summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/client/clientutil.c6
-rw-r--r--source3/client/ntclient.c6
-rw-r--r--source3/include/proto.h23
-rw-r--r--source3/include/smb.h5
-rw-r--r--source3/libsmb/credentials.c84
5 files changed, 61 insertions, 63 deletions
diff --git a/source3/client/clientutil.c b/source3/client/clientutil.c
index 1d4f3fcb43..1794615cd0 100644
--- a/source3/client/clientutil.c
+++ b/source3/client/clientutil.c
@@ -197,7 +197,7 @@ BOOL cli_receive_trans_response(char *inbuf,int trans,
send a SMB trans or trans2 request
****************************************************************************/
BOOL cli_send_trans_request(char *outbuf,int trans,
- char *name,int name_len, int fid,int flags,
+ char *name,int namelen, int fid,int flags,
char *data,char *param,uint16 *setup,
int ldata,int lparam,int lsetup,
int mdata,int mparam,int msetup)
@@ -218,7 +218,7 @@ BOOL cli_send_trans_request(char *outbuf,int trans,
SSVAL(outbuf,smb_tid,cnum);
cli_setup_pkt(outbuf);
- outparam = smb_buf(outbuf)+(trans==SMBtrans ? name_len+1 : 3);
+ outparam = smb_buf(outbuf)+(trans==SMBtrans ? namelen+1 : 3);
outdata = outparam+this_lparam;
/* primary request */
@@ -238,7 +238,7 @@ BOOL cli_send_trans_request(char *outbuf,int trans,
SSVAL(outbuf,smb_setup+i*SIZEOFWORD,setup[i]);
p = smb_buf(outbuf);
if (trans==SMBtrans)
- memcpy(p,name, name_len+1); /* name[] */
+ memcpy(p,name, namelen+1); /* name[] */
else
{
*p++ = 0; /* put in a null smb_name */
diff --git a/source3/client/ntclient.c b/source3/client/ntclient.c
index 59b4a7fe78..bf6531440e 100644
--- a/source3/client/ntclient.c
+++ b/source3/client/ntclient.c
@@ -63,7 +63,7 @@ BOOL do_nt_login(char *desthost, char *myhostname,
UTIME zerotime;
- uint32 sess_key[2];
+ uchar sess_key[8];
char nt_owf_mach_pwd[16];
fstring mach_acct;
fstring mach_pwd;
@@ -221,8 +221,8 @@ BOOL do_nt_login(char *desthost, char *myhostname,
fstrcpy(mach_pwd , myhostname);
strcat(mach_acct, "$");
- clnt_chal.data[0] = 0x11111111;
- clnt_chal.data[1] = 0x22222222;
+ SIVAL(clnt_chal.data, 0, 0x11111111);
+ SIVAL(clnt_chal.data, 4, 0x22222222);
/* send a client challenge; receive a server challenge */
if (!do_lsa_req_chal(fnum, ++call_id, desthost, myhostname, &clnt_chal, &srv_chal))
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 56bb1eff44..4781b103ce 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -83,7 +83,7 @@ BOOL cli_receive_trans_response(char *inbuf,int trans,
int *data_len,int *param_len,
char **data,char **param);
BOOL cli_send_trans_request(char *outbuf,int trans,
- char *name,int name_len, int fid,int flags,
+ char *name,int namelen, int fid,int flags,
char *data,char *param,uint16 *setup,
int ldata,int lparam,int lsetup,
int mdata,int mparam,int msetup);
@@ -106,17 +106,18 @@ int tar_parseargs(int argc, char *argv[], char *Optarg, int Optind);
/*The following definitions come from credentials.c */
+char *credstr(uchar *cred);
void cred_session_key(DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal, char *pass,
- uint32 session_key[2]);
-void cred_create(uint32 session_key[2], DOM_CHAL *stor_cred, UTIME timestamp,
+ uchar session_key[8]);
+void cred_create(uchar session_key[8], DOM_CHAL *stor_cred, UTIME timestamp,
DOM_CHAL *cred);
-int cred_assert(DOM_CHAL *cred, uint32 session_key[2], DOM_CHAL *stored_cred,
+int cred_assert(DOM_CHAL *cred, char session_key[8], DOM_CHAL *stored_cred,
UTIME timestamp);
-BOOL clnt_deal_with_creds(uint32 sess_key[2],
- DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_srv_cred);
-BOOL deal_with_creds(uint32 sess_key[2],
- DOM_CRED *sto_clnt_cred,
- DOM_CRED *rcv_clnt_cred, DOM_CRED *rtn_srv_cred);
+BOOL clnt_deal_with_creds(char sess_key[8],
+ DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_srv_cred);
+BOOL deal_with_creds(uchar sess_key[8],
+ DOM_CRED *sto_clnt_cred,
+ DOM_CRED *rcv_clnt_cred, DOM_CRED *rtn_srv_cred);
/*The following definitions come from dir.c */
@@ -815,14 +816,14 @@ BOOL do_lsa_auth2(uint16 fnum, uint32 call_id,
char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
