summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2009-12-30 14:13:45 +0100
committerGünther Deschner <gd@samba.org>2010-03-24 17:34:55 +0100
commit7d977da92554c34539a475feb7dcb0a6dc0ad654 (patch)
treeb72b62b56382fa3e001890c7f98726c7458f3b26 /source3
parent55279dfbe3770563016723c3ba7d1dbbec3d4437 (diff)
downloadsamba-7d977da92554c34539a475feb7dcb0a6dc0ad654.tar.gz
samba-7d977da92554c34539a475feb7dcb0a6dc0ad654.tar.bz2
samba-7d977da92554c34539a475feb7dcb0a6dc0ad654.zip
s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3')
-rw-r--r--source3/include/ntlmssp.h5
-rw-r--r--source3/include/proto.h6
-rw-r--r--source3/libads/sasl.c7
-rw-r--r--source3/libsmb/cliconnect.c6
-rw-r--r--source3/libsmb/clifsinfo.c6
-rw-r--r--source3/libsmb/ntlmssp.c57
-rw-r--r--source3/rpc_client/cli_pipe.c6
-rw-r--r--source3/utils/ntlm_auth.c6
-rw-r--r--source3/winbindd/winbindd_ccache_access.c6
9 files changed, 82 insertions, 23 deletions
diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h
index f44922f7b5..afed1901e5 100644
--- a/source3/include/ntlmssp.h
+++ b/source3/include/ntlmssp.h
@@ -57,6 +57,11 @@ struct ntlmssp_state
unsigned char *lm_hash;
struct {
+ const char *netbios_name;
+ const char *netbios_domain;
+ } client;
+
+ struct {
bool is_standalone;
const char *netbios_name;
const char *netbios_domain;
diff --git a/source3/include/proto.h b/source3/include/proto.h
index de2923938b..1b28b47b01 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3217,7 +3217,11 @@ NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx,
const char *dns_name,
const char *dns_domain,
struct ntlmssp_state **ntlmssp_state);
-NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state);
+NTSTATUS ntlmssp_client_start(TALLOC_CTX *mem_ctx,
+ const char *netbios_name,
+ const char *netbios_domain,
+ bool use_ntlmv2,
+ struct ntlmssp_state **_ntlmssp_state);
/* The following definitions come from libsmb/ntlmssp_sign.c */
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 6a0a1ae3d2..3856f5b49a 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -134,7 +134,12 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
struct ntlmssp_state *ntlmssp_state;
- if (!NT_STATUS_IS_OK(nt_status = ntlmssp_client_start(&ntlmssp_state))) {
+ nt_status = ntlmssp_client_start(NULL,
+ global_myname(),
+ lp_workgroup(),
+ lp_client_ntlmv2_auth(),
+ &ntlmssp_state);
+ if (!NT_STATUS_IS_OK(nt_status)) {
return ADS_ERROR_NT(nt_status);
}
ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_SIGN;
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 11faa27b3f..9ac3551d7c 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1000,7 +1000,11 @@ static struct tevent_req *cli_session_setup_ntlmssp_send(
cli_temp_set_signing(cli);
- status = ntlmssp_client_start(&state->ntlmssp_state);
+ status = ntlmssp_client_start(state,
+ global_myname(),
+ lp_workgroup(),
+ lp_client_ntlmv2_auth(),
+ &state->ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c
index b3c9d5f6e7..3297ec76ca 100644
--- a/source3/libsmb/clifsinfo.c
+++ b/source3/libsmb/clifsinfo.c
@@ -634,7 +634,11 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
if (!es) {
return NT_STATUS_NO_MEMORY;
}
- status = ntlmssp_client_start(&es->s.ntlmssp_state);
+ status = ntlmssp_client_start(NULL,
+ global_myname(),
+ lp_workgroup(),
+ lp_client_ntlmv2_auth(),
+ &es->s.ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 8723588467..e2bf4f2247 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -982,8 +982,8 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
"NTLMSSP",
NTLMSSP_NEGOTIATE,
ntlmssp_state->neg_flags,
- ntlmssp_state->get_domain(),
- ntlmssp_state->get_global_myname());
+ ntlmssp_state->client.netbios_domain,
+ ntlmssp_state->client.netbios_name);
if (DEBUGLEVEL >= 10) {
if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(next_request,
@@ -1272,7 +1272,7 @@ noccache:
nt_response.data, nt_response.length,
