Cleanups. My NTLMv2 changes also changed the preference from using an implicit

structure-memcpy for DATA_BLOB parameters to using a pointer to that DATA_BLOB. auth_sam calls some of these functions, so I've cleaned it all up to use this format now. Also clean up some debug statements to make them easier to read. Andrew Bartlett (This used to be commit 0c355c274a6ac084e4bf15a15613dfc007d6c5fc)
author: Andrew Bartlett <abartlet@samba.org> 2003-05-09 15:02:11 +0000
committer: Andrew Bartlett <abartlet@samba.org> 2003-05-09 15:02:11 +0000
commit: 4f52bd500bf9bf128b0bf8b653146b8325a99c4f (patch)
tree: 64bb4dfb33f0bfdff21bc86f0342be6e3351dbde /source3/auth
parent: d06f95ca78834403a602e4c1d64e13e059f3017e (diff)
download: samba-4f52bd500bf9bf128b0bf8b653146b8325a99c4f.tar.gz
samba-4f52bd500bf9bf128b0bf8b653146b8325a99c4f.tar.bz2
samba-4f52bd500bf9bf128b0bf8b653146b8325a99c4f.zip
1 files changed, 42 insertions, 42 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index cb88014e98..0c2ffaae88 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -28,9 +28,9 @@
 /****************************************************************************
 core of smb password checking routine.
 ****************************************************************************/
-static BOOL smb_pwd_check_ntlmv1(DATA_BLOB nt_response,
+static BOOL smb_pwd_check_ntlmv1(const DATA_BLOB *nt_response,
 				 const uchar *part_passwd,
-				 DATA_BLOB sec_blob,
+				 const DATA_BLOB *sec_blob,
 				 uint8 user_sess_key[16])
 {
 	/* Finish the encryption of part_passwd. */
@@ -42,17 +42,17 @@ static BOOL smb_pwd_check_ntlmv1(DATA_BLOB nt_response,
 		return False;
 	}
 	
-	if (sec_blob.length != 8) {
-		DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%d)\n", sec_blob.length));
+	if (sec_blob->length != 8) {
+		DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%d)\n", sec_blob->length));
 		return False;
 	}
 	
-	if (nt_response.length != 24) {
-		DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect password length (%d)\n", nt_response.length));
+	if (nt_response->length != 24) {
+		DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect password length (%d)\n", nt_response->length));
 		return False;
 	}
 
-	SMBOWFencrypt(part_passwd, sec_blob.data, p24);
+	SMBOWFencrypt(part_passwd, sec_blob->data, p24);
 	if (user_sess_key != NULL)
 	{
 		SMBsesskeygen_ntv1(part_passwd, NULL, user_sess_key);
@@ -61,16 +61,16 @@ static BOOL smb_pwd_check_ntlmv1(DATA_BLOB nt_response,
 	
 	
 #if DEBUG_PASSWORD
-	DEBUG(100,("Part password (P16) was |"));
+	DEBUG(100,("Part password (P16) was |\n"));
 	dump_data(100, part_passwd, 16);
-	DEBUG(100,("Password from client was |"));
-	dump_data(100, nt_response.data, nt_response.length);
-	DEBUG(100,("Given challenge was |"));
-	dump_data(100, sec_blob.data, sec_blob.length);
-	DEBUG(100,("Value from encryption was |"));
+	DEBUGADD(100,("Password from client was |\n"));
+	dump_data(100, nt_response->data, nt_response->length);
+	DEBUGADD(100,("Given challenge was |\n"));
+	dump_data(100, sec_blob->data, sec_blob->length);
+	DEBUGADD(100,("Value from encryption was |\n"));
 	dump_data(100, p24, 24);
 #endif
-  return (memcmp(p24, nt_response.data, 24) == 0);
+  return (memcmp(p24, nt_response->data, 24) == 0);
 }
 
