diff options
| -rw-r--r-- | source3/auth/auth.c | 8 | ||||
| -rw-r--r-- | source3/auth/auth_domain.c | 2 | ||||
| -rw-r--r-- | source3/auth/auth_info.c | 68 | ||||
| -rw-r--r-- | source3/auth/auth_sam.c | 8 | ||||
| -rw-r--r-- | source3/auth/auth_server.c | 16 | ||||
| -rw-r--r-- | source3/auth/auth_util.c | 2 | ||||
| -rw-r--r-- | source3/auth/auth_winbind.c | 4 | ||||
| -rw-r--r-- | source3/include/auth.h | 6 | ||||
| -rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 11 | ||||
| -rw-r--r-- | source3/smbd/negprot.c | 6 | ||||
| -rw-r--r-- | source3/smbd/process.c | 8 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 4 |
12 files changed, 72 insertions, 71 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c index c62e2ed5a0..e68f4a1aac 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -75,9 +75,9 @@ NTSTATUS check_password(const auth_usersupplied_info *user_info, DEBUG(3, ("check_password: mapped user is: [%s]\\[%s]@[%s]\n", user_info->domain.str, user_info->internal_username.str, user_info->wksta_name.str)); - DEBUG(10, ("auth_info challange created by %s\n", auth_info->challange_set_by)); - DEBUG(10, ("challange is: \n")); - dump_data(5, (auth_info)->challange.data, (auth_info)->challange.length); + DEBUG(10, ("auth_info challenge created by %s\n", auth_info->challenge_set_by)); + DEBUG(10, ("challenge is: \n")); + dump_data(5, (auth_info)->challenge.data, (auth_info)->challenge.length); #ifdef DEBUG_PASSWORD DEBUG(100, ("user_info has passwords of length %d and %d\n", @@ -213,7 +213,7 @@ static NTSTATUS pass_check_smb(char *smb_name, return NT_STATUS_NO_MEMORY; } - chal = auth_get_challange(plaintext_auth_info); + chal = auth_get_challenge(plaintext_auth_info); if (!make_user_info_for_reply(&user_info, smb_name, domain, chal.data, diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index f3c2fa97e4..c605356af8 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -475,7 +475,7 @@ static NTSTATUS check_ntdomain_security(void *my_private_data, if (! *pserver) pserver = "*"; p = pserver; - nt_status = domain_client_validate(user_info, (uchar *)auth_info->challange.data,server_info, + nt_status = domain_client_validate(user_info, (uchar *)auth_info->challenge.data,server_info, p, trust_passwd, last_change_time); return nt_status; diff --git a/source3/auth/auth_info.c b/source3/auth/auth_info.c index b1c994d54f..a68ffefb5d 100644 --- a/source3/auth/auth_info.c +++ b/source3/auth/auth_info.c @@ -163,7 +163,7 @@ BOOL make_auth_info_subsystem(auth_authsupplied_info **auth_info) } /*************************************************************************** - Make a auth_info struct with a random challange + Make a auth_info struct with a random challenge ***************************************************************************/ BOOL make_auth_info_random(auth_authsupplied_info **auth_info) @@ -174,15 +174,15 @@ BOOL make_auth_info_random(auth_authsupplied_info **auth_info) } generate_random_buffer(chal, sizeof(chal), False); - (*auth_info)->challange = data_blob(chal, sizeof(chal)); + (*auth_info)->challenge = data_blob(chal, sizeof(chal)); - (*auth_info)->challange_set_by = "random"; + (*auth_info)->challenge_set_by = "random"; return True; } /*************************************************************************** - Make a auth_info struct with a fixed challange + Make a auth_info struct with a fixed challenge ***************************************************************************/ BOOL make_auth_info_fixed(auth_authsupplied_info **auth_info, uchar chal[8]) @@ -191,7 +191,7 @@ BOOL make_auth_info_fixed(auth_authsupplied_info **auth_info, uchar chal[8]) return False; } - (*auth_info)->challange = data_blob(chal, 8); + (*auth_info)->challenge = data_blob(chal, 8); return True; } @@ -213,70 +213,70 @@ void free_auth_info(auth_authsupplied_info **auth_info) SAFE_FREE(old_head); } - data_blob_free(&(*auth_info)->challange); + data_blob_free(&(*auth_info)->challenge); ZERO_STRUCT(**auth_info); } SAFE_FREE(*auth_info); } /**************************************************************************** - Try to get a challange out of the various authenticaion modules. + Try to get a challenge out of the various authenticaion modules. It is up to the caller to free it. ****************************************************************************/ -DATA_BLOB auth_get_challange(auth_authsupplied_info *auth_info) +DATA_BLOB auth_get_challenge(auth_authsupplied_info *auth_info) { - DATA_BLOB challange = data_blob(NULL, 0); - char *challange_set_by = NULL; + DATA_BLOB challenge = data_blob(NULL, 0); + char *challenge_set_by = NULL; auth_methods *auth_method; - if (auth_info->challange.length) { - DEBUG(5, ("auth_get_challange: returning previous challange (normal)\n")); - return data_blob(auth_info->challange.data, auth_info->challange.length); + if (auth_info->challenge.length) { + DEBUG(5, ("auth_get_challenge: returning previous challenge (normal)\n")); + return data_blob(auth_info->challenge.data, auth_info->challenge.length); } for (auth_method = auth_info->auth_method_list; auth_method; auth_method = auth_method->next) { if (auth_method->get_chal) { - DEBUG(5, ("auth_get_challange: getting challange from module %s\n", auth_method->name)); - if (challange_set_by) { - DEBUG(1, ("auth_get_challange: CONFIGURATION ERROR: authenticaion method %s has already specified a challange. Challange by %s ignored.\n", - challange_set_by, auth_method->name)); + DEBUG(5, ("auth_get_challenge: getting challenge from module %s\n", auth_method->name)); + if (challenge_set_by) { + DEBUG(1, ("auth_get_challenge: CONFIGURATION ERROR: authenticaion method %s has already specified a challenge. Challenge by %s ignored.\n", + challenge_set_by, auth_method->name)); } else { - challange = auth_method->get_chal(&auth_method->private_data, auth_info); - if (challange.length) { - DEBUG(5, ("auth_get_challange: sucessfully got challange from module %s\n", auth_method->name)); - auth_info->challange = challange; - challange_set_by = auth_method->name; - auth_info->challange_set_method = auth_method; + challenge = auth_method->get_chal(&auth_method->private_data, auth_info); + if (challenge.length) { + DEBUG(5, ("auth_get_challenge: sucessfully got challenge from module %s\n", auth_method->name)); + auth_info->challenge = challenge; + challenge_set_by = auth_method->name; + auth_info->challenge_set_method = auth_method; } else { - DEBUG(3, ("auth_get_challange: getting challange from authenticaion method %s FAILED.\n", + DEBUG(3, ("auth_get_challenge: getting challenge from authenticaion method %s FAILED.\n", auth_method->name)); } } } else { - DEBUG(5, ("auth_get_challange: module %s did not want to specify a challange\n", auth_method->name)); + DEBUG(5, ("auth_get_challenge: module %s did not want to specify a challenge\n", auth_method->name)); } } - if (!challange_set_by) { + if (!challenge_set_by) { uchar chal[8]; generate_random_buffer(chal, sizeof(chal), False); - auth_info->challange = data_blob(chal, sizeof(chal)); + auth_info->challenge = data_blob(chal, sizeof(chal)); - challange_set_by = "random"; + challenge_set_by = "random"; } - DEBUG(5, ("auth_info challange created by %s\n", challange_set_by)); - DEBUG(5, ("challange is: \n")); - dump_data(5, auth_info->challange.data, (auth_info)->challange.length); + DEBUG(5, ("auth_info challenge created by %s\n", challenge_set_by)); + DEBUG(5, ("challenge is: \n")); + dump_data(5, auth_info->challenge.data, (auth_info)->challenge.length); - SMB_ASSERT(auth_info->challange.length == 8); + SMB_ASSERT(auth_info->challenge.length == 8); - auth_info->challange_set_by=challange_set_by; + auth_info->challenge_set_by=challenge_set_by; - return data_blob(auth_info->challange.data, auth_info->challange.length); + return data_blob(auth_info->challenge.data, auth_info->challenge.length); } diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index 24a4d4e4e4..421349a765 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -41,7 +41,7 @@ static BOOL smb_pwd_check_ntlmv1(DATA_BLOB nt_response, } if (sec_blob.length != 8) { - DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challange size (%d)\n", sec_blob.length)); + DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%d)\n", sec_blob.length)); return False; } @@ -174,7 +174,7 @@ static NTSTATUS sam_password_ok(SAM_ACCOUNT *sampass, */ DEBUG(4,("smb_password_ok: Checking NTLMv2 password\n")); if (smb_pwd_check_ntlmv2( user_info->nt_resp, - nt_pw, auth_info->challange, + nt_pw, auth_info->challenge, user_info->smb_name.str, user_info->client_domain.str, user_sess_key)) @@ -191,7 +191,7 @@ static NTSTATUS sam_password_ok(SAM_ACCOUNT *sampass, */ DEBUG(4,("smb_password_ok: Checking NT MD4 password\n")); if (smb_pwd_check_ntlmv1(user_info->nt_resp, - nt_pw, auth_info->challange, + nt_pw, auth_info->challenge, user_sess_key)) { return NT_STATUS_OK; @@ -224,7 +224,7 @@ static NTSTATUS sam_password_ok(SAM_ACCOUNT *sampass, DEBUG(4,("smb_password_ok: Checking