summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/Makefile.in1
-rw-r--r--source3/auth/auth_ntlmssp.c78
-rw-r--r--source3/include/ntlmssp_wrap.h69
-rw-r--r--source3/include/proto.h27
-rw-r--r--source3/libsmb/ntlmssp_wrap.c118
-rw-r--r--source3/rpc_server/srv_pipe.c1
-rw-r--r--source3/smbd/seal.c1
-rw-r--r--source3/smbd/sesssetup.c1
-rw-r--r--source3/smbd/smb2_sesssetup.c1
9 files changed, 194 insertions, 103 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 26879c4412..45bf8fd738 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -495,6 +495,7 @@ LIBSMB_ERR_OBJ = $(LIBSMB_ERR_OBJ0) $(LIBSMB_ERR_OBJ1) \
LIBSMB_OBJ0 = \
../libcli/auth/ntlm_check.o \
libsmb/ntlmssp.o \
+ libsmb/ntlmssp_wrap.o \
../libcli/auth/ntlmssp.o \
../libcli/auth/ntlmssp_sign.o \
$(LIBNDR_NTLMSSP_OBJ) \
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index efeca5c403..66adc6ff1a 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -22,56 +22,7 @@
#include "includes.h"
#include "../libcli/auth/ntlmssp.h"
-
-struct auth_ntlmssp_state {
- struct auth_context *auth_context;
- struct auth_serversupplied_info *server_info;
- struct ntlmssp_state *ntlmssp_state;
-};
-
-NTSTATUS auth_ntlmssp_sign_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
- TALLOC_CTX *sig_mem_ctx,
- const uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- DATA_BLOB *sig)
-{
- return ntlmssp_sign_packet(auth_ntlmssp_state->ntlmssp_state, sig_mem_ctx, data, length, whole_pdu, pdu_length, sig);
-}
-
-NTSTATUS auth_ntlmssp_check_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
- const uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- const DATA_BLOB *sig)
-{
- return ntlmssp_check_packet(auth_ntlmssp_state->ntlmssp_state, data, length, whole_pdu, pdu_length, sig);
-}
-
-NTSTATUS auth_ntlmssp_seal_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
- TALLOC_CTX *sig_mem_ctx,
- uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- DATA_BLOB *sig)
-{
- return ntlmssp_seal_packet(auth_ntlmssp_state->ntlmssp_state, sig_mem_ctx, data, length, whole_pdu, pdu_length, sig);
-}
-
-NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
- uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- const DATA_BLOB *sig)
-{
- return ntlmssp_unseal_packet(auth_ntlmssp_state->ntlmssp_state, data, length, whole_pdu, pdu_length, sig);
-}
-
-bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *auth_ntlmssp_state)
-{
- return auth_ntlmssp_state->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN;
-}
-
-bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *auth_ntlmssp_state)
-{
- return auth_ntlmssp_state->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL;
-}
+#include "ntlmssp_wrap.h"
void auth_ntlmssp_want_sign(struct auth_ntlmssp_state *auth_ntlmssp_state)
{
@@ -105,27 +56,6 @@ NTSTATUS auth_ntlmssp_steal_server_info(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
-struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state)
-{
- return auth_ntlmssp_state->ntlmssp_state;
-}
-
-/* Needed for 'map to guest' and 'smb username' processing */
-const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *auth_ntlmssp_state)
-{
- return auth_ntlmssp_state->ntlmssp_state->user;
-}
-
-const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_state)
-{
- return auth_ntlmssp_state->ntlmssp_state->domain;
-}
-
-const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *auth_ntlmssp_state)
-{
- return auth_ntlmssp_state->ntlmssp_state->client.netbios_name;
-}
-
/**
* Return the challenge as determined by the authentication subsystem
* @return an 8 byte random challenge
@@ -329,9 +259,3 @@ static int auth_ntlmssp_state_destructor(void *ptr)
TALLOC_FREE(ans->ntlmssp_state);
return 0;
}
-
-NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *auth_ntlmssp_state,
- const DATA_BLOB request, DATA_BLOB *reply)
-{
- return ntlmssp_update(auth_ntlmssp_state->ntlmssp_state, request, reply);
-}
