[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Tue Jun 12 04:42:05 MDT 2012
The branch, master has been updated
via 080c1ca s3: Make --pw-nt-hash useable in smbclient
via a40a566 s3: Add --pw-nt-hash to popt_common_credentials
via 93e950c s3: Add cli_state->pw_nt_hash
via 2be5ace s3: Add user_auth_info->use_pw_nt_hash
via 93e0844 s3-libsmbclient: change vnum to 0.2.0
via 6c13a46 s3-libsmbclient: Add OptionUseNTHash
via 4fb283e s3: Add CLI_FULL_CONNECTION_USE_NT_HASH
via 3b63a67 S3: Add ntlmssp_set_password_hash
via ae82192 s3-libsmbclient: Make SMBC_call_auth_fn static
from 25216d7 s4:smbd: fix typos
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 080c1ca64b618a906a9246556d07e3a0573a6cc1
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 11 14:10:23 2012 +0200
s3: Make --pw-nt-hash useable in smbclient
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Jun 12 12:41:10 CEST 2012 on sn-devel-104
commit a40a566504ec76d8ca4829c9d690d8a353330250
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 11 14:03:16 2012 +0200
s3: Add --pw-nt-hash to popt_common_credentials
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 93e950caf8db42750869a0ec8a8d2bcb62a1d98d
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 11 14:02:03 2012 +0200
s3: Add cli_state->pw_nt_hash
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 2be5ace544a5ec280abb72504f3d4acf5240c425
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 11 14:01:08 2012 +0200
s3: Add user_auth_info->use_pw_nt_hash
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 93e0844471f468f27c3c617b068b9d5aa26f4f1b
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 11 23:47:48 2012 +0200
s3-libsmbclient: change vnum to 0.2.0
metze
commit 6c13a46732f61b596273e2bd7ff3c78a4b953195
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 11 13:29:10 2012 +0200
s3-libsmbclient: Add OptionUseNTHash
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 4fb283e70e26c3328f1ab86276a5728601cc3432
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 11 13:32:07 2012 +0200
s3: Add CLI_FULL_CONNECTION_USE_NT_HASH
... as an indicator that the password supplied is the NT hash
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 3b63a6794a008b35cd7b5bc03bcc9e4f8d4124a4
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 11 13:12:30 2012 +0200
S3: Add ntlmssp_set_password_hash
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit ae821929a0ec048da69084b71c53270eecdb3e6e
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 11 10:15:08 2012 +0200
s3-libsmbclient: Make SMBC_call_auth_fn static
Signed-off-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/include/auth_info.h | 5 ++++
source3/include/client.h | 2 +
source3/include/libsmb_internal.h | 13 +++--------
source3/include/libsmbclient.h | 8 +++++++
source3/include/proto.h | 2 +
source3/lib/popt_common.c | 5 ++++
source3/lib/util_cmdline.c | 12 ++++++++++
.../{smbclient-0.1.0.sigs => smbclient-0.2.0.sigs} | 2 +
source3/libsmb/cliconnect.c | 6 ++++-
source3/libsmb/clidfs.c | 3 ++
source3/libsmb/clientgen.c | 4 +++
source3/libsmb/libsmb_server.c | 6 ++++-
source3/libsmb/libsmb_setget.c | 18 ++++++++++++++++
source3/libsmb/ntlmssp.c | 22 ++++++++++++++++++++
source3/libsmb/wscript | 2 +-
15 files changed, 98 insertions(+), 12 deletions(-)
copy source3/libsmb/ABI/{smbclient-0.1.0.sigs => smbclient-0.2.0.sigs} (98%)
Changeset truncated at 500 lines:
diff --git a/source3/include/auth_info.h b/source3/include/auth_info.h
index 6b5105d..d8d8317 100644
--- a/source3/include/auth_info.h
+++ b/source3/include/auth_info.h
@@ -31,6 +31,7 @@ struct user_auth_info {
bool use_machine_account;
bool fallback_after_kerberos;
bool use_ccache;
+ bool use_pw_nt_hash;
};
struct user_auth_info *user_auth_info_init(TALLOC_CTX *mem_ctx);
