summaryrefslogtreecommitdiff
path: root/source4/auth/ntlm
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth/ntlm')
-rw-r--r--source4/auth/ntlm/auth.c271
-rw-r--r--source4/auth/ntlm/auth_proto.h50
-rw-r--r--source4/auth/ntlm/auth_server.c7
-rw-r--r--source4/auth/ntlm/auth_util.c12
-rw-r--r--source4/auth/ntlm/auth_winbind.c6
-rw-r--r--source4/auth/ntlm/config.mk4
6 files changed, 161 insertions, 189 deletions
diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c
index 5520c9d01f..d5df387d80 100644
--- a/source4/auth/ntlm/auth.c
+++ b/source4/auth/ntlm/auth.c
@@ -19,10 +19,11 @@
*/
#include "includes.h"
+#include <tevent.h>
+#include "../lib/util/tevent_ntstatus.h"
#include "../lib/util/dlinklist.h"
#include "auth/auth.h"
#include "auth/ntlm/auth_proto.h"
-#include "lib/events/events.h"
#include "param/param.h"
/***************************************************************************
@@ -42,7 +43,7 @@ _PUBLIC_ NTSTATUS auth_context_set_challenge(struct auth_context *auth_ctx, cons
/***************************************************************************
Set a fixed challenge
***************************************************************************/
-bool auth_challenge_may_be_modified(struct auth_context *auth_ctx)
+_PUBLIC_ bool auth_challenge_may_be_modified(struct auth_context *auth_ctx)
{
return auth_ctx->challenge.may_be_modified;
}
@@ -51,42 +52,34 @@ bool auth_challenge_may_be_modified(struct auth_context *auth_ctx)
Try to get a challenge out of the various authentication modules.
Returns a const char of length 8 bytes.
****************************************************************************/
-_PUBLIC_ NTSTATUS auth_get_challenge(struct auth_context *auth_ctx, const uint8_t **_chal)
+_PUBLIC_ NTSTATUS auth_get_challenge(struct auth_context *auth_ctx, uint8_t chal[8])
{
NTSTATUS nt_status;
struct auth_method_context *method;
- if (auth_ctx->challenge.data.length) {
+ if (auth_ctx->challenge.data.length == 8) {
DEBUG(5, ("auth_get_challenge: returning previous challenge by module %s (normal)\n",
auth_ctx->challenge.set_by));
- *_chal = auth_ctx->challenge.data.data;
+ memcpy(chal, auth_ctx->challenge.data.data, 8);
return NT_STATUS_OK;
}
for (method = auth_ctx->methods; method; method = method->next) {
- DATA_BLOB challenge = data_blob(NULL,0);
-
- nt_status = method->ops->get_challenge(method, auth_ctx, &challenge);
+ nt_status = method->ops->get_challenge(method, auth_ctx, chal);
if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOT_IMPLEMENTED)) {
continue;
}
NT_STATUS_NOT_OK_RETURN(nt_status);
- if (challenge.length != 8) {
- DEBUG(0, ("auth_get_challenge: invalid challenge (length %u) by mothod [%s]\n",
- (unsigned)challenge.length, method->ops->name));
- return NT_STATUS_INTERNAL_ERROR;
- }
-
- auth_ctx->challenge.data = challenge;
+ auth_ctx->challenge.data = data_blob_talloc(auth_ctx, chal, 8);
+ NT_STATUS_HAVE_NO_MEMORY(auth_ctx->challenge.data.data);
auth_ctx->challenge.set_by = method->ops->name;
break;
}
if (!auth_ctx->challenge.set_by) {
- uint8_t chal[8];
generate_random_buffer(chal, 8);
auth_ctx->challenge.data = data_blob_talloc(auth_ctx, chal, 8);
@@ -99,7 +92,6 @@ _PUBLIC_ NTSTATUS auth_get_challenge(struct auth_context *auth_ctx, const uint8_
DEBUG(10,("auth_get_challenge: challenge set by %s\n",
auth_ctx->challenge.set_by));
- *_chal = auth_ctx->challenge.data.data;
return NT_STATUS_OK;
}
@@ -133,22 +125,6 @@ _PUBLIC_ NTSTATUS auth_get_server_info_principal(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
-struct auth_check_password_sync_state {
- bool finished;
- NTSTATUS status;
- struct auth_serversupplied_info *server_info;
-};
-
-static void auth_check_password_sync_callback(struct auth_check_password_request *req,
- void *private_data)
-{
- struct auth_check_password_sync_state *s = talloc_get_type(private_data,
- struct auth_check_password_sync_state);
-
- s->finished = true;
- s->status = auth_check_password_recv(req, s, &s->server_info);
-}
-
/**
* Check a user's Plaintext, LM or NTLM password.
