summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2009-12-30 15:14:38 +0100
committerGünther Deschner <gd@samba.org>2010-03-24 17:34:50 +0100
commit282a2d8591a9132dac1d70113a7e51287d3c1674 (patch)
treeb56e5e4bfcb8db1fa0a2a65351243e2afb812fa6 /source4/auth
parent133a3e4ce81ea156461c5e8b922e234dbf1ce688 (diff)
downloadsamba-282a2d8591a9132dac1d70113a7e51287d3c1674.tar.gz
samba-282a2d8591a9132dac1d70113a7e51287d3c1674.tar.bz2
samba-282a2d8591a9132dac1d70113a7e51287d3c1674.zip
s4:ntlmssp: calculate server names at startup and store them in (gensec_)ntlmssp_state->server.*
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/ntlmssp/ntlmssp.h6
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c57
2 files changed, 37 insertions, 26 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index 44a1064e15..b415dba9c0 100644
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -66,6 +66,10 @@ struct gensec_ntlmssp_state
struct {
bool is_standalone;
+ const char *netbios_name;
+ const char *netbios_domain;
+ const char *dns_name;
+ const char *dns_domain;
} server;
DATA_BLOB internal_chal; /* Random challenge as supplied to the client for NTLM authentication */
@@ -131,8 +135,6 @@ struct gensec_ntlmssp_state
NTSTATUS (*check_password)(struct gensec_ntlmssp_state *,
DATA_BLOB *nt_session_key, DATA_BLOB *lm_session_key);
- const char *server_name;
-
bool doing_ntlm2;
union {
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 484cf3f51d..488aa63620 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -94,10 +94,10 @@ static const char *ntlmssp_target_name(struct gensec_ntlmssp_state *gensec_ntlms
*chal_flags |= NTLMSSP_REQUEST_TARGET;
if (gensec_ntlmssp_state->server.is_standalone) {
*chal_flags |= NTLMSSP_TARGET_TYPE_SERVER;
- return gensec_ntlmssp_state->server_name;
+ return gensec_ntlmssp_state->server.netbios_name;
} else {
*chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN;
- return gensec_ntlmssp_state->domain;
+ return gensec_ntlmssp_state->server.netbios_domain;
};
} else {
return "";
@@ -184,26 +184,12 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
/* This creates the 'blob' of names that appears at the end of the packet */
if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
- char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN];
-
- /* Find out the DNS domain name */
- dnsdomname[0] = '\0';
- safe_strcpy(dnsdomname, lp_dnsdomain(gensec_security->settings->lp_ctx), sizeof(dnsdomname) - 1);
-
- /* Find out the DNS host name */
- safe_strcpy(dnsname, gensec_ntlmssp_state->server_name, sizeof(dnsname) - 1);
- if (dnsdomname[0] != '\0') {
- safe_strcat(dnsname, ".", sizeof(dnsname) - 1);
- safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1);
- }
- strlower_m(dnsname);
-
msrpc_gen(out_mem_ctx,
&struct_blob, "aaaaa",
MsvAvNbDomainName, target_name,
- MsvAvNbComputerName, gensec_ntlmssp_state->server_name,
- MsvAvDnsDomainName, dnsdomname,
- MsvAvDnsComputerName, dnsname,
+ MsvAvNbComputerName, gensec_ntlmssp_state->server.netbios_name,
+ MsvAvDnsDomainName, gensec_ntlmssp_state->server.dns_domain,
+ MsvAvDnsComputerName, gensec_ntlmssp_state->server.dns_name,
MsvAvEOL, "");
} else {
struct_blob = data_blob(NULL, 0);
@@ -767,11 +753,6 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
gensec_ntlmssp_state->role = NTLMSSP_SERVER;
- gensec_ntlmssp_state->workstation = NULL;
- gensec_ntlmssp_state->server_name = lp_netbios_name(gensec_security->settings->lp_ctx);
-
- gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->settings->lp_ctx);
-
gensec_ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE;
gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth(gensec_security->settings->lp_ctx)
@@ -825,6 +806,34 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
gensec_ntlmssp_state->server.is_standalone = false;
}
+ gensec_ntlmssp_state->server.netbios_name = lp_netbios_name(gensec_security->settings->lp_ctx);
+
+ gensec_ntlmssp_state->server.netbios_domain = lp_workgroup(gensec_security->settings->lp_ctx);
+
+ {
+ char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN];
+
+ /* Find out the DNS domain name */
+ dnsdomname[0] = '\0';
+ safe_strcpy(dnsdomname, lp_dnsdomain(gensec_security->settings->lp_ctx), sizeof(dnsdomname) - 1);
+
+ /* Find out the DNS host name */
+ safe_strcpy(dnsname, gensec_ntlmssp_state->server.netbios_name, sizeof(dnsname) - 1);
+ if (dnsdomname[0] != '\0') {
+ safe_strcat(dnsname, ".", sizeof(dnsname) - 1);
+ safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1);
+ }
+ strlower_m(dnsname);
+
+ gensec_ntlmssp_state->server.dns_name = talloc_strdup(gensec_ntlmssp_state,
+ dnsname);
+ NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->server.dns_name);
+
+ gensec_ntlmssp_state->server.dns_domain = talloc_strdup(gensec_ntlmssp_state,
+ dnsdomname);
+ NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->server.dns_domain);
+ }
+
return NT_STATUS_OK;
}