@@ -49,6 +50,10 @@ int get_cmdline_auth_info_signing_state(const struct user_auth_info *auth_info);
void set_cmdline_auth_info_use_ccache(struct user_auth_info *auth_info,
bool b);
bool get_cmdline_auth_info_use_ccache(const struct user_auth_info *auth_info);
+void set_cmdline_auth_info_use_pw_nt_hash(struct user_auth_info *auth_info,
+ bool b);
+bool get_cmdline_auth_info_use_pw_nt_hash(
+ const struct user_auth_info *auth_info);
void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info,
bool b);
bool get_cmdline_auth_info_use_kerberos(const struct user_auth_info *auth_info);
diff --git a/source3/include/client.h b/source3/include/client.h
index 18bf26e..5694ed0 100644
--- a/source3/include/client.h
+++ b/source3/include/client.h
@@ -87,6 +87,7 @@ struct cli_state {
bool use_kerberos;
bool fallback_after_kerberos;
bool use_ccache;
+ bool pw_nt_hash;
bool got_kerberos_mechanism; /* Server supports krb5 in SPNEGO. */
bool use_oplocks; /* should we use oplocks? */
@@ -141,5 +142,6 @@ struct file_info {
#define CLI_FULL_CONNECTION_USE_CCACHE 0x0040
#define CLI_FULL_CONNECTION_FORCE_DOS_ERRORS 0x0080
#define CLI_FULL_CONNECTION_FORCE_ASCII 0x0100
+#define CLI_FULL_CONNECTION_USE_NT_HASH 0x0200
#endif /* _CLIENT_H */
diff --git a/source3/include/libsmb_internal.h b/source3/include/libsmb_internal.h
index 0c8d8ab..aba159a 100644
--- a/source3/include/libsmb_internal.h
+++ b/source3/include/libsmb_internal.h
@@ -48,6 +48,10 @@ typedef struct DOS_ATTR_DESC {
SMB_INO_T inode;
} DOS_ATTR_DESC;
+/*
+ * Extension of libsmbclient.h's #defines
+ */
+#define SMB_CTX_FLAG_USE_NT_HASH (1 << 4)
/*
* Internal flags for extended attributes
@@ -450,15 +454,6 @@ SMBC_remove_unused_server(SMBCCTX * context,
SMBCSRV * srv);
void
-SMBC_call_auth_fn(TALLOC_CTX *ctx,
- SMBCCTX *context,
- const char *server,
- const char *share,
- char **pp_workgroup,
- char **pp_username,
- char **pp_password);
-
-void
SMBC_get_auth_data(const char *server, const char *share,
char *workgroup_buf, int workgroup_buf_len,
char *username_buf, int username_buf_len,
diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h
index ccf80da..61ff6a3 100644
--- a/source3/include/libsmbclient.h
+++ b/source3/include/libsmbclient.h
@@ -743,6 +743,14 @@ smbc_getOptionUseCCache(SMBCCTX *c);
void
smbc_setOptionUseCCache(SMBCCTX *c, smbc_bool b);
+/** Get indication that the password supplied is the NT hash */
+smbc_bool
+smbc_getOptionUseNTHash(SMBCCTX *c);
+
+/** Set indication that the password supplied is the NT hash */
+void
+smbc_setOptionUseNTHash(SMBCCTX *c, smbc_bool b);
+
/*************************************
diff --git a/source3/include/proto.h b/source3/include/proto.h
index b265d7a..d1d7131 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -939,6 +939,8 @@ bool get_dc_name(const char *domain,
struct ntlmssp_state;
NTSTATUS ntlmssp_set_username(struct ntlmssp_state *ntlmssp_state, const char *user) ;
NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *password) ;
+NTSTATUS ntlmssp_set_password_hash(struct ntlmssp_state *ntlmssp_state,
+ const char *hash);
NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *domain) ;
void ntlmssp_want_feature_list(struct ntlmssp_state *ntlmssp_state, char *feature_list);
void ntlmssp_want_feature(struct ntlmssp_state *ntlmssp_state, uint32_t feature);
diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c
index 3bcee1c..94e551d 100644
--- a/source3/lib/popt_common.c
+++ b/source3/lib/popt_common.c
@@ -592,6 +592,9 @@ static void popt_common_credentials_callback(poptContext con,
case 'C':
set_cmdline_auth_info_use_ccache(auth_info, true);
break;
+ case 'H':
+ set_cmdline_auth_info_use_pw_nt_hash(auth_info, true);
+ break;
}
}
@@ -615,5 +618,7 @@ struct poptOption popt_common_credentials[] = {