* (sync version)
@@ -181,48 +157,43 @@ _PUBLIC_ NTSTATUS auth_check_password(struct auth_context *auth_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info)
{
- struct auth_check_password_sync_state *sync_state;
+ struct tevent_req *subreq;
+ struct tevent_context *ev;
+ bool ok;
NTSTATUS status;
- sync_state = talloc_zero(auth_ctx, struct auth_check_password_sync_state);
- NT_STATUS_HAVE_NO_MEMORY(sync_state);
-
- auth_check_password_send(auth_ctx, user_info, auth_check_password_sync_callback, sync_state);
+ /*TODO: create a new event context here! */
+ ev = auth_ctx->event_ctx;
- while (!sync_state->finished) {
- event_loop_once(auth_ctx->event_ctx);
+ subreq = auth_check_password_send(mem_ctx,
+ ev,
+ auth_ctx,
+ user_info);
+ if (subreq == NULL) {
+ return NT_STATUS_NO_MEMORY;
}
- status = sync_state->status;
-
- if (NT_STATUS_IS_OK(status)) {
- *server_info = talloc_steal(mem_ctx, sync_state->server_info);
+ ok = tevent_req_poll(subreq, ev);
+ if (!ok) {
+ return NT_STATUS_INTERNAL_ERROR;
}
- talloc_free(sync_state);
+ status = auth_check_password_recv(subreq, mem_ctx, server_info);
+ TALLOC_FREE(subreq);
+
return status;
}
-struct auth_check_password_request {
+struct auth_check_password_state {
struct auth_context *auth_ctx;
const struct auth_usersupplied_info *user_info;
struct auth_serversupplied_info *server_info;
struct auth_method_context *method;
- NTSTATUS status;
- struct {
- void (*fn)(struct auth_check_password_request *req, void *private_data);
- void *private_data;
- } callback;
};
-static void auth_check_password_async_timed_handler(struct tevent_context *ev, struct tevent_timer *te,
- struct timeval t, void *ptr)
-{
- struct auth_check_password_request *req = talloc_get_type(ptr, struct auth_check_password_request);
- req->status = req->method->ops->check_password(req->method, req, req->user_info, &req->server_info);
- req->callback.fn(req, req->callback.private_data);
-}
-
+static void auth_check_password_async_trigger(struct tevent_context *ev,
+ struct tevent_immediate *im,
+ void *private_data);
/**
* Check a user's Plaintext, LM or NTLM password.
* async send hook
@@ -234,6 +205,10 @@ static void auth_check_password_async_timed_handler(struct tevent_context *ev, s
* struct. When the return is other than NT_STATUS_OK the contents
* of that structure is undefined.
*
+ * @param mem_ctx The memory context the request should operate on
+ *
+ * @param ev The tevent context the request should operate on
+ *
* @param auth_ctx Supplies the challenges and some other data.
* Must be created with make_auth_context(), and the challenges should be
* filled in, either at creation or by calling the challenge geneation
@@ -241,93 +216,131 @@ static void auth_check_password_async_timed_handler(struct tevent_context *ev, s
*
* @param user_info Contains the user supplied components, including the passwords.
*
- * @param callback A callback function which will be called when the operation is finished.
- * The callback function needs to call auth_check_password_recv() to get the return values
- *
- * @param private_data A private pointer which will ba passed to the callback function
+ * @return The request handle or NULL on no memory error.