DOM_CHAL *clnt_chal, uint32 neg_flags, DOM_CHAL *srv_chal);
BOOL do_lsa_sam_logon(uint16 fnum, uint32 call_id,
- uint32 sess_key[2], DOM_CRED *sto_clnt_cred,
+ uchar sess_key[8], DOM_CRED *sto_clnt_cred,
char *logon_srv, char *comp_name,
DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
uint16 logon_level, uint16 switch_value, DOM_ID_INFO_1 *id1,
LSA_USER_INFO *user_info,
DOM_CRED *srv_cred);
BOOL do_lsa_sam_logoff(uint16 fnum, uint32 call_id,
- uint32 sess_key[2], DOM_CRED *sto_clnt_cred,
+ uchar sess_key[8], DOM_CRED *sto_clnt_cred,
char *logon_srv, char *comp_name,
DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
uint16 logon_level, uint16 switch_value, DOM_ID_INFO_1 *id1,
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 8bb1e993cd..6a7f502286 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -443,8 +443,7 @@ typedef struct log_info
/* DOM_CHAL - challenge info */
typedef struct chal_info
{
- uint32 data[2]; /* credentials */
-
+ uchar data[8]; /* credentials */
} DOM_CHAL;
/* DOM_CREDs - timestamped client or server credentials */
@@ -1308,7 +1307,7 @@ struct dcinfo
DOM_CRED clnt_cred; /* Last client credential */
DOM_CRED srv_cred; /* Last server credential */
- uint32 sess_key[2]; /* Session key */
+ uchar sess_key[8]; /* Session key */
uchar md4pw[16]; /* md4(machine password) */
};
diff --git a/source3/libsmb/credentials.c b/source3/libsmb/credentials.c
index 6711604f6d..754aebca99 100644
--- a/source3/libsmb/credentials.c
+++ b/source3/libsmb/credentials.c
@@ -22,6 +22,22 @@
#include "includes.h"
extern int DEBUGLEVEL;
+
+
+
+/****************************************************************************
+represent a credential as a string
+****************************************************************************/
+char *credstr(uchar *cred)
+{
+ static fstring buf;
+ sprintf(buf,"%02X%02X%02X%02X%02X%02X%02X%02X",
+ cred[0], cred[1], cred[2], cred[3],
+ cred[4], cred[5], cred[6], cred[7]);
+ return buf;
+}
+
+
/****************************************************************************
setup the session key.
Input: 8 byte challenge block
@@ -31,11 +47,10 @@ Output:
8 byte session key
****************************************************************************/
void cred_session_key(DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal, char *pass,
- uint32 session_key[2])
+ uchar session_key[8])
{
uint32 sum[2];
unsigned char sum2[8];
- unsigned char netsesskey[8];
sum[0] = IVAL(clnt_chal->data, 0) + IVAL(srv_chal->data, 0);
sum[1] = IVAL(clnt_chal->data, 4) + IVAL(srv_chal->data, 4);
@@ -43,18 +58,15 @@ void cred_session_key(DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal, char *pass,
SIVAL(sum2,0,sum[0]);
SIVAL(sum2,4,sum[1]);
- cred_hash1(netsesskey, sum2,(unsigned char *)pass);
-
- session_key[0] = IVAL(netsesskey, 0);
- session_key[1] = IVAL(netsesskey, 4);
+ cred_hash1(session_key, sum2,(unsigned char *)pass);
/* debug output */
DEBUG(4,("cred_session_key\n"));
- DEBUG(5,(" clnt_chal: %lx %lx\n", clnt_chal->data[0], clnt_chal->data[1]));
- DEBUG(5,(" srv_chal : %lx %lx\n", srv_chal ->data[0], srv_chal ->data[1]));
- DEBUG(5,(" clnt+srv : %lx %lx\n", sum [0], sum [1]));
- DEBUG(5,(" sess_key : %lx %lx\n", session_key [0], session_key [1]));
+ DEBUG(5,(" clnt_chal: %s\n", credstr(clnt_chal->data)));
+ DEBUG(5,(" srv_chal : %s\n", credstr(srv_chal->data)));
+ DEBUG(5,(" clnt+srv : %s\n", credstr(sum2)));
+ DEBUG(5,(" sess_key : %s\n", credstr(session_key)));
}
@@ -69,36 +81,24 @@ Input:
Output:
8 byte credential
****************************************************************************/
-void cred_create(uint32 session_key[2], DOM_CHAL *stor_cred, UTIME timestamp,
+void cred_create(uchar session_key[8], DOM_CHAL *stor_cred, UTIME timestamp,
DOM_CHAL *cred)
{
DOM_CHAL time_cred;
- unsigned char calc_cred[8];
- unsigned char timecred[8];
- unsigned char netsesskey[8];
-
- SIVAL(netsesskey, 0, session_key[0]);
- SIVAL(netsesskey, 4, session_key[1]);
-
- SIVAL(timecred, 0, IVAL(stor_cred, 0) + timestamp.time);
- SIVAL(timecred, 4, IVAL(stor_cred, 4));