{"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" },
{"use-ccache", 'C', POPT_ARG_NONE, NULL, 'C',
"Use the winbind ccache for authentication" },
+ {"pw-nt-hash", '\0', POPT_ARG_NONE, NULL, 'H',
+ "The supplied password is the NT hash" },
POPT_TABLEEND
};
diff --git a/source3/lib/util_cmdline.c b/source3/lib/util_cmdline.c
index 1d2c725..4403846 100644
--- a/source3/lib/util_cmdline.c
+++ b/source3/lib/util_cmdline.c
@@ -136,6 +136,18 @@ bool get_cmdline_auth_info_use_ccache(const struct user_auth_info *auth_info)
return auth_info->use_ccache;
}
+void set_cmdline_auth_info_use_pw_nt_hash(struct user_auth_info *auth_info,
+ bool b)
+{
+ auth_info->use_pw_nt_hash = b;
+}
+
+bool get_cmdline_auth_info_use_pw_nt_hash(
+ const struct user_auth_info *auth_info)
+{
+ return auth_info->use_pw_nt_hash;
+}
+
void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info,
bool b)
{
diff --git a/source3/libsmb/ABI/smbclient-0.1.0.sigs b/source3/libsmb/ABI/smbclient-0.2.0.sigs
similarity index 98%
copy from source3/libsmb/ABI/smbclient-0.1.0.sigs
copy to source3/libsmb/ABI/smbclient-0.2.0.sigs
index bbd7700..aa85859 100644
--- a/source3/libsmb/ABI/smbclient-0.1.0.sigs
+++ b/source3/libsmb/ABI/smbclient-0.2.0.sigs
@@ -64,6 +64,7 @@ smbc_getOptionSmbEncryptionLevel: smbc_smb_encrypt_level (SMBCCTX *)
smbc_getOptionUrlEncodeReaddirEntries: smbc_bool (SMBCCTX *)
smbc_getOptionUseCCache: smbc_bool (SMBCCTX *)
smbc_getOptionUseKerberos: smbc_bool (SMBCCTX *)
+smbc_getOptionUseNTHash: smbc_bool (SMBCCTX *)
smbc_getOptionUserData: void *(SMBCCTX *)
smbc_getServerCacheData: struct smbc_server_cache *(SMBCCTX *)
smbc_getTimeout: int (SMBCCTX *)
@@ -148,6 +149,7 @@ smbc_setOptionSmbEncryptionLevel: void (SMBCCTX *, smbc_smb_encrypt_level)
smbc_setOptionUrlEncodeReaddirEntries: void (SMBCCTX *, smbc_bool)
smbc_setOptionUseCCache: void (SMBCCTX *, smbc_bool)
smbc_setOptionUseKerberos: void (SMBCCTX *, smbc_bool)
+smbc_setOptionUseNTHash: void (SMBCCTX *, smbc_bool)
smbc_setOptionUserData: void (SMBCCTX *, void *)
smbc_setServerCacheData: void (SMBCCTX *, struct smbc_server_cache *)
smbc_setTimeout: void (SMBCCTX *, int)
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index f46ce06..acc3a21 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1648,7 +1648,11 @@ static struct tevent_req *cli_session_setup_ntlmssp_send(
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
- status = ntlmssp_set_password(state->ntlmssp_state, pass);
+ if (cli->pw_nt_hash) {
+ status = ntlmssp_set_password_hash(state->ntlmssp_state, pass);
+ } else {
+ status = ntlmssp_set_password(state->ntlmssp_state, pass);
+ }
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index 4655915..95f8817 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -129,6 +129,9 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
if (get_cmdline_auth_info_use_ccache(auth_info)) {
flags |= CLI_FULL_CONNECTION_USE_CCACHE;
}
+ if (get_cmdline_auth_info_use_pw_nt_hash(auth_info)) {
+ flags |= CLI_FULL_CONNECTION_USE_NT_HASH;
+ }
status = cli_connect_nb(
server, NULL, port, name_type, NULL,
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index c8bd7e5..4398d80 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -209,6 +209,10 @@ struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx,
cli->use_ccache = true;
}
+ if (flags & CLI_FULL_CONNECTION_USE_NT_HASH) {
+ cli->pw_nt_hash = true;
+ }
+
if (flags & CLI_FULL_CONNECTION_OPLOCKS) {
cli->use_oplocks = true;
}
diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index c7ec142..99aa74c 100644
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -96,7 +96,7 @@ SMBC_remove_unused_server(SMBCCTX * context,
/****************************************************************
* Call the auth_fn with fixed size (fstring) buffers.
