summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/cliconnect.c46
-rw-r--r--source3/libsmb/clifile.c2
-rw-r--r--source3/libsmb/clitrans.c21
-rw-r--r--source3/libsmb/dsgetdcname.c2
-rw-r--r--source3/libsmb/nterr.c1
-rw-r--r--source3/libsmb/ntlmssp.c137
6 files changed, 97 insertions, 112 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 1588ae3efe..8b7ac7d718 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -468,7 +468,7 @@ static bool cli_session_setup_blob_send(struct cli_state *cli, DATA_BLOB blob)
SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
cli_setup_packet(cli);
-
+
SCVAL(cli->outbuf,smb_vwv0,0xFF);
SSVAL(cli->outbuf,smb_vwv2,CLI_BUFFER_SIZE);
SSVAL(cli->outbuf,smb_vwv3,2);
@@ -504,10 +504,10 @@ static DATA_BLOB cli_session_setup_blob_receive(struct cli_state *cli)
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
return blob2;
}
-
+
/* use the returned vuid from now on */
cli->vuid = SVAL(cli->inbuf,smb_uid);
-
+
p = smb_buf(cli->inbuf);
blob2 = data_blob(p, SVAL(cli->inbuf, smb_vwv3));
@@ -696,14 +696,14 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
/* wrap it in SPNEGO */
msg1 = spnego_gen_auth(blob_out);
}
-
+
/* now send that blob on its way */
if (!cli_session_setup_blob_send(cli, msg1)) {
DEBUG(3, ("Failed to send NTLMSSP/SPNEGO blob to server!\n"));
nt_status = NT_STATUS_UNSUCCESSFUL;
} else {
blob = cli_session_setup_blob_receive(cli);
-
+
nt_status = cli_nt_error(cli);
if (cli_is_error(cli) && NT_STATUS_IS_OK(nt_status)) {
if (cli->smb_rw_error == SMB_READ_BAD_SIG) {
@@ -715,7 +715,7 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
}
data_blob_free(&msg1);
}
-
+
if (!blob.length) {
if (NT_STATUS_IS_OK(nt_status)) {
nt_status = NT_STATUS_UNSUCCESSFUL;
@@ -761,11 +761,11 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
data_blob_free(&key);
if (res) {
-
+
/* 'resign' the last message, so we get the right sequence numbers
for checking the first reply from the server */
cli_calculate_sign_mac(cli, cli->outbuf);
-
+
if (!cli_check_sign_mac(cli, cli->inbuf)) {
nt_status = NT_STATUS_ACCESS_DENIED;
}
@@ -849,10 +849,10 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
if (pass && *pass) {
int ret;
-
+
use_in_memory_ccache();
ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL);
-
+
if (ret){
TALLOC_FREE(principal);
DEBUG(0, ("Kinit failed: %s\n", error_message(ret)));
@@ -861,7 +861,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
return ADS_ERROR_KRB5(ret);
}
}
-
+
/* If we get a bad principal, try to guess it if
we have a valid host NetBIOS name.
*/
@@ -1132,7 +1132,7 @@ bool cli_send_tconX(struct cli_state *cli,
* Non-encrypted passwords - convert to DOS codepage before using.
