diff options
-rw-r--r-- | source4/auth/auth_util.c | 2 | ||||
-rw-r--r-- | source4/kdc/hdb-ldb.c | 1 | ||||
-rw-r--r-- | source4/kdc/kdc.h | 1 | ||||
-rw-r--r-- | source4/kdc/pac-glue.c | 2 | ||||
-rw-r--r-- | source4/libcli/auth/smbencrypt.c | 5 | ||||
-rw-r--r-- | source4/libcli/smb_composite/sesssetup.c | 4 | ||||
-rw-r--r-- | source4/nsswitch/wbinfo.c | 2 | ||||
-rw-r--r-- | source4/torture/rpc/netlogon.c | 2 | ||||
-rw-r--r-- | source4/torture/rpc/samba3rpc.c | 3 | ||||
-rw-r--r-- | source4/torture/rpc/samlogon.c | 4 | ||||
-rw-r--r-- | source4/torture/rpc/schannel.c | 2 | ||||
-rw-r--r-- | source4/winbind/wb_pam_auth.c | 1 |
12 files changed, 17 insertions, 12 deletions
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index b1f0e60507..5d2bc6bac0 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -144,7 +144,7 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex chall_blob = data_blob_talloc(mem_ctx, challenge, 8); if (lp_client_ntlmv2_auth(auth_context->lp_ctx)) { - DATA_BLOB names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(auth_context->lp_ctx), lp_workgroup(auth_context->lp_ctx)); + DATA_BLOB names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_iconv_convenience(auth_context->lp_ctx), lp_netbios_name(auth_context->lp_ctx), lp_workgroup(auth_context->lp_ctx)); DATA_BLOB lmv2_response, ntlmv2_response, lmv2_session_key, ntlmv2_session_key; if (!SMBNTLMv2encrypt_hash(user_info_temp, diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c index 2143d26cde..ff226e5b46 100644 --- a/source4/kdc/hdb-ldb.c +++ b/source4/kdc/hdb-ldb.c @@ -431,6 +431,7 @@ static krb5_error_code LDB_message2entry(krb5_context context, HDB *db, private->entry_ex = entry_ex; private->iconv_convenience = lp_iconv_convenience(lp_ctx); + private->netbios_name = lp_netbios_name(lp_ctx); talloc_set_destructor(private, hdb_ldb_destrutor); diff --git a/source4/kdc/kdc.h b/source4/kdc/kdc.h index 78276183c2..3a1f9bd34e 100644 --- a/source4/kdc/kdc.h +++ b/source4/kdc/kdc.h @@ -55,4 +55,5 @@ struct hdb_ldb_private { struct ldb_message *msg; struct ldb_message *realm_ref_msg; hdb_entry_ex *entry_ex; + const char *netbios_name; }; diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index cf55618a06..a99cf6ded8 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -127,7 +127,7 @@ krb5_error_code samba_kdc_get_pac(void *priv, } nt_status = authsam_make_server_info(mem_ctx, private->samdb, - lp_netbios_name(global_loadparm), + private->netbios_name, private->msg, private->realm_ref_msg, data_blob(NULL, 0), diff --git a/source4/libcli/auth/smbencrypt.c b/source4/libcli/auth/smbencrypt.c index c5223db63f..cefb55e205 100644 --- a/source4/libcli/auth/smbencrypt.c +++ b/source4/libcli/auth/smbencrypt.c @@ -100,7 +100,7 @@ _PUBLIC_ bool E_deshash(const char *passwd, uint8_t p16[16]) /* Password must be converted to DOS charset - null terminated, uppercase. */ push_string(lp_iconv_convenience(global_loadparm), dospwd, passwd, sizeof(dospwd), STR_ASCII|STR_UPPER|STR_TERMINATE); - /* Only the fisrt 14 chars are considered, password need not be null terminated. */ + /* Only the first 14 chars are considered, password need not be null terminated. */ E_P16((const uint8_t *)dospwd, p16); if (strlen(dospwd) > 14) { @@ -296,12 +296,13 @@ void SMBsesskeygen_lm_sess_key(const uint8_t lm_hash[16], } DATA_BLOB NTLMv2_generate_names_blob(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, const char *hostname, const char *domain) { DATA_BLOB names_blob = data_blob_talloc(mem_ctx, NULL, 0); - msrpc_gen(mem_ctx, lp_iconv_convenience(global_loadparm), &names_blob, + msrpc_gen(mem_ctx, iconv_convenience, &names_blob, "aaa", NTLMSSP_NAME_TYPE_DOMAIN, domain, NTLMSSP_NAME_TYPE_SERVER, hostname, diff --git a/source4/libcli/smb_composite/sesssetup.c b/source4/libcli/smb_composite/sesssetup.c index ce7bcc143e..f5a976958d 100644 --- a/source4/libcli/smb_composite/sesssetup.c +++ b/source4/libcli/smb_composite/sesssetup.c @@ -223,7 +223,7 @@ static NTSTATUS session_setup_nt1(struct composite_context *c, NTSTATUS nt_status; struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state); const char *password = cli_credentials_get_password(io->in.credentials); - DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, lp_workgroup(global_loadparm)); + DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, lp_iconv_convenience(global_loadparm), session->transport->socket->hostname, lp_workgroup(global_loadparm)); DATA_BLOB session_key; int flags = CLI_CRED_NTLM_AUTH; if (lp_client_lanman_auth(global_loadparm)) { @@ -290,7 +290,7 @@ static NTSTATUS session_setup_old(struct composite_context *c, NTSTATUS nt_status; struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state); const char *password = cli_credentials_get_password(io->in.credentials); - DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, lp_workgroup(global_loadparm)); + DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, lp_iconv_convenience(global_loadparm), session->transport->socket->hostname, lp_workgroup(global_loadparm)); DATA_BLOB session_key; int flags = 0; if (lp_client_lanman_auth(global_loadparm)) { diff --git a/source4/nsswitch/wbinfo.c b/source4/nsswitch/wbinfo.c index b2748833e6..7ead27939e 100644 --- a/source4/nsswitch/wbinfo.c +++ b/source4/nsswitch/wbinfo.c @@ -837,7 +837,7 @@ static bool wbinfo_auth_crap(struct loadparm_context *lp_ctx, char *username) server_chal = data_blob(request.data.auth_crap.chal, 8); /* Pretend this is a login to 'us', for blob purposes */ - names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(lp_ctx), lp_workgroup(lp_ctx)); + names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_iconv_convenience(lp_ctx), lp_netbios_name(lp_ctx), lp_workgroup(lp_ctx)); if (!SMBNTLMv2encrypt(mem_ctx, name_user, name_domain, pass, &server_chal, &names_blob, diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c index a13172b695..5b92ce1382 100644 --- a/source4/torture/rpc/netlogon.c +++ b/source4/torture/rpc/netlogon.c @@ -532,7 +532,7 @@ bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx, chal = data_blob_const(ninfo.challenge, sizeof(ninfo.challenge)); - names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials), + names_blob = NTLMv2_generate_names_blob(tctx, lp_iconv_convenience(tctx->lp_ctx), cli_credentials_get_workstation(credentials), cli_credentials_get_domain(credentials)); status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx, diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index 9e46993bad..1386f61c2b 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -985,7 +985,8 @@ static bool schan(struct smbcli_state *cli, generate_random_buffer(chal.data, chal.length); names_blob = NTLMv2_generate_names_blob( - mem_ctx, cli_credentials_get_workstation(user_creds), + mem_ctx, lp_iconv_convenience(lp_ctx), + cli_credentials_get_workstation(user_creds), cli_credentials_get_domain(user_creds)); status = cli_credentials_get_ntlm_response( user_creds, mem_ctx, &flags, chal, names_blob, diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c index 89352ba8c4..aba7147716 100644 --- a/source4/torture/rpc/samlogon.c +++ b/source4/torture/rpc/samlogon.c @@ -592,7 +592,7 @@ static bool test_lmv2_ntlmv2_broken(struct samlogon_state *samlogon_state, DATA_BLOB lmv2_response = data_blob(NULL, 0); DATA_BLOB lmv2_session_key = data_blob(NULL, 0); DATA_BLOB ntlmv2_session_key = data_blob(NULL, 0); - DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, TEST_MACHINE_NAME, lp_workgroup(global_loadparm)); + DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, samlogon_state->iconv_convenience, TEST_MACHINE_NAME, lp_workgroup(global_loadparm)); uint8_t lm_session_key[8]; uint8_t user_session_key[16]; @@ -740,7 +740,7 @@ static bool test_lmv2_ntlm_broken(struct samlogon_state *samlogon_state, DATA_BLOB lmv2_response = data_blob(NULL, 0); DATA_BLOB lmv2_session_key = data_blob(NULL, 0); DATA_BLOB ntlmv2_session_key = data_blob(NULL, 0); - DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, lp_netbios_name(global_loadparm), lp_workgroup(global_loadparm)); + DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, samlogon_state->iconv_convenience, lp_netbios_name(global_loadparm), lp_workgroup(global_loadparm)); DATA_BLOB ntlm_response = data_blob_talloc(samlogon_state->mem_ctx, NULL, 24); DATA_BLOB ntlm_session_key = data_blob_talloc(samlogon_state->mem_ctx, NULL, 16); diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c index cb9b8be2c9..5a91366980 100644 --- a/source4/torture/rpc/schannel.c +++ b/source4/torture/rpc/schannel.c @@ -64,7 +64,7 @@ bool test_netlogon_ex_ops(struct dcerpc_pipe *p, struct torture_context *tctx, chal = data_blob_const(ninfo.challenge, sizeof(ninfo.challenge)); - names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials), + names_blob = NTLMv2_generate_names_blob(tctx, lp_iconv_convenience(tctx->lp_ctx), cli_credentials_get_workstation(credentials), cli_credentials_get_domain(credentials)); status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx, diff --git a/source4/winbind/wb_pam_auth.c b/source4/winbind/wb_pam_auth.c index a34f3fbdd0..0073e3fdf8 100644 --- a/source4/winbind/wb_pam_auth.c +++ b/source4/winbind/wb_pam_auth.c @@ -258,6 +258,7 @@ struct composite_context *wb_cmd_pam_auth_send(TALLOC_CTX *mem_ctx, names_blob = NTLMv2_generate_names_blob( mem_ctx, + lp_iconv_convenience(service->task->lp_ctx), cli_credentials_get_workstation(credentials), cli_credentials_get_domain(credentials)); |