diff options
Diffstat (limited to 'source4/auth/ntlmssp')
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp.c | 1 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_client.c | 32 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_parse.c | 3 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_server.c | 29 |
4 files changed, 29 insertions, 36 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c index cea18c45a7..1b14e461c3 100644 --- a/source4/auth/ntlmssp/ntlmssp.c +++ b/source4/auth/ntlmssp/ntlmssp.c @@ -159,7 +159,6 @@ static NTSTATUS gensec_ntlmssp_update_find(struct gensec_ntlmssp_state *gensec_n } } else { if (!msrpc_parse(gensec_ntlmssp_state, - lp_iconv_convenience(gensec_security->lp_ctx), &input, "Cd", "NTLMSSP", &ntlmssp_command)) { diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c index 0ef40200fe..e28d8462d4 100644 --- a/source4/auth/ntlmssp/ntlmssp_client.c +++ b/source4/auth/ntlmssp/ntlmssp_client.c @@ -122,7 +122,6 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, } if (!msrpc_parse(mem_ctx, - lp_iconv_convenience(gensec_security->lp_ctx), &in, "CdBd", "NTLMSSP", &ntlmssp_command, @@ -160,7 +159,6 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, } if (!msrpc_parse(mem_ctx, - lp_iconv_convenience(gensec_security->lp_ctx), &in, chal_parse_string, "NTLMSSP", &ntlmssp_command, @@ -194,7 +192,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, if (gensec_ntlmssp_state->use_nt_response) { flags |= CLI_CRED_NTLM_AUTH; } - if (lp_client_lanman_auth(gensec_security->lp_ctx)) { + if (lp_client_lanman_auth(gensec_security->settings->lp_ctx)) { flags |= CLI_CRED_LANMAN_AUTH; } @@ -219,7 +217,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, } if ((gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) - && lp_client_lanman_auth(gensec_security->lp_ctx) && lm_session_key.length == 16) { + && lp_client_lanman_auth(gensec_security->settings->lp_ctx) && lm_session_key.length == 16) { DATA_BLOB new_session_key = data_blob_talloc(mem_ctx, NULL, 16); if (lm_response.length == 24) { SMBsesskeygen_lm_sess_key(lm_session_key.data, lm_response.data, @@ -310,17 +308,17 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->role = NTLMSSP_CLIENT; - gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->lp_ctx); + gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->settings->lp_ctx); - gensec_ntlmssp_state->unicode = lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "unicode", true); + gensec_ntlmssp_state->unicode = gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "unicode", true); - gensec_ntlmssp_state->use_nt_response = lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "send_nt_reponse", true); + gensec_ntlmssp_state->use_nt_response = gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "send_nt_reponse", true); - gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(gensec_security->lp_ctx) - && (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "allow_lm_key", false) - || lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "lm_key", false))); + gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(gensec_security->settings->lp_ctx) + && (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "allow_lm_key", false) + || gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "lm_key", false))); - gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(gensec_security->lp_ctx); + gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(gensec_security->settings->lp_ctx); gensec_ntlmssp_state->expected_state = NTLMSSP_INITIAL; @@ -328,27 +326,27 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_REQUEST_TARGET; - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "128bit", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "128bit", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "56bit", false)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "56bit", false)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "lm_key", false)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "lm_key", false)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "keyexchange", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "keyexchange", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "alwayssign", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "alwayssign", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "ntlm2", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "ntlm2", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2; } else { /* apparently we can't do ntlmv2 if we don't do ntlm2 */ diff --git a/source4/auth/ntlmssp/ntlmssp_parse.c b/source4/auth/ntlmssp/ntlmssp_parse.c index 24f3ad27af..d606b8d563 100644 --- a/source4/auth/ntlmssp/ntlmssp_parse.c +++ b/source4/auth/ntlmssp/ntlmssp_parse.c @@ -186,7 +186,7 @@ if ((head_ofs + amount) > blob->length) { \ return false; \ } -/* +/** this is a tiny msrpc packet parser. This the the partner of msrpc_gen format specifiers are: @@ -200,7 +200,6 @@ if ((head_ofs + amount) > blob->length) { \ */ bool msrpc_parse(TALLOC_CTX *mem_ctx, - struct smb_iconv_convenience *iconv_convenience, const DATA_BLOB *blob, const char *format, ...) { diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 38973f623d..37cc5f318f 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -136,7 +136,6 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, if (in.length) { if ((in.length < 16) || !msrpc_parse(out_mem_ctx, - lp_iconv_convenience(gensec_security->lp_ctx), &in, "Cdd", "NTLMSSP", &ntlmssp_command, @@ -187,7 +186,7 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, /* Find out the DNS domain name */ dnsdomname[0] = '\0'; - safe_strcpy(dnsdomname, lp_realm(gensec_security->lp_ctx), sizeof(dnsdomname) - 1); + safe_strcpy(dnsdomname, lp_realm(gensec_security->settings->lp_ctx), sizeof(dnsdomname) - 1); strlower_m(dnsdomname); /* Find out the DNS host name */ @@ -282,7 +281,6 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_ntlmssp_state *gensec_ntlms /* now the NTLMSSP encoded auth hashes */ if (!msrpc_parse(gensec_ntlmssp_state, - lp_iconv_convenience(gensec_ntlmssp_state->gensec_security->lp_ctx), &request, parse_string, "NTLMSSP", &ntlmssp_command, @@ -309,7 +307,6 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_ntlmssp_state *gensec_ntlms /* now the NTLMSSP encoded auth hashes */ if (!msrpc_parse(gensec_ntlmssp_state, - lp_iconv_convenience(gensec_ntlmssp_state->gensec_security->lp_ctx), &request, parse_string, "NTLMSSP", &ntlmssp_command, @@ -725,7 +722,7 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security, NTSTATUS nt_status; struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data; - nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->lp_ctx, gensec_ntlmssp_state->server_info, session_info); + nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->settings->lp_ctx, gensec_ntlmssp_state->server_info, session_info); NT_STATUS_NOT_OK_RETURN(nt_status); (*session_info)->session_key = data_blob_talloc(*session_info, @@ -752,14 +749,14 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->role = NTLMSSP_SERVER; gensec_ntlmssp_state->workstation = NULL; - gensec_ntlmssp_state->server_name = lp_netbios_name(gensec_security->lp_ctx); + gensec_ntlmssp_state->server_name = lp_netbios_name(gensec_security->settings->lp_ctx); - gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->lp_ctx); + gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->settings->lp_ctx); gensec_ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE; - gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth(gensec_security->lp_ctx) - && lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "allow_lm_key", false)); + gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth(gensec_security->settings->lp_ctx) + && gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "allow_lm_key", false)); gensec_ntlmssp_state->server_multiple_authentications = false; @@ -770,23 +767,23 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->nt_resp = data_blob(NULL, 0); gensec_ntlmssp_state->encrypted_session_key = data_blob(NULL, 0); - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "128bit", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "128bit", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "56bit", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "56bit", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "keyexchange", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "keyexchange", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "alwayssign", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "alwayssign", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; } - if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "ntlm2", true)) { + if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "ntlm2", true)) { gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2; } @@ -800,7 +797,7 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) nt_status = auth_context_create(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->msg_ctx, - gensec_security->lp_ctx, + gensec_security->settings->lp_ctx, &gensec_ntlmssp_state->auth_context); NT_STATUS_NOT_OK_RETURN(nt_status); @@ -808,7 +805,7 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->may_set_challenge = auth_ntlmssp_may_set_challenge; gensec_ntlmssp_state->set_challenge = auth_ntlmssp_set_challenge; gensec_ntlmssp_state->check_password = auth_ntlmssp_check_password; - gensec_ntlmssp_state->server_role = lp_server_role(gensec_security->lp_ctx); + gensec_ntlmssp_state->server_role = lp_server_role(gensec_security->settings->lp_ctx); return NT_STATUS_OK; } |