diff --git a/source3/include/ntlmssp_wrap.h b/source3/include/ntlmssp_wrap.h
new file mode 100644
index 0000000000..7905b9be65
--- /dev/null
+++ b/source3/include/ntlmssp_wrap.h
@@ -0,0 +1,69 @@
+/*
+ NLTMSSP wrappers
+
+ Copyright (C) Andrew Tridgell 2001
+ Copyright (C) Andrew Bartlett 2001-2003
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _NTLMSSP_WRAP_
+#define _NTLMSSP_WRAP_
+
+struct auth_ntlmssp_state {
+ /* used only by server implementation */
+ struct auth_context *auth_context;
+ struct auth_serversupplied_info *server_info;
+
+ /* used by both client and server implementation */
+ struct ntlmssp_state *ntlmssp_state;
+};
+
+NTSTATUS auth_ntlmssp_sign_packet(struct auth_ntlmssp_state *ans,
+ TALLOC_CTX *sig_mem_ctx,
+ const uint8_t *data,
+ size_t length,
+ const uint8_t *whole_pdu,
+ size_t pdu_length,
+ DATA_BLOB *sig);
+NTSTATUS auth_ntlmssp_check_packet(struct auth_ntlmssp_state *ans,
+ const uint8_t *data,
+ size_t length,
+ const uint8_t *whole_pdu,
+ size_t pdu_length,
+ const DATA_BLOB *sig);
+NTSTATUS auth_ntlmssp_seal_packet(struct auth_ntlmssp_state *ans,
+ TALLOC_CTX *sig_mem_ctx,
+ uint8_t *data,
+ size_t length,
+ const uint8_t *whole_pdu,
+ size_t pdu_length,
+ DATA_BLOB *sig);
+NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *ans,
+ uint8_t *data,
+ size_t length,
+ const uint8_t *whole_pdu,
+ size_t pdu_length,
+ const DATA_BLOB *sig);
+bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *ans);
+bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *ans);
+struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(
+ struct auth_ntlmssp_state *ans);
+const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *ans);
+const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *ans);
+const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *ans);
+NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *ans,
+ const DATA_BLOB request, DATA_BLOB *reply);
+
+#endif /* _NTLMSSP_WRAP_ */
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 7c7611d672..2628763420 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -57,35 +57,10 @@ NTSTATUS auth_netlogond_init(void);
NTSTATUS auth_ntlmssp_steal_server_info(TALLOC_CTX *mem_ctx,
struct auth_ntlmssp_state *auth_ntlmssp_state,
struct auth_serversupplied_info **server_info);
-struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state);
-const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *auth_ntlmssp_state);
-const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_state);
-const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *auth_ntlmssp_state);
-bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *auth_ntlmssp_state);
-bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *auth_ntlmssp_state);
void auth_ntlmssp_want_sign(struct auth_ntlmssp_state *auth_ntlmssp_state);
void auth_ntlmssp_want_seal(struct auth_ntlmssp_state *auth_ntlmssp_state);
NTSTATUS auth_ntlmssp_start(struct auth_ntlmssp_state **auth_ntlmssp_state);
-NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *auth_ntlmssp_state,
- const DATA_BLOB request, DATA_BLOB *reply) ;
-NTSTATUS auth_ntlmssp_sign_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
- TALLOC_CTX *sig_mem_ctx,
- const uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- DATA_BLOB *sig);
-NTSTATUS auth_ntlmssp_check_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
- const uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- const DATA_BLOB *sig) ;
-NTSTATUS auth_ntlmssp_seal_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
- TALLOC_CTX *sig_mem_ctx,
- uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- DATA_BLOB *sig);
-NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
- uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- const DATA_BLOB *sig);
+
/* The following definitions come from auth/auth_sam.c */
diff --git a/source3/libsmb/ntlmssp_wrap.c b/source3/libsmb/ntlmssp_wrap.c
new file mode 100644
