diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-01-30 22:42:39 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-02-17 10:48:09 +0100 |
commit | 52ac479764e85296a6a6100d143104d78c51aa8b (patch) | |
tree | 782fd512814eb32f50234f45cd74fdb8b85f6411 | |
parent | 8adde1b46b49011298e77f44a2053d0ec735a306 (diff) | |
download | samba-52ac479764e85296a6a6100d143104d78c51aa8b.tar.gz samba-52ac479764e85296a6a6100d143104d78c51aa8b.tar.bz2 samba-52ac479764e85296a6a6100d143104d78c51aa8b.zip |
auth: Move the rest of the source4 gensec_ntlmssp code to the top level
The ntlmssp_server code will be in common shortly, and aside from a
symbol name or two, moving the client code causes no harm and makes
less mess. We will also get the client code in common very soon.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r-- | auth/ntlmssp/gensec_ntlmssp_server.c (renamed from source4/auth/ntlmssp/ntlmssp_server.c) | 27 | ||||
-rw-r--r-- | auth/ntlmssp/ntlmssp.c (renamed from source4/auth/ntlmssp/ntlmssp.c) | 34 | ||||
-rw-r--r-- | auth/ntlmssp/ntlmssp.h | 2 | ||||
-rw-r--r-- | auth/ntlmssp/ntlmssp_client.c (renamed from source4/auth/ntlmssp/ntlmssp_client.c) | 64 | ||||
-rw-r--r-- | auth/ntlmssp/ntlmssp_private.h | 79 | ||||
-rw-r--r-- | auth/ntlmssp/wscript_build | 19 | ||||
-rw-r--r-- | libcli/auth/wscript_build | 4 | ||||
-rw-r--r-- | libcli/lsarpc/wscript_build | 2 | ||||
-rw-r--r-- | source3/libsmb/ntlmssp.c | 12 | ||||
-rw-r--r-- | source4/auth/ntlmssp/wscript_build | 12 | ||||
-rw-r--r-- | source4/auth/wscript_build | 1 |
11 files changed, 166 insertions, 90 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/gensec_ntlmssp_server.c index 693613f5ec..fe93d0bfc2 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/auth/ntlmssp/gensec_ntlmssp_server.c @@ -1,4 +1,4 @@ -/* +/* Unix SMB/Netbios implementation. Version 3.0 handle NLTMSSP, client server side parsing @@ -11,12 +11,12 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -31,10 +31,8 @@ #include "../libcli/auth/libcli_auth.h" #include "../lib/crypto/crypto.h" #include "auth/gensec/gensec.h" -#include "auth/gensec/gensec_proto.h" -#include "auth/auth.h" +#include "auth/common_auth.h" #include "param/param.h" -#include "source4/auth/ntlmssp/proto.h" /** * Next state function for the Negotiate packet (GENSEC wrapper) @@ -79,7 +77,7 @@ NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security, } /** - * Return the challenge as determined by the authentication subsystem + * Return the challenge as determined by the authentication subsystem * @return an 8 byte random challenge */ @@ -123,7 +121,7 @@ static bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_s } /** - * NTLM2 authentication modifies the effective challenge, + * NTLM2 authentication modifies the effective challenge, * @param challenge The new challenge value */ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge) @@ -150,7 +148,7 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, } /** - * Check the password on an NTLMSSP login. + * Check the password on an NTLMSSP login. * * Return the session keys used on the connection. */ @@ -197,11 +195,11 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, talloc_steal(mem_ctx, user_session_key->data); talloc_steal(mem_ctx, lm_session_key->data); - + return nt_status; } -/** +/** * Return the credentials of a logged on user, including session keys * etc. * @@ -213,7 +211,7 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, - struct auth_session_info **session_info) + struct auth_session_info **session_info) { NTSTATUS nt_status; struct gensec_ntlmssp_context *gensec_ntlmssp = @@ -237,7 +235,7 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security, DEBUG(0, ("Cannot generate a session_info without the auth_context\n")); return NT_STATUS_INTERNAL_ERROR; } - + NT_STATUS_NOT_OK_RETURN(nt_status); return gensec_ntlmssp_session_key(gensec_security, *session_info, @@ -245,7 +243,7 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security, } /** - * Start NTLMSSP on the server side + * Start NTLMSSP on the server side * */ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) @@ -354,4 +352,3 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) return