett
commit 1dbdddf223b5beb873505164310862b6bd2093d2
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 2 23:17:02 2011 +1000
s3-ntlmssp Remove a level of nesting in if/else statement
commit 7b1d6a6a0568a62943877c61d95f6d7bb1fd1d1d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 2 13:17:24 2011 +1000
selftest: test plugin_s4_dc against all ncacn_np tests
Changes to the s3 epmapper behaviour seem to have fixed the rest of these
tests.
Andrew Bartlett
commit 7c4eb9e32e7c84c37728b2f83f28360f4d0cab92
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 2 11:29:43 2011 +1000
s3-ntlmssp clarify session key behaviour after create_local_token() changes
commit 3f0b5d05b51ce5203a17ba75e212e78eb78fc9c7
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 2 11:28:51 2011 +1000
s3-ntlmssp Remove auth_ntlmssp_state_destructor, use the talloc tree instead
commit 2ed17af7f95bb8f5cbb5182352eff57a171c662c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 2 09:35:23 2011 +1000
ldb-samba: Explain the current behaviour of ldif_canonicalise_objectCategory
commit 8131dd9df3b3ab284b68c2a942f9fa6cc88bd315
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 2 09:06:22 2011 +1000
s3-auth directly return the result of make_server_info_guest()
commit 8fca9741fe7fca3a899fdff7ab667de1364f0ea9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 2 08:53:10 2011 +1000
s3-auth rename auth_ntlmssp_steal_session_info()
There is no longer any theft of memory as the underlying routines now
produce a new auth_session_info for this caller, allocating it
on the supplied memory context.
Andrew Bartlett
commit 4379738e8516f54d7599e87fd9e6a9ec80680dd0
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 29 12:12:36 2011 +1000
selftest: print %U in smbclient -L output to allow testing
commit b0dd2cde86ebd1df2189ea6ff6f33fb3c247adbd
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Jul 27 16:06:31 2011 +1000
s3-smbd Be consistent with %U subs on guest logins
The NTLMSSP code always specified "" as the username, and this makes
guest logins via the old-style session setup do the same.
Andrew Bartlett
commit 41ee4e8bcc8edb0048f5e11b741f17c7733a469f
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 16:17:30 2011 +1000
selftest: Add kerberos tests to plugin_s4_dc tests
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit d3524f2eaeef06059fcdc7af5b742cd46064fd20
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 15:11:47 2011 +1000
s3-auth use auth_generic_start to get full GENSEC in Samba3 session setup
This tests if the auth_generic_start() hook is available on the auth
context during the negprot, and if so it uses auth_generic_start() to
hook to GENSEC to handle the full SPNEGO blob.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 9f663270fd7d40dbaf258fe6818685d42249a827
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 14:40:33 2011 +1000
s3-auth Add function to start any GENSEC mech by OID
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 23bbf4e75850badaac7359643f9479bfa9d68a4e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 14:12:23 2011 +1000
s3-smbd clarify behaviour by not passing an OID that will not be used
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 36112a442fd851d79fef847bf75d570454116df8
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 14:11:56 2011 +1000
s3-smbd Ensure we do not read past the end of a possible NTLMSSP blob
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit ef69e140d817688c6bba1b40713001f316421754
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 13:46:25 2011 +1000
s3-auth clarify the role of these session keys
This comment can be clarified now the auth subsystem does not use the same
structure as the rest of the code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 1aced1e989a9fb052ee67e302e59df1113e6bd79
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 13:43:33 2011 +1000
s3-auth remove sanitized_username from auth_serversupplied_info
This structure element was only written to, not read.