***************************************************************/
-void
+static void
SMBC_call_auth_fn(TALLOC_CTX *ctx,
SMBCCTX *context,
const char *server,
@@ -417,6 +417,10 @@ SMBC_server_internal(TALLOC_CTX *ctx,
flags |= CLI_FULL_CONNECTION_USE_CCACHE;
}
+ if (smbc_getOptionUseNTHash(context)) {
+ flags |= CLI_FULL_CONNECTION_USE_NT_HASH;
+ }
+
if (share == NULL || *share == '\0' || is_ipc) {
/*
* Try 139 first for IPC$
diff --git a/source3/libsmb/libsmb_setget.c b/source3/libsmb/libsmb_setget.c
index 0a02346..60bbc8b 100644
--- a/source3/libsmb/libsmb_setget.c
+++ b/source3/libsmb/libsmb_setget.c
@@ -457,6 +457,24 @@ smbc_setOptionUseCCache(SMBCCTX *c, smbc_bool b)
}
}
+/** Get whether to enable use of the winbind ccache */
+smbc_bool
+smbc_getOptionUseNTHash(SMBCCTX *c)
+{
+ return (c->flags & SMB_CTX_FLAG_USE_NT_HASH) != 0;
+}
+
+/** Set indication that the password supplied is the NT hash */
+void
+smbc_setOptionUseNTHash(SMBCCTX *c, smbc_bool b)
+{
+ if (b) {
+ c->flags |= SMB_CTX_FLAG_USE_NT_HASH;
+ } else {
+ c->flags &= ~SMB_CTX_FLAG_USE_NT_HASH;
+ }
+}
+
/** Get the function for obtaining authentication data */
smbc_get_auth_data_fn
smbc_getFunctionAuthData(SMBCCTX *c)
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 95a5dc9..fb41c3c 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -106,6 +106,28 @@ NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *p
return NT_STATUS_OK;
}
+NTSTATUS ntlmssp_set_password_hash(struct ntlmssp_state *state,
+ const char *pwhash)
+{
+ char nt_hash[16];
+ size_t converted;
+
+ converted = strhex_to_str(
+ nt_hash, sizeof(nt_hash), pwhash, strlen(pwhash));
+ if (converted != sizeof(nt_hash)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ TALLOC_FREE(state->lm_hash);
+ TALLOC_FREE(state->nt_hash);
+
+ state->nt_hash = (uint8_t *)talloc_memdup(state, nt_hash, 16);
+ if (!state->nt_hash) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ return NT_STATUS_OK;
+}
+
/**
* Set a domain on an NTLMSSP context - ensures it is talloc()ed
*
diff --git a/source3/libsmb/wscript b/source3/libsmb/wscript
index e614557..c5444b0 100644
--- a/source3/libsmb/wscript
+++ b/source3/libsmb/wscript
@@ -27,5 +27,5 @@ def build(bld):
public_headers='../include/libsmbclient.h',
abi_directory='ABI',
abi_match='smbc_*',
- vnum='0.1.0',
+ vnum='0.2.0',
pc_files='smbclient.pc')
--
Samba Shared Repository
More information about the samba-cvs
mailing list