[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher metze at samba.org
Tue Jun 12 04:42:05 MDT 2012


The branch, master has been updated
       via  080c1ca s3: Make --pw-nt-hash useable in smbclient
       via  a40a566 s3: Add --pw-nt-hash to popt_common_credentials
       via  93e950c s3: Add cli_state->pw_nt_hash
       via  2be5ace s3: Add user_auth_info->use_pw_nt_hash
       via  93e0844 s3-libsmbclient: change vnum to 0.2.0
       via  6c13a46 s3-libsmbclient: Add OptionUseNTHash
       via  4fb283e s3: Add CLI_FULL_CONNECTION_USE_NT_HASH
       via  3b63a67 S3: Add ntlmssp_set_password_hash
       via  ae82192 s3-libsmbclient: Make SMBC_call_auth_fn static
      from  25216d7 s4:smbd: fix typos

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 080c1ca64b618a906a9246556d07e3a0573a6cc1
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jun 11 14:10:23 2012 +0200

    s3: Make --pw-nt-hash useable in smbclient
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(master): Tue Jun 12 12:41:10 CEST 2012 on sn-devel-104

commit a40a566504ec76d8ca4829c9d690d8a353330250
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jun 11 14:03:16 2012 +0200

    s3: Add --pw-nt-hash to popt_common_credentials
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit 93e950caf8db42750869a0ec8a8d2bcb62a1d98d
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jun 11 14:02:03 2012 +0200

    s3: Add cli_state->pw_nt_hash
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit 2be5ace544a5ec280abb72504f3d4acf5240c425
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jun 11 14:01:08 2012 +0200

    s3: Add user_auth_info->use_pw_nt_hash
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit 93e0844471f468f27c3c617b068b9d5aa26f4f1b
Author: Stefan Metzmacher <metze at samba.org>
Date:   Mon Jun 11 23:47:48 2012 +0200

    s3-libsmbclient: change vnum to 0.2.0
    
    metze

commit 6c13a46732f61b596273e2bd7ff3c78a4b953195
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jun 11 13:29:10 2012 +0200

    s3-libsmbclient: Add OptionUseNTHash
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit 4fb283e70e26c3328f1ab86276a5728601cc3432
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jun 11 13:32:07 2012 +0200

    s3: Add CLI_FULL_CONNECTION_USE_NT_HASH
    
    ... as an indicator that the password supplied is the NT hash
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit 3b63a6794a008b35cd7b5bc03bcc9e4f8d4124a4
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jun 11 13:12:30 2012 +0200

    S3: Add ntlmssp_set_password_hash
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit ae821929a0ec048da69084b71c53270eecdb3e6e
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jun 11 10:15:08 2012 +0200

    s3-libsmbclient: Make SMBC_call_auth_fn static
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/include/auth_info.h                        |    5 ++++
 source3/include/client.h                           |    2 +
 source3/include/libsmb_internal.h                  |   13 +++--------
 source3/include/libsmbclient.h                     |    8 +++++++
 source3/include/proto.h                            |    2 +
 source3/lib/popt_common.c                          |    5 ++++
 source3/lib/util_cmdline.c                         |   12 ++++++++++
 .../{smbclient-0.1.0.sigs => smbclient-0.2.0.sigs} |    2 +
 source3/libsmb/cliconnect.c                        |    6 ++++-
 source3/libsmb/clidfs.c                            |    3 ++
 source3/libsmb/clientgen.c                         |    4 +++
 source3/libsmb/libsmb_server.c                     |    6 ++++-
 source3/libsmb/libsmb_setget.c                     |   18 ++++++++++++++++
 source3/libsmb/ntlmssp.c                           |   22 ++++++++++++++++++++
 source3/libsmb/wscript                             |    2 +-
 15 files changed, 98 insertions(+), 12 deletions(-)
 copy source3/libsmb/ABI/{smbclient-0.1.0.sigs => smbclient-0.2.0.sigs} (98%)


