[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Fri Jan 6 04:10:05 MST 2012
The branch, master has been updated
via 662c557 s3-torture convert smb2 test to use auth_generic/gensec for NTLMSSP
via 893d792 s3:SMB2-SESSION-RECONNECT: also expect NETWORK_NAME_DELETED is signing isn't used
via 27af0ff s3-libads Use NTLMSSP via auth_generic/gensec
via a00032a s3-libsmb Make auth_ntlmssp client more generic
via 2141556 s3-libsmb Use gensec_settings to set s3 ntlmssp client backend
via 09928fb s3-auth Rename make_auth_ntlmssp() -> make_auth_gensec()
from 7b42ceb Fix compile when TDB_TRACE is enabled.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 662c557b368ce5e959faf100145a0b1a4f4b1f75
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Dec 27 13:27:45 2011 +1100
s3-torture convert smb2 test to use auth_generic/gensec for NTLMSSP
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Fri Jan 6 12:09:12 CET 2012 on sn-devel-104
commit 893d7921a1ce403fd87501def59c6b53a88b5468
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jan 6 08:31:16 2012 +0100
s3:SMB2-SESSION-RECONNECT: also expect NETWORK_NAME_DELETED is signing isn't used
metze
commit 27af0ffdf224a71c7532a22039f455bff6adfb41
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Dec 27 12:27:11 2011 +1100
s3-libads Use NTLMSSP via auth_generic/gensec
This allows us to use the shared gensec_wrap() implementation already used by the
smb sealing code, as well as making this code more generic.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit a00032a92d9c0fcd4fa3f551abb901e5240f780f
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Dec 27 10:25:55 2011 +1100
s3-libsmb Make auth_ntlmssp client more generic
As well as renaming, this allows us to start the mech by DCE/RPC auth
type or OID.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 21415568fe335d513545ef5788462551e2f1f1ae
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Dec 27 10:33:36 2011 +1100
s3-libsmb Use gensec_settings to set s3 ntlmssp client backend
This prepares us for making the code generic to multiple mechansims
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 09928fbcf6bef89b7b7a4d4b48301d1377906622
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Dec 26 15:58:11 2011 +1100
s3-auth Rename make_auth_ntlmssp() -> make_auth_gensec()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/include/{ntlmssp_wrap.h => auth_generic.h} | 22 ++-
source3/libads/sasl.c | 169 +++++++++----------
source3/librpc/crypto/cli_spnego.c | 25 ++--
source3/libsmb/clifsinfo.c | 27 ++--
source3/libsmb/ntlmssp_wrap.c | 53 +++++--
source3/rpc_client/cli_pipe.c | 19 +--
source3/smbd/seal.c | 10 +-
source3/torture/test_smb2.c | 171 ++++++++++++--------
8 files changed, 277 insertions(+), 219 deletions(-)
rename source3/include/{ntlmssp_wrap.h => auth_generic.h} (63%)
Changeset truncated at 500 lines:
diff --git a/source3/include/ntlmssp_wrap.h b/source3/include/auth_generic.h
similarity index 63%
rename from source3/include/ntlmssp_wrap.h
rename to source3/include/auth_generic.h
index ac2c77d..faea610 100644
--- a/source3/include/ntlmssp_wrap.h
+++ b/source3/include/auth_generic.h
@@ -2,7 +2,7 @@
NLTMSSP wrappers
Copyright (C) Andrew Tridgell 2001
- Copyright (C) Andrew Bartlett 2001-2003
+ Copyright (C) Andrew Bartlett 2001-2011
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -18,8 +18,8 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _NTLMSSP_WRAP_
-#define _NTLMSSP_WRAP_
+#ifndef _AUTH_GENERIC_
+#define _AUTH_GENERIC_
struct gensec_security;
@@ -31,14 +31,18 @@ struct auth_generic_state {