ntlmssp_state->domain,
ntlmssp_state->user,
- ntlmssp_state->get_global_myname(),
+ ntlmssp_state->client.netbios_name,
encrypted_session_key.data, encrypted_session_key.length,
ntlmssp_state->neg_flags)) {
@@ -1310,27 +1310,36 @@ done:
return nt_status;
}
-NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state)
+NTSTATUS ntlmssp_client_start(TALLOC_CTX *mem_ctx,
+ const char *netbios_name,
+ const char *netbios_domain,
+ bool use_ntlmv2,
+ struct ntlmssp_state **_ntlmssp_state)
{
- *ntlmssp_state = TALLOC_ZERO_P(NULL, struct ntlmssp_state);
- if (!*ntlmssp_state) {
- DEBUG(0,("ntlmssp_client_start: talloc failed!\n"));
- talloc_destroy(*ntlmssp_state);
- return NT_STATUS_NO_MEMORY;
+ struct ntlmssp_state *ntlmssp_state;
+
+ if (!netbios_name) {
+ netbios_name = "";
}
- (*ntlmssp_state)->role = NTLMSSP_CLIENT;
+ if (!netbios_domain) {
+ netbios_domain = "";
+ }
- (*ntlmssp_state)->get_global_myname = global_myname;
- (*ntlmssp_state)->get_domain = lp_workgroup;
+ ntlmssp_state = talloc_zero(mem_ctx, struct ntlmssp_state);
+ if (!ntlmssp_state) {
+ return NT_STATUS_NO_MEMORY;
+ }
- (*ntlmssp_state)->unicode = True;
+ ntlmssp_state->role = NTLMSSP_CLIENT;
- (*ntlmssp_state)->use_ntlmv2 = lp_client_ntlmv2_auth();
+ ntlmssp_state->unicode = True;
- (*ntlmssp_state)->expected_state = NTLMSSP_INITIAL;
+ ntlmssp_state->use_ntlmv2 = use_ntlmv2;
- (*ntlmssp_state)->neg_flags =
+ ntlmssp_state->expected_state = NTLMSSP_INITIAL;
+
+ ntlmssp_state->neg_flags =
NTLMSSP_NEGOTIATE_128 |
NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
NTLMSSP_NEGOTIATE_NTLM |
@@ -1338,5 +1347,21 @@ NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state)
NTLMSSP_NEGOTIATE_KEY_EXCH |
NTLMSSP_REQUEST_TARGET;
+ ntlmssp_state->client.netbios_name = talloc_strdup(ntlmssp_state, netbios_name);
+ if (!ntlmssp_state->client.netbios_name) {
+ talloc_free(ntlmssp_state);
+ return NT_STATUS_NO_MEMORY;
+ }
+ ntlmssp_state->client.netbios_domain = talloc_strdup(ntlmssp_state, netbios_domain);
+ if (!ntlmssp_state->client.netbios_domain) {
+ talloc_free(ntlmssp_state);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ /* TODO: remove this */
+ ntlmssp_state->get_global_myname = global_myname;
+ ntlmssp_state->get_domain = lp_workgroup;
+
+ *_ntlmssp_state = ntlmssp_state;
return NT_STATUS_OK;
}
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 2f7db99f20..af1ebd6f41 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -3167,7 +3167,11 @@ static NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx,
goto fail;
}
- status = ntlmssp_client_start(&result->a_u.ntlmssp_state);
+ status = ntlmssp_client_start(NULL,
+ global_myname(),
+ lp_workgroup(),
+ lp_client_ntlmv2_auth(),
+ &result->a_u.ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 487401b662..929c11f5a9 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -645,7 +645,11 @@ static NTSTATUS ntlm_auth_start_ntlmssp_client(struct ntlmssp_state **client_ntl
return NT_STATUS_INVALID_PARAMETER;
}
- status = ntlmssp_client_start(client_ntlmssp_state);
+ status = ntlmssp_client_start(NULL,
+ global_myname(),
+ lp_workgroup(),
+ lp_client_ntlmv2_auth(),
+ client_ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Could not start NTLMSSP client: %s\n",
diff --git a/source3/winbindd/winbindd_ccache_access.c b/source3/winbindd/winbindd_ccache_access.c
index f8f57f6add..ff5c8408f4 100644
--- a/source3/winbindd/winbindd_ccache_access.c
+++ b/source3/winbindd/winbindd_ccache_access.c
@@ -54,7 +54,11 @@ static NTSTATUS do_ntlm_auth_with_hashes(const char *username,
struct ntlmssp_state *ntlmssp_state = NULL;
DATA_BLOB dummy_msg, reply;
- status = ntlmssp_client_start(&ntlmssp_state);
+ status = ntlmssp_client_start(NULL,
+ global_myname(),
+ lp_workgroup(),
+ lp_client_ntlmv2_auth(),
+ &ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Could not start NTLMSSP client: %s\n",