Changeset truncated at 500 lines:

diff --git a/source3/include/auth_info.h b/source3/include/auth_info.h
index 6b5105d..d8d8317 100644
--- a/source3/include/auth_info.h
+++ b/source3/include/auth_info.h
@@ -31,6 +31,7 @@ struct user_auth_info {
 	bool use_machine_account;
 	bool fallback_after_kerberos;
 	bool use_ccache;
+	bool use_pw_nt_hash;
 };
 
 struct user_auth_info *user_auth_info_init(TALLOC_CTX *mem_ctx);
@@ -49,6 +50,10 @@ int get_cmdline_auth_info_signing_state(const struct user_auth_info *auth_info);
 void set_cmdline_auth_info_use_ccache(struct user_auth_info *auth_info,
 				      bool b);
 bool get_cmdline_auth_info_use_ccache(const struct user_auth_info *auth_info);
+void set_cmdline_auth_info_use_pw_nt_hash(struct user_auth_info *auth_info,
+					  bool b);
+bool get_cmdline_auth_info_use_pw_nt_hash(
+	const struct user_auth_info *auth_info);
 void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info,
 					bool b);
 bool get_cmdline_auth_info_use_kerberos(const struct user_auth_info *auth_info);
diff --git a/source3/include/client.h b/source3/include/client.h
index 18bf26e..5694ed0 100644
--- a/source3/include/client.h
+++ b/source3/include/client.h
@@ -87,6 +87,7 @@ struct cli_state {
 	bool use_kerberos;
 	bool fallback_after_kerberos;
 	bool use_ccache;
+	bool pw_nt_hash;
 	bool got_kerberos_mechanism; /* Server supports krb5 in SPNEGO. */
 
 	bool use_oplocks; /* should we use oplocks? */
@@ -141,5 +142,6 @@ struct file_info {
 #define CLI_FULL_CONNECTION_USE_CCACHE 0x0040
 #define CLI_FULL_CONNECTION_FORCE_DOS_ERRORS 0x0080
 #define CLI_FULL_CONNECTION_FORCE_ASCII 0x0100
+#define CLI_FULL_CONNECTION_USE_NT_HASH 0x0200
 
 #endif /* _CLIENT_H */
diff --git a/source3/include/libsmb_internal.h b/source3/include/libsmb_internal.h
index 0c8d8ab..aba159a 100644
--- a/source3/include/libsmb_internal.h
+++ b/source3/include/libsmb_internal.h
@@ -48,6 +48,10 @@ typedef struct DOS_ATTR_DESC {
 	SMB_INO_T inode;
 } DOS_ATTR_DESC;
 
+/*
+ * Extension of libsmbclient.h's #defines
+ */
+#define SMB_CTX_FLAG_USE_NT_HASH (1 << 4)
 
 /*
  * Internal flags for extended attributes
@@ -450,15 +454,6 @@ SMBC_remove_unused_server(SMBCCTX * context,
                           SMBCSRV * srv);
 
 void
-SMBC_call_auth_fn(TALLOC_CTX *ctx,
-                  SMBCCTX *context,
-                  const char *server,
-                  const char *share,
-                  char **pp_workgroup,
-                  char **pp_username,
-                  char **pp_password);
-
-void
 SMBC_get_auth_data(const char *server, const char *share,
                    char *workgroup_buf, int workgroup_buf_len,
                    char *username_buf, int username_buf_len,
diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h
index ccf80da..61ff6a3 100644
--- a/source3/include/libsmbclient.h
+++ b/source3/include/libsmbclient.h
@@ -743,6 +743,14 @@ smbc_getOptionUseCCache(SMBCCTX *c);
 void
 smbc_setOptionUseCCache(SMBCCTX *c, smbc_bool b);
 
+/** Get indication that the password supplied is the NT hash */
+smbc_bool
+smbc_getOptionUseNTHash(SMBCCTX *c);
+
+/** Set indication that the password supplied is the NT hash */
+void
+smbc_setOptionUseNTHash(SMBCCTX *c, smbc_bool b);
+
 
 
 /*************************************
diff --git a/source3/include/proto.h b/source3/include/proto.h
index b265d7a..d1d7131 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -939,6 +939,8 @@ bool get_dc_name(const char *domain,
 struct ntlmssp_state;
 NTSTATUS ntlmssp_set_username(struct ntlmssp_state *ntlmssp_state, const char *user) ;
 NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *password) ;
+NTSTATUS ntlmssp_set_password_hash(struct ntlmssp_state *ntlmssp_state,
+				   const char *hash);
 NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *domain) ;
 void ntlmssp_want_feature_list(struct ntlmssp_state *ntlmssp_state, char *feature_list);
 void ntlmssp_want_feature(struct ntlmssp_state *ntlmssp_state, uint32_t feature);
diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c
index 3bcee1c..94e551d 100644
--- a/source3/lib/popt_common.c
+++ b/source3/lib/popt_common.c
@@ -592,6 +592,9 @@ static void popt_common_credentials_callback(poptContext con,
 	case 'C':
 		set_cmdline_auth_info_use_ccache(auth_info, true);
 		break;
+	case 'H':
+		set_cmdline_auth_info_use_pw_nt_hash(auth_info, true);
+		break;
 	}
 }
 