*
**/
-_PUBLIC_ void auth_check_password_send(struct auth_context *auth_ctx,
- const struct auth_usersupplied_info *user_info,
- void (*callback)(struct auth_check_password_request *req, void *private_data),
- void *private_data)
+_PUBLIC_ struct tevent_req *auth_check_password_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct auth_context *auth_ctx,
+ const struct auth_usersupplied_info *user_info)
{
+ struct tevent_req *req;
+ struct auth_check_password_state *state;
/* if all the modules say 'not for me' this is reasonable */
NTSTATUS nt_status;
struct auth_method_context *method;
- const uint8_t *challenge;
+ uint8_t chal[8];
struct auth_usersupplied_info *user_info_tmp;
- struct auth_check_password_request *req = NULL;
+ struct tevent_immediate *im;
- DEBUG(3, ("auth_check_password_send: Checking password for unmapped user [%s]\\[%s]@[%s]\n",
- user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name));
+ DEBUG(3,("auth_check_password_send: "
+ "Checking password for unmapped user [%s]\\[%s]@[%s]\n",
+ user_info->client.domain_name, user_info->client.account_name,
+ user_info->workstation_name));
- req = talloc_zero(auth_ctx, struct auth_check_password_request);
- if (!req) {
- callback(NULL, private_data);
- return;
+ req = tevent_req_create(mem_ctx, &state,
+ struct auth_check_password_state);
+ if (req == NULL) {
+ return NULL;
}
- req->auth_ctx = auth_ctx;
- req->user_info = user_info;
- req->callback.fn = callback;
- req->callback.private_data = private_data;
+
+ state->auth_ctx = auth_ctx;
+ state->user_info = user_info;
+ state->method = NULL;
if (!user_info->mapped_state) {
- nt_status = map_user_info(req, lp_workgroup(auth_ctx->lp_ctx), user_info, &user_info_tmp);
- if (!NT_STATUS_IS_OK(nt_status)) goto failed;
+ nt_status = map_user_info(req, lp_workgroup(auth_ctx->lp_ctx),
+ user_info, &user_info_tmp);
+ if (tevent_req_nterror(req, nt_status)) {
+ return tevent_req_post(req, ev);
+ }
user_info = user_info_tmp;
- req->user_info = user_info_tmp;
+ state->user_info = user_info_tmp;
}
- DEBUGADD(3,("auth_check_password_send: mapped user is: [%s]\\[%s]@[%s]\n",
- user_info->mapped.domain_name, user_info->mapped.account_name, user_info->workstation_name));
-
- nt_status = auth_get_challenge(auth_ctx, &challenge);
- if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(0, ("auth_check_password_send: Invalid challenge (length %u) stored for this auth context set_by %s - cannot continue: %s\n",
- (unsigned)auth_ctx->challenge.data.length, auth_ctx->challenge.set_by, nt_errstr(nt_status)));
- goto failed;
+ DEBUGADD(3,("auth_check_password_send: "
+ "mapped user is: [%s]\\[%s]@[%s]\n",
+ user_info->mapped.domain_name,
+ user_info->mapped.account_name,
+ user_info->workstation_name));
+
+ nt_status = auth_get_challenge(auth_ctx, chal);
+ if (tevent_req_nterror(req, nt_status)) {
+ DEBUG(0,("auth_check_password_send: "
+ "Invalid challenge (length %u) stored for "
+ "this auth context set_by %s - cannot continue: %s\n",
+ (unsigned)auth_ctx->challenge.data.length,
+ auth_ctx->challenge.set_by,
+ nt_errstr(nt_status)));
+ return tevent_req_post(req, ev);
}
if (auth_ctx->challenge.set_by) {
- DEBUG(10, ("auth_check_password_send: auth_context challenge created by %s\n",
- auth_ctx->challenge.set_by));
+ DEBUG(10,("auth_check_password_send: "
+ "auth_context challenge created by %s\n",
+ auth_ctx->challenge.set_by));
}
DEBUG(10, ("auth_check_password_send: challenge is: \n"));
- dump_data(5, auth_ctx->challenge.data.data, auth_ctx->challenge.data.length);
+ dump_data(5, auth_ctx->challenge.data.data,
+ auth_ctx->challenge.data.length);
+
+ im = tevent_create_immediate(state);
+ if (tevent_req_nomem(im, req)) {
+ return tevent_req_post(req, ev);
+ }
- nt_status = NT_STATUS_NO_SUCH_USER; /* If all the modules say 'not for me', then this is reasonable */
for (method = auth_ctx->methods; method; method = method->next) {