LM password\n")); if (smb_pwd_check_ntlmv1(user_info->lm_resp, - lm_pw, auth_info->challange, + lm_pw, auth_info->challenge, user_sess_key)) { return NT_STATUS_OK; diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index 067b5b2997..a3cfc3a0e6 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -135,10 +135,10 @@ static void send_server_keepalive(void **private_data_pointer) } /**************************************************************************** - Get the challange out of a password server. + Get the challenge out of a password server. ****************************************************************************/ -static DATA_BLOB auth_get_challange_server(void **my_private_data, const struct authsupplied_info *auth_info) +static DATA_BLOB auth_get_challenge_server(void **my_private_data, const struct authsupplied_info *auth_info) { struct cli_state *cli = server_cryptkey(); @@ -147,14 +147,14 @@ static DATA_BLOB auth_get_challange_server(void **my_private_data, const struct if ((cli->sec_mode & 2) == 0) { /* We can't work with unencrypted password servers unless 'encrypt passwords = no' */ - DEBUG(5,("make_auth_info_server: Server is unencrypted, no challange available..\n")); + DEBUG(5,("make_auth_info_server: Server is unencrypted, no challenge available..\n")); *my_private_data = (void *)cli; return data_blob(NULL, 0); } else if (cli->secblob.length < 8) { - /* We can't do much if we don't get a full challange */ - DEBUG(2,("make_auth_info_server: Didn't receive a full challange from server\n")); + /* We can't do much if we don't get a full challenge */ + DEBUG(2,("make_auth_info_server: Didn't receive a full challenge from server\n")); cli_shutdown(cli); return data_blob(NULL, 0); } @@ -205,8 +205,8 @@ static NTSTATUS check_smbserver_security(void *my_private_data, return NT_STATUS_LOGON_FAILURE; } } else { - if (memcmp(cli->secblob.data, auth_info->challange.data, 8) != 0) { - DEBUG(1,("the challange that the password server (%s) supplied us is not the one we gave our client. This just can't work :-(\n", cli->desthost)); + if (memcmp(cli->secblob.data, auth_info->challenge.data, 8) != 0) { + DEBUG(1,("the challenge that the password server (%s) supplied us is not the one we gave our client. This just can't work :-(\n", cli->desthost)); return NT_STATUS_LOGON_FAILURE; } } @@ -347,7 +347,7 @@ BOOL auth_init_smbserver(auth_methods **auth_method) return False; } (*auth_method)->auth = check_smbserver_security; - (*auth_method)->get_chal = auth_get_challange_server; + (*auth_method)->get_chal = auth_get_challenge_server; (*auth_method)->send_keepalive = send_server_keepalive; (*auth_method)->free_private_data = free_server_private_data; return True; diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index d1b2cc92e5..b7927e970c 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -358,7 +358,7 @@ BOOL make_user_info_winbind(auth_usersupplied_info **user_info, const char *username, const char *domain, const char *password, - char chal[8] /* Give winbind back the challange we used */ + char chal[8] /* Give winbind back the challenge we used */ ) { unsigned char local_lm_response[24]; diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index c29d008f4a..9ca87fe0dd 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -49,7 +49,7 @@ static NTSTATUS check_winbind_security(void *my_private_data, } if (!auth_info) { - DEBUG(3,("Password for user %s cannot be checked becouse we have no auth_info to get the challange from.\n", + DEBUG(3,("Password for user %s cannot be checked because we have no auth_info to get the challenge from.\n", user_info->internal_username.str)); return NT_STATUS_LOGON_FAILURE; } @@ -62,7 +62,7 @@ static NTSTATUS check_winbind_security(void *my_private_data, snprintf(request.data.auth_crap.user, sizeof(request.data.auth_crap.user), "%s\\%s", user_info->domain.str, user_info->smb_name.str); - memcpy(request.data.auth_crap.chal, auth_info->challange.data, sizeof(request.data.auth_crap.chal)); + memcpy(request.data.auth_crap.chal, auth_info->challenge.data, sizeof(request.data.auth_crap.chal)); request.data.auth_crap.lm_resp_len = MIN(user_info->lm_resp.length, sizeof(request.data.auth_crap.lm_resp)); diff --git a/source3/include/auth.h b/source3/include/auth.h index e33ccc2e24..270b8d388a 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -92,12 +92,12 @@ typedef struct serversupplied_info } auth_serversupplied_info; typedef struct authsupplied_info { - DATA_BLOB challange; + DATA_BLOB