struct gensec_security *gensec_security;
};
-NTSTATUS auth_ntlmssp_set_username(struct auth_generic_state *ans,
+NTSTATUS auth_generic_set_username(struct auth_generic_state *ans,
const char *user);
-NTSTATUS auth_ntlmssp_set_domain(struct auth_generic_state *ans,
+NTSTATUS auth_generic_set_domain(struct auth_generic_state *ans,
const char *domain);
-NTSTATUS auth_ntlmssp_set_password(struct auth_generic_state *ans,
+NTSTATUS auth_generic_set_password(struct auth_generic_state *ans,
const char *password);
-NTSTATUS auth_ntlmssp_client_prepare(TALLOC_CTX *mem_ctx,
+NTSTATUS auth_generic_client_prepare(TALLOC_CTX *mem_ctx,
struct auth_generic_state **_ans);
-NTSTATUS auth_ntlmssp_client_start(struct auth_generic_state *ans);
+NTSTATUS auth_generic_client_start(struct auth_generic_state *ans, const char *oid);
-#endif /* _NTLMSSP_WRAP_ */
+NTSTATUS auth_generic_client_start_by_authtype(struct auth_generic_state *ans,
+ uint8_t auth_type,
+ uint8_t auth_level);
+
+#endif /* _AUTH_GENERIC_ */
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index a39971e..4186841 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -19,7 +19,8 @@
#include "includes.h"
#include "../libcli/auth/spnego.h"
-#include "../auth/ntlmssp/ntlmssp.h"
+#include "auth/gensec/gensec.h"
+#include "auth_generic.h"
#include "ads.h"
#include "smb_krb5.h"
@@ -27,88 +28,77 @@
static ADS_STATUS ads_sasl_ntlmssp_wrap(ADS_STRUCT *ads, uint8 *buf, uint32 len)
{
- struct ntlmssp_state *ntlmssp_state =
- (struct ntlmssp_state *)ads->ldap.wrap_private_data;
- ADS_STATUS status;
+ struct gensec_security *gensec_security =
+ talloc_get_type_abort(ads->ldap.wrap_private_data,
+ struct gensec_security);
NTSTATUS nt_status;
- DATA_BLOB sig;
- TALLOC_CTX *frame;
- uint8 *dptr = ads->ldap.out.buf + (4 + NTLMSSP_SIG_SIZE);
-
- frame = talloc_stackframe();
- /* copy the data to the right location */
- memcpy(dptr, buf, len);
-
- /* create the signature and may encrypt the data */
- if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL) {
- nt_status = ntlmssp_seal_packet(ntlmssp_state,
- frame,
- dptr, len,
- dptr, len,
- &sig);
- } else {
- nt_status = ntlmssp_sign_packet(ntlmssp_state,
- frame,
- dptr, len,
- dptr, len,
- &sig);
+ DATA_BLOB unwrapped, wrapped;
+ TALLOC_CTX *frame = talloc_stackframe();
+
+ unwrapped = data_blob_const(buf, len);
+
+ nt_status = gensec_wrap(gensec_security, frame, &unwrapped, &wrapped);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ TALLOC_FREE(frame);
+ return ADS_ERROR_NT(nt_status);
}
- status = ADS_ERROR_NT(nt_status);
- if (!ADS_ERR_OK(status)) return status;
- /* copy the signature to the right location */
- memcpy(ads->ldap.out.buf + 4,
- sig.data, NTLMSSP_SIG_SIZE);
+ if ((ads->ldap.out.size - 4) < wrapped.length) {
+ return ADS_ERROR_NT(NT_STATUS_INTERNAL_ERROR);
+ }
- TALLOC_FREE(frame);
+ /* copy the wrapped blob to the right location */
+ memcpy(ads->ldap.out.buf + 4, wrapped.data, wrapped.length);
/* set how many bytes must be written to the underlying socket */
- ads->ldap.out.left = 4 + NTLMSSP_SIG_SIZE + len;
+ ads->ldap.out.left = 4 + wrapped.length;
+
+ TALLOC_FREE(frame);
return ADS_SUCCESS;
}
static ADS_STATUS ads_sasl_ntlmssp_unwrap(ADS_STRUCT *ads)
{
- struct ntlmssp_state *ntlmssp_state =
- (struct ntlmssp_state *)ads->ldap.wrap_private_data;
- ADS_STATUS status;
+ struct gensec_security *gensec_security =
+ talloc_get_type_abort(ads->ldap.wrap_private_data,
+ struct gensec_security);
NTSTATUS nt_status;
- DATA_BLOB sig;
- uint8 *dptr = ads->ldap.in.buf + (4 + NTLMSSP_SIG_SIZE);
- uint32 dlen = ads->ldap.in.ofs - (4 + NTLMSSP_SIG_SIZE);