index 0000000000..8b8c199ff5
--- /dev/null
+++ b/source3/libsmb/ntlmssp_wrap.c
@@ -0,0 +1,118 @@
+/*
+ NLTMSSP wrappers
+
+ Copyright (C) Andrew Tridgell 2001
+ Copyright (C) Andrew Bartlett 2001-2003
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "libcli/auth/ntlmssp.h"
+#include "ntlmssp_wrap.h"
+
+NTSTATUS auth_ntlmssp_sign_packet(struct auth_ntlmssp_state *ans,
+ TALLOC_CTX *sig_mem_ctx,
+ const uint8_t *data,
+ size_t length,
+ const uint8_t *whole_pdu,
+ size_t pdu_length,
+ DATA_BLOB *sig)
+{
+ return ntlmssp_sign_packet(ans->ntlmssp_state,
+ sig_mem_ctx,
+ data, length,
+ whole_pdu, pdu_length,
+ sig);
+}
+
+NTSTATUS auth_ntlmssp_check_packet(struct auth_ntlmssp_state *ans,
+ const uint8_t *data,
+ size_t length,
+ const uint8_t *whole_pdu,
+ size_t pdu_length,
+ const DATA_BLOB *sig)
+{
+ return ntlmssp_check_packet(ans->ntlmssp_state,
+ data, length,
+ whole_pdu, pdu_length,
+ sig);
+}
+
+NTSTATUS auth_ntlmssp_seal_packet(struct auth_ntlmssp_state *ans,
+ TALLOC_CTX *sig_mem_ctx,
+ uint8_t *data,
+ size_t length,
+ const uint8_t *whole_pdu,
+ size_t pdu_length,
+ DATA_BLOB *sig)
+{
+ return ntlmssp_seal_packet(ans->ntlmssp_state,
+ sig_mem_ctx,
+ data, length,
+ whole_pdu, pdu_length,
+ sig);
+}
+
+NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *ans,
+ uint8_t *data,
+ size_t length,
+ const uint8_t *whole_pdu,
+ size_t pdu_length,
+ const DATA_BLOB *sig)
+{
+ return ntlmssp_unseal_packet(ans->ntlmssp_state,
+ data, length,
+ whole_pdu, pdu_length,
+ sig);
+}
+
+bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *ans)
+{
+ return ans->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN;
+}
+
+bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *ans)
+{
+ return ans->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL;
+}
+
+struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(
+ struct auth_ntlmssp_state *ans)
+{
+ return ans->ntlmssp_state;
+}
+
+/* Needed for 'map to guest' and 'smb username' processing */
+const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *ans)
+{
+ return ans->ntlmssp_state->user;
+}
+
+const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *ans)
+{
+ return ans->ntlmssp_state->domain;
+}
+
+const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *ans)
+{
+ return ans->ntlmssp_state->client.netbios_name;
+}
+
+NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *ans,
+ const DATA_BLOB request, DATA_BLOB *reply)
+{
+ return ntlmssp_update(ans->ntlmssp_state, request, reply);
+}
+
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 6211d3b87e..3d4e6c3300 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -33,6 +33,7 @@
#include "../libcli/auth/schannel.h"
#include "../libcli/auth/spnego.h"
#include "../libcli/auth/ntlmssp.h"
+#include "ntlmssp_wrap.h"
#include "rpc_server.h"
#undef DBGC_CLASS
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c
index ad785a4588..81b545aabf 100644
--- a/source3/smbd/seal.c
+++ b/source3/smbd/seal.c
@@ -21,6 +21,7 @@
#include "smbd/globals.h"
#include "../libcli/auth/spnego.h"
#include "../libcli/auth/ntlmssp.h"
+#include "ntlmssp_wrap.h"
/******************************************************************************
Server side encryption.
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 8ff8e08a46..5381122e2b 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -26,6 +26,7 @@
#include "smbd/globals.h"
#include "../libcli/auth/spnego.h"
#include "../libcli/auth/ntlmssp.h"
+#include "ntlmssp_wrap.h"
#include "librpc/gen_ndr/messaging.h"
/* For split krb5 SPNEGO blobs. */
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index a6adf8a66f..a8172d3ee3 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -24,6 +24,7 @@
#include "../libcli/smb/smb_common.h"
#include "../libcli/auth/spnego.h"
#include "../libcli/auth/ntlmssp.h"
+#include "ntlmssp_wrap.h"
static NTSTATUS smbd_smb2_session_setup(struct smbd_smb2_request *smb2req,
uint64_t in_session_id,