summaryrefslogtreecommitdiff
path: root/source3/utils
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2009-09-17 00:21:01 +0200
committerGünther Deschner <gd@samba.org>2009-09-17 01:12:20 +0200
commit503d0358140fbf56bd83090f143272aeb770baa9 (patch)
tree32cf6fdb58c62599602d6d1ce9e48d4fee9fee19 /source3/utils
parent83023462f95f60ecfd3019abe896cca1d2aed771 (diff)
downloadsamba-503d0358140fbf56bd83090f143272aeb770baa9.tar.gz
samba-503d0358140fbf56bd83090f143272aeb770baa9.tar.bz2
samba-503d0358140fbf56bd83090f143272aeb770baa9.zip
spnego: share spnego_parse.
Guenther
Diffstat (limited to 'source3/utils')
-rw-r--r--source3/utils/ntlm_auth.c43
1 files changed, 24 insertions, 19 deletions
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 6de5ea67e4..a607cb0658 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -26,6 +26,7 @@
#include "includes.h"
#include "utils/ntlm_auth.h"
#include "../libcli/auth/libcli_auth.h"
+#include "../libcli/auth/spnego.h"
#include <iniparser.h>
#ifndef PAM_WINBIND_CONFIG_FILE
@@ -1113,7 +1114,7 @@ static void manage_squid_basic_request(struct ntlm_auth_state *state,
static void offer_gss_spnego_mechs(void) {
DATA_BLOB token;
- SPNEGO_DATA spnego;
+ struct spnego_data spnego;
ssize_t len;
char *reply_base64;
TALLOC_CTX *ctx = talloc_tos();
@@ -1149,8 +1150,8 @@ static void offer_gss_spnego_mechs(void) {
spnego.negTokenInit.mechListMIC = data_blob(principal,
strlen(principal));
- len = write_spnego_data(&token, &spnego);
- free_spnego_data(&spnego);
+ len = spnego_write_data(ctx, &token, &spnego);
+ spnego_free_data(&spnego);
if (len == -1) {
DEBUG(1, ("Could not write SPNEGO data blob\n"));
@@ -1171,7 +1172,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
char *buf, int length)
{
static NTLMSSP_STATE *ntlmssp_state = NULL;
- SPNEGO_DATA request, response;
+ struct spnego_data request, response;
DATA_BLOB token;
NTSTATUS status;
ssize_t len;
@@ -1219,7 +1220,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
}
token = base64_decode_data_blob(buf + 3);
- len = read_spnego_data(token, &request);
+ len = spnego_read_data(ctx, token, &request);
data_blob_free(&token);
if (len == -1) {
@@ -1367,7 +1368,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
}
}
- free_spnego_data(&request);
+ spnego_free_data(&request);
if (NT_STATUS_IS_OK(status)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED;
@@ -1393,8 +1394,8 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
SAFE_FREE(user);
SAFE_FREE(domain);
- len = write_spnego_data(&token, &response);
- free_spnego_data(&response);
+ len = spnego_write_data(ctx, &token, &response);
+ spnego_free_data(&response);
if (len == -1) {
DEBUG(1, ("Could not write SPNEGO data blob\n"));
@@ -1415,13 +1416,14 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
static NTLMSSP_STATE *client_ntlmssp_state = NULL;
-static bool manage_client_ntlmssp_init(SPNEGO_DATA spnego)
+static bool manage_client_ntlmssp_init(struct spnego_data spnego)
{
NTSTATUS status;
DATA_BLOB null_blob = data_blob_null;
DATA_BLOB to_server;
char *to_server_base64;
const char *my_mechs[] = {OID_NTLMSSP, NULL};
+ TALLOC_CTX *ctx = talloc_tos();
DEBUG(10, ("Got spnego negTokenInit with NTLMSSP\n"));
@@ -1466,7 +1468,7 @@ static bool manage_client_ntlmssp_init(SPNEGO_DATA spnego)
return False;
}
- write_spnego_data(&to_server, &spnego);
+ spnego_write_data(ctx, &to_server, &spnego);
data_blob_free(&spnego.negTokenInit.mechToken);
to_server_base64 = base64_encode_data_blob(talloc_tos(), to_server);
@@ -1476,13 +1478,14 @@ static bool manage_client_ntlmssp_init(SPNEGO_DATA spnego)
return True;
}
-static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego)
+static void manage_client_ntlmssp_targ(struct spnego_data spnego)
{
NTSTATUS status;
DATA_BLOB null_blob = data_blob_null;
DATA_BLOB request;
DATA_BLOB to_server;
char *to_server_base64;
+ TALLOC_CTX *ctx = talloc_tos();
DEBUG(10, ("Got spnego negTokenTarg with NTLMSSP\n"));
@@ -1525,7 +1528,7 @@ static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego)
spnego.negTokenTarg.responseToken = request;
spnego.negTokenTarg.mechListMIC = null_blob;
- write_spnego_data(&to_server, &spnego);
+ spnego_write_data(ctx, &to_server, &spnego);
data_blob_free(&request);
to_server_base64 = base64_encode_data_blob(talloc_tos(), to_server);
@@ -1537,17 +1540,18 @@ static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego)
#ifdef HAVE_KRB5
-static bool manage_client_krb5_init(SPNEGO_DATA spnego)
+static bool manage_client_krb5_init(struct spnego_data spnego)
{
char *principal;
DATA_BLOB tkt, to_server;
DATA_BLOB session_key_krb5 = data_blob_null;
- SPNEGO_DATA reply;
+ struct spnego_data reply;
char *reply_base64;
int retval;
const char *my_mechs[] = {OID_KERBEROS5_OLD, NULL};
ssize_t len;
+ TALLOC_CTX *ctx = talloc_tos();
if ( (spnego.negTokenInit.mechListMIC.data == NULL) ||
(spnego.negTokenInit.mechListMIC.length == 0) ) {
@@ -1609,7 +1613,7 @@ static bool manage_client_krb5_init(SPNEGO_DATA spnego)
reply.negTokenInit.mechToken = tkt;
reply.negTokenInit.mechListMIC = data_blob_null;
- len = write_spnego_data(&to_server, &reply);
+ len = spnego_write_data(ctx, &to_server, &reply);
data_blob_free(&tkt);
if (len == -1) {
@@ -1626,7 +1630,7 @@ static bool manage_client_krb5_init(SPNEGO_DATA spnego)
return True;
}
-static void manage_client_krb5_targ(SPNEGO_DATA spnego)
+static void manage_client_krb5_targ(struct spnego_data spnego)
{
switch (spnego.negTokenTarg.negResult) {
case SPNEGO_ACCEPT_INCOMPLETE:
@@ -1654,8 +1658,9 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
char *buf, int length)
{
DATA_BLOB request;
- SPNEGO_DATA spnego;
+ struct spnego_data spnego;
ssize_t len;
+ TALLOC_CTX *ctx = talloc_tos();
if (!opt_username || !*opt_username) {
x_fprintf(x_stderr, "username must be specified!\n\n");
@@ -1700,7 +1705,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
/* So we got a server challenge to generate a SPNEGO
client-to-server request... */
- len = read_spnego_data(request, &spnego);
+ len = spnego_read_data(ctx, request, &spnego);
data_blob_free(&request);
if (len == -1) {
@@ -1786,7 +1791,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state,
return;
out:
- free_spnego_data(&spnego);
+ spnego_free_data(&spnego);
return;
}