-
- /* wrap the signature into a DATA_BLOB */
- sig = data_blob_const(ads->ldap.in.buf + 4, NTLMSSP_SIG_SIZE);
-
- /* verify the signature and maybe decrypt the data */
- if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL) {
- nt_status = ntlmssp_unseal_packet(ntlmssp_state,
- dptr, dlen,
- dptr, dlen,
- &sig);
- } else {
- nt_status = ntlmssp_check_packet(ntlmssp_state,
- dptr, dlen,
- dptr, dlen,
- &sig);
+ DATA_BLOB unwrapped, wrapped;
+ TALLOC_CTX *frame = talloc_stackframe();
+
+ wrapped = data_blob_const(ads->ldap.in.buf + 4, ads->ldap.in.ofs - 4);
+
+ nt_status = gensec_unwrap(gensec_security, frame, &wrapped, &unwrapped);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ TALLOC_FREE(frame);
+ return ADS_ERROR_NT(nt_status);
+ }
+
+ if (wrapped.length < unwrapped.length) {
+ TALLOC_FREE(frame);
+ return ADS_ERROR_NT(NT_STATUS_INTERNAL_ERROR);
}
- status = ADS_ERROR_NT(nt_status);
- if (!ADS_ERR_OK(status)) return status;
- /* set the amount of bytes for the upper layer and set the ofs to the data */
- ads->ldap.in.left = dlen;
- ads->ldap.in.ofs = 4 + NTLMSSP_SIG_SIZE;
+ /* copy the wrapped blob to the right location */
+ memcpy(ads->ldap.in.buf + 4, unwrapped.data, unwrapped.length);
+
+ /* set how many bytes must be written to the underlying socket */
+ ads->ldap.in.left = unwrapped.length;
+ ads->ldap.in.ofs = 4;
+
+ TALLOC_FREE(frame);
return ADS_SUCCESS;
}
static void ads_sasl_ntlmssp_disconnect(ADS_STRUCT *ads)
{
- struct ntlmssp_state *ntlmssp_state =
- (struct ntlmssp_state *)ads->ldap.wrap_private_data;
+ struct gensec_security *gensec_security =
+ talloc_get_type_abort(ads->ldap.wrap_private_data,
+ struct gensec_security);
- TALLOC_FREE(ntlmssp_state);
+ TALLOC_FREE(gensec_security);
ads->ldap.wrap_ops = NULL;
ads->ldap.wrap_private_data = NULL;
@@ -136,42 +126,39 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
NTSTATUS nt_status;
ADS_STATUS status;
int turn = 1;
- uint32 features = 0;
- struct ntlmssp_state *ntlmssp_state;
+ struct auth_generic_state *auth_generic_state;
- nt_status = ntlmssp_client_start(NULL,
- lp_netbios_name(),
- lp_workgroup(),
- lp_client_ntlmv2_auth(),
- &ntlmssp_state);
+ nt_status = auth_generic_client_prepare(NULL, &auth_generic_state);
if (!NT_STATUS_IS_OK(nt_status)) {
return ADS_ERROR_NT(nt_status);
}
- if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_username(ntlmssp_state, ads->auth.user_name))) {
+ if (!NT_STATUS_IS_OK(nt_status = auth_generic_set_username(auth_generic_state, ads->auth.user_name))) {
return ADS_ERROR_NT(nt_status);
}
- if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_domain(ntlmssp_state, ads->auth.realm))) {
+ if (!NT_STATUS_IS_OK(nt_status = auth_generic_set_domain(auth_generic_state, ads->auth.realm))) {
return ADS_ERROR_NT(nt_status);
}
- if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_password(ntlmssp_state, ads->auth.password))) {
+ if (!NT_STATUS_IS_OK(nt_status = auth_generic_set_password(auth_generic_state, ads->auth.password))) {
return ADS_ERROR_NT(nt_status);
}
switch (ads->ldap.wrap_type) {
case ADS_SASLWRAP_TYPE_SEAL:
- features = NTLMSSP_FEATURE_SIGN | NTLMSSP_FEATURE_SEAL;
+ gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SIGN);
+ gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SEAL);
break;
case ADS_SASLWRAP_TYPE_SIGN:
if (ads->auth.flags & ADS_AUTH_SASL_FORCE) {
- features = NTLMSSP_FEATURE_SIGN;
+ gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SIGN);
} else {
/*
* windows servers are broken with sign only,
* so we need to use seal here too
*/