-
- cred_hash2(calc_cred, timecred, netsesskey);
- cred->data[0] = IVAL(calc_cred, 0);
- cred->data[1] = IVAL(calc_cred, 4);
+ SIVAL(time_cred.data, 0, IVAL(stor_cred->data, 0) + timestamp.time);
+ SIVAL(time_cred.data, 4, IVAL(stor_cred->data, 4));
- time_cred.data[0] = IVAL(timecred, 0);
- time_cred.data[1] = IVAL(timecred, 4);
+ cred_hash2(cred->data, time_cred.data, session_key);
/* debug output*/
DEBUG(4,("cred_create\n"));
- DEBUG(5,(" sess_key : %lx %lx\n", session_key [0], session_key [1]));
- DEBUG(5,(" stor_cred: %lx %lx\n", stor_cred->data[0], stor_cred->data[1]));
+ DEBUG(5,(" sess_key : %s\n", credstr(session_key)));
+ DEBUG(5,(" stor_cred: %s\n", credstr(stor_cred->data)));
DEBUG(5,(" timestamp: %lx\n" , timestamp.time));
- DEBUG(5,(" timecred : %lx %lx\n", time_cred .data[0], time_cred .data[1]));
- DEBUG(5,(" calc_cred: %lx %lx\n", cred ->data[0], cred ->data[1]));
+ DEBUG(5,(" timecred : %s\n", credstr(time_cred.data)));
+ DEBUG(5,(" calc_cred: %s\n", credstr(cred->data)));
}
@@ -115,7 +115,7 @@ Output:
returns 1 if computed credential matches received credential
returns 0 otherwise
****************************************************************************/
-int cred_assert(DOM_CHAL *cred, uint32 session_key[2], DOM_CHAL *stored_cred,
+int cred_assert(DOM_CHAL *cred, char session_key[8], DOM_CHAL *stored_cred,
UTIME timestamp)
{
DOM_CHAL cred2;
@@ -125,8 +125,8 @@ int cred_assert(DOM_CHAL *cred, uint32 session_key[2], DOM_CHAL *stored_cred,
/* debug output*/
DEBUG(4,("cred_assert\n"));
- DEBUG(5,(" challenge : %lx %lx\n", cred->data[0], cred->data[1]));
- DEBUG(5,(" calculated: %lx %lx\n", cred2.data[0], cred2.data[1]));
+ DEBUG(5,(" challenge : %s\n", credstr(cred->data)));
+ DEBUG(5,(" calculated: %s\n", credstr(cred2.data)));
if (memcmp(cred->data, cred2.data, 8) == 0)
{
@@ -144,8 +144,8 @@ int cred_assert(DOM_CHAL *cred, uint32 session_key[2], DOM_CHAL *stored_cred,
/****************************************************************************
checks credentials; generates next step in the credential chain
****************************************************************************/
-BOOL clnt_deal_with_creds(uint32 sess_key[2],
- DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_srv_cred)
+BOOL clnt_deal_with_creds(char sess_key[8],
+ DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_srv_cred)
{
UTIME new_clnt_time;
uint32 new_cred;
@@ -157,7 +157,7 @@ BOOL clnt_deal_with_creds(uint32 sess_key[2],
/* check that the received server credentials are valid */
if (!cred_assert(&(rcv_srv_cred->challenge), sess_key,
- &(sto_clnt_cred->challenge), new_clnt_time))
+ &(sto_clnt_cred->challenge), new_clnt_time))
{
return False;
}
@@ -169,8 +169,7 @@ BOOL clnt_deal_with_creds(uint32 sess_key[2],
/* store new seed in client credentials */
SIVAL(sto_clnt_cred->challenge.data, 0, new_cred);
- DEBUG(5,(" new clnt cred: %lx %lx\n", sto_clnt_cred->challenge.data[0],
- sto_clnt_cred->challenge.data[1]));
+ DEBUG(5,(" new clnt cred: %s\n", credstr(sto_clnt_cred->challenge.data)));
return True;
}
@@ -178,9 +177,9 @@ BOOL clnt_deal_with_creds(uint32 sess_key[2],
/****************************************************************************
checks credentials; generates next step in the credential chain
****************************************************************************/
-BOOL deal_with_creds(uint32 sess_key[2],
- DOM_CRED *sto_clnt_cred,
- DOM_CRED *rcv_clnt_cred, DOM_CRED *rtn_srv_cred)
+BOOL deal_with_creds(uchar sess_key[8],
+ DOM_CRED *sto_clnt_cred,
+ DOM_CRED *rcv_clnt_cred, DOM_CRED *rtn_srv_cred)
{
UTIME new_clnt_time;
uint32 new_cred;
@@ -212,8 +211,7 @@ BOOL deal_with_creds(uint32 sess_key[2],
cred_create(sess_key, &(sto_clnt_cred->challenge), new_clnt_time,
&(rtn_srv_cred->challenge));
- DEBUG(5,("deal_with_creds: clnt_cred[0]=%lx\n",
- sto_clnt_cred->challenge.data[0]));
+ DEBUG(5,("deal_with_creds: clnt_cred=%s\n", credstr(sto_clnt_cred->challenge.data)));
/* store new seed in client credentials */
SIVAL(sto_clnt_cred->challenge.data, 0, new_cred);