It is filled into the companion structure, auth_session_info()
by create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 9a45bf39527d9c2dcd8d2debf214196100a3efce
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 13:37:36 2011 +1000
s3-auth set session_info->sanitized_username in create_local_token()
Rather than passing this value around the callers, and eventually
setting it in register_existing_vuid(), we simply pass it to
create_local_token(). This also removes the need for
auth_ntlmssp_get_username().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 8b983d232648944c18fe878a3ace0f58658ec24d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 10:19:54 2011 +1000
s3-ntlmssp Split auth_ntlmssp_start into two functions
This helps map on to the GENSEC semantics better, and ensures that the
full set of desired features are set before the mechanism starts.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 902df836807b700b2d27877f2fa5284930df3ff7
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 10:01:39 2011 +1000
s3-ntlmssp Split calls to gensec plugin into prepare and start
GENSEC has the concept of starting the GENSEC subsystem before starting the
actual mechansim. Between these two stages is when most context methods
are called, to specify credentials and features.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 643d05826cbf7ef82e1ee8f33d610a79dcb8607a
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Jul 25 17:20:45 2011 +1000
gensec: Don't keep a second copy of the auth4_context in gensec_ntlmssp_state
The auth4_context is already in the gensec_security structure, which is
available by de-reference here anyway.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 1231b784a1a30c475960d429465ca104c906801c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Jul 27 13:52:27 2011 +1000
s3-ntlmssp Remove auth_ntlmssp_and_flags()
There is no need to mask out these flags as they simply are not set
yet.
The correct abstraction is to ask for NTLMSSP features.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit da4345a8d1da94ac879b876ad826fa4ea7b95efd
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Jul 25 11:21:31 2011 +1000
s3-ntlmssp Remove rpccli_get_pwd_hash and auth_ntlmssp_get_nt_hash
The session key we want here (the only one that is availble to the
encryption layer) is the one obtained by cli_get_session_key(), as
NTLMSSP creates a per-session session key via key exchange and NTLMv2
negotiation.
The key was never directly the NT hash anyway (this is simply a
mistake, the extra MD4() was lost during my previous cleanup
f28f113d8e76824b080359c90efd9c92de533740 in 2008), but was MD4(NT
hash) in early implementations of NTLMSSP.
However, regardless this call is not available on domain trusts
between AD domains and Windows 2003 R2, making this less useful.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 779573a5b3c6b8e91a08cc08ff516a957e539722
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 22 12:32:15 2011 +1000
selftest: Test encrypted RPC pipes against plugin_s4_dc
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 4806eda36c872462b4074601e64148bbd467350b
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 22 08:03:56 2011 +1000
selftest: use the s4 winbindd in plugin_s4_dc test
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 63cb8059dbf964debb6f5a1df186ce1ebcded8fb
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jul 21 14:48:59 2011 +1000
s3-auth Add hook to start a GENSEC mech to auth_samba4
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit bba5f0a6418db2fd5a65e5f72a5a93dc8c7c0240
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 22 12:15:06 2011 +1000
s3-ntlmssp Remove auth_ntlmssp_or_flags
We now just use auth_ntlmssp_want_feature to get extra flags
on the NTLMSSP context
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 778bf87d8dbae333bfeea3b0d904fd2b17782745
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 22 12:10:30 2011 +1000
s3-ntlmssp Remove calls to auth_ntlmssp_and_flags from the server
This is changed so that the callers ask for the additional flags
that they need, starting with no additional flags.
This helps to create a proper abstraction layer in
ntlmssp_wrap/auth_ntlmssp.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 6d7ac4f1ad364cac6266bd3e88d141a7517a7d15
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 26 17:20:35 2011 +1000
s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_update
This clarifies the lifetime of the returned token.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 763243d6ed470d1ff5c0d1c4ab6cda227103cc15
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Jul 27 13:35:01 2011 +1000
s3-ntlmssp NTLMSSP sealing implies signing, so set both flags
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit d69843c908d2dab9f5296096eccf8650296b79f4
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Jul 27 13:34:34 2011 +1000
s3-ntlmssp Add hooks to optionally call into GENSEC in auth_ntlmssp
This allows the current behaviour of the NTLMSSP code to be unchanged
while adding a way to hook in an alternate implementation via an auth
module.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit dee845eb70379feae89940e9535541f7957c60d9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 2 10:24:28 2011 +1000
s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key()
commit 6bcaba6f8ab8bae874c67389e716dd3766309656
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jul 21 14:27:00 2011 +1000
s3-auth Allow auth modules to provide an initialised GENSEC context
This will allow auth plugins such as auth_samba4 to provide an initialised
GENSEC context to auth subsystem callers.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit a942401c1f6ee614080cee76c4364afbd729a446
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jul 21 19:13:59 2011 +1000
s3-ntlmssp Use auth_ntlmssp_*() functions in more places
This allows auth_ntlmssp_get_ntlmssp_state() to be removed.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 9edb9763df07fbceee49d54fd6972c5ffb83d133
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 22 11:41:46 2011 +1000
s3-ntlmssp Remove unused auth_ntlmssp_get_domain()
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 3185ecaf540c374dfdce3451a393fc7f8b7e2704
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jul 21 19:30:28 2011 +1000
s3-ntlmssp Remove unused auth_ntlmssp_get_client
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 8e50c696265fa095614628d23b438a94ecc7e2e2
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jul 21 19:29:10 2011 +1000
s3-rpc_server use session_info to print user details
This is the authoritative source for what the user was actually
authenticated as.
