From 0809696dbf3f551c0fbd37154025053b55fa07ee Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 14 Dec 2009 20:32:47 +1100 Subject: s4:auth Change 'get_challenge' API to be more like Samba3 It is just easier to fill in the known to be 8 byte challenge than stuff about with allocated pointers. Andrew Bartlett --- source4/smb_server/smb/negprot.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'source4/smb_server') diff --git a/source4/smb_server/smb/negprot.c b/source4/smb_server/smb/negprot.c index ab763e39c3..fe6cd68f6e 100644 --- a/source4/smb_server/smb/negprot.c +++ b/source4/smb_server/smb/negprot.c @@ -33,7 +33,6 @@ static NTSTATUS get_challenge(struct smbsrv_connection *smb_conn, uint8_t buff[8]) { NTSTATUS nt_status; - const uint8_t *challenge; /* muliple negprots are not premitted */ if (smb_conn->negotiate.auth_context) { @@ -53,14 +52,12 @@ static NTSTATUS get_challenge(struct smbsrv_connection *smb_conn, uint8_t buff[8 return nt_status; } - nt_status = auth_get_challenge(smb_conn->negotiate.auth_context, &challenge); + nt_status = auth_get_challenge(smb_conn->negotiate.auth_context, buff); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("auth_get_challenge() returned %s", nt_errstr(nt_status))); return nt_status; } - memcpy(buff, challenge, 8); - return NT_STATUS_OK; } -- cgit From 4e2da423de260468f0457410b0556088f00420d4 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 23 Dec 2009 10:19:43 +0100 Subject: s4:smb_server: fix mixing socket_address and tsocket_address metze --- source4/smb_server/smb/sesssetup.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'source4/smb_server') diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c index 37f69abc12..8cd2edcee3 100644 --- a/source4/smb_server/smb/sesssetup.c +++ b/source4/smb_server/smb/sesssetup.c @@ -29,6 +29,7 @@ #include "smb_server/smb_server.h" #include "smbd/service_stream.h" #include "param/param.h" +#include "../lib/tsocket/tsocket.h" /* setup the OS, Lanman and domain portions of a session setup reply @@ -100,7 +101,7 @@ failed: static void sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *sess) { struct auth_usersupplied_info *user_info = NULL; - struct socket_address *remote_address; + struct tsocket_address *remote_address; const char *remote_machine = NULL; sess->old.out.vuid = 0; @@ -119,11 +120,12 @@ static void sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *sess) remote_machine = req->smb_conn->negotiate.calling_name->name; } - remote_address = socket_get_peer_addr(req->smb_conn->connection->socket, req); + remote_address = socket_get_remote_addr(req->smb_conn->connection->socket, req); if (!remote_address) goto nomem; if (!remote_machine) { - remote_machine = remote_address->addr; + remote_machine = tsocket_address_inet_addr_string(remote_address, req); + if (!remote_machine) goto nomem; } user_info = talloc(req, struct auth_usersupplied_info); @@ -206,7 +208,7 @@ static void sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess) NTSTATUS status; struct auth_context *auth_context; struct auth_usersupplied_info *user_info = NULL; - struct socket_address *remote_address; + struct tsocket_address *remote_address; const char *remote_machine = NULL; sess->nt1.out.vuid = 0; @@ -245,11 +247,12 @@ static void sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess) remote_machine = req->smb_conn->negotiate.calling_name->name; } - remote_address = socket_get_peer_addr(req->smb_conn->connection->socket, req); + remote_address = socket_get_remote_addr(req->smb_conn->connection->socket, req); if (!remote_address) goto nomem; if (!remote_machine) { - remote_machine = remote_address->addr; + remote_machine = tsocket_address_inet_addr_string(remote_address, req); + if (!remote_machine) goto nomem; } user_info = talloc(req, struct auth_usersupplied_info); -- cgit From 577857d351df3d7b40db4d69afb3d67ee4960fb2 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 22 Dec 2009 16:24:44 +0100 Subject: s4:gensec: change gensec_update_send/recv to tevent_req metze --- source4/smb_server/smb/sesssetup.c | 20 +++++++++++++++----- source4/smb_server/smb2/sesssetup.c | 17 ++++++++++++----- 2 files changed, 27 insertions(+), 10 deletions(-) (limited to 'source4/smb_server') diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c index 8cd2edcee3..e415a47699 100644 --- a/source4/smb_server/smb/sesssetup.c +++ b/source4/smb_server/smb/sesssetup.c @@ -23,6 +23,7 @@ */ #include "includes.h" +#include #include "version.h" #include "auth/gensec/gensec.h" #include "auth/auth.h" @@ -289,9 +290,9 @@ struct sesssetup_spnego_state { struct smbsrv_session *smb_sess; }; -static void sesssetup_spnego_send(struct gensec_update_request *greq, void *private_data) +static void sesssetup_spnego_send(struct tevent_req *subreq) { - struct sesssetup_spnego_state *s = talloc_get_type(private_data, + struct sesssetup_spnego_state *s = tevent_req_callback_data(subreq, struct sesssetup_spnego_state); struct smbsrv_request *req = s->req; union smb_sesssetup *sess = s->sess; @@ -301,7 +302,8 @@ static void sesssetup_spnego_send(struct gensec_update_request *greq, void *priv NTSTATUS skey_status; DATA_BLOB session_key; - status = gensec_update_recv(greq, req, &sess->spnego.out.secblob); + status = gensec_update_recv(subreq, req, &sess->spnego.out.secblob); + TALLOC_FREE(subreq); if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { goto done; } else if (!NT_STATUS_IS_OK(status)) { @@ -343,6 +345,7 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se struct smbsrv_session *smb_sess = NULL; struct sesssetup_spnego_state *s = NULL; uint16_t vuid; + struct tevent_req *subreq; sess->spnego.out.vuid = 0; sess->spnego.out.action = 0; @@ -410,8 +413,15 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se s->sess = sess; s->smb_sess = smb_sess; - gensec_update_send(smb_sess->gensec_ctx, sess->spnego.in.secblob, - sesssetup_spnego_send, s); + subreq = gensec_update_send(s, + req->smb_conn->connection->event.ctx, + smb_sess->gensec_ctx, + sess->spnego.in.secblob); + if (!subreq) { + goto nomem; + } + tevent_req_set_callback(subreq, sesssetup_spnego_send, s); + return; nomem: diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 58090305a0..9b601d17c0 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -19,6 +19,7 @@ */ #include "includes.h" +#include #include "auth/gensec/