*/
passlen = clistr_push(cli, pword, pass, sizeof(pword), STR_TERMINATE);
-
+
} else {
if (passlen) {
memcpy(pword, pass, passlen);
@@ -1175,7 +1175,7 @@ bool cli_send_tconX(struct cli_state *cli,
/* almost certainly win95 - enable bug fixes */
cli->win95 = True;
}
-
+
/* Make sure that we have the optional support 16-bit field. WCT > 2 */
/* Avoids issues when connecting to Win9x boxes sharing files */
@@ -1198,11 +1198,11 @@ bool cli_tdis(struct cli_state *cli)
SCVAL(cli->outbuf,smb_com,SMBtdis);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
-
+
cli_send_smb(cli);
if (!cli_receive_smb(cli))
return False;
-
+
if (cli_is_error(cli)) {
return False;
}
@@ -1265,7 +1265,7 @@ bool cli_negprot(struct cli_state *cli)
prots[numprots].name && prots[numprots].prot<=cli->protocol;
numprots++)
plength += strlen(prots[numprots].name)+2;
-
+
cli_set_message(cli->outbuf,0,plength,True);
p = smb_buf(cli->outbuf);
@@ -1397,9 +1397,13 @@ bool cli_session_request(struct cli_state *cli,
char *p;
int len = 4;
+ /* 445 doesn't have session request */
+ if (cli->port == 445)
+ return True;
+
memcpy(&(cli->calling), calling, sizeof(*calling));
memcpy(&(cli->called ), called , sizeof(*called ));
-
+
/* put in the destination name */
p = cli->outbuf+len;
name_mangle(cli->called .name, p, cli->called .name_type);
@@ -1410,10 +1414,6 @@ bool cli_session_request(struct cli_state *cli,
name_mangle(cli->calling.name, p, cli->calling.name_type);
len += name_len(p);
- /* 445 doesn't have session request */
- if (cli->port == 445)
- return True;
-
/* send a session request (RFC 1002) */
/* setup the packet length
* Remove four bytes from the length count, since the length
@@ -1605,11 +1605,11 @@ NTSTATUS cli_start_connection(struct cli_state **output_cli,
if (!my_name)
my_name = global_myname();
-
+
if (!(cli = cli_initialise())) {
return NT_STATUS_NO_MEMORY;
}
-
+
make_nmb_name(&calling, my_name, 0x0);
make_nmb_name(&called , dest_host, 0x20);
diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index 1c525363f7..a9e81082ea 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -66,7 +66,7 @@ static bool cli_link_internal(struct cli_state *cli, const char *oldname, const
-1, 0, /* fid, flags */
&setup, 1, 0, /* setup, length, max */
param, param_len, 2, /* param, length, max */
- (char *)&data, data_len, cli->max_xmit /* data, length, max */
+ data, data_len, cli->max_xmit /* data, length, max */
)) {
SAFE_FREE(data);
SAFE_FREE(param);
diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c
index c929f0b7a9..bbdfb75fcd 100644
--- a/source3/libsmb/clitrans.c
+++ b/source3/libsmb/clitrans.c
@@ -978,19 +978,6 @@ static void cli_trans_ship_rest(struct async_req *req,
}
}
-static bool cli_trans_oob(uint32_t bufsize, uint32_t offset, uint32_t length)
-{
- if ((offset + length < offset) || (offset + length < length)) {
- /* wrap */
- return true;
- }
- if ((offset > bufsize) || (offset + length > bufsize)) {
- /* overflow */
- return true;
- }
- return false;
-}
-
static NTSTATUS cli_pull_trans(struct async_req *req,
struct cli_request *cli_req,
uint8_t smb_cmd, bool expect_first_reply,
@@ -1072,10 +1059,10 @@ static NTSTATUS cli_pull_trans(struct async_req *req,
* length. Likewise for param_ofs/param_disp.
*/
- if (cli_trans_oob(smb_len(cli_req->inbuf), param_ofs, *pnum_param)
- || cli_trans_oob(*ptotal_param, *pparam_disp, *pnum_param)
- || cli_trans_oob(smb_len(cli_req->inbuf), data_ofs, *pnum_data)
- || cli_trans_oob(*ptotal_data, *pdata_disp, *pnum_data)) {