The previous message printed only what they claimed, and the DC might
map this.
The workstation is no longer printed in the logs, as it allows
auth_ntlmssp_get_client() to be removed.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit c9bde9ae753939710d63262917accca1dabe9a52
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Jul 27 13:20:59 2011 +1000
s3-auth Use else if in do_map_to_guest_server_info
This means we can't ever call make_server_info_guest() twice.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 8a650243b336f5a85ff119aa40c7744542c005e7
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 22 11:33:52 2011 +1000
s3-auth Move map to guest to directly after the check_password calls
This means we no longer need two different map to guest functions
and have consistent logic with fewer layering violations.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 35b309fa0cac9341f364243b03ebfcc80f74198e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 1 15:39:01 2011 +1000
gensec: clarify memory ownership for gensec_session_info() and gensec_session_key()
This is slightly less efficient, because we no longer keep a cache on
the gensec structures, but much clearer in terms of memory ownership.
Both gensec_session_info() and gensec_session_key() now take a mem_ctx
and put the result only on that context.
Some duplication of memory in the callers (who were rightly uncertain
about who was the rightful owner of the returned memory) has been
removed to compensate for the internal copy.
Andrew Bartlett
commit d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jul 21 19:10:15 2011 +1000
gensec: Remove mem_ctx from calls that do not return memory
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 16b2118b4369f8204d86d5ad2eb117837da26789
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jul 21 13:20:26 2011 +1000
gensec: split GENSEC into mechanism-dependent and runtime functions
The startup and runtime functions that have no dependencies are moved
into the top level.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge at samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/gensec/gensec.c | 518 +++++++++++
auth/gensec/gensec.h | 310 +++++++
auth/gensec/wscript_build | 7 +
auth/wscript_build | 2 +
lib/ldb-samba/ldif_handlers.c | 9 +-
libcli/auth/ntlmssp.c | 10 +
libcli/auth/ntlmssp.h | 2 +
libcli/auth/schannel_proto.h | 1 -
libcli/auth/schannel_sign.c | 1 -
selftest/target/Samba3.pm | 3 +-
selftest/target/Samba4.pm | 2 +-
source3/Makefile.in | 1 +
source3/auth/auth.c | 13 +-
source3/auth/auth_ntlmssp.c | 142 +++-
source3/auth/auth_samba4.c | 83 ++
source3/auth/auth_util.c | 73 +-
source3/auth/proto.h | 19 +-
source3/auth/server_info_sam.c | 7 -
source3/auth/user_krb5.c | 2 +-
source3/auth/wscript_build | 2 +-
source3/include/auth.h | 35 +-
source3/include/ntlmssp_wrap.h | 16 +-
source3/include/proto.h | 1 -
source3/include/smb_crypt.h | 2 +-
source3/lib/util_str.c | 8 -
source3/libads/sasl.c | 1 -
source3/librpc/crypto/cli_spnego.c | 24 +-
source3/librpc/rpc/dcerpc.h | 2 +
source3/librpc/rpc/dcerpc_helpers.c | 4 +-
source3/libsmb/clifsinfo.c | 18 +-
source3/libsmb/ntlmssp.c | 5 +-
source3/libsmb/ntlmssp_wrap.c | 98 ++-
source3/libsmb/proto.h | 4 +-
source3/libsmb/smb_seal.c | 18 +-
source3/rpc_client/cli_pipe.c | 63 +--
source3/rpc_client/cli_pipe.h | 2 -
source3/rpc_server/dcesrv_ntlmssp.c | 38 +-
source3/rpc_server/rpc_server.c | 3 +-
source3/rpcclient/cmd_lsarpc.c | 38 +-
source3/smbd/globals.h | 3 +
source3/smbd/negprot.c | 28 +-
source3/smbd/password.c | 10 +-
