summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-05-25 14:06:28 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:56:14 -0500
commit5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3 (patch)
tree78f843cb6a9ff745f9ac5ef35de53bccbf1ccbd8 /source4/auth
parent579c13da43d5b40ac6d6c1436399fbc1d8dfd054 (diff)
downloadsamba-5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3.tar.gz
samba-5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3.tar.bz2
samba-5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3.zip
r874: This patch is a pile of work on NTLMSSP:
Samba's NTLMSSP code is now fully talloc based, which should go a long way to cleaning up the memory leaks in this code. This also avoids a lot of extra copies of data, as we now allocate the 'return' blobs on a caller-supplied context. I have also been doing a lot of work towards NTLM2 signing and sealing. I have this working for sealing, but not for the verifier (MD5 integrity check on the stream) which is still incorrect. (I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the data arrives intact, but the signature check fails. It does however match the test values I have...). The new torture test is cludged in - when we get a unit test suite back, I'll happliy put it in the 'right' place.... Andrew Bartlett (This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9)
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/auth_ntlmssp.c21
1 files changed, 18 insertions, 3 deletions
diff --git a/source4/auth/auth_ntlmssp.c b/source4/auth/auth_ntlmssp.c
index a4e0dd5588..1525d30631 100644
--- a/source4/auth/auth_ntlmssp.c
+++ b/source4/auth/auth_ntlmssp.c
@@ -162,7 +162,7 @@ NTSTATUS auth_ntlmssp_start(AUTH_NTLMSSP_STATE **auth_ntlmssp_state)
(*auth_ntlmssp_state)->ntlmssp_state->set_challenge = auth_ntlmssp_set_challenge;
(*auth_ntlmssp_state)->ntlmssp_state->check_password = auth_ntlmssp_check_password;
(*auth_ntlmssp_state)->ntlmssp_state->server_role = lp_server_role();
-
+
return NT_STATUS_OK;
}
@@ -183,8 +183,23 @@ void auth_ntlmssp_end(AUTH_NTLMSSP_STATE **auth_ntlmssp_state)
*auth_ntlmssp_state = NULL;
}
+
+/**
+ * Next state function for the wrapped NTLMSSP state machine
+ *
+ * @param auth_ntlmssp_state NTLMSSP State
+ * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on
+ * @param in The request, as a DATA_BLOB
+ * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx
+ * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent,
+ * or NT_STATUS_OK if the user is authenticated.
+ */
+
NTSTATUS auth_ntlmssp_update(AUTH_NTLMSSP_STATE *auth_ntlmssp_state,
- const DATA_BLOB request, DATA_BLOB *reply)
+ TALLOC_CTX *out_mem_ctx,
+ const DATA_BLOB in, DATA_BLOB *out)
{
- return ntlmssp_update(auth_ntlmssp_state->ntlmssp_state, request, reply);
+ return ntlmssp_update(auth_ntlmssp_state->ntlmssp_state,
+ out_mem_ctx,
+ in, out);
}