+ if (trans_oob(smb_len(cli_req->inbuf), param_ofs, *pnum_param)
+ || trans_oob(*ptotal_param, *pparam_disp, *pnum_param)
+ || trans_oob(smb_len(cli_req->inbuf), data_ofs, *pnum_data)
+ || trans_oob(*ptotal_data, *pdata_disp, *pnum_data)) {
return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c
index ff0a8f9808..d8c2b70175 100644
--- a/source3/libsmb/dsgetdcname.c
+++ b/source3/libsmb/dsgetdcname.c
@@ -1040,6 +1040,8 @@ static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx,
r->data.nt4 = logon1;
r->ntver = nt_version;
+ map_netlogon_samlogon_response(r);
+
namecache_store(tmp_dc_name, NBT_NAME_SERVER, 1, &ip_list);
goto make_reply;
diff --git a/source3/libsmb/nterr.c b/source3/libsmb/nterr.c
index 1ba230cefe..465d88a9b6 100644
--- a/source3/libsmb/nterr.c
+++ b/source3/libsmb/nterr.c
@@ -532,6 +532,7 @@ static const nt_err_code_struct nt_errs[] =
{ "NT_STATUS_TOO_MANY_LINKS", NT_STATUS_TOO_MANY_LINKS },
{ "NT_STATUS_QUOTA_LIST_INCONSISTENT", NT_STATUS_QUOTA_LIST_INCONSISTENT },
{ "NT_STATUS_FILE_IS_OFFLINE", NT_STATUS_FILE_IS_OFFLINE },
+ { "NT_STATUS_DS_BUSY", NT_STATUS_DS_BUSY },
{ "NT_STATUS_DS_NO_MORE_RIDS", NT_STATUS_DS_NO_MORE_RIDS },
{ "NT_STATUS_NOT_A_REPARSE_POINT", NT_STATUS_NOT_A_REPARSE_POINT },
{ "NT_STATUS_DOWNGRADE_DETECTED", NT_STATUS_DOWNGRADE_DETECTED },
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index a0e54ce769..cc13476935 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -11,12 +11,12 @@
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -60,7 +60,7 @@ static const struct ntlmssp_callbacks {
void debug_ntlmssp_flags(uint32 neg_flags)
{
DEBUG(3,("Got NTLMSSP neg_flags=0x%08x\n", neg_flags));
-
+
if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE)
DEBUGADD(4, (" NTLMSSP_NEGOTIATE_UNICODE\n"));
if (neg_flags & NTLMSSP_NEGOTIATE_OEM)
@@ -109,7 +109,7 @@ void debug_ntlmssp_flags(uint32 neg_flags)
* Default challenge generation code.
*
*/
-
+
static const uint8 *get_challenge(const struct ntlmssp_state *ntlmssp_state)
{
static uchar chal[8];
@@ -122,7 +122,7 @@ static const uint8 *get_challenge(const struct ntlmssp_state *ntlmssp_state)
* Default 'we can set the challenge to anything we like' implementation
*
*/
-
+
static bool may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
{
return True;
@@ -134,7 +134,7 @@ static bool may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
* Does not actually do anything, as the value is always in the structure anyway.
*
*/
-
+
static NTSTATUS set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge)
{
SMB_ASSERT(challenge->length == 8);
@@ -148,7 +148,7 @@ static NTSTATUS set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *ch
NTSTATUS ntlmssp_set_username(NTLMSSP_STATE *ntlmssp_state, const char *user)
{
- ntlmssp_state->user = talloc_strdup(ntlmssp_state->mem_ctx, user ? user : "" );
+ ntlmssp_state->user = talloc_strdup(ntlmssp_state, user ? user : "" );
if (!ntlmssp_state->user) {
return NT_STATUS_NO_MEMORY;
}
@@ -164,9 +164,9 @@ NTSTATUS ntlmssp_set_hashes(NTLMSSP_STATE *ntlmssp_state,
const unsigned char nt_hash[16])
{
ntlmssp_state->lm_hash = (unsigned char *)
- TALLOC_MEMDUP(ntlmssp_state->mem_ctx, lm_hash, 16);
+ TALLOC_MEMDUP(ntlmssp_state, lm_hash, 16);
ntlmssp_state->nt_hash = (unsigned char *)
- TALLOC_MEMDUP(ntlmssp_state->mem_ctx, nt_hash, 16);
+ TALLOC_MEMDUP(ntlmssp_state, nt_hash, 16);
if (!ntlmssp_state->lm_hash || !ntlmssp_state->nt_hash) {
TALLOC_FREE(ntlmssp_state->lm_hash);
TALLOC_FREE(ntlmssp_state->nt_hash);