 
@@ -79,9 +79,9 @@ core of smb password checking routine. (NTLMv2, LMv2)
 
 Note:  The same code works with both NTLMv2 and LMv2.
 ****************************************************************************/
-static BOOL smb_pwd_check_ntlmv2(const DATA_BLOB ntv2_response,
+static BOOL smb_pwd_check_ntlmv2(const DATA_BLOB *ntv2_response,
 				 const uchar *part_passwd,
-				 const DATA_BLOB sec_blob,
+				 const DATA_BLOB *sec_blob,
 				 const char *user, const char *domain,
 				 uint8 user_sess_key[16])
 {
@@ -98,43 +98,43 @@ static BOOL smb_pwd_check_ntlmv2(const DATA_BLOB ntv2_response,
 		return False;
 	}
 
-	if (ntv2_response.length < 24) {
+	if (ntv2_response->length < 24) {
 		/* We MUST have more than 16 bytes, or the stuff below will go
 		   crazy.  No known implementation sends less than the 24 bytes
 		   for LMv2, let alone NTLMv2. */
 		DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect password length (%d)\n", 
-			  ntv2_response.length));
+			  ntv2_response->length));
 		return False;
 	}
 
-	client_key_data = data_blob(ntv2_response.data+16, ntv2_response.length-16);
+	client_key_data = data_blob(ntv2_response->data+16, ntv2_response->length-16);
 	/* 
 	   todo:  should we be checking this for anything?  We can't for LMv2, 
 	   but for NTLMv2 it is meant to contain the current time etc.
 	*/
 
-	memcpy(client_response, ntv2_response.data, sizeof(client_response));
+	memcpy(client_response, ntv2_response->data, sizeof(client_response));
 
 	if (!ntv2_owf_gen(part_passwd, user, domain, kr)) {
 		return False;
 	}
 
-	SMBOWFencrypt_ntv2(kr, sec_blob, client_key_data, value_from_encryption);
+	SMBOWFencrypt_ntv2(kr, sec_blob, &client_key_data, value_from_encryption);
 	if (user_sess_key != NULL)
 	{
 		SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key);
 	}
 
 #if DEBUG_PASSWORD
-	DEBUG(100,("Part password (P16) was |"));
+	DEBUG(100,("Part password (P16) was |\n"));
 	dump_data(100, part_passwd, 16);
-	DEBUG(100,("Password from client was |"));
-	dump_data(100, ntv2_response.data, ntv2_response.length);
-	DEBUG(100,("Variable data from client was |"));
+	DEBUGADD(100,("Password from client was |\n"));
+	dump_data(100, ntv2_response->data, ntv2_response->length);
+	DEBUGADD(100,("Variable data from client was |\n"));
 	dump_data(100, client_key_data.data, client_key_data.length);
-	DEBUG(100,("Given challenge was |"));
-	dump_data(100, sec_blob.data, sec_blob.length);
-	DEBUG(100,("Value from encryption was |"));
+	DEBUGADD(100,("Given challenge was |\n"));
+	dump_data(100, sec_blob->data, sec_blob->length);
+	DEBUGADD(100,("Value from encryption was |\n"));
 	dump_data(100, value_from_encryption, 16);
 #endif
 	data_blob_clear_free(&client_key_data);
@@ -186,8 +186,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 		   use it (ie. does it exist in the smbpasswd file).
 		*/
 		DEBUG(4,("sam_password_ok: Checking NTLMv2 password with domain [%s]\n", user_info->client_domain.str));
-		if (smb_pwd_check_ntlmv2( user_info->nt_resp, 
-					  nt_pw, auth_context->challenge, 
+		if (smb_pwd_check_ntlmv2( &user_info->nt_resp, 
+					  nt_pw, &auth_context->challenge, 
 					  user_info->smb_name.str, 
 					  user_info->client_domain.str,
 					  user_sess_key))
@@ -196,8 +196,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 		}
 
