From 503d0358140fbf56bd83090f143272aeb770baa9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 17 Sep 2009 00:21:01 +0200 Subject: spnego: share spnego_parse. Guenther --- source3/utils/ntlm_auth.c | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index 6de5ea67e4..a607cb0658 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -26,6 +26,7 @@ #include "includes.h" #include "utils/ntlm_auth.h" #include "../libcli/auth/libcli_auth.h" +#include "../libcli/auth/spnego.h" #include #ifndef PAM_WINBIND_CONFIG_FILE @@ -1113,7 +1114,7 @@ static void manage_squid_basic_request(struct ntlm_auth_state *state, static void offer_gss_spnego_mechs(void) { DATA_BLOB token; - SPNEGO_DATA spnego; + struct spnego_data spnego; ssize_t len; char *reply_base64; TALLOC_CTX *ctx = talloc_tos(); @@ -1149,8 +1150,8 @@ static void offer_gss_spnego_mechs(void) { spnego.negTokenInit.mechListMIC = data_blob(principal, strlen(principal)); - len = write_spnego_data(&token, &spnego); - free_spnego_data(&spnego); + len = spnego_write_data(ctx, &token, &spnego); + spnego_free_data(&spnego); if (len == -1) { DEBUG(1, ("Could not write SPNEGO data blob\n")); @@ -1171,7 +1172,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state, char *buf, int length) { static NTLMSSP_STATE *ntlmssp_state = NULL; - SPNEGO_DATA request, response; + struct spnego_data request, response; DATA_BLOB token; NTSTATUS status; ssize_t len; @@ -1219,7 +1220,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state, } token = base64_decode_data_blob(buf + 3); - len = read_spnego_data(token, &request); + len = spnego_read_data(ctx, token, &request); data_blob_free(&token); if (len == -1) { @@ -1367,7 +1368,7 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state, } } - free_spnego_data(&request); + spnego_free_data(&request); if (NT_STATUS_IS_OK(status)) { response.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED; @@ -1393,8 +1394,8 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state, SAFE_FREE(user); SAFE_FREE(domain); - len = write_spnego_data(&token, &response); - free_spnego_data(&response); + len = spnego_write_data(ctx, &token, &response); + spnego_free_data(&response); if (len == -1) { DEBUG(1, ("Could not write SPNEGO data blob\n")); @@ -1415,13 +1416,14 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state, static NTLMSSP_STATE *client_ntlmssp_state = NULL; -static bool manage_client_ntlmssp_init(SPNEGO_DATA spnego) +static bool manage_client_ntlmssp_init(struct spnego_data spnego) { NTSTATUS status; DATA_BLOB null_blob = data_blob_null; DATA_BLOB to_server; char *to_server_base64; const char *my_mechs[] = {OID_NTLMSSP, NULL}; + TALLOC_CTX *ctx = talloc_tos(); DEBUG(10, ("Got spnego negTokenInit with NTLMSSP\n")); @@ -1466,7 +1468,7 @@ static bool manage_client_ntlmssp_init(SPNEGO_DATA spnego) return False; } - write_spnego_data(&to_server, &spnego); + spnego_write_data(ctx, &to_server, &spnego); data_blob_free(&spnego.negTokenInit.mechToken); to_server_base64 = base64_encode_data_blob(talloc_tos(), to_server); @@ -1476,13 +1478,14 @@ static bool manage_client_ntlmssp_init(SPNEGO_DATA spnego) return True; } -static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego) +static void manage_client_ntlmssp_targ(struct spnego_data spnego) { NTSTATUS status; DATA_BLOB null_blob = data_blob_null; DATA_BLOB request; DATA_BLOB to_server; char *to_server_base64; + TALLOC_CTX *ctx = talloc_tos(); DEBUG(10, ("Got spnego negTokenTarg with NTLMSSP\n")); @@ -1525,7 +1528,7 @@ static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego) spnego.negTokenTarg.responseToken = request; spnego.negTokenTarg.mechListMIC = null_blob; - write_spnego_data(&to_server, &spnego); + spnego_write_data(ctx, &to_server, &spnego); data_blob_free(&request); to_server_base64 = base64_encode_data_blob(talloc_tos(), to_server); @@ -1537,17 +1540,18 @@ static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego) #ifdef HAVE_KRB5 -static bool manage_client_krb5_init(SPNEGO_DATA spnego) +static bool manage_client_krb5_init(struct spnego_data spnego) { char *principal; DATA_BLOB tkt, to_server; DATA_BLOB session_key_krb5 = data_blob_null; - SPNEGO_DATA reply; + struct spnego_data reply; char *reply_base64; int retval; const char *my_mechs[] = {OID_KERBEROS5_OLD, NULL}; ssize_t len; + TALLOC_CTX *ctx = talloc_tos(); if ( (spnego.negTokenInit.mechListMIC.data == NULL) || (spnego.negTokenInit.mechListMIC.length == 0) ) { @@ -1609,7 +1613,7 @@ static bool manage_client_krb5_init(SPNEGO_DATA spnego) reply.negTokenInit.mechToken = tkt; reply.negTokenInit.mechListMIC = data_blob_null; - len = write_spnego_data(&to_server, &reply); + len = spnego_write_data(ctx, &to_server, &reply); data_blob_free(&tkt); if (len == -1) { @@ -1626,7 +1630,7 @@ static bool manage_client_krb5_init(SPNEGO_DATA spnego) return True; } -static void manage_client_krb5_targ(SPNEGO_DATA spnego) +static void manage_client_krb5_targ(struct spnego_data spnego) { switch (spnego.negTokenTarg.negResult) { case SPNEGO_ACCEPT_INCOMPLETE: @@ -1654,8 +1658,9 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state, char *buf, int length) { DATA_BLOB request; - SPNEGO_DATA spnego; + struct spnego_data spnego; ssize_t len; + TALLOC_CTX *ctx = talloc_tos(); if (!opt_username || !*opt_username) { x_fprintf(x_stderr, "username must be specified!\n\n"); @@ -1700,7 +1705,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state, /* So we got a server challenge to generate a SPNEGO client-to-server request... */ - len = read_spnego_data(request, &spnego); + len = spnego_read_data(ctx, request, &spnego); data_blob_free(&request); if (len == -1) { @@ -1786,7 +1791,7 @@ static void manage_gss_spnego_client_request(struct ntlm_auth_state *state, return; out: - free_spnego_data(&spnego); + spnego_free_data(&spnego); return; } -- cgit