From 5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 25 May 2004 14:06:28 +0000 Subject: r874: This patch is a pile of work on NTLMSSP: Samba's NTLMSSP code is now fully talloc based, which should go a long way to cleaning up the memory leaks in this code. This also avoids a lot of extra copies of data, as we now allocate the 'return' blobs on a caller-supplied context. I have also been doing a lot of work towards NTLM2 signing and sealing. I have this working for sealing, but not for the verifier (MD5 integrity check on the stream) which is still incorrect. (I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the data arrives intact, but the signature check fails. It does however match the test values I have...). The new torture test is cludged in - when we get a unit test suite back, I'll happliy put it in the 'right' place.... Andrew Bartlett (This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9) --- source4/auth/auth_ntlmssp.c | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'source4/auth') diff --git a/source4/auth/auth_ntlmssp.c b/source4/auth/auth_ntlmssp.c index a4e0dd5588..1525d30631 100644 --- a/source4/auth/auth_ntlmssp.c +++ b/source4/auth/auth_ntlmssp.c @@ -162,7 +162,7 @@ NTSTATUS auth_ntlmssp_start(AUTH_NTLMSSP_STATE **auth_ntlmssp_state) (*auth_ntlmssp_state)->ntlmssp_state->set_challenge = auth_ntlmssp_set_challenge; (*auth_ntlmssp_state)->ntlmssp_state->check_password = auth_ntlmssp_check_password; (*auth_ntlmssp_state)->ntlmssp_state->server_role = lp_server_role(); - + return NT_STATUS_OK; } @@ -183,8 +183,23 @@ void auth_ntlmssp_end(AUTH_NTLMSSP_STATE **auth_ntlmssp_state) *auth_ntlmssp_state = NULL; } + +/** + * Next state function for the wrapped NTLMSSP state machine + * + * @param auth_ntlmssp_state NTLMSSP State + * @param out_mem_ctx The TALLOC_CTX for *out to be allocated on + * @param in The request, as a DATA_BLOB + * @param out The reply, as an talloc()ed DATA_BLOB, on *out_mem_ctx + * @return Error, MORE_PROCESSING_REQUIRED if a reply is sent, + * or NT_STATUS_OK if the user is authenticated. + */ + NTSTATUS auth_ntlmssp_update(AUTH_NTLMSSP_STATE *auth_ntlmssp_state, - const DATA_BLOB request, DATA_BLOB *reply) + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB in, DATA_BLOB *out) { - return ntlmssp_update(auth_ntlmssp_state->ntlmssp_state, request, reply); + return ntlmssp_update(auth_ntlmssp_state->ntlmssp_state, + out_mem_ctx, + in, out); } -- cgit