source3/smbd/proto.h | 3 +-
source3/smbd/seal.c | 24 +-
source3/smbd/sesssetup.c | 191 ++---
source3/smbd/smb2_sesssetup.c | 123 ++--
source3/utils/net_rpc.c | 12 +-
source3/utils/ntlm_auth.c | 4 +
source3/wscript_build | 2 +-
source4/auth/gensec/gensec.c | 1437 ------------------------------
source4/auth/gensec/gensec.h | 317 -------
source4/auth/gensec/gensec_gssapi.c | 36 +-
source4/auth/gensec/gensec_gssapi.h | 3 -
source4/auth/gensec/gensec_krb5.c | 24 +-
source4/auth/gensec/gensec_socket.h | 28 +
source4/auth/gensec/gensec_start.c | 947 ++++++++++++++++++++
source4/auth/gensec/gensec_tstream.c | 2 +-
source4/auth/gensec/pygensec.c | 6 +-
source4/auth/gensec/schannel.c | 15 +-
source4/auth/gensec/schannel.h | 26 +
source4/auth/gensec/socket.c | 1 +
source4/auth/gensec/spnego.c | 13 +-
source4/auth/gensec/wscript_build | 5 +-
source4/auth/ntlmssp/ntlmssp.c | 8 +-
source4/auth/ntlmssp/ntlmssp.h | 1 -
source4/auth/ntlmssp/ntlmssp_server.c | 20 +-
source4/auth/ntlmssp/ntlmssp_sign.c | 2 -
source4/dsdb/repl/drepl_out_helpers.c | 1 +
source4/kdc/kpasswdd.c | 1 +
source4/ldap_server/ldap_bind.c | 6 +-
source4/libcli/ldap/ldap_bind.c | 1 +
source4/libcli/smb2/session.c | 7 +-
source4/libcli/smb_composite/sesssetup.c | 5 +-
source4/libnet/libnet_become_dc.c | 3 +
source4/libnet/libnet_samsync.c | 1 +
source4/libnet/py_net.c | 1 +
source4/librpc/rpc/dcerpc.c | 2 -
source4/rpc_server/dcesrv_auth.c | 5 +-
source4/selftest/tests.py | 16 +-
source4/smb_server/smb/sesssetup.c | 5 +-
source4/smb_server/smb2/sesssetup.c | 2 +-
source4/torture/auth/ntlmssp.c | 8 +-
source4/torture/drs/rpc/dssync.c | 2 +-
source4/torture/drs/rpc/msds_intid.c | 2 +-
source4/torture/rpc/remote_pac.c | 6 +-
source4/torture/rpc/samlogon.c | 1 +
source4/torture/rpc/samr.c | 1 +
source4/torture/rpc/samsync.c | 1 +
source4/torture/rpc/schannel.c | 1 +
source4/utils/ntlm_auth.c | 6 +-
90 files changed, 2596 insertions(+), 2366 deletions(-)
create mode 100644 auth/gensec/gensec.c
create mode 100644 auth/gensec/gensec.h
create mode 100644 auth/gensec/wscript_build
delete mode 100644 source4/auth/gensec/gensec.c
delete mode 100644 source4/auth/gensec/gensec.h
create mode 100644 source4/auth/gensec/gensec_socket.h
create mode 100644 source4/auth/gensec/gensec_start.c
create mode 100644 source4/auth/gensec/schannel.h
Changeset truncated at 500 lines:
diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c
new file mode 100644
index 0000000..417b05c
--- /dev/null
+++ b/auth/gensec/gensec.c
@@ -0,0 +1,518 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Generic Authentication Interface
+
+ Copyright (C) Andrew Tridgell 2003
+ Copyright (C) Andrew Bartlett <abartlet at samba.org> 2004-2006
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/network.h"
+#include <tevent.h>
+#include "lib/tsocket/tsocket.h"
+#include "lib/util/tevent_ntstatus.h"
+#include "auth/gensec/gensec.h"
+
+/*
+ wrappers for the gensec function pointers
+*/
+_PUBLIC_ NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security,
+ uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ const DATA_BLOB *sig)
+{
+ if (!gensec_security->ops->unseal_packet) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+ if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ return gensec_security->ops->unseal_packet(gensec_security,
+ data, length,
+ whole_pdu, pdu_length,
+ sig);
+}
+
+_PUBLIC_ NTSTATUS gensec_check_packet(struct gensec_security *gensec_security,
+ const uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ const DATA_BLOB *sig)
+{
