Remove use of lp_*() from ntlm_check.c.

author: Jelmer Vernooij <jelmer@samba.org> 2008-11-01 17:55:57 +0100
committer: Jelmer Vernooij <jelmer@samba.org> 2008-11-01 17:55:57 +0100
commit: 8c4e2eb49deec55485e86330ddddc26e584d8e1b (patch)
tree: eff8b33f8228898a8e3754bf0bf1ec0f81d89307 /source4/auth/ntlm
parent: 7ec720af714fab17fcbba3febff0c162775c8186 (diff)
download: samba-8c4e2eb49deec55485e86330ddddc26e584d8e1b.tar.gz
samba-8c4e2eb49deec55485e86330ddddc26e584d8e1b.tar.bz2
samba-8c4e2eb49deec55485e86330ddddc26e584d8e1b.zip
3 files changed, 18 insertions, 16 deletions
diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c
index 78429106f6..d1be5b6e30 100644
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -185,7 +185,7 @@ static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
 		*lm_sess_key = data_blob(NULL, 0);
 		*user_sess_key = data_blob(NULL, 0);
 		status = hash_password_check(mem_ctx, 
-					     auth_context->lp_ctx,
+					     lp_lanman_auth(auth_context->lp_ctx),
 					     user_info->password.hash.lanman,
 					     user_info->password.hash.nt,
 					     user_info->mapped.account_name,
@@ -195,7 +195,8 @@ static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
 		
 	case AUTH_PASSWORD_RESPONSE:
 		status = ntlm_password_check(mem_ctx, 
-					     auth_context->lp_ctx,
+					     lp_lanman_auth(auth_context->lp_ctx),
+						 lp_ntlm_auth(auth_context->lp_ctx),
 					     user_info->logon_parameters, 
 					     &auth_context->challenge.data, 
 					     &user_info->password.response.lanman, 
diff --git a/source4/auth/ntlm/ntlm_check.c b/source4/auth/ntlm/ntlm_check.c
index b43190c5ba..a3ac7f3347 100644
--- a/source4/auth/ntlm/ntlm_check.c
+++ b/source4/auth/ntlm/ntlm_check.c
@@ -23,7 +23,6 @@
 #include "../lib/crypto/crypto.h"
 #include "librpc/gen_ndr/netlogon.h"
 #include "libcli/auth/libcli_auth.h"
-#include "param/param.h"
 #include "auth/ntlm/ntlm_check.h"
 
 /****************************************************************************
@@ -220,7 +219,7 @@ static bool smb_sess_key_ntlmv2(TALLOC_CTX *mem_ctx,
  */
 
 NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
-			     struct loadparm_context *lp_ctx, 
+				 bool lanman_auth,
 			     const struct samr_Password *client_lanman,
 			     const struct samr_Password *client_nt,
 			     const char *username, 
@@ -242,7 +241,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
 		}
 
 	} else if (client_lanman && stored_lanman) {
-		if (!lp_lanman_auth(lp_ctx)) {
+		if (!lanman_auth) {
 			DEBUG(3,("ntlm_password_check: Interactive logon: only LANMAN password supplied for user %s, and LM passwords are disabled!\n",
 				 username));
 			return NT_STATUS_WRONG_PASSWORD;
@@ -283,7 +282,8 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
  */
 
 NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
-			     struct loadparm_context *lp_ctx,
+				 bool lanman_auth,
+				 bool ntlm_auth,
 			     uint32_t logon_parameters,
 			     const DATA_BLOB *challenge,
 			     const DATA_BLOB *lm_response,
@@ -321,7 +321,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 		mdfour(client_nt.hash, nt_response->data, nt_response->length);
 		