@@ -201,7 +201,8 @@ NTSTATUS ntlmssp_set_password(NTLMSSP_STATE *ntlmssp_state, const char *password
*/
NTSTATUS ntlmssp_set_domain(NTLMSSP_STATE *ntlmssp_state, const char *domain)
{
- ntlmssp_state->domain = talloc_strdup(ntlmssp_state->mem_ctx, domain ? domain : "" );
+ ntlmssp_state->domain = talloc_strdup(ntlmssp_state,
+ domain ? domain : "" );
if (!ntlmssp_state->domain) {
return NT_STATUS_NO_MEMORY;
}
@@ -214,7 +215,7 @@ NTSTATUS ntlmssp_set_domain(NTLMSSP_STATE *ntlmssp_state, const char *domain)
*/
NTSTATUS ntlmssp_set_workstation(NTLMSSP_STATE *ntlmssp_state, const char *workstation)
{
- ntlmssp_state->workstation = talloc_strdup(ntlmssp_state->mem_ctx, workstation);
+ ntlmssp_state->workstation = talloc_strdup(ntlmssp_state, workstation);
if (!ntlmssp_state->workstation) {
return NT_STATUS_NO_MEMORY;
}
@@ -229,8 +230,9 @@ NTSTATUS ntlmssp_set_workstation(NTLMSSP_STATE *ntlmssp_state, const char *works
NTSTATUS ntlmssp_store_response(NTLMSSP_STATE *ntlmssp_state,
DATA_BLOB response)
{
- ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state->mem_ctx,
- response.data, response.length);
+ ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state,
+ response.data,
+ response.length);
return NT_STATUS_OK;
}
@@ -277,7 +279,7 @@ void ntlmssp_want_feature(NTLMSSP_STATE *ntlmssp_state, uint32 feature)
ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
}
}
-
+
/**
* Next state function for the NTLMSSP state machine
*
@@ -304,7 +306,7 @@ NTSTATUS ntlmssp_update(NTLMSSP_STATE *ntlmssp_state,
if (!in.length && ntlmssp_state->stored_response.length) {
input = ntlmssp_state->stored_response;
-
+
/* we only want to read the stored response once - overwrite it */
ntlmssp_state->stored_response = data_blob_null;
} else {
@@ -357,16 +359,13 @@ NTSTATUS ntlmssp_update(NTLMSSP_STATE *ntlmssp_state,
void ntlmssp_end(NTLMSSP_STATE **ntlmssp_state)
{
- TALLOC_CTX *mem_ctx = (*ntlmssp_state)->mem_ctx;
-
(*ntlmssp_state)->ref_count--;
if ((*ntlmssp_state)->ref_count == 0) {
data_blob_free(&(*ntlmssp_state)->chal);
data_blob_free(&(*ntlmssp_state)->lm_resp);
data_blob_free(&(*ntlmssp_state)->nt_resp);
-
- talloc_destroy(mem_ctx);
+ TALLOC_FREE(*ntlmssp_state);
}
*ntlmssp_state = NULL;
@@ -562,13 +561,14 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
if (target_name == NULL)
return NT_STATUS_INVALID_PARAMETER;
- ntlmssp_state->chal = data_blob_talloc(ntlmssp_state->mem_ctx, cryptkey, 8);
- ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state->mem_ctx, cryptkey, 8);
+ ntlmssp_state->chal = data_blob_talloc(ntlmssp_state, cryptkey, 8);
+ ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state,
+ cryptkey, 8);
/* This should be a 'netbios domain -> DNS domain' mapping */
- dnsdomname = get_mydnsdomname(ntlmssp_state->mem_ctx);
+ dnsdomname = get_mydnsdomname(ntlmssp_state);
if (!dnsdomname) {
- dnsdomname = talloc_strdup(ntlmssp_state->mem_ctx, "");
+ dnsdomname = talloc_strdup(ntlmssp_state, "");
}
if (!dnsdomname) {
return NT_STATUS_NO_MEMORY;
@@ -685,7 +685,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
SAFE_FREE(workstation);
data_blob_free(&encrypted_session_key);
auth_flags = 0;
-
+
/* Try again with a shorter string (Win9X truncates this packet) */
if (ntlmssp_state->unicode) {
parse_string = "CdBBUUU";
@@ -753,24 +753,25 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
/* NTLM2 uses a 'challenge' that is made of up both the server challenge, and a
client challenge
-
+
However, the NTLM2 flag may still be set for the real NTLMv2 logins, be careful.
