summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-01-28 12:07:02 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-01-28 12:07:02 +0000
commit1cba0a757970ffd8b81d61c88965010968ab3eff (patch)
treed776df92ed188a6818033b1dc1f1b3eadc22fe1e /source3/auth
parent23265259508e2a89c0386608c5f034fac635ca62 (diff)
downloadsamba-1cba0a757970ffd8b81d61c88965010968ab3eff.tar.gz
samba-1cba0a757970ffd8b81d61c88965010968ab3eff.tar.bz2
samba-1cba0a757970ffd8b81d61c88965010968ab3eff.zip
Merge from HEAD:
- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor. - also consequential changes to the NTLMSSP and SPNEGO parsing functions - and the client code that uses the same functions - Add ntlm_auth, a NTLMSSP authentication interface for use by applications like Squid and Apache. - also consquential changes to use common code for base64 encode/decode. - Winbind changes to support ntlm_auth (I don't want this program to need to read smb.conf, instead getting all it's details over the pipe). - nmbd changes for fstrcat() instead of fstrcpy(). Andrew Bartlett (This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 3c4448445a..5d56603b9f 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -57,7 +57,8 @@ static const uint8 *get_ntlm_challenge(struct auth_context *auth_context)
TALLOC_CTX *mem_ctx;
if (auth_context->challenge.length) {
- DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge (normal)\n"));
+ DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge by module %s (normal)\n",
+ auth_context->challenge_set_by));
return auth_context->challenge.data;
}
@@ -190,6 +191,12 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n",
user_info->domain.str, user_info->internal_username.str, user_info->wksta_name.str));
+
+ if (auth_context->challenge.length != 8) {
+ DEBUG(0, ("check_ntlm_password: Invalid challenge stored for this auth context - cannot continue\n"));
+ return NT_STATUS_LOGON_FAILURE;
+ }
+
if (auth_context->challenge_set_by)
DEBUG(10, ("check_ntlm_password: auth_context challenge created by %s\n",
auth_context->challenge_set_by));
@@ -441,6 +448,7 @@ NTSTATUS make_auth_context_fixed(struct auth_context **auth_context, uchar chal[
}
(*auth_context)->challenge = data_blob(chal, 8);
+ (*auth_context)->challenge_set_by = "fixed";
return nt_status;
}