- features = NTLMSSP_FEATURE_SIGN | NTLMSSP_FEATURE_SEAL;
+ gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SIGN);
+ gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SEAL);
ads->ldap.wrap_type = ADS_SASLWRAP_TYPE_SEAL;
}
break;
@@ -179,13 +166,16 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
break;
}
- ntlmssp_want_feature(ntlmssp_state, features);
+ nt_status = auth_generic_client_start(auth_generic_state, GENSEC_OID_NTLMSSP);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return ADS_ERROR_NT(nt_status);
+ }
blob_in = data_blob_null;
do {
- nt_status = ntlmssp_update(ntlmssp_state,
- blob_in, &blob_out);
+ nt_status = gensec_update(auth_generic_state->gensec_security,
+ talloc_tos(), NULL, blob_in, &blob_out);
data_blob_free(&blob_in);
if ((NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)
|| NT_STATUS_IS_OK(nt_status))
@@ -212,7 +202,7 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
ber_bvfree(scred);
}
- TALLOC_FREE(ntlmssp_state);
+ TALLOC_FREE(auth_generic_state);
return ADS_ERROR(rc);
}
if (scred) {
@@ -224,7 +214,7 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
} else {
- TALLOC_FREE(ntlmssp_state);
+ TALLOC_FREE(auth_generic_state);
data_blob_free(&blob_out);
return ADS_ERROR_NT(nt_status);
}
@@ -236,7 +226,7 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
if (!spnego_parse_challenge(talloc_tos(), blob, &blob_in,
&tmp_blob)) {
- TALLOC_FREE(ntlmssp_state);
+ TALLOC_FREE(auth_generic_state);
data_blob_free(&blob);
DEBUG(3,("Failed to parse challenges\n"));
return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
@@ -246,7 +236,7 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
if (!spnego_parse_auth_response(talloc_tos(), blob, nt_status, OID_NTLMSSP,
&blob_in)) {
- TALLOC_FREE(ntlmssp_state);
+ TALLOC_FREE(auth_generic_state);
data_blob_free(&blob);
DEBUG(3,("Failed to parse auth response\n"));
return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
@@ -257,24 +247,23 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
turn++;
} while (rc == LDAP_SASL_BIND_IN_PROGRESS && !NT_STATUS_IS_OK(nt_status));
- /* we have a reference conter on ntlmssp_state, if we are signing
- then the state will be kept by the signing engine */
-
if (ads->ldap.wrap_type > ADS_SASLWRAP_TYPE_PLAIN) {
- ads->ldap.out.max_unwrapped = ADS_SASL_WRAPPING_OUT_MAX_WRAPPED - NTLMSSP_SIG_SIZE;
- ads->ldap.out.sig_size = NTLMSSP_SIG_SIZE;
+ uint32_t sig_size = gensec_sig_size(auth_generic_state->gensec_security, 0);
+ ads->ldap.out.max_unwrapped = ADS_SASL_WRAPPING_OUT_MAX_WRAPPED - sig_size;
+ ads->ldap.out.sig_size = sig_size;
ads->ldap.in.min_wrapped = ads->ldap.out.sig_size;
ads->ldap.in.max_wrapped = ADS_SASL_WRAPPING_IN_MAX_WRAPPED;
- status = ads_setup_sasl_wrapping(ads, &ads_sasl_ntlmssp_ops, ntlmssp_state);
+ status = ads_setup_sasl_wrapping(ads, &ads_sasl_ntlmssp_ops, auth_generic_state->gensec_security);
if (!ADS_ERR_OK(status)) {
DEBUG(0, ("ads_setup_sasl_wrapping() failed: %s\n",
ads_errstr(status)));
- TALLOC_FREE(ntlmssp_state);
+ TALLOC_FREE(auth_generic_state);
return status;
}
- } else {
- TALLOC_FREE(ntlmssp_state);
+ /* Only keep the gensec_security element around long-term */
+ talloc_steal(NULL, auth_generic_state->gensec_security);
}
+ TALLOC_FREE(auth_generic_state);
return ADS_ERROR(rc);
}
diff --git a/source3/librpc/crypto/cli_spnego.c b/source3/librpc/crypto/cli_spnego.c
index 827b135..54ea99b 100644
--- a/source3/librpc/crypto/cli_spnego.c
+++ b/source3/librpc/crypto/cli_spnego.c
@@ -2,6 +2,7 @@
* SPNEGO Encapsulation
* Client functions
* Copyright (C) Simo Sorce 2010.