NT_STATUS_OK; } - diff --git a/source4/auth/ntlmssp/ntlmssp.c b/auth/ntlmssp/ntlmssp.c index 47903d161b..720a815449 100644 --- a/source4/auth/ntlmssp/ntlmssp.c +++ b/auth/ntlmssp/ntlmssp.c @@ -1,4 +1,4 @@ -/* +/* Unix SMB/Netbios implementation. Version 3.0 handle NLTMSSP, client server side parsing @@ -11,12 +11,12 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -25,16 +25,14 @@ struct auth_session_info; #include "includes.h" #include "auth/ntlmssp/ntlmssp.h" -#include "source4/auth/ntlmssp/proto.h" +#include "auth/ntlmssp/ntlmssp_private.h" #include "../libcli/auth/libcli_auth.h" #include "librpc/gen_ndr/ndr_dcerpc.h" #include "auth/gensec/gensec.h" -#include "auth/gensec/gensec_proto.h" -#include "auth/gensec/gensec_toplevel_proto.h" /** * Callbacks for NTLMSSP - for both client and server operating modes - * + * */ static const struct ntlmssp_callbacks { @@ -123,25 +121,25 @@ static NTSTATUS gensec_ntlmssp_update_find(struct ntlmssp_state *ntlmssp_state, } } - DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n", + DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n", ntlmssp_state->role, ntlmssp_command)); - + return NT_STATUS_INVALID_PARAMETER; } /** * Next state function for the wrapped NTLMSSP state machine - * + * * @param gensec_security GENSEC state, initialised to NTLMSSP * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on * @param in The request, as a DATA_BLOB * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx - * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, - * or NT_STATUS_OK if the user is authenticated. + * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, + * or NT_STATUS_OK if the user is authenticated. */ -static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, - TALLOC_CTX *out_mem_ctx, +static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, struct tevent_context *ev, const DATA_BLOB input, DATA_BLOB *out) { @@ -155,7 +153,7 @@ static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, *out = data_blob(NULL, 0); if (!out_mem_ctx) { - /* if the caller doesn't want to manage/own the memory, + /* if the caller doesn't want to manage/own the memory, we can put it on our context */ out_mem_ctx = ntlmssp_state; } @@ -165,12 +163,12 @@ static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, status = ntlmssp_callbacks[i].sync_fn(gensec_security, out_mem_ctx, input, out); NT_STATUS_NOT_OK_RETURN(status); - + return NT_STATUS_OK; } -static const char *gensec_ntlmssp_oids[] = { - GENSEC_OID_NTLMSSP, +static const char *gensec_ntlmssp_oids[] = { + GENSEC_OID_NTLMSSP, NULL }; diff --git a/auth/ntlmssp/ntlmssp.h b/auth/ntlmssp/ntlmssp.h index 2fed2b1f51..eb44913d87 100644 --- a/auth/ntlmssp/ntlmssp.h +++ b/auth/ntlmssp/ntlmssp.h @@ -235,3 +235,5 @@ NTSTATUS gensec_ntlmssp_unwrap(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, const DATA_BLOB *in, DATA_BLOB *out); + +NTSTATUS gensec_ntlmssp_init(void); diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/auth/ntlmssp/ntlmssp_client.c index 6e372dc8f8..1a2e857a58 100644 --- a/source4/auth/ntlmssp/ntlmssp_client.c +++ b/auth/ntlmssp/ntlmssp_client.c @@ -1,4 +1,4 @@ -/* +/* Unix SMB/Netbios implementation. Version 3.0 handle NLTMSSP, client server side parsing @@ -11,12 +11,12 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -25,7 +25,6 @@ struct auth_session_info; #include "includes.h" #include "auth/ntlmssp/ntlmssp.h" -#include "source4/auth/ntlmssp/proto.h" #include "../lib/crypto/crypto.h" #include "../libcli/auth/libcli_auth.h" #include "auth/credentials/credentials.h" @@ -41,17 +40,17 @@ struct auth_session_info; /** * Next state function for the Initial packet - * + * * @param ntlmssp_state NTLMSSP State * @param out_mem_ctx The DATA_BLOB *out will be allocated on this context * @param in A NULL data blob (input ignored) * @param out The initial negotiate request to the server, as an talloc()ed DATA_BLOB, on out_mem_ctx - * @return Errors or NT_STATUS_OK. + * @return Errors or NT_STATUS_OK. */ -NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security, - TALLOC_CTX *out_mem_ctx, - DATA_BLOB in, DATA_BLOB *out) +NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + DATA_BLOB in, DATA_BLOB *out) { struct gensec_ntlmssp_context *gensec_ntlmssp = talloc_get_type_abort(gensec_security->private_data, @@ -116,17 +115,17 @@ NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security, /** * Next state function for the Challenge Packet. Generate an auth packet. - * + * * @param gensec_security GENSEC state * @param out_mem_ctx Memory context for *out * @param in The server challnege, as a DATA_BLOB. reply.data must be NULL * @param out The next request (auth packet) to the server, as an allocated DATA_BLOB, on the out_mem_ctx context - * @return Errors or NT_STATUS_OK. + * @return Errors or NT_STATUS_OK. */ -NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, +NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, - const DATA_BLOB in, DATA_BLOB *out) + const DATA_BLOB in, DATA_BLOB *out) { struct gensec_ntlmssp_context *gensec_ntlmssp = talloc_get_type_abort(gensec_security->private_data, @@ -156,7 +155,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, if (!msrpc_parse(mem_ctx, &in, "CdBd", "NTLMSSP", - &ntlmssp_command, + &ntlmssp_command, &server_domain_blob, &chal_flags)) { DEBUG(1, ("Failed to parse the NTLMSSP Challenge: (#1)\n")); @@ -165,7 +164,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, return NT_STATUS_INVALID_PARAMETER; } - + data_blob_free(&server_domain_blob); DEBUG(3, ("Got challenge flags:\n")); @@ -193,7 +192,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, if (!msrpc_parse(mem_ctx, &in, chal_parse_string, "NTLMSSP", - &ntlmssp_command, + &ntlmssp_command, &server_domain, &chal_flags, &challenge_blob, 8, @@ -221,7 +220,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, return NT_STATUS_INVALID_PARAMETER; } - cli_credentials_get_ntlm_username_domain(gensec_security->credentials, mem_ctx, + cli_credentials_get_ntlm_username_domain(gensec_security->credentials, mem_ctx, &user, &domain); if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) { @@ -237,15 +236,15 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, flags |= CLI_CRED_LANMAN_AUTH; } - nt_status = cli_credentials_get_ntlm_response(gensec_security->credentials, mem_ctx, + nt_status = cli_credentials_get_ntlm_response(gensec_security->credentials, mem_ctx, &flags, challenge_blob, target_info, - &lm_response, &nt_response, + &lm_response, &nt_response, &lm_session_key, &session_key); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } - + if (!(flags & CLI_CRED_LANMAN_AUTH)) { /* LM Key is still possible, just silly, so we do not * allow it. Fortunetly all LM crypto is off by @@ -258,12 +257,12 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, /* NTLM2 is incompatible... */ ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2; } - + if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) && lpcfg_client_lanman_auth(gensec_security->settings->lp_ctx) && lm_session_key.length == 16) { DATA_BLOB new_session_key = data_blob_talloc(mem_ctx, NULL, 16); if (lm_response.length == 24) { - SMBsesskeygen_lm_sess_key(lm_session_key.data, lm_response.data, + SMBsesskeygen_lm_sess_key(lm_session_key.data, lm_response.data, new_session_key.data); } else { static const uint8_t zeros[24]; @@ -297,14 +296,14 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, debug_ntlmssp_flags(ntlmssp_state->neg_flags); /* this generates the actual auth packet */ - nt_status = msrpc_gen(mem_ctx, - out, auth_gen_string, - "NTLMSSP", - NTLMSSP_AUTH, + nt_status = msrpc_gen(mem_ctx, + out, auth_gen_string, + "NTLMSSP", + NTLMSSP_AUTH, lm_response.data, lm_response.length, nt_response.data, nt_response.length, - domain, - user, + domain, + user, cli_credentials_get_workstation(gensec_security->credentials), encrypted_session_key.data, encrypted_session_key.length, ntlmssp_state->neg_flags); @@ -329,7 +328,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, if (gensec_security->want_features & (GENSEC_FEATURE_SIGN|GENSEC_FEATURE_SEAL)) { nt_status = ntlmssp_sign_init(ntlmssp_state); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(1, ("Could not setup NTLMSSP signing/sealing system (error was: %s)\n", + DEBUG(1, ("Could not setup NTLMSSP signing/sealing system (error was: %s)\n", nt_errstr(nt_status))); talloc_free(mem_ctx); return nt_status; @@ -418,10 +417,10 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) * We need to set this to allow a later SetPassword * via the SAMR pipe to succeed. Strange.... We could * also add NTLMSSP_NEGOTIATE_SEAL here. JRA. - * + * * Without this, Windows will not create the master key - * that it thinks is only used for NTLMSSP signing and - * sealing. (It is actually pulled out and used directly) + * that it thinks is only used for NTLMSSP signing and + * sealing. (It is actually pulled out and used directly) */ ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; } @@ -435,4 +434,3 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) return NT_STATUS_OK; } - diff --git a/auth/ntlmssp/ntlmssp_private.h b/auth/ntlmssp/ntlmssp_private.h index fc74428288..431626c34d 100644 --- a/auth/ntlmssp/ntlmssp_private.h +++ b/auth/ntlmssp/ntlmssp_private.h @@ -22,6 +22,8 @@ #include "../lib/crypto/arcfour.h" +struct auth_session_info; + struct ntlmssp_crypt_direction { uint32_t seq_num; uint8_t sign_key[16]; @@ -55,3 +57,80 @@ NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX *out_mem_ctx, const DATA_BLOB request, DATA_BLOB *reply); +/* The following definitions come from auth/ntlmssp/ntlmssp_client.c */ + + +/** + * Next state function for the Initial packet + * + * @param ntlmssp_state NTLMSSP State + * @param out_mem_ctx The DATA_BLOB *out will be allocated on this context + * @param in A NULL data blob (input ignored) + * @param out The initial negotiate request to the server, as an talloc()ed DATA_BLOB, on out_mem_ctx + * @return Errors or NT_STATUS_OK. + */ +NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + DATA_BLOB in, DATA_BLOB *out) ; + +/** + * Next state function for the Challenge Packet. Generate an auth packet. + * + * @param gensec_security GENSEC state + * @param out_mem_ctx Memory context for *out + * @param in The server challnege, as a DATA_BLOB. reply.data must be NULL + * @param out The next request (auth packet) to the server, as an allocated DATA_BLOB, on the out_mem_ctx context + * @return Errors or NT_STATUS_OK. + */ +NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB in, DATA_BLOB *out) ; +NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security); + +/* The following definitions come from auth/ntlmssp/ntlmssp_server.c */ + + +/** + * Next state function for the Negotiate packet (GENSEC wrapper) + * + * @param gensec_security GENSEC state + * @param out_mem_ctx Memory context for *out + * @param in The request, as a DATA_BLOB. reply.data must be NULL + * @param out The reply, as an allocated DATA_BLOB, caller to free. + * @return Errors or MORE_PROCESSING_REQUIRED if (normal) a reply is required. + */ +NTSTATUS gensec_ntlmssp_server_negotiate(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB request, DATA_BLOB *reply); + +/** + * Next state function for the Authenticate packet (GENSEC wrapper) + * + * @param gensec_security GENSEC state + * @param out_mem_ctx Memory context for *out + * @param in The request, as a DATA_BLOB. reply.data must be NULL + * @param out The reply, as an allocated DATA_BLOB, caller to free. + * @return Errors or NT_STATUS_OK if authentication sucessful + */ +NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB in, DATA_BLOB *out); + +/** + * Return the credentials of a logged on user, including session keys + * etc. + * + * Only valid after a successful authentication + * + * May only be called once per authentication. + * + */ +NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, + struct auth_session_info **session_info) ; + +/** + * Start NTLMSSP on the server side + * + */ +NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security); diff --git a/auth/ntlmssp/wscript_build b/auth/ntlmssp/wscript_build index e68c4c8924..8725a8077d 100644 --- a/auth/ntlmssp/wscript_build +++ b/auth/ntlmssp/wscript_build @@ -1,3 +1,18 @@ bld.SAMBA_SUBSYSTEM('NTLMSSP_COMMON', - source='gensec_ntlmssp.c ntlmssp_util.c ntlmssp_ndr.c ntlmssp_server.c ntlmssp_sign.c', - deps='samba-util NDR_NTLMSSP MSRPC_PARSE NTLM_CHECK') + source='''gensec_ntlmssp.c + ntlmssp.c + ntlmssp_util.c + ntlmssp_ndr.c + ntlmssp_client.c + ntlmssp_server.c + ntlmssp_sign.c + gensec_ntlmssp_server.c''', + deps='samba-util NDR_NTLMSSP MSRPC_PARSE NTLM_CHECK samba-credentials') + +bld.SAMBA_MODULE('gensec_ntlmssp', + source='''''', + subsystem='gensec', + init_function='gensec_ntlmssp_init', + deps='NTLMSSP_COMMON', + internal_module=True + ) diff --git a/libcli/auth/wscript_build b/libcli/auth/wscript_build index ff8b82ebd0..b4b648efa1 100644 --- a/libcli/auth/wscript_build +++ b/libcli/auth/wscript_build @@ -2,7 +2,7 @@ bld.SAMBA_LIBRARY('cliauth', source='', - deps='NTLMSSP_COMMON MSRPC_PARSE LIBCLI_AUTH COMMON_SCHANNEL PAM_ERRORS SPNEGO_PARSE KRB5_WRAP errors NTLM_CHECK UTIL_LSARPC', + deps='MSRPC_PARSE LIBCLI_AUTH COMMON_SCHANNEL PAM_ERRORS SPNEGO_PARSE KRB5_WRAP errors NTLM_CHECK UTIL_LSARPC', private_library=True, grouping_library=True) @@ -25,7 +25,7 @@ bld.SAMBA_SUBSYSTEM('LIBCLI_AUTH', bld.SAMBA_SUBSYSTEM('COMMON_SCHANNEL', source='schannel_state_tdb.c schannel_sign.c', - deps='tdb-wrap UTIL_TDB samba-hostconfig' + deps='tdb-wrap UTIL_TDB samba-hostconfig NDR_NETLOGON' ) diff --git a/libcli/lsarpc/wscript_build b/libcli/lsarpc/wscript_build index feb3970041..c613d66a8c 100644 --- a/libcli/lsarpc/wscript_build +++ b/libcli/lsarpc/wscript_build @@ -2,4 +2,4 @@ bld.SAMBA_SUBSYSTEM('UTIL_LSARPC', source='util_lsarpc.c', - deps='NDR_LSA'); + deps='NDR_LSA NDR_DRSBLOBS'); diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 989f26b458..a0a632737a 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -32,10 +32,10 @@ #include "../lib/crypto/hmacmd5.h" #include "../nsswitch/libwbclient/wbclient.h" -static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state, +static NTSTATUS ntlmssp3_client_initial(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX *out_mem_ctx, DATA_BLOB reply, DATA_BLOB *next_request); -static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, +static NTSTATUS ntlmssp3_client_challenge(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX *out_mem_ctx, /* Unused at this time */ const DATA_BLOB reply, DATA_BLOB *next_request); /** @@ -50,9 +50,9 @@ static const struct ntlmssp_callbacks { TALLOC_CTX *out_mem_ctx, DATA_BLOB in, DATA_BLOB *out); } ntlmssp_callbacks[] = { - {NTLMSSP_CLIENT, NTLMSSP_INITIAL, ntlmssp_client_initial}, + {NTLMSSP_CLIENT, NTLMSSP_INITIAL, ntlmssp3_client_initial}, {NTLMSSP_SERVER, NTLMSSP_NEGOTIATE, ntlmssp_server_negotiate}, - {NTLMSSP_CLIENT, NTLMSSP_CHALLENGE, ntlmssp_client_challenge}, + {NTLMSSP_CLIENT, NTLMSSP_CHALLENGE, ntlmssp3_client_challenge}, {NTLMSSP_SERVER, NTLMSSP_AUTH, ntlmssp_server_auth}, {NTLMSSP_CLIENT, NTLMSSP_UNKNOWN, NULL}, {NTLMSSP_SERVER, NTLMSSP_UNKNOWN, NULL} @@ -367,7 +367,7 @@ NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx, * @return Errors or NT_STATUS_OK. */ -static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state, +static NTSTATUS ntlmssp3_client_initial(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX *out_mem_ctx, DATA_BLOB in, DATA_BLOB *out) { @@ -437,7 +437,7 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state, * @return Errors or NT_STATUS_OK. */ -static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, +static NTSTATUS ntlmssp3_client_challenge(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX *out_mem_ctx, /* Unused at this time */ const DATA_BLOB reply, DATA_BLOB *next_request) { diff --git a/source4/auth/ntlmssp/wscript_build b/source4/auth/ntlmssp/wscript_build deleted file mode 100644 index 4d25271a8b..0000000000 --- a/source4/auth/ntlmssp/wscript_build +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env python - -bld.SAMBA_MODULE('gensec_ntlmssp', - source='''ntlmssp.c - ntlmssp_client.c ntlmssp_server.c''', - autoproto='proto.h', - subsystem='gensec', - init_function='gensec_ntlmssp_init', - deps='samba-credentials NTLMSSP_COMMON', - internal_module=True - ) - diff --git a/source4/auth/wscript_build b/source4/auth/wscript_build index ebee49b89c..3b43a62b2a 100644 --- a/source4/auth/wscript_build +++ b/source4/auth/wscript_build @@ -2,7 +2,6 @@ bld.RECURSE('gensec') bld.RECURSE('kerberos') -bld.RECURSE('ntlmssp') bld.RECURSE('ntlm') bld.SAMBA_SUBSYSTEM('auth_session', |