diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-01-28 12:07:02 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-01-28 12:07:02 +0000 |
| commit | 1cba0a757970ffd8b81d61c88965010968ab3eff (patch) | |
| tree | d776df92ed188a6818033b1dc1f1b3eadc22fe1e /source3/auth | |
| parent | 23265259508e2a89c0386608c5f034fac635ca62 (diff) | |
| download | samba-1cba0a757970ffd8b81d61c88965010968ab3eff.tar.gz samba-1cba0a757970ffd8b81d61c88965010968ab3eff.tar.bz2 samba-1cba0a757970ffd8b81d61c88965010968ab3eff.zip | |
Merge from HEAD:
- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor.
- also consequential changes to the NTLMSSP and SPNEGO parsing functions
- and the client code that uses the same functions
- Add ntlm_auth, a NTLMSSP authentication interface for use by applications
like Squid and Apache.
- also consquential changes to use common code for base64 encode/decode.
- Winbind changes to support ntlm_auth (I don't want this program to need
to read smb.conf, instead getting all it's details over the pipe).
- nmbd changes for fstrcat() instead of fstrcpy().
Andrew Bartlett
(This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c index 3c4448445a..5d56603b9f 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -57,7 +57,8 @@ static const uint8 *get_ntlm_challenge(struct auth_context *auth_context) TALLOC_CTX *mem_ctx; if (auth_context->challenge.length) { - DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge (normal)\n")); + DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge by module %s (normal)\n", + auth_context->challenge_set_by)); return auth_context->challenge.data; } @@ -190,6 +191,12 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n", user_info->domain.str, user_info->internal_username.str, user_info->wksta_name.str)); + + if (auth_context->challenge.length != 8) { + DEBUG(0, ("check_ntlm_password: Invalid challenge stored for this auth context - cannot continue\n")); + return NT_STATUS_LOGON_FAILURE; + } + if (auth_context->challenge_set_by) DEBUG(10, ("check_ntlm_password: auth_context challenge created by %s\n", auth_context->challenge_set_by)); @@ -441,6 +448,7 @@ NTSTATUS make_auth_context_fixed(struct auth_context **auth_context, uchar chal[ } (*auth_context)->challenge = data_blob(chal, 8); + (*auth_context)->challenge_set_by = "fixed"; return nt_status; } |