diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-07-26 10:19:54 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2011-08-03 18:48:04 +1000 |
commit | 8b983d232648944c18fe878a3ace0f58658ec24d (patch) | |
tree | 02555b34ad4f949ea300edf4a244ed9e471e5e5f /source3/smbd/smb2_sesssetup.c | |
parent | 902df836807b700b2d27877f2fa5284930df3ff7 (diff) | |
download | samba-8b983d232648944c18fe878a3ace0f58658ec24d.tar.gz samba-8b983d232648944c18fe878a3ace0f58658ec24d.tar.bz2 samba-8b983d232648944c18fe878a3ace0f58658ec24d.zip |
s3-ntlmssp Split auth_ntlmssp_start into two functions
This helps map on to the GENSEC semantics better, and ensures that the
full set of desired features are set before the mechanism starts.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/smbd/smb2_sesssetup.c')
-rw-r--r-- | source3/smbd/smb2_sesssetup.c | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 40f98ce45f..7bc8692758 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -386,7 +386,7 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session, status = NT_STATUS_MORE_PROCESSING_REQUIRED; } else { /* Fall back to NTLMSSP. */ - status = auth_ntlmssp_start(session->sconn->remote_address, + status = auth_ntlmssp_prepare(session->sconn->remote_address, &session->auth_ntlmssp_state); if (!NT_STATUS_IS_OK(status)) { goto out; @@ -394,6 +394,11 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session, auth_ntlmssp_want_feature(session->auth_ntlmssp_state, NTLMSSP_FEATURE_SESSION_KEY); + status = auth_ntlmssp_start(session->auth_ntlmssp_state); + if (!NT_STATUS_IS_OK(status)) { + goto out; + } + status = auth_ntlmssp_update(session->auth_ntlmssp_state, talloc_tos(), secblob_in, @@ -577,13 +582,22 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session, } if (session->auth_ntlmssp_state == NULL) { - status = auth_ntlmssp_start(session->sconn->remote_address, + status = auth_ntlmssp_prepare(session->sconn->remote_address, &session->auth_ntlmssp_state); if (!NT_STATUS_IS_OK(status)) { data_blob_free(&auth); TALLOC_FREE(session); return status; } + + auth_ntlmssp_want_feature(session->auth_ntlmssp_state, NTLMSSP_FEATURE_SESSION_KEY); + + status = auth_ntlmssp_start(session->auth_ntlmssp_state); + if (!NT_STATUS_IS_OK(status)) { + data_blob_free(&auth); + TALLOC_FREE(session); + return status; + } } status = auth_ntlmssp_update(session->auth_ntlmssp_state, @@ -642,12 +656,20 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session, NTSTATUS status; if (session->auth_ntlmssp_state == NULL) { - status = auth_ntlmssp_start(session->sconn->remote_address, + status = auth_ntlmssp_prepare(session->sconn->remote_address, &session->auth_ntlmssp_state); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(session); return status; } + + auth_ntlmssp_want_feature(session->auth_ntlmssp_state, NTLMSSP_FEATURE_SESSION_KEY); + + status = auth_ntlmssp_start(session->auth_ntlmssp_state); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(session); + return status; + } } /* RAW NTLMSSP */ |