@@ -615,5 +618,7 @@ struct poptOption popt_common_credentials[] = {
 	{"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" },
 	{"use-ccache", 'C', POPT_ARG_NONE, NULL, 'C',
 	 "Use the winbind ccache for authentication" },
+	{"pw-nt-hash", '\0', POPT_ARG_NONE, NULL, 'H',
+	 "The supplied password is the NT hash" },
 	POPT_TABLEEND
 };
diff --git a/source3/lib/util_cmdline.c b/source3/lib/util_cmdline.c
index 1d2c725..4403846 100644
--- a/source3/lib/util_cmdline.c
+++ b/source3/lib/util_cmdline.c
@@ -136,6 +136,18 @@ bool get_cmdline_auth_info_use_ccache(const struct user_auth_info *auth_info)
 	return auth_info->use_ccache;
 }
 
+void set_cmdline_auth_info_use_pw_nt_hash(struct user_auth_info *auth_info,
+					  bool b)
+{
+	auth_info->use_pw_nt_hash = b;
+}
+
+bool get_cmdline_auth_info_use_pw_nt_hash(
+	const struct user_auth_info *auth_info)
+{
+	return auth_info->use_pw_nt_hash;
+}
+
 void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info,
 					bool b)
 {
diff --git a/source3/libsmb/ABI/smbclient-0.1.0.sigs b/source3/libsmb/ABI/smbclient-0.2.0.sigs
similarity index 98%
copy from source3/libsmb/ABI/smbclient-0.1.0.sigs
copy to source3/libsmb/ABI/smbclient-0.2.0.sigs
index bbd7700..aa85859 100644
--- a/source3/libsmb/ABI/smbclient-0.1.0.sigs
+++ b/source3/libsmb/ABI/smbclient-0.2.0.sigs
@@ -64,6 +64,7 @@ smbc_getOptionSmbEncryptionLevel: smbc_smb_encrypt_level (SMBCCTX *)
 smbc_getOptionUrlEncodeReaddirEntries: smbc_bool (SMBCCTX *)
 smbc_getOptionUseCCache: smbc_bool (SMBCCTX *)
 smbc_getOptionUseKerberos: smbc_bool (SMBCCTX *)
+smbc_getOptionUseNTHash: smbc_bool (SMBCCTX *)
 smbc_getOptionUserData: void *(SMBCCTX *)
 smbc_getServerCacheData: struct smbc_server_cache *(SMBCCTX *)
 smbc_getTimeout: int (SMBCCTX *)
@@ -148,6 +149,7 @@ smbc_setOptionSmbEncryptionLevel: void (SMBCCTX *, smbc_smb_encrypt_level)
 smbc_setOptionUrlEncodeReaddirEntries: void (SMBCCTX *, smbc_bool)
 smbc_setOptionUseCCache: void (SMBCCTX *, smbc_bool)
 smbc_setOptionUseKerberos: void (SMBCCTX *, smbc_bool)
+smbc_setOptionUseNTHash: void (SMBCCTX *, smbc_bool)
 smbc_setOptionUserData: void (SMBCCTX *, void *)
 smbc_setServerCacheData: void (SMBCCTX *, struct smbc_server_cache *)
 smbc_setTimeout: void (SMBCCTX *, int)
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index f46ce06..acc3a21 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1648,7 +1648,11 @@ static struct tevent_req *cli_session_setup_ntlmssp_send(
 	if (!NT_STATUS_IS_OK(status)) {
 		goto fail;
 	}
-	status = ntlmssp_set_password(state->ntlmssp_state, pass);
+	if (cli->pw_nt_hash) {
+		status = ntlmssp_set_password_hash(state->ntlmssp_state, pass);
+	} else {
+		status = ntlmssp_set_password(state->ntlmssp_state, pass);
+	}
 	if (!NT_STATUS_IS_OK(status)) {
 		goto fail;
 	}
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index 4655915..95f8817 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -129,6 +129,9 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
 	if (get_cmdline_auth_info_use_ccache(auth_info)) {
 		flags |= CLI_FULL_CONNECTION_USE_CCACHE;
 	}
+	if (get_cmdline_auth_info_use_pw_nt_hash(auth_info)) {
+		flags |= CLI_FULL_CONNECTION_USE_NT_HASH;
+	}
 
 	status = cli_connect_nb(
 		server, NULL, port, name_type, NULL,
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index c8bd7e5..4398d80 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -209,6 +209,10 @@ struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx,
 		cli->use_ccache = true;
 	}
 
