summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--auth/ntlmssp/gensec_ntlmssp_server.c14
-rw-r--r--auth/ntlmssp/ntlmssp.h59
-rw-r--r--auth/ntlmssp/ntlmssp_private.h87
-rw-r--r--source3/libsmb/ntlmssp_wrap.c1
-rw-r--r--source4/torture/auth/ntlmssp.c1
5 files changed, 66 insertions, 96 deletions
diff --git a/auth/ntlmssp/gensec_ntlmssp_server.c b/auth/ntlmssp/gensec_ntlmssp_server.c
index de86dd509e..6ba3976f7e 100644
--- a/auth/ntlmssp/gensec_ntlmssp_server.c
+++ b/auth/ntlmssp/gensec_ntlmssp_server.c
@@ -81,8 +81,8 @@ NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security,
* @return an 8 byte random challenge
*/
-NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
- uint8_t chal[8])
+static NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
+ uint8_t chal[8])
{
struct gensec_ntlmssp_context *gensec_ntlmssp =
talloc_get_type_abort(ntlmssp_state->callback_private,
@@ -107,7 +107,7 @@ NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
*
* @return If the effective challenge used by the auth subsystem may be modified
*/
-bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
+static bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
{
struct gensec_ntlmssp_context *gensec_ntlmssp =
talloc_get_type_abort(ntlmssp_state->callback_private,
@@ -124,7 +124,7 @@ bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
* NTLM2 authentication modifies the effective challenge,
* @param challenge The new challenge value
*/
-NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge)
+static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge)
{
struct gensec_ntlmssp_context *gensec_ntlmssp =
talloc_get_type_abort(ntlmssp_state->callback_private,
@@ -153,9 +153,9 @@ NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BL
* Return the session keys used on the connection.
*/
-NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
- TALLOC_CTX *mem_ctx,
- DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
+static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
{
struct gensec_ntlmssp_context *gensec_ntlmssp =
talloc_get_type_abort(ntlmssp_state->callback_private,
diff --git a/auth/ntlmssp/ntlmssp.h b/auth/ntlmssp/ntlmssp.h
index eb44913d87..0d6a64e68f 100644
--- a/auth/ntlmssp/ntlmssp.h
+++ b/auth/ntlmssp/ntlmssp.h
@@ -22,8 +22,6 @@
#include "../librpc/gen_ndr/ntlmssp.h"
-NTSTATUS gensec_ntlmssp_init(void);
-
struct auth_context;
struct auth_serversupplied_info;
struct tsocket_address;
@@ -31,15 +29,6 @@ struct auth_user_info_dc;
struct gensec_security;
struct ntlmssp_state;
-struct gensec_ntlmssp_context {
- /* For GENSEC users */
- struct gensec_security *gensec_security;
- void *server_returned_info;
-
- /* used by both client and server implementation */
- struct ntlmssp_state *ntlmssp_state;
-};
-
/* NTLMSSP mode */
enum ntlmssp_role
{
@@ -189,51 +178,7 @@ NTSTATUS ntlmssp_unwrap(struct ntlmssp_state *ntlmssp_stae,
NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state);
bool ntlmssp_blob_matches_magic(const DATA_BLOB *blob);
-/* The following definitions come from ../source4/auth/ntlmssp/ntlmssp.c */
-
-
-/**
- * Return the NTLMSSP master session key
- *
- * @param ntlmssp_state NTLMSSP State
- */
-NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security,
- const DATA_BLOB *first_packet);
-bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
- uint32_t feature);
-NTSTATUS gensec_ntlmssp_session_key(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
- DATA_BLOB *session_key);
-NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security);
-
-/* The following definitions come from ../source4/auth/ntlmssp/ntlmssp_sign.c */
-
-NTSTATUS gensec_ntlmssp_sign_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *sig_mem_ctx,
- const uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- DATA_BLOB *sig);
-NTSTATUS gensec_ntlmssp_check_packet(struct gensec_security *gensec_security,
- const uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- const DATA_BLOB *sig);
-NTSTATUS gensec_ntlmssp_seal_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *sig_mem_ctx,
- uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- DATA_BLOB *sig);
-NTSTATUS gensec_ntlmssp_unseal_packet(struct gensec_security *gensec_security,
- uint8_t *data, size_t length,
- const uint8_t *whole_pdu, size_t pdu_length,
- const DATA_BLOB *sig);
-size_t gensec_ntlmssp_sig_size(struct gensec_security *gensec_security, size_t data_size) ;
-NTSTATUS gensec_ntlmssp_wrap(struct gensec_security *gensec_security,
- TALLOC_CTX *out_mem_ctx,
- const DATA_BLOB *in,
- DATA_BLOB *out);
-NTSTATUS gensec_ntlmssp_unwrap(struct gensec_security *gensec_security,
- TALLOC_CTX *out_mem_ctx,
- const DATA_BLOB *in,
- DATA_BLOB *out);
+
+/* The following definitions come from auth/ntlmssp/gensec_ntlmssp.c */
NTSTATUS gensec_ntlmssp_init(void);
diff --git a/auth/ntlmssp/ntlmssp_private.h b/auth/ntlmssp/ntlmssp_private.h
index 7953d8ef73..cd9f9db411 100644
--- a/auth/ntlmssp/ntlmssp_private.h
+++ b/auth/ntlmssp/ntlmssp_private.h
@@ -41,6 +41,15 @@ union ntlmssp_crypt_state {
} ntlm2;
};
+struct gensec_ntlmssp_context {
+ /* For GENSEC users */
+ struct gensec_security *gensec_security;
+ void *server_returned_info;
+
+ /* used by both client and server implementation */
+ struct ntlmssp_state *ntlmssp_state;
+};
+
/* The following definitions come from auth/ntlmssp.c */
NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security,
@@ -94,7 +103,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
const DATA_BLOB in, DATA_BLOB *out) ;
NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security);
-/* The following definitions come from auth/ntlmssp/ntlmssp_server.c */
+/* The following definitions come from auth/ntlmssp/gensec_ntlmssp_server.c */
/**
@@ -124,6 +133,12 @@ NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security,
const DATA_BLOB in, DATA_BLOB *out);
/**
+ * Start NTLMSSP on the server side
+ *
+ */
+NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security);
+
+/**
* Return the credentials of a logged on user, including session keys
* etc.