*/
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
if (ntlmssp_state->nt_resp.length == 24 && ntlmssp_state->lm_resp.length == 24) {
struct MD5Context md5_session_nonce_ctx;
SMB_ASSERT(ntlmssp_state->internal_chal.data && ntlmssp_state->internal_chal.length == 8);
-
+
doing_ntlm2 = True;
memcpy(session_nonce, ntlmssp_state->internal_chal.data, 8);
memcpy(&session_nonce[8], ntlmssp_state->lm_resp.data, 8);
-
+
MD5Init(&md5_session_nonce_ctx);
MD5Update(&md5_session_nonce_ctx, session_nonce, 16);
MD5Final(session_nonce_hash, &md5_session_nonce_ctx);
-
- ntlmssp_state->chal = data_blob_talloc(ntlmssp_state->mem_ctx, session_nonce_hash, 8);
+
+ ntlmssp_state->chal = data_blob_talloc(
+ ntlmssp_state, session_nonce_hash, 8);
/* LM response is no longer useful */
data_blob_free(&ntlmssp_state->lm_resp);
@@ -807,12 +808,13 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
/* Handle the different session key derivation for NTLM2 */
if (doing_ntlm2) {
if (user_session_key.data && user_session_key.length == 16) {
- session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+ session_key = data_blob_talloc(ntlmssp_state,
+ NULL, 16);
hmac_md5(user_session_key.data, session_nonce,
sizeof(session_nonce), session_key.data);
DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n"));
dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length);
-
+
} else {
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM2 session key.\n"));
session_key = data_blob_null;
@@ -820,7 +822,8 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
} else if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) {
if (lm_session_key.data && lm_session_key.length >= 8) {
if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
- session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+ session_key = data_blob_talloc(ntlmssp_state,
+ NULL, 16);
if (session_key.data == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -831,7 +834,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
uint8 zeros[24];
ZERO_STRUCT(zeros);
session_key = data_blob_talloc(
- ntlmssp_state->mem_ctx, NULL, 16);
+ ntlmssp_state, NULL, 16);
if (session_key.data == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -875,9 +878,9 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
SamOEMhash(encrypted_session_key.data,
session_key.data,
encrypted_session_key.length);
- ntlmssp_state->session_key = data_blob_talloc(ntlmssp_state->mem_ctx,
- encrypted_session_key.data,
- encrypted_session_key.length);
+ ntlmssp_state->session_key = data_blob_talloc(
+ ntlmssp_state, encrypted_session_key.data,
+ encrypted_session_key.length);
dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data,
encrypted_session_key.length);
}
@@ -892,7 +895,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
}
data_blob_free(&encrypted_session_key);
-
+
/* Only one authentication allowed per server state. */
ntlmssp_state->expected_state = NTLMSSP_DONE;
@@ -907,20 +910,15 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
NTSTATUS ntlmssp_server_start(NTLMSSP_STATE **ntlmssp_state)
{
- TALLOC_CTX *mem_ctx;
-
- mem_ctx = talloc_init("NTLMSSP context");
-
- *ntlmssp_state = TALLOC_ZERO_P(mem_ctx, NTLMSSP_STATE);
+ *ntlmssp_state = TALLOC_ZERO_P(NULL, NTLMSSP_STATE);
if (!*ntlmssp_state) {
DEBUG(0,("ntlmssp_server_start: talloc failed!\n"));
- talloc_destroy(mem_ctx);
+ talloc_destroy(*ntlmssp_state);
return NT_STATUS_NO_MEMORY;
}
(*ntlmssp_state)->role = NTLMSSP_SERVER;
- (*ntlmssp_state)->mem_ctx = mem_ctx;
(*ntlmssp_state)->get_challenge = get_challenge;
(*ntlmssp_state)->set_challenge = set_challenge;
(*ntlmssp_state)->may_set_challenge = may_set_challenge;
@@ -968,7 +966,7 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
} else {
ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_OEM;
}
-
+
if (ntlmssp_state->use_ntlmv2) {
ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
}
@@ -1021,7 +1019,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
return NT_STATUS_INVALID_PARAMETER;
}
-
+
data_blob_free(&server_domain_blob);
DEBUG(3, ("Got challenge flags:\n"));
@@ -1062,7 +1060,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
return NT_STATUS_INVALID_PARAMETER;
}
- ntlmssp_state->server_domain = talloc_strdup(ntlmssp_state->mem_ctx,