+	if (flags & CLI_FULL_CONNECTION_USE_NT_HASH) {
+		cli->pw_nt_hash = true;
+	}
+
 	if (flags & CLI_FULL_CONNECTION_OPLOCKS) {
 		cli->use_oplocks = true;
 	}
diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index c7ec142..99aa74c 100644
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -96,7 +96,7 @@ SMBC_remove_unused_server(SMBCCTX * context,
 /****************************************************************
  * Call the auth_fn with fixed size (fstring) buffers.
  ***************************************************************/
-void
+static void
 SMBC_call_auth_fn(TALLOC_CTX *ctx,
                   SMBCCTX *context,
                   const char *server,
@@ -417,6 +417,10 @@ SMBC_server_internal(TALLOC_CTX *ctx,
 		flags |= CLI_FULL_CONNECTION_USE_CCACHE;
 	}
 
+	if (smbc_getOptionUseNTHash(context)) {
+		flags |= CLI_FULL_CONNECTION_USE_NT_HASH;
+	}
+
         if (share == NULL || *share == '\0' || is_ipc) {
 		/*
 		 * Try 139 first for IPC$
diff --git a/source3/libsmb/libsmb_setget.c b/source3/libsmb/libsmb_setget.c
index 0a02346..60bbc8b 100644
--- a/source3/libsmb/libsmb_setget.c
+++ b/source3/libsmb/libsmb_setget.c
@@ -457,6 +457,24 @@ smbc_setOptionUseCCache(SMBCCTX *c, smbc_bool b)
         }
 }
 
+/** Get whether to enable use of the winbind ccache */
+smbc_bool
+smbc_getOptionUseNTHash(SMBCCTX *c)
+{
+        return (c->flags & SMB_CTX_FLAG_USE_NT_HASH) != 0;
+}
+
+/** Set indication that the password supplied is the NT hash */
+void
+smbc_setOptionUseNTHash(SMBCCTX *c, smbc_bool b)
+{
+        if (b) {
+                c->flags |= SMB_CTX_FLAG_USE_NT_HASH;
+        } else {
+                c->flags &= ~SMB_CTX_FLAG_USE_NT_HASH;
+        }
+}
+
 /** Get the function for obtaining authentication data */
 smbc_get_auth_data_fn
 smbc_getFunctionAuthData(SMBCCTX *c)
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 95a5dc9..fb41c3c 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -106,6 +106,28 @@ NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *p
 	return NT_STATUS_OK;
 }
 
+NTSTATUS ntlmssp_set_password_hash(struct ntlmssp_state *state,
+				   const char *pwhash)
+{
+	char nt_hash[16];
+	size_t converted;
+
+	converted = strhex_to_str(
+		nt_hash, sizeof(nt_hash), pwhash, strlen(pwhash));
+	if (converted != sizeof(nt_hash)) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	TALLOC_FREE(state->lm_hash);
+	TALLOC_FREE(state->nt_hash);
+
+	state->nt_hash = (uint8_t *)talloc_memdup(state, nt_hash, 16);
+	if (!state->nt_hash) {
+		return NT_STATUS_NO_MEMORY;
+	}
+	return NT_STATUS_OK;
+}
+
 /**
  * Set a domain on an NTLMSSP context - ensures it is talloc()ed
  *
diff --git a/source3/libsmb/wscript b/source3/libsmb/wscript
index e614557..c5444b0 100644
--- a/source3/libsmb/wscript
+++ b/source3/libsmb/wscript
@@ -27,5 +27,5 @@ def build(bld):
                        public_headers='../include/libsmbclient.h',
                        abi_directory='ABI',
                        abi_match='smbc_*',
-                       vnum='0.1.0',
+                       vnum='0.2.0',
                        pc_files='smbclient.pc')


-- 
Samba Shared Repository


More information about the samba-cvs mailing list