NTSTATUS result;
- struct tevent_timer *te = NULL;
/* check if the module wants to chek the password */
result = method->ops->want_check(method, req, user_info);
if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_IMPLEMENTED)) {
- DEBUG(11,("auth_check_password_send: %s had nothing to say\n", method->ops->name));
+ DEBUG(11,("auth_check_password_send: "
+ "%s had nothing to say\n",
+ method->ops->name));
continue;
}
- nt_status = result;
- req->method = method;
-
- if (!NT_STATUS_IS_OK(nt_status)) break;
+ state->method = method;
- te = event_add_timed(auth_ctx->event_ctx, req,
- timeval_zero(),
- auth_check_password_async_timed_handler, req);
- if (!te) {
- nt_status = NT_STATUS_NO_MEMORY;
- goto failed;
+ if (tevent_req_nterror(req, result)) {
+ return tevent_req_post(req, ev);
}
+
+ tevent_schedule_immediate(im,
+ auth_ctx->event_ctx,
+ auth_check_password_async_trigger,
+ req);
+
+ return req;
+ }
+
+ /* If all the modules say 'not for me', then this is reasonable */
+ tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
+ return tevent_req_post(req, ev);
+}
+
+static void auth_check_password_async_trigger(struct tevent_context *ev,
+ struct tevent_immediate *im,
+ void *private_data)
+{
+ struct tevent_req *req =
+ talloc_get_type_abort(private_data, struct tevent_req);
+ struct auth_check_password_state *state =
+ tevent_req_data(req, struct auth_check_password_state);
+ NTSTATUS status;
+
+ status = state->method->ops->check_password(state->method,
+ state,
+ state->user_info,
+ &state->server_info);
+ if (tevent_req_nterror(req, status)) {
return;
}
-failed:
- req->status = nt_status;
- req->callback.fn(req, req->callback.private_data);
+ tevent_req_done(req);
}
/**
@@ -339,7 +352,7 @@ failed:
* of that structure is undefined.
*
*
- * @param req The async auth_check_password state, passes to the callers callback function
+ * @param req The async request state
*
* @param mem_ctx The parent memory context for the server_info structure
*
@@ -350,30 +363,36 @@ failed:
*
**/
-_PUBLIC_ NTSTATUS auth_check_password_recv(struct auth_check_password_request *req,
+_PUBLIC_ NTSTATUS auth_check_password_recv(struct tevent_req *req,
TALLOC_CTX *mem_ctx,
struct auth_serversupplied_info **server_info)
{
+ struct auth_check_password_state *state =
+ tevent_req_data(req, struct auth_check_password_state);
NTSTATUS status;
- NT_STATUS_HAVE_NO_MEMORY(req);
+ if (tevent_req_is_nterror(req, &status)) {
+ DEBUG(2,("auth_check_password_recv: "
+ "%s authentication for user [%s\\%s]"
+ "FAILED with error %s\n",
+ (state->method ? state->method->ops->name : "NO_METHOD"),
+ state->user_info->mapped.domain_name,
+ state->user_info->mapped.account_name,
+ nt_errstr(status)));
+ tevent_req_received(req);
+ return status;
+ }
- if (NT_STATUS_IS_OK(req->status)) {
- DEBUG(5,("auth_check_password_recv: %s authentication for user [%s\\%s] succeeded\n",
- req->method->ops->name, req->server_info->domain_name, req->server_info->account_name));
+ DEBUG(5,("auth_check_password_recv: "
+ "%s authentication for user [%s\\%s] succeeded\n",
+ state->method->ops->name,
+ state->server_info->domain_name,
+ state->server_info->account_name));
- *server_info = talloc_steal(mem_ctx, req->server_info);
- } else {
- DEBUG(2,("auth_check_password_recv: %s authentication for user [%s\\%s] FAILED with error %s\n",
- (req->method ? req->method->ops->name : "NO_METHOD"),
- req->user_info->mapped.domain_name,
- req->user_info->mapped.account_name,
- nt_errstr(req->status)));
- }
+ *server_info = talloc_move(mem_ctx, &state->server_info);
- status = req->status;
- talloc_free(req);
- return status;
+ tevent_req_received(req);
+ return NT_STATUS_OK;
}
/***************************************************************************
diff --git a/source4/auth/ntlm/auth_proto.h b/source4/auth/ntlm/auth_proto.h
deleted file mode 100644
