diff options
-rw-r--r-- | source3/auth/auth.c | 14 | ||||
-rw-r--r-- | source3/auth/auth_compat.c | 5 | ||||
-rw-r--r-- | source3/auth/auth_ntlmssp.c | 6 | ||||
-rw-r--r-- | source3/include/auth.h | 3 | ||||
-rw-r--r-- | source3/include/ntlmssp.h | 3 | ||||
-rw-r--r-- | source3/libsmb/ntlmssp.c | 12 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 4 | ||||
-rw-r--r-- | source3/smbd/negprot.c | 5 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 7 |
9 files changed, 32 insertions, 27 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c index 505098c76a..b19fa764f0 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -76,7 +76,8 @@ static struct auth_init_function_entry *auth_find_backend_entry(const char *name Returns a const char of length 8 bytes. ****************************************************************************/ -static const uint8 *get_ntlm_challenge(struct auth_context *auth_context) +static void get_ntlm_challenge(struct auth_context *auth_context, + uint8_t chal[8]) { DATA_BLOB challenge = data_blob_null; const char *challenge_set_by = NULL; @@ -86,7 +87,8 @@ static const uint8 *get_ntlm_challenge(struct auth_context *auth_context) if (auth_context->challenge.length) { DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge by module %s (normal)\n", auth_context->challenge_set_by)); - return auth_context->challenge.data; + memcpy(chal, auth_context->challenge.data, 8); + return; } auth_context->challenge_may_be_modified = False; @@ -123,11 +125,11 @@ static const uint8 *get_ntlm_challenge(struct auth_context *auth_context) } if (!challenge_set_by) { - uchar chal[8]; + uchar tmp[8]; - generate_random_buffer(chal, sizeof(chal)); + generate_random_buffer(tmp, sizeof(tmp)); auth_context->challenge = data_blob_talloc(auth_context->mem_ctx, - chal, sizeof(chal)); + tmp, sizeof(tmp)); challenge_set_by = "random"; auth_context->challenge_may_be_modified = True; @@ -141,7 +143,7 @@ static const uint8 *get_ntlm_challenge(struct auth_context *auth_context) auth_context->challenge_set_by=challenge_set_by; - return auth_context->challenge.data; + memcpy(chal, auth_context->challenge.data, 8); } diff --git a/source3/auth/auth_compat.c b/source3/auth/auth_compat.c index 00d9dea816..925c0d4f81 100644 --- a/source3/auth/auth_compat.c +++ b/source3/auth/auth_compat.c @@ -39,13 +39,14 @@ NTSTATUS check_plaintext_password(const char *smb_name, DATA_BLOB plaintext_pass { struct auth_context *plaintext_auth_context = NULL; auth_usersupplied_info *user_info = NULL; - const uint8 *chal; + uint8_t chal[8]; NTSTATUS nt_status; if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&plaintext_auth_context))) { return nt_status; } - chal = plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context); + plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context, + chal); if (!make_user_info_for_reply(&user_info, smb_name, lp_workgroup(), chal, diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index 0d46b14f97..98f5838707 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -27,11 +27,13 @@ * @return an 8 byte random challenge */ -static const uint8 *auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state) +static void auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state, + uint8_t chal[8]) { AUTH_NTLMSSP_STATE *auth_ntlmssp_state = (AUTH_NTLMSSP_STATE *)ntlmssp_state->auth_context; - return auth_ntlmssp_state->auth_context->get_ntlm_challenge(auth_ntlmssp_state->auth_context); + return auth_ntlmssp_state->auth_context->get_ntlm_challenge( + auth_ntlmssp_state->auth_context, chal); } /** diff --git a/source3/include/auth.h b/source3/include/auth.h index 17bccce3d7..7d778b92d0 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -92,7 +92,8 @@ struct auth_context { struct auth_methods *auth_method_list; TALLOC_CTX *mem_ctx; - const uint8 *(*get_ntlm_challenge)(struct auth_context *auth_context); + void (*get_ntlm_challenge)(struct auth_context *auth_context, + uint8_t chal[8]); NTSTATUS (*check_ntlm_password)(const struct auth_context *auth_context, const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h index 55b9249ea7..f3414fe928 100644 --- a/source3/include/ntlmssp.h +++ b/source3/include/ntlmssp.h @@ -109,7 +109,8 @@ typedef struct ntlmssp_state * @return 8 bytes of challnege data, determined by the server to be the challenge for NTLM authentication * */ - const uint8 *(*get_challenge)(const struct ntlmssp_state *ntlmssp_state); + void (*get_challenge)(const struct ntlmssp_state *ntlmssp_state, + uint8_t challenge[8]); /** * Callback to find if the challenge used by NTLM authentication may be modified diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index cc13476935..0764f97d85 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -110,12 +110,10 @@ void debug_ntlmssp_flags(uint32 neg_flags) * */ -static const uint8 *get_challenge(const struct ntlmssp_state *ntlmssp_state) +static void get_challenge(const struct ntlmssp_state *ntlmssp_state, + uint8_t chal[8]) { - static uchar chal[8]; - generate_random_buffer(chal, sizeof(chal)); - - return chal; + generate_random_buffer(chal, 8); } /** @@ -517,7 +515,7 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, char *dnsdomname = NULL; uint32 neg_flags = 0; uint32 ntlmssp_command, chal_flags; - const uint8 *cryptkey; + uint8_t cryptkey[8]; const char *target_name; /* parse the NTLMSSP packet */ @@ -541,7 +539,7 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, lp_lanman_auth()); /* Ask our caller what challenge they would like in the packet */ - cryptkey = ntlmssp_state->get_challenge(ntlmssp_state); + ntlmssp_state->get_challenge(ntlmssp_state, cryptkey); /* Check if we may set the challenge */ if (!ntlmssp_state->may_set_challenge(ntlmssp_state)) { diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index a38c717665..0c83144a90 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -990,13 +990,13 @@ NTSTATUS _netr_LogonSamLogon(pipes_struct *p, this to challenge/response for the auth subsystem to chew on */ { - const uint8 *chal; + uint8_t chal[8]; if (!NT_STATUS_IS_OK(status = make_auth_context_subsystem(&auth_context))) { return status; } - chal = auth_context->get_ntlm_challenge(auth_context); + auth_context->get_ntlm_challenge(auth_context, chal); if (!make_user_info_netlogon_interactive(&user_info, nt_username, nt_domain, diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index 57608a9b40..a921954c49 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -27,7 +27,6 @@ extern enum protocol_types Protocol; static void get_challenge(uint8 buff[8]) { NTSTATUS nt_status; - const uint8 *cryptkey; /* We might be called more than once, multiple negprots are * permitted */ @@ -42,8 +41,8 @@ static void get_challenge(uint8 buff[8]) smb_panic("cannot make_negprot_global_auth_context!"); } DEBUG(10, ("get challenge: getting challenge\n")); - cryptkey = negprot_global_auth_context->get_ntlm_challenge(negprot_global_auth_context); - memcpy(buff, cryptkey, 8); + negprot_global_auth_context->get_ntlm_challenge( + negprot_global_auth_context, buff); } /**************************************************************************** diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 7a03ef7f3c..8a09ed39a9 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -1691,14 +1691,15 @@ void reply_sesssetup_and_X(struct smb_request *req) } } else { struct auth_context *plaintext_auth_context = NULL; - const uint8 *chal; nt_status = make_auth_context_subsystem( &plaintext_auth_context); if (NT_STATUS_IS_OK(nt_status)) { - chal = plaintext_auth_context->get_ntlm_challenge( - plaintext_auth_context); + uint8_t chal[8]; + + plaintext_auth_context->get_ntlm_challenge( + plaintext_auth_context, chal); if (!make_user_info_for_reply(&user_info, user, domain, chal, |