+ * Copyright (C) Andrew Bartlett 2011.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -19,7 +20,7 @@
#include "includes.h"
#include "../libcli/auth/spnego.h"
-#include "include/ntlmssp_wrap.h"
+#include "include/auth_generic.h"
#include "librpc/gen_ndr/ntlmssp.h"
#include "auth/ntlmssp/ntlmssp.h"
#include "librpc/crypto/gse.h"
@@ -92,7 +93,7 @@ NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx,
struct spnego_context **spnego_ctx)
{
struct spnego_context *sp_ctx = NULL;
- struct auth_generic_state *auth_ntlmssp_state;
+ struct auth_generic_state *auth_generic_state;
NTSTATUS status;
status = spnego_context_init(mem_ctx, do_sign, do_seal, &sp_ctx);
@@ -101,28 +102,28 @@ NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx,
}
sp_ctx->mech = SPNEGO_NTLMSSP;
- status = auth_ntlmssp_client_prepare(sp_ctx,
- &auth_ntlmssp_state);
+ status = auth_generic_client_prepare(sp_ctx,
+ &auth_generic_state);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
return status;
}
- status = auth_ntlmssp_set_username(auth_ntlmssp_state,
+ status = auth_generic_set_username(auth_generic_state,
username);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
return status;
}
- status = auth_ntlmssp_set_domain(auth_ntlmssp_state,
+ status = auth_generic_set_domain(auth_generic_state,
domain);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
return status;
}
- status = auth_ntlmssp_set_password(auth_ntlmssp_state,
+ status = auth_generic_set_password(auth_generic_state,
password);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
@@ -130,21 +131,21 @@ NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx,
}
if (do_sign) {
- gensec_want_feature(auth_ntlmssp_state->gensec_security,
+ gensec_want_feature(auth_generic_state->gensec_security,
GENSEC_FEATURE_SIGN);
} else if (do_seal) {
- gensec_want_feature(auth_ntlmssp_state->gensec_security,
+ gensec_want_feature(auth_generic_state->gensec_security,
GENSEC_FEATURE_SEAL);
}
- status = auth_ntlmssp_client_start(auth_ntlmssp_state);
+ status = auth_generic_client_start(auth_generic_state, GENSEC_OID_NTLMSSP);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
return status;
}
- sp_ctx->mech_ctx.gensec_security = talloc_move(sp_ctx, &auth_ntlmssp_state->gensec_security);
- TALLOC_FREE(auth_ntlmssp_state);
+ sp_ctx->mech_ctx.gensec_security = talloc_move(sp_ctx, &auth_generic_state->gensec_security);
+ TALLOC_FREE(auth_generic_state);
*spnego_ctx = sp_ctx;
return NT_STATUS_OK;
}
diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c
index ff15624..5c86c5d 100644
--- a/source3/libsmb/clifsinfo.c
+++ b/source3/libsmb/clifsinfo.c
@@ -3,6 +3,7 @@
FS info functions
Copyright (C) Stefan (metze) Metzmacher 2003
Copyright (C) Jeremy Allison 2007
+ Copyright (C) Andrew Bartlett 2011
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -26,7 +27,7 @@
#include "async_smb.h"
#include "../libcli/smb/smb_seal.h"
#include "trans2.h"
-#include "ntlmssp_wrap.h"
+#include "auth_generic.h"
#include "auth/gensec/gensec.h"
#include "../libcli/smb/smbXcli_base.h"
@@ -610,37 +611,37 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
DATA_BLOB blob_out = data_blob_null;
DATA_BLOB param_out = data_blob_null;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- struct auth_generic_state *auth_ntlmssp_state;
+ struct auth_generic_state *auth_generic_state;
struct smb_trans_enc_state *es = make_cli_enc_state(SMB_TRANS_ENC_NTLM);
if (!es) {
return NT_STATUS_NO_MEMORY;
}
- status = auth_ntlmssp_client_prepare(NULL,
- &auth_ntlmssp_state);
+ status = auth_generic_client_prepare(NULL,
+ &auth_generic_state);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
- gensec_want_feature(auth_ntlmssp_state->gensec_security, GENSEC_FEATURE_SESSION_KEY);
- gensec_want_feature(auth_ntlmssp_state->gensec_security, GENSEC_FEATURE_SEAL);
+ gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SESSION_KEY);
+ gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SEAL);
- if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_username(auth_ntlmssp_state, user))) {
+ if (!NT_STATUS_IS_OK(status = auth_generic_set_username(auth_generic_state, user))) {
goto fail;
}
- if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_domain(auth_ntlmssp_state, domain))) {
+ if (!NT_STATUS_IS_OK(status = auth_generic_set_domain(auth_generic_state, domain))) {
goto fail;
}
- if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_password(auth_ntlmssp_state, pass))) {
+ if (!NT_STATUS_IS_OK(status = auth_generic_set_password(auth_generic_state, pass))) {
goto fail;
}
- if (!NT_STATUS_IS_OK(status = auth_ntlmssp_client_start(auth_ntlmssp_state))) {
+ if (!NT_STATUS_IS_OK(status = auth_generic_client_start(auth_generic_state, GENSEC_OID_NTLMSSP))) {
goto fail;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list