index 572c1a4ca7..0000000000
--- a/source4/auth/ntlm/auth_proto.h
+++ /dev/null
@@ -1,50 +0,0 @@
-#ifndef __AUTH_NTLM_AUTH_PROTO_H__
-#define __AUTH_NTLM_AUTH_PROTO_H__
-
-#undef _PRINTF_ATTRIBUTE
-#define _PRINTF_ATTRIBUTE(a1, a2) PRINTF_ATTRIBUTE(a1, a2)
-/* This file was automatically generated by mkproto.pl. DO NOT EDIT */
-
-/* this file contains prototypes for functions that are private
- * to this subsystem or library. These functions should not be
- * used outside this particular subsystem! */
-
-
-/* The following definitions come from auth/ntlm/auth.c */
-
-
-/***************************************************************************
- Set a fixed challenge
-***************************************************************************/
-bool auth_challenge_may_be_modified(struct auth_context *auth_ctx) ;
-const struct auth_operations *auth_backend_byname(const char *name);
-const struct auth_critical_sizes *auth_interface_version(void);
-NTSTATUS server_service_auth_init(void);
-
-/* The following definitions come from auth/ntlm/auth_util.c */
-
-NTSTATUS auth_get_challenge_not_implemented(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *challenge);
-
-/****************************************************************************
- Create an auth_usersupplied_data structure after appropriate mapping.
-****************************************************************************/
-NTSTATUS map_user_info(TALLOC_CTX *mem_ctx,
- const char *default_domain,
- const struct auth_usersupplied_info *user_info,
- struct auth_usersupplied_info **user_info_mapped);
-
-/****************************************************************************
- Create an auth_usersupplied_data structure after appropriate mapping.
-****************************************************************************/
-NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_context,
- enum auth_password_state to_state,
- const struct auth_usersupplied_info *user_info_in,
- const struct auth_usersupplied_info **user_info_encrypted);
-
-/* The following definitions come from auth/ntlm/auth_simple.c */
-
-#undef _PRINTF_ATTRIBUTE
-#define _PRINTF_ATTRIBUTE(a1, a2)
-
-#endif /* __AUTH_NTLM_AUTH_PROTO_H__ */
-
diff --git a/source4/auth/ntlm/auth_server.c b/source4/auth/ntlm/auth_server.c
index 12849aa420..ae7b7dd3a8 100644
--- a/source4/auth/ntlm/auth_server.c
+++ b/source4/auth/ntlm/auth_server.c
@@ -40,7 +40,7 @@ static NTSTATUS server_want_check(struct auth_method_context *ctx,
/**
* The challenge from the target server, when operating in security=server
**/
-static NTSTATUS server_get_challenge(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *_blob)
+static NTSTATUS server_get_challenge(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, uint8_t chal[8])
{
struct smb_composite_connect io;
struct smbcli_options smb_options;
@@ -88,7 +88,10 @@ static NTSTATUS server_get_challenge(struct auth_method_context *ctx, TALLOC_CTX
ctx->auth_ctx->event_ctx);
NT_STATUS_NOT_OK_RETURN(status);
- *_blob = io.out.tree->session->transport->negotiate.secblob;
+ if (io.out.tree->session->transport->negotiate.secblob.length != 8) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ memcpy(chal, io.out.tree->session->transport->negotiate.secblob.data, 8);
ctx->private_data = talloc_steal(ctx, io.out.tree->session);
return NT_STATUS_OK;
}
diff --git a/source4/auth/ntlm/auth_util.c b/source4/auth/ntlm/auth_util.c
index 5543cbebea..92df0bfe80 100644
--- a/source4/auth/ntlm/auth_util.c
+++ b/source4/auth/ntlm/auth_util.c
@@ -29,7 +29,7 @@
/* this default function can be used by mostly all backends
* which don't want to set a challenge
*/
-NTSTATUS auth_get_challenge_not_implemented(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *challenge)
+NTSTATUS auth_get_challenge_not_implemented(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, uint8_t chal[8])