challenge; /* Who set this up in the first place? */ - char *challange_set_by; \ + char *challenge_set_by; \ - struct auth_methods *challange_set_method; + struct auth_methods *challenge_set_method; /* What order are the various methods in? Try to stop it changing under us */ struct auth_methods *auth_method_list; } auth_authsupplied_info; diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index e57c445bb5..5f85d4db9c 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -569,7 +569,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * { auth_authsupplied_info *auth_info = NULL; make_auth_info_fixed(&auth_info, ctr->auth.id2.lm_chal); - /* Standard challange/response authenticaion */ + /* Standard challenge/response authenticaion */ make_user_info_netlogon_network(&user_info, nt_username, nt_domain, nt_workstation, @@ -584,9 +584,10 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * break; } case INTERACTIVE_LOGON_TYPE: - /* 'Interactive' autheticaion, supplies the password in its MD4 form, encrypted - with the session key. We will convert this to challange/responce for the - auth subsystem to chew on */ + /* 'Interactive' autheticaion, supplies the password in its + MD4 form, encrypted with the session key. We will + convert this to chellange/responce for the auth + subsystem to chew on */ { auth_authsupplied_info *auth_info = NULL; DATA_BLOB chal; @@ -594,7 +595,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * return NT_STATUS_NO_MEMORY; } - chal = auth_get_challange(auth_info); + chal = auth_get_challenge(auth_info); make_user_info_netlogon_interactive(&user_info, nt_username, nt_domain, diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index a2666ae24e..9cbe0fdb0a 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -83,7 +83,7 @@ static int reply_lanman1(char *inbuf, char *outbuf) if (!make_auth_info_subsystem(&negprot_global_auth_info)) { smb_panic("cannot make_negprot_global_auth_info!\n"); } - cryptkey = auth_get_challange(negprot_global_auth_info); + cryptkey = auth_get_challenge(negprot_global_auth_info); memcpy(smb_buf(outbuf), cryptkey.data, 8); data_blob_free(&cryptkey); } @@ -129,7 +129,7 @@ static int reply_lanman2(char *inbuf, char *outbuf) if (!make_auth_info_subsystem(&negprot_global_auth_info)) { smb_panic("cannot make_negprot_global_auth_info!\n"); } - cryptkey = auth_get_challange(negprot_global_auth_info); + cryptkey = auth_get_challenge(negprot_global_auth_info); memcpy(smb_buf(outbuf), cryptkey.data, 8); data_blob_free(&cryptkey); } @@ -265,7 +265,7 @@ static int reply_nt1(char *inbuf, char *outbuf) if (!make_auth_info_subsystem(&negprot_global_auth_info)) { smb_panic("cannot make_negprot_global_auth_info!\n"); } - cryptkey = auth_get_challange(negprot_global_auth_info); + cryptkey = auth_get_challenge(negprot_global_auth_info); memcpy(p, cryptkey.data, 8); data_blob_free(&cryptkey); } diff --git a/source3/smbd/process.c b/source3/smbd/process.c index d9322ae26c..d4881b0ba5 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1122,10 +1122,10 @@ static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_t This is attached to the auth_info created in the negprot */ if (negprot_global_auth_info - && negprot_global_auth_info->challange_set_method - && negprot_global_auth_info->challange_set_method->send_keepalive) { - negprot_global_auth_info->challange_set_method->send_keepalive - (&negprot_global_auth_info->challange_set_method->private_data); + && negprot_global_auth_info->challenge_set_method + && negprot_global_auth_info->challenge_set_method->send_keepalive) { + negprot_global_auth_info->challenge_set_method->send_keepalive + (&negprot_global_auth_info->challenge_set_method->private_data); } last_keepalive_sent_time = t; diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 854513bb47..1b6776ed70 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -235,7 +235,7 @@ static int reply_spnego_negotiate(connection_struct *conn, return ERROR_NT(NT_STATUS_NO_MEMORY); } - cryptkey = auth_get_challange(ntlmssp_auth_info); + cryptkey = auth_get_challenge(ntlmssp_auth_info); /* Give them the challenge. For now, ignore neg_flags and just return the flags we want. Obviously this is not correct */ @@ -649,7 +649,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf, return ERROR_NT(NT_STATUS_NO_MEMORY); } - chal = auth_get_challange(plaintext_auth_info); + chal = auth_get_challenge(plaintext_auth_info); if (!make_user_info_for_reply(&user_info, user, domain, chal.data, |