diff options
Diffstat (limited to 'source4/auth/ntlmssp')
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp.c | 25 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp.h | 14 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_client.c | 2 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_server.c | 2 | ||||
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp_sign.c | 39 |
5 files changed, 29 insertions, 53 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c index 9bb0ed99fa..d132a3c567 100644 --- a/source4/auth/ntlmssp/ntlmssp.c +++ b/source4/auth/ntlmssp/ntlmssp.c @@ -90,19 +90,6 @@ void debug_ntlmssp_flags(uint32_t neg_flags) } /** - * Store a DATA_BLOB containing an NTLMSSP response, for use later. - * This copies the data blob - */ - -NTSTATUS ntlmssp_store_response(struct ntlmssp_state *ntlmssp_state, - DATA_BLOB response) -{ - ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state, - response.data, response.length); - return NT_STATUS_OK; -} - -/** * Next state function for the wrapped NTLMSSP state machine * * @param gensec_security GENSEC state, initialised to NTLMSSP @@ -115,13 +102,12 @@ NTSTATUS ntlmssp_store_response(struct ntlmssp_state *ntlmssp_state, static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, - const DATA_BLOB in, DATA_BLOB *out) + const DATA_BLOB input, DATA_BLOB *out) { struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data; struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp_state->ntlmssp_state; NTSTATUS status; - DATA_BLOB input; uint32_t ntlmssp_command; int i; @@ -137,15 +123,6 @@ static NTSTATUS gensec_ntlmssp_update(struct gensec_security *gensec_security, out_mem_ctx = ntlmssp_state; } - if (!in.length && ntlmssp_state->stored_response.length) { - input = ntlmssp_state->stored_response; - - /* we only want to read the stored response once - overwrite it */ - ntlmssp_state->stored_response = data_blob(NULL, 0); - } else { - input = in; - } - if (!input.length) { switch (ntlmssp_state->role) { case NTLMSSP_CLIENT: diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h index 7e7aeaad98..2aa9aea810 100644 --- a/source4/auth/ntlmssp/ntlmssp.h +++ b/source4/auth/ntlmssp/ntlmssp.h @@ -77,7 +77,6 @@ enum ntlmssp_message_type struct ntlmssp_state { - uint_t ref_count; enum ntlmssp_role role; enum samr_Role server_role; uint32_t expected_state; @@ -170,21 +169,14 @@ struct ntlmssp_state /* ntlmv2 */ DATA_BLOB send_sign_key; - DATA_BLOB send_seal_key; DATA_BLOB recv_sign_key; - DATA_BLOB recv_seal_key; - uint8_t send_seal_hash[258]; - uint8_t recv_seal_hash[258]; + struct arcfour_state *send_seal_hash; + struct arcfour_state *recv_seal_hash; /* ntlmv1 */ - uint8_t ntlmssp_hash[258]; + struct arcfour_state *ntlmssp_hash; - /* it turns out that we don't always get the - response in at the time we want to process it. - Store it here, until we need it */ - DATA_BLOB stored_response; - }; struct gensec_ntlmssp_state { diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c index dcd52af1f5..ceca0d6978 100644 --- a/source4/auth/ntlmssp/ntlmssp_client.c +++ b/source4/auth/ntlmssp/ntlmssp_client.c @@ -385,8 +385,6 @@ static NTSTATUS ntlmssp_client_start(TALLOC_CTX *mem_ctx, struct ntlmssp_state * (*ntlmssp_state)->expected_state = NTLMSSP_INITIAL; - (*ntlmssp_state)->ref_count = 1; - (*ntlmssp_state)->neg_flags = NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_REQUEST_TARGET; diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 