+ if (!gensec_security->ops->check_packet) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+ if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ return gensec_security->ops->check_packet(gensec_security, data, length, whole_pdu, pdu_length, sig);
+}
+
+_PUBLIC_ NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ DATA_BLOB *sig)
+{
+ if (!gensec_security->ops->seal_packet) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+ if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ return gensec_security->ops->seal_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
+}
+
+_PUBLIC_ NTSTATUS gensec_sign_packet(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ DATA_BLOB *sig)
+{
+ if (!gensec_security->ops->sign_packet) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+ if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ return gensec_security->ops->sign_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
+}
+
+_PUBLIC_ size_t gensec_sig_size(struct gensec_security *gensec_security, size_t data_size)
+{
+ if (!gensec_security->ops->sig_size) {
+ return 0;
+ }
+ if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
+ return 0;
+ }
+
+ return gensec_security->ops->sig_size(gensec_security, data_size);
+}
+
+size_t gensec_max_wrapped_size(struct gensec_security *gensec_security)
+{
+ if (!gensec_security->ops->max_wrapped_size) {
+ return (1 << 17);
+ }
+
+ return gensec_security->ops->max_wrapped_size(gensec_security);
+}
+
+size_t gensec_max_input_size(struct gensec_security *gensec_security)
+{
+ if (!gensec_security->ops->max_input_size) {
+ return (1 << 17) - gensec_sig_size(gensec_security, 1 << 17);
+ }
+
+ return gensec_security->ops->max_input_size(gensec_security);
+}
+
+_PUBLIC_ NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const DATA_BLOB *in,
+ DATA_BLOB *out)
+{
+ if (!gensec_security->ops->wrap) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+ return gensec_security->ops->wrap(gensec_security, mem_ctx, in, out);
+}
+
+_PUBLIC_ NTSTATUS gensec_unwrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const DATA_BLOB *in,
+ DATA_BLOB *out)
+{
+ if (!gensec_security->ops->unwrap) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+ return gensec_security->ops->unwrap(gensec_security, mem_ctx, in, out);
+}
+
+_PUBLIC_ NTSTATUS gensec_session_key(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key)
+{
+ if (!gensec_security->ops->session_key) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+ if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SESSION_KEY)) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ return gensec_security->ops->session_key(gensec_security, mem_ctx, session_key);
+}
+
+/**
+ * Return the credentials of a logged on user, including session keys
+ * etc.
+ *
+ * Only valid after a successful authentication
+ *
+ * May only be called once per authentication.
+ *
+ */
+
+_PUBLIC_ NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ struct auth_session_info **session_info)
+{
+ if (!gensec_security->ops->session_info) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+ return gensec_security->ops->session_info(gensec_security, mem_ctx, session_info);
+}
+
+/**
+ * Next state function for the GENSEC state machine
+ *
+ * @param gensec_security GENSEC State
+ * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
+ * @param in The request, as a DATA_BLOB
+ * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
+ * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
+ * or NT_STATUS_OK if the user is authenticated.