 		DEBUG(4,("sam_password_ok: Checking NTLMv2 password without a domain\n"));
-		if (smb_pwd_check_ntlmv2( user_info->nt_resp, 
-					  nt_pw, auth_context->challenge, 
+		if (smb_pwd_check_ntlmv2( &user_info->nt_resp, 
+					  nt_pw, &auth_context->challenge, 
 					  user_info->smb_name.str, 
 					  "",
 					  user_sess_key))
@@ -214,8 +214,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 			   use it (ie. does it exist in the smbpasswd file).
 			*/
 			DEBUG(4,("sam_password_ok: Checking NT MD4 password\n"));
-			if (smb_pwd_check_ntlmv1(user_info->nt_resp, 
-						 nt_pw, auth_context->challenge,
+			if (smb_pwd_check_ntlmv1(&user_info->nt_resp, 
+						 nt_pw, &auth_context->challenge,
 						 user_sess_key)) 
 			{
 				return NT_STATUS_OK;
@@ -243,8 +243,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 			lm_pw = pdb_get_lanman_passwd(sampass);
 			
 			DEBUG(4,("sam_password_ok: Checking LM password\n"));
-			if (smb_pwd_check_ntlmv1(user_info->lm_resp, 
-						 lm_pw, auth_context->challenge,
+			if (smb_pwd_check_ntlmv1(&user_info->lm_resp, 
+						 lm_pw, &auth_context->challenge,
 						 user_sess_key)) 
 			{
 				return NT_STATUS_OK;
@@ -262,8 +262,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 		   - related to Win9X, legacy NAS pass-though authentication
 		*/
 		DEBUG(4,("sam_password_ok: Checking LMv2 password with domain %s\n", user_info->client_domain.str));
-		if (smb_pwd_check_ntlmv2( user_info->lm_resp, 
-					  nt_pw, auth_context->challenge, 
+		if (smb_pwd_check_ntlmv2( &user_info->lm_resp, 
+					  nt_pw, &auth_context->challenge, 
 					  user_info->smb_name.str, 
 					  user_info->client_domain.str,
 					  user_sess_key))
@@ -272,8 +272,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 		}
 
 		DEBUG(4,("sam_password_ok: Checking LMv2 password without a domain\n"));
-		if (smb_pwd_check_ntlmv2( user_info->lm_resp, 
-					  nt_pw, auth_context->challenge, 
+		if (smb_pwd_check_ntlmv2( &user_info->lm_resp, 
+					  nt_pw, &auth_context->challenge, 
 					  user_info->smb_name.str, 
 					  "",
 					  user_sess_key))
@@ -287,8 +287,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 		DEBUG(4,("sam_password_ok: Checking NT MD4 password in LM field\n"));
 		if (lp_ntlm_auth()) 
 		{
-			if (smb_pwd_check_ntlmv1(user_info->lm_resp, 
-						 nt_pw, auth_context->challenge,
+			if (smb_pwd_check_ntlmv1(&user_info->lm_resp, 
+						 nt_pw, &auth_context->challenge,
 						 user_sess_key)) 
 			{
 				return NT_STATUS_OK;
author	Andrew Bartlett <abartlet@samba.org>	2003-05-09 15:02:11 +0000
committer	Andrew Bartlett <abartlet@samba.org>	2003-05-09 15:02:11 +0000
commit	4f52bd500bf9bf128b0bf8b653146b8325a99c4f (patch)
tree	64bb4dfb33f0bfdff21bc86f0342be6e3351dbde /source3/auth
parent	d06f95ca78834403a602e4c1d64e13e059f3017e (diff)
download	samba-4f52bd500bf9bf128b0bf8b653146b8325a99c4f.tar.gz samba-4f52bd500bf9bf128b0bf8b653146b8325a99c4f.tar.bz2 samba-4f52bd500bf9bf128b0bf8b653146b8325a99c4f.zip