{
/* we don't want to set a challenge */
return NT_STATUS_NOT_IMPLEMENTED;
@@ -122,7 +122,7 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex
}
case AUTH_PASSWORD_HASH:
{
- const uint8_t *challenge;
+ uint8_t chal[8];
DATA_BLOB chall_blob;
user_info_temp = talloc(mem_ctx, struct auth_usersupplied_info);
if (!user_info_temp) {
@@ -134,12 +134,12 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex
*user_info_temp = *user_info_in;
user_info_temp->mapped_state = to_state;
- nt_status = auth_get_challenge(auth_context, &challenge);
+ nt_status = auth_get_challenge(auth_context, chal);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
- chall_blob = data_blob_talloc(mem_ctx, challenge, 8);
+ chall_blob = data_blob_talloc(mem_ctx, chal, 8);
if (lp_client_ntlmv2_auth(auth_context->lp_ctx)) {
DATA_BLOB names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(auth_context->lp_ctx), lp_workgroup(auth_context->lp_ctx));
DATA_BLOB lmv2_response, ntlmv2_response, lmv2_session_key, ntlmv2_session_key;
@@ -162,12 +162,12 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex
data_blob_free(&ntlmv2_session_key);
} else {
DATA_BLOB blob = data_blob_talloc(mem_ctx, NULL, 24);
- SMBOWFencrypt(user_info_in->password.hash.nt->hash, challenge, blob.data);
+ SMBOWFencrypt(user_info_in->password.hash.nt->hash, chal, blob.data);
user_info_temp->password.response.nt = blob;
if (lp_client_lanman_auth(auth_context->lp_ctx) && user_info_in->password.hash.lanman) {
DATA_BLOB lm_blob = data_blob_talloc(mem_ctx, NULL, 24);
- SMBOWFencrypt(user_info_in->password.hash.lanman->hash, challenge, blob.data);
+ SMBOWFencrypt(user_info_in->password.hash.lanman->hash, chal, blob.data);
user_info_temp->password.response.lanman = lm_blob;
} else {
/* if not sending the LM password, send the NT password twice */
diff --git a/source4/auth/ntlm/auth_winbind.c b/source4/auth/ntlm/auth_winbind.c
index 568226dd87..173a895390 100644
--- a/source4/auth/ntlm/auth_winbind.c
+++ b/source4/auth/ntlm/auth_winbind.c
@@ -271,7 +271,7 @@ static NTSTATUS winbind_check_password(struct auth_method_context *ctx,
s->req.in.logon.password= password_info;
} else {
struct netr_NetworkInfo *network_info;
- const uint8_t *challenge;
+ uint8_t chal[8];
status = encrypt_user_info(s, ctx->auth_ctx, AUTH_PASSWORD_RESPONSE,
user_info, &user_info_new);
@@ -281,10 +281,10 @@ static NTSTATUS winbind_check_password(struct auth_method_context *ctx,
network_info = talloc(s, struct netr_NetworkInfo);
NT_STATUS_HAVE_NO_MEMORY(network_info);
- status = auth_get_challenge(ctx->auth_ctx, &challenge);
+ status = auth_get_challenge(ctx->auth_ctx, chal);
NT_STATUS_NOT_OK_RETURN(status);
- memcpy(network_info->challenge, challenge, sizeof(network_info->challenge));
+ memcpy(network_info->challenge, chal, sizeof(network_info->challenge));
network_info->nt.length = user_info->password.response.nt.length;
network_info->nt.data = user_info->password.response.nt.data;
diff --git a/source4/auth/ntlm/config.mk b/source4/auth/ntlm/config.mk
index a0d668f748..6c75ae842d 100644
--- a/source4/auth/ntlm/config.mk
+++ b/source4/auth/ntlm/config.mk
@@ -71,10 +71,10 @@ PAM_ERRORS_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, pam_errors.o)
INIT_FUNCTION = server_service_auth_init
SUBSYSTEM = service
OUTPUT_TYPE = MERGED_OBJ
-PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL LIBSECURITY SAMDB CREDENTIALS
+PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL LIBSECURITY SAMDB CREDENTIALS UTIL_TEVENT
auth_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth.o auth_util.o auth_simple.o)
-$(eval $(call proto_header_template,$(authsrcdir)/auth_proto.h,$(auth_OBJ_FILES:.o=.c)))
+$(eval $(call proto_header_template,$(authsrcdir)/ntlm/auth_proto.h,$(auth_OBJ_FILES:.o=.c)))
# PUBLIC_HEADERS += auth/auth.h
generated by cgit (git 2.34.1) at 2024-12-19 04:16:50 +0000