+ */
+
+_PUBLIC_ NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
+ const DATA_BLOB in, DATA_BLOB *out)
+{
+ return gensec_security->ops->update(gensec_security, out_mem_ctx, in, out);
+}
+
+struct gensec_update_state {
+ struct tevent_immediate *im;
+ struct gensec_security *gensec_security;
+ DATA_BLOB in;
+ DATA_BLOB out;
+};
+
+static void gensec_update_async_trigger(struct tevent_context *ctx,
+ struct tevent_immediate *im,
+ void *private_data);
+/**
+ * Next state function for the GENSEC state machine async version
+ *
+ * @param mem_ctx The memory context for the request
+ * @param ev The event context for the request
+ * @param gensec_security GENSEC State
+ * @param in The request, as a DATA_BLOB
+ *
+ * @return The request handle or NULL on no memory failure
+ */
+
+_PUBLIC_ struct tevent_req *gensec_update_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct gensec_security *gensec_security,
+ const DATA_BLOB in)
+{
+ struct tevent_req *req;
+ struct gensec_update_state *state = NULL;
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct gensec_update_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ state->gensec_security = gensec_security;
+ state->in = in;
+ state->out = data_blob(NULL, 0);
+ state->im = tevent_create_immediate(state);
+ if (tevent_req_nomem(state->im, req)) {
+ return tevent_req_post(req, ev);
+ }
+
+ tevent_schedule_immediate(state->im, ev,
+ gensec_update_async_trigger,
+ req);
+
+ return req;
+}
+
+static void gensec_update_async_trigger(struct tevent_context *ctx,
+ struct tevent_immediate *im,
+ void *private_data)
+{
+ struct tevent_req *req =
+ talloc_get_type_abort(private_data, struct tevent_req);
+ struct gensec_update_state *state =
+ tevent_req_data(req, struct gensec_update_state);
+ NTSTATUS status;
+
+ status = gensec_update(state->gensec_security, state,
+ state->in, &state->out);
+ if (tevent_req_nterror(req, status)) {
+ return;
+ }
+
+ tevent_req_done(req);
+}
+
+/**
+ * Next state function for the GENSEC state machine
+ *
+ * @param req request state
+ * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
+ * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
+ * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
+ * or NT_STATUS_OK if the user is authenticated.
+ */
+_PUBLIC_ NTSTATUS gensec_update_recv(struct tevent_req *req,
+ TALLOC_CTX *out_mem_ctx,
+ DATA_BLOB *out)
+{
+ struct gensec_update_state *state =
+ tevent_req_data(req, struct gensec_update_state);
+ NTSTATUS status;
+
+ if (tevent_req_is_nterror(req, &status)) {
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ tevent_req_received(req);
+ return status;
+ }
+ } else {
+ status = NT_STATUS_OK;
+ }
+
+ *out = state->out;
+ talloc_steal(out_mem_ctx, out->data);
+
+ tevent_req_received(req);
+ return status;
+}
+
+/**
+ * Set the requirement for a certain feature on the connection
+ *
+ */
+
+_PUBLIC_ void gensec_want_feature(struct gensec_security *gensec_security,
+ uint32_t feature)
+{
+ if (!gensec_security->ops || !gensec_security->ops->want_feature) {
+ gensec_security->want_features |= feature;
+ return;
+ }
+ gensec_security->ops->want_feature(gensec_security, feature);
+}
+
+/**
+ * Check the requirement for a certain feature on the connection
+ *
+ */
+
+_PUBLIC_ bool gensec_have_feature(struct gensec_security *gensec_security,
+ uint32_t feature)
+{
+ if (!gensec_security->ops->have_feature) {
+ return false;
+ }
+
+ /* We might 'have' features that we don't 'want', because the
+ * other end demanded them, or we can't neotiate them off */
+ return gensec_security->ops->have_feature(gensec_security, feature);
+}
+
+/**
+ * Return the credentials structure associated with a GENSEC context
+ *
+ */
+
+_PUBLIC_ struct cli_credentials *gensec_get_credentials(struct gensec_security *gensec_security)
+{
+ if (!gensec_security) {
+ return NULL;
+ }
+ return gensec_security->credentials;
+}
+
+/**
+ * Set the target service (such as 'http' or 'host') on a GENSEC context - ensures it is talloc()ed
+ *
+ */
+
