diff options
author | Stefan Metzmacher <metze@samba.org> | 2009-12-30 15:14:38 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2010-03-24 17:34:50 +0100 |
commit | 282a2d8591a9132dac1d70113a7e51287d3c1674 (patch) | |
tree | b56e5e4bfcb8db1fa0a2a65351243e2afb812fa6 /source4/auth | |
parent | 133a3e4ce81ea156461c5e8b922e234dbf1ce688 (diff) | |
download | samba-282a2d8591a9132dac1d70113a7e51287d3c1674.tar.gz samba-282a2d8591a9132dac1d70113a7e51287d3c1674.tar.bz2 samba-282a2d8591a9132dac1d70113a7e51287d3c1674.zip |
s4:ntlmssp: calculate server names at startup and store them in (gensec_)ntlmssp_state->server.*
Inspired by the NTLMSSP merge work by Andrew Bartlett.
metze
Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source4/auth')
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp.h | 6 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_server.c | 57 |
2 files changed, 37 insertions, 26 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h index 44a1064e15..b415dba9c0 100644 --- a/source4/auth/ntlmssp/ntlmssp.h +++ b/source4/auth/ntlmssp/ntlmssp.h @@ -66,6 +66,10 @@ struct gensec_ntlmssp_state struct { bool is_standalone; + const char *netbios_name; + const char *netbios_domain; + const char *dns_name; + const char *dns_domain; } server; DATA_BLOB internal_chal; /* Random challenge as supplied to the client for NTLM authentication */ @@ -131,8 +135,6 @@ struct gensec_ntlmssp_state NTSTATUS (*check_password)(struct gensec_ntlmssp_state *, DATA_BLOB *nt_session_key, DATA_BLOB *lm_session_key); - const char *server_name; - bool doing_ntlm2; union { diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 484cf3f51d..488aa63620 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -94,10 +94,10 @@ static const char *ntlmssp_target_name(struct gensec_ntlmssp_state *gensec_ntlms *chal_flags |= NTLMSSP_REQUEST_TARGET; if (gensec_ntlmssp_state->server.is_standalone) { *chal_flags |= NTLMSSP_TARGET_TYPE_SERVER; - return gensec_ntlmssp_state->server_name; + return gensec_ntlmssp_state->server.netbios_name; } else { *chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN; - return gensec_ntlmssp_state->domain; + return gensec_ntlmssp_state->server.netbios_domain; }; } else { return ""; @@ -184,26 +184,12 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, /* This creates the 'blob' of names that appears at the end of the packet */ if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) { - char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN]; - - /* Find out the DNS domain name */ - dnsdomname[0] = '\0'; - safe_strcpy(dnsdomname, lp_dnsdomain(gensec_security->settings->lp_ctx), sizeof(dnsdomname) - 1); - - /* Find out the DNS host name */ - safe_strcpy(dnsname, gensec_ntlmssp_state->server_name, sizeof(dnsname) - 1); - if (dnsdomname[0] != '\0') { - safe_strcat(dnsname, ".", sizeof(dnsname) - 1); - safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1); - } - strlower_m(dnsname); - msrpc_gen(out_mem_ctx, &struct_blob, "aaaaa", MsvAvNbDomainName, target_name, - MsvAvNbComputerName, gensec_ntlmssp_state->server_name, - MsvAvDnsDomainName, dnsdomname, - MsvAvDnsComputerName, dnsname, + MsvAvNbComputerName, gensec_ntlmssp_state->server.netbios_name, + MsvAvDnsDomainName, gensec_ntlmssp_state->server.dns_domain, + MsvAvDnsComputerName, gensec_ntlmssp_state->server.dns_name, MsvAvEOL, ""); } else { struct_blob = data_blob(NULL, 0); @@ -767,11 +753,6 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->role = NTLMSSP_SERVER; - gensec_ntlmssp_state->workstation = NULL; - gensec_ntlmssp_state->server_name = lp_netbios_name(gensec_security->settings->lp_ctx); - - gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->settings->lp_ctx); - gensec_ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE; gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth(gensec_security->settings->lp_ctx) @@ -825,6 +806,34 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->server.is_standalone = false; } + gensec_ntlmssp_state->server.netbios_name = lp_netbios_name(gensec_security->settings->lp_ctx); + + gensec_ntlmssp_state->server.netbios_domain = lp_workgroup(gensec_security->settings->lp_ctx); + + { + char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN]; + + /* Find out the DNS domain name */ + dnsdomname[0] = '\0'; + safe_strcpy(dnsdomname, lp_dnsdomain(gensec_security->settings->lp_ctx), sizeof(dnsdomname) - 1); + + /* Find out the DNS host name */ + safe_strcpy(dnsname, gensec_ntlmssp_state->server.netbios_name, sizeof(dnsname) - 1); + if (dnsdomname[0] != '\0') { + safe_strcat(dnsname, ".", sizeof(dnsname) - 1); + safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1); + } + strlower_m(dnsname); + + gensec_ntlmssp_state->server.dns_name = talloc_strdup(gensec_ntlmssp_state, + dnsname); + NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->server.dns_name); + + gensec_ntlmssp_state->server.dns_domain = talloc_strdup(gensec_ntlmssp_state, + dnsdomname); + NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->server.dns_domain); + } + return NT_STATUS_OK; } |