 		if (lm_response->length && 
-		    (convert_string_talloc_convenience(mem_ctx, lp_iconv_convenience(lp_ctx), CH_DOS, CH_UNIX, 
+		    (convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, 
 					  lm_response->data, lm_response->length, 
 					   (void **)&unix_pw) != -1)) {
 			if (E_deshash(unix_pw, client_lm.hash)) {
@@ -333,7 +333,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 			lm_ok = false;
 		}
 		return hash_password_check(mem_ctx, 
-					   lp_ctx,
+					   lanman_auth,
 					   lm_ok ? &client_lm : NULL, 
 					   nt_response->length ? &client_nt : NULL, 
 					   username,  
@@ -396,7 +396,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 			DEBUG(3,("ntlm_password_check: NTLMv2 password check failed\n"));
 		}
 	} else if (nt_response->length == 24 && stored_nt) {
-		if (lp_ntlm_auth(lp_ctx)) {		
+		if (ntlm_auth) {		
 			/* We have the NT MD4 hash challenge available - see if we can
 			   use it (ie. does it exist in the smbpasswd file).
 			*/
@@ -408,7 +408,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 				/* The LM session key for this response is not very secure, 
 				   so use it only if we otherwise allow LM authentication */
 				
-				if (lp_lanman_auth(lp_ctx) && stored_lanman) {
+				if (lanman_auth && stored_lanman) {
 					*lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, 8);
 				}
 				return NT_STATUS_OK;
@@ -436,7 +436,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_WRONG_PASSWORD;
 	}
 		
-	if (!lp_lanman_auth(lp_ctx)) {
+	if (!lanman_auth) {
 		DEBUG(3,("ntlm_password_check: Lanman passwords NOT PERMITTED for user %s\n",
 			 username));
 	} else if (!stored_lanman) {
@@ -455,7 +455,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 			   It not very secure, so use it only if we otherwise 
 			   allow LM authentication */
 
-			if (lp_lanman_auth(lp_ctx) && stored_lanman) {
+			if (lanman_auth && stored_lanman) {
 				uint8_t first_8_lm_hash[16];
 				memcpy(first_8_lm_hash, stored_lanman->hash, 8);
 				memset(first_8_lm_hash + 8, '\0', 8);
@@ -571,7 +571,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 	   - I think this is related to Win9X pass-though authentication
 	*/
 	DEBUG(4,("ntlm_password_check: Checking NT MD4 password in LM field\n"));
-	if (lp_ntlm_auth(lp_ctx)) {
+	if (ntlm_auth) {
 		if (smb_pwd_check_ntlmv1(mem_ctx, 
 					 lm_response, 
 					 stored_nt->hash, challenge,
@@ -580,7 +580,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 			   It not very secure, so use it only if we otherwise 
 			   allow LM authentication */
 
-			if (lp_lanman_auth(lp_ctx) && stored_lanman) {
+			if (lanman_auth && stored_lanman) {
 				uint8_t first_8_lm_hash[16];
 				memcpy(first_8_lm_hash, stored_lanman->hash, 8);
 				memset(first_8_lm_hash + 8, '\0', 8);
diff --git a/source4/auth/ntlm/ntlm_check.h b/source4/auth/ntlm/ntlm_check.h
index eb115b74d6..df11f7d7a2 100644
--- a/source4/auth/ntlm/ntlm_check.h
+++ b/source4/auth/ntlm/ntlm_check.h
@@ -36,7 +36,7 @@
  */
 
 NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
-			     struct loadparm_context *lp_ctx, 
+				 bool lanman_auth,
 			     const struct samr_Password *client_lanman,
 			     const struct samr_Password *client_nt,
 			     const char *username, 
@@ -61,7 +61,8 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
  */
 
 NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
-			     struct loadparm_context *lp_ctx,
+				 bool lanman_auth,
+				 bool ntlm_auth,
 			     uint32_t logon_parameters,
 			     const DATA_BLOB *challenge,
 			     const DATA_BLOB *lm_response,
author	Jelmer Vernooij <jelmer@samba.org>	2008-11-01 17:55:57 +0100
committer	Jelmer Vernooij <jelmer@samba.org>	2008-11-01 17:55:57 +0100
commit	8c4e2eb49deec55485e86330ddddc26e584d8e1b (patch)
tree	eff8b33f8228898a8e3754bf0bf1ec0f81d89307 /source4/auth/ntlm
parent	7ec720af714fab17fcbba3febff0c162775c8186 (diff)
download	samba-8c4e2eb49deec55485e86330ddddc26e584d8e1b.tar.gz samba-8c4e2eb49deec55485e86330ddddc26e584d8e1b.tar.bz2 samba-8c4e2eb49deec55485e86330ddddc26e584d8e1b.zip