+_PUBLIC_ NTSTATUS gensec_set_target_service(struct gensec_security *gensec_security, const char *service)
+{
+ gensec_security->target.service = talloc_strdup(gensec_security, service);
+ if (!gensec_security->target.service) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ return NT_STATUS_OK;
+}
+
+_PUBLIC_ const char *gensec_get_target_service(struct gensec_security *gensec_security)
+{
+ if (gensec_security->target.service) {
+ return gensec_security->target.service;
+ }
+
+ return "host";
+}
+
+/**
+ * Set the target hostname (suitable for kerberos resolutation) on a GENSEC context - ensures it is talloc()ed
+ *
+ */
+
+_PUBLIC_ NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_security, const char *hostname)
+{
+ gensec_security->target.hostname = talloc_strdup(gensec_security, hostname);
+ if (hostname && !gensec_security->target.hostname) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ return NT_STATUS_OK;
+}
+
+_PUBLIC_ const char *gensec_get_target_hostname(struct gensec_security *gensec_security)
+{
+ /* We allow the target hostname to be overriden for testing purposes */
+ if (gensec_security->settings->target_hostname) {
+ return gensec_security->settings->target_hostname;
+ }
+
+ if (gensec_security->target.hostname) {
+ return gensec_security->target.hostname;
+ }
+
+ /* We could add use the 'set sockaddr' call, and do a reverse
+ * lookup, but this would be both insecure (compromising the
+ * way kerberos works) and add DNS timeouts */
+ return NULL;
+}
+
+/**
+ * Set (and talloc_reference) local and peer socket addresses onto a socket
+ * context on the GENSEC context.
+ *
+ * This is so that kerberos can include these addresses in
+ * cryptographic tokens, to avoid certain attacks.
+ */
+
+/**
+ * @brief Set the local gensec address.
+ *
+ * @param gensec_security The gensec security context to use.
+ *
+ * @param remote The local address to set.
+ *
+ * @return On success NT_STATUS_OK is returned or an NT_STATUS
+ * error.
+ */
+_PUBLIC_ NTSTATUS gensec_set_local_address(struct gensec_security *gensec_security,
+ const struct tsocket_address *local)
+{
+ TALLOC_FREE(gensec_security->local_addr);
+
+ if (local == NULL) {
+ return NT_STATUS_OK;
+ }
+
+ gensec_security->local_addr = tsocket_address_copy(local, gensec_security);
+ if (gensec_security->local_addr == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return NT_STATUS_OK;
+}
+
+/**
+ * @brief Set the remote gensec address.
+ *
+ * @param gensec_security The gensec security context to use.
+ *
+ * @param remote The remote address to set.
+ *
+ * @return On success NT_STATUS_OK is returned or an NT_STATUS
+ * error.
+ */
+_PUBLIC_ NTSTATUS gensec_set_remote_address(struct gensec_security *gensec_security,
+ const struct tsocket_address *remote)
+{
+ TALLOC_FREE(gensec_security->remote_addr);
+
+ if (remote == NULL) {
+ return NT_STATUS_OK;
+ }
+
+ gensec_security->remote_addr = tsocket_address_copy(remote, gensec_security);
+ if (gensec_security->remote_addr == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return NT_STATUS_OK;
+}
+
+/**
+ * @brief Get the local address from a gensec security context.
+ *
+ * @param gensec_security The security context to get the address from.
+ *
+ * @return The address as tsocket_address which could be NULL if
+ * no address is set.
+ */
+_PUBLIC_ const struct tsocket_address *gensec_get_local_address(struct gensec_security *gensec_security)
+{
+ if (gensec_security == NULL) {
+ return NULL;
+ }
+ return gensec_security->local_addr;
+}
+
+/**
+ * @brief Get the remote address from a gensec security context.
+ *
+ * @param gensec_security The security context to get the address from.
+ *
+ * @return The address as tsocket_address which could be NULL if
+ * no address is set.
+ */
+_PUBLIC_ const struct tsocket_address *gensec_get_remote_address(struct gensec_security *gensec_security)
+{
+ if (gensec_security == NULL) {
+ return NULL;
+ }
+ return gensec_security->remote_addr;
+}
--
Samba Shared Repository
More information about the samba-cvs
mailing list