+ ntlmssp_state->server_domain = talloc_strdup(ntlmssp_state,
server_domain);
SAFE_FREE(server_domain);
@@ -1078,8 +1076,8 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
ZERO_STRUCT(zeros);
/* session key is all zeros */
- session_key = data_blob_talloc(ntlmssp_state->mem_ctx, zeros, 16);
-
+ session_key = data_blob_talloc(ntlmssp_state, zeros, 16);
+
/* not doing NLTM2 without a password */
ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2;
} else if (ntlmssp_state->use_ntlmv2) {
@@ -1092,7 +1090,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
/* TODO: if the remote server is standalone, then we should replace 'domain'
with the server name as supplied above */
-
+
if (!SMBNTLMv2encrypt_hash(ntlmssp_state->user,
ntlmssp_state->domain,
ntlmssp_state->nt_hash, &challenge_blob,
@@ -1107,14 +1105,14 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
uchar session_nonce[16];
uchar session_nonce_hash[16];
uchar user_session_key[16];
-
- lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+
+ lm_response = data_blob_talloc(ntlmssp_state, NULL, 24);
generate_random_buffer(lm_response.data, 8);
memset(lm_response.data+8, 0, 16);
memcpy(session_nonce, challenge_blob.data, 8);
memcpy(&session_nonce[8], lm_response.data, 8);
-
+
MD5Init(&md5_session_nonce_ctx);
MD5Update(&md5_session_nonce_ctx, challenge_blob.data, 8);
MD5Update(&md5_session_nonce_ctx, lm_response.data, 8);
@@ -1123,13 +1121,13 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
DEBUG(5, ("NTLMSSP challenge set by NTLM2\n"));
DEBUG(5, ("challenge is: \n"));
dump_data(5, session_nonce_hash, 8);
-
- nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+
+ nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
SMBNTencrypt_hash(ntlmssp_state->nt_hash,
session_nonce_hash,
nt_response.data);
- session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+ session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
SMBsesskeygen_ntv1(ntlmssp_state->nt_hash, NULL, user_session_key);
hmac_md5(user_session_key, session_nonce, sizeof(session_nonce), session_key.data);
@@ -1137,16 +1135,17 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
} else {
/* lanman auth is insecure, it may be disabled */
if (lp_client_lanman_auth()) {
- lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+ lm_response = data_blob_talloc(ntlmssp_state,
+ NULL, 24);
SMBencrypt_hash(ntlmssp_state->lm_hash,challenge_blob.data,
lm_response.data);
}
-
- nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
+
+ nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
SMBNTencrypt_hash(ntlmssp_state->nt_hash,challenge_blob.data,
nt_response.data);
-
- session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+
+ session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY)
&& lp_client_lanman_auth()) {
SMBsesskeygen_lm_sess_key(ntlmssp_state->lm_hash, lm_response.data,
@@ -1174,7 +1173,9 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
/* Mark the new session key as the 'real' session key */
data_blob_free(&session_key);
- session_key = data_blob_talloc(ntlmssp_state->mem_ctx, client_session_key, sizeof(client_session_key));
+ session_key = data_blob_talloc(ntlmssp_state,
+ client_session_key,
+ sizeof(client_session_key));
}
/* this generates the actual auth packet */
@@ -1188,7 +1189,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
ntlmssp_state->get_global_myname(),
encrypted_session_key.data, encrypted_session_key.length,
ntlmssp_state->neg_flags)) {
-
+
return NT_STATUS_NO_MEMORY;
}
@@ -1213,21 +1214,15 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
NTSTATUS ntlmssp_client_start(NTLMSSP_STATE **ntlmssp_state)
{
- TALLOC_CTX *mem_ctx;
-
- mem_ctx = talloc_init("NTLMSSP Client context");
-
- *ntlmssp_state = TALLOC_ZERO_P(mem_ctx, NTLMSSP_STATE);
+ *ntlmssp_state = TALLOC_ZERO_P(NULL, NTLMSSP_STATE);
if (!*ntlmssp_state) {
DEBUG(0,("ntlmssp_client_start: talloc failed!\n"));
- talloc_destroy(mem_ctx);
+ talloc_destroy(*ntlmssp_state);
return NT_STATUS_NO_MEMORY;
}
(*ntlmssp_state)->role = NTLMSSP_CLIENT;
- (*ntlmssp_state)->mem_ctx = mem_ctx;
-
(*ntlmssp_state)->get_global_myname = global_myname;
(*ntlmssp_state)->get_domain = lp_workgroup;
generated by cgit (git 2.34.1) at 2024-11-10 02:03:19 +0000