diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2004-05-02 08:45:00 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:51:42 -0500 |
| commit | 9f084101dd392ceb85f141f55ee56bed344626ef (patch) | |
| tree | 2a9884d8e99e28b9dbfb153575e32c5b8bb9ef4c /source4/auth/auth_ntlmssp.c | |
| parent | 585d87a9590ecf64681700d70c37e5276ee8514a (diff) | |
| download | samba-9f084101dd392ceb85f141f55ee56bed344626ef.tar.gz samba-9f084101dd392ceb85f141f55ee56bed344626ef.tar.bz2 samba-9f084101dd392ceb85f141f55ee56bed344626ef.zip | |
r443: Update Samba4 to the auth and NTLMSSP code from Samba3.
Not all the auth code is merged - only those parts that are actually
being used in Samba4.
There is a lot more work to do in the NTLMSSP area, and I hope to
develop that work here. There is a start on this here - splitting
NTLMSSP into two parts that my operate in an async fashion (before and
after the actual authentication)
Andrew Bartlett
(This used to be commit 5876c78806e6a6c44613a1354e8d564b427d0c9f)
Diffstat (limited to 'source4/auth/auth_ntlmssp.c')
| -rw-r--r-- | source4/auth/auth_ntlmssp.c | 47 |
1 files changed, 18 insertions, 29 deletions
diff --git a/source4/auth/auth_ntlmssp.c b/source4/auth/auth_ntlmssp.c index 940630b4c6..a4e0dd5588 100644 --- a/source4/auth/auth_ntlmssp.c +++ b/source4/auth/auth_ntlmssp.c @@ -75,42 +75,33 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, * Return the session keys used on the connection. */ -static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *nt_session_key, DATA_BLOB *lm_session_key) +static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key) { AUTH_NTLMSSP_STATE *auth_ntlmssp_state = ntlmssp_state->auth_context; - uint32 auth_flags = AUTH_FLAG_NONE; auth_usersupplied_info *user_info = NULL; - DATA_BLOB plaintext_password = data_blob(NULL, 0); NTSTATUS nt_status; - if (auth_ntlmssp_state->ntlmssp_state->lm_resp.length) { - auth_flags |= AUTH_FLAG_LM_RESP; - } - - if (auth_ntlmssp_state->ntlmssp_state->nt_resp.length == 24) { - auth_flags |= AUTH_FLAG_NTLM_RESP; - } else if (auth_ntlmssp_state->ntlmssp_state->nt_resp.length > 24) { - auth_flags |= AUTH_FLAG_NTLMv2_RESP; - } - #if 0 /* the client has given us its machine name (which we otherwise would not get on port 445). we need to possibly reload smb.conf if smb.conf includes depend on the machine name */ + set_remote_machine_name(auth_ntlmssp_state->ntlmssp_state->workstation, True); + /* setup the string used by %U */ /* sub_set_smb_name checks for weird internally */ sub_set_smb_name(auth_ntlmssp_state->ntlmssp_state->user); + reload_services(True); -#endif +#endif nt_status = make_user_info_map(&user_info, auth_ntlmssp_state->ntlmssp_state->user, auth_ntlmssp_state->ntlmssp_state->domain, auth_ntlmssp_state->ntlmssp_state->workstation, - auth_ntlmssp_state->ntlmssp_state->lm_resp, - auth_ntlmssp_state->ntlmssp_state->nt_resp, - plaintext_password, - auth_flags, True); + auth_ntlmssp_state->ntlmssp_state->lm_resp.data ? &auth_ntlmssp_state->ntlmssp_state->lm_resp : NULL, + auth_ntlmssp_state->ntlmssp_state->nt_resp.data ? &auth_ntlmssp_state->ntlmssp_state->nt_resp : NULL, + NULL, NULL, NULL, + True); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; @@ -124,19 +115,17 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } - if (auth_ntlmssp_state->server_info->nt_session_key.length) { - DEBUG(5, ("Got NT session key of length %u\n", auth_ntlmssp_state->server_info->nt_session_key.length)); - *nt_session_key = data_blob_talloc(auth_ntlmssp_state->mem_ctx, - auth_ntlmssp_state->server_info->nt_session_key.data, - auth_ntlmssp_state->server_info->nt_session_key.length); - } else if (auth_ntlmssp_state->server_info->lm_session_key.length) { - DEBUG(5, ("Got LM session key of length %u\n", auth_ntlmssp_state->server_info->lm_session_key.length)); - *lm_session_key = data_blob_talloc(auth_ntlmssp_state->mem_ctx, + if (auth_ntlmssp_state->server_info->user_session_key.length) { + DEBUG(10, ("Got NT session key of length %u\n", auth_ntlmssp_state->server_info->user_session_key.length)); + *user_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, + auth_ntlmssp_state->server_info->user_session_key.data, + auth_ntlmssp_state->server_info->user_session_key.length); + } + if (auth_ntlmssp_state->server_info->lm_session_key.length) { + DEBUG(10, ("Got LM session key of length %u\n", auth_ntlmssp_state->server_info->lm_session_key.length)); + *lm_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, auth_ntlmssp_state->server_info->lm_session_key.data, auth_ntlmssp_state->server_info->lm_session_key.length); - } else { - *nt_session_key = data_blob_talloc(auth_ntlmssp_state->mem_ctx, - auth_ntlmssp_state->server_info->session_key, 16); } return nt_status; } |