852d32ed2b..374fafc0e5 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -637,8 +637,6 @@ static NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx, struct ntlmssp_state * (*ntlmssp_state)->server_use_session_keys = True; (*ntlmssp_state)->server_multiple_authentications = False; - (*ntlmssp_state)->ref_count = 1; - (*ntlmssp_state)->neg_flags = NTLMSSP_NEGOTIATE_NTLM; diff --git a/source4/auth/ntlmssp/ntlmssp_sign.c b/source4/auth/ntlmssp/ntlmssp_sign.c index 222cb3e607..a47a0f334a 100644 --- a/source4/auth/ntlmssp/ntlmssp_sign.c +++ b/source4/auth/ntlmssp/ntlmssp_sign.c @@ -363,6 +363,9 @@ NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state) const char *recv_sign_const; const char *recv_seal_const; + DATA_BLOB send_seal_key; + DATA_BLOB recv_seal_key; + switch (ntlmssp_state->role) { case NTLMSSP_CLIENT: send_sign_const = CLI_SIGN; @@ -380,6 +383,11 @@ NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state) return NT_STATUS_INTERNAL_ERROR; } + ntlmssp_state->send_seal_hash = talloc(ntlmssp_state, struct arcfour_state); + NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->send_seal_hash); + ntlmssp_state->recv_seal_hash = talloc(ntlmssp_state, struct arcfour_state); + NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->recv_seal_hash); + /** Weaken NTLMSSP keys to cope with down-level clients, servers and export restrictions. @@ -407,18 +415,18 @@ NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state) ntlmssp_state->send_sign_key.length); calc_ntlmv2_key(ntlmssp_state, - &ntlmssp_state->send_seal_key, + &send_seal_key, weak_session_key, send_seal_const); dump_data_pw("NTLMSSP send seal key:\n", - ntlmssp_state->send_seal_key.data, - ntlmssp_state->send_seal_key.length); + send_seal_key.data, + send_seal_key.length); arcfour_init(ntlmssp_state->send_seal_hash, - &ntlmssp_state->send_seal_key); + &send_seal_key); dump_data_pw("NTLMSSP send sesl hash:\n", - ntlmssp_state->send_seal_hash, - sizeof(ntlmssp_state->send_seal_hash)); + ntlmssp_state->send_seal_hash->sbox, + sizeof(ntlmssp_state->send_seal_hash->sbox)); /* RECV */ calc_ntlmv2_key(ntlmssp_state, @@ -429,24 +437,27 @@ NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state) ntlmssp_state->recv_sign_key.length); calc_ntlmv2_key(ntlmssp_state, - &ntlmssp_state->recv_seal_key, + &recv_seal_key, weak_session_key, recv_seal_const); dump_data_pw("NTLMSSP recv seal key:\n", - ntlmssp_state->recv_seal_key.data, - ntlmssp_state->recv_seal_key.length); + recv_seal_key.data, + recv_seal_key.length); arcfour_init(ntlmssp_state->recv_seal_hash, - &ntlmssp_state->recv_seal_key); + &recv_seal_key); dump_data_pw("NTLMSSP receive seal hash:\n", - ntlmssp_state->recv_seal_hash, - sizeof(ntlmssp_state->recv_seal_hash)); + ntlmssp_state->recv_seal_hash->sbox, + sizeof(ntlmssp_state->recv_seal_hash->sbox)); } else { DEBUG(5, ("NTLMSSP Sign/Seal - using NTLM1\n")); + ntlmssp_state->ntlmssp_hash = talloc(ntlmssp_state, struct arcfour_state); + NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->ntlmssp_hash); + arcfour_init(ntlmssp_state->ntlmssp_hash, &ntlmssp_state->session_key); - dump_data_pw("NTLMSSP hash:\n", ntlmssp_state->ntlmssp_hash, - sizeof(ntlmssp_state->ntlmssp_hash)); + dump_data_pw("NTLMSSP hash:\n", ntlmssp_state->ntlmssp_hash->sbox, + sizeof(ntlmssp_state->ntlmssp_hash->sbox)); } ntlmssp_state->ntlm_seq_num = 0; |