*
@@ -136,39 +151,47 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
struct auth_session_info **session_info) ;
-/**
- * Start NTLMSSP on the server side
- *
- */
-NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security);
-
-/**
- * Return the challenge as determined by the authentication subsystem
- * @return an 8 byte random challenge
- */
-
-NTSTATUS auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
- uint8_t chal[8]);
-
-/**
- * Some authentication methods 'fix' the challenge, so we may not be able to set it
- *
- * @return If the effective challenge used by the auth subsystem may be modified
- */
-bool auth_ntlmssp_may_set_challenge(const struct ntlmssp_state *ntlmssp_state);
-
-/**
- * NTLM2 authentication modifies the effective challenge,
- * @param challenge The new challenge value
- */
-NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge);
+/* The following definitions come from auth/ntlmssp/gensec_ntlmssp.c */
+
+NTSTATUS gensec_ntlmssp_sign_packet(struct gensec_security *gensec_security,
+ TALLOC_CTX *sig_mem_ctx,
+ const uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ DATA_BLOB *sig);
+NTSTATUS gensec_ntlmssp_check_packet(struct gensec_security *gensec_security,
+ const uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ const DATA_BLOB *sig);
+NTSTATUS gensec_ntlmssp_seal_packet(struct gensec_security *gensec_security,
+ TALLOC_CTX *sig_mem_ctx,
+ uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ DATA_BLOB *sig);
+NTSTATUS gensec_ntlmssp_unseal_packet(struct gensec_security *gensec_security,
+ uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ const DATA_BLOB *sig);
+size_t gensec_ntlmssp_sig_size(struct gensec_security *gensec_security, size_t data_size) ;
+NTSTATUS gensec_ntlmssp_wrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *out_mem_ctx,
+ const DATA_BLOB *in,
+ DATA_BLOB *out);
+NTSTATUS gensec_ntlmssp_unwrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *out_mem_ctx,
+ const DATA_BLOB *in,
+ DATA_BLOB *out);
/**
- * Check the password on an NTLMSSP login.
+ * Return the NTLMSSP master session key
*
- * Return the session keys used on the connection.
+ * @param ntlmssp_state NTLMSSP State
*/
+NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security,
+ const DATA_BLOB *first_packet);
+bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
+ uint32_t feature);
+NTSTATUS gensec_ntlmssp_session_key(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key);
+NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security);
-NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
- TALLOC_CTX *mem_ctx,
- DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key);
diff --git a/source3/libsmb/ntlmssp_wrap.c b/source3/libsmb/ntlmssp_wrap.c
index 1dda3fb3e4..c0b1307905 100644
--- a/source3/libsmb/ntlmssp_wrap.c
+++ b/source3/libsmb/ntlmssp_wrap.c
@@ -20,6 +20,7 @@
#include "includes.h"
#include "auth/ntlmssp/ntlmssp.h"
+#include "auth/ntlmssp/ntlmssp_private.h"
#include "auth_generic.h"
#include "auth/gensec/gensec.h"
#include "auth/credentials/credentials.h"
diff --git a/source4/torture/auth/ntlmssp.c b/source4/torture/auth/ntlmssp.c
index db2f2db314..bdaa65b9af 100644
--- a/source4/torture/auth/ntlmssp.c
+++ b/source4/torture/auth/ntlmssp.c
@@ -20,6 +20,7 @@
#include "includes.h"
#include "auth/gensec/gensec.h"
#include "auth/ntlmssp/ntlmssp.h"
+#include "auth/ntlmssp/ntlmssp_private.h"
#include "lib/cmdline/popt_common.h"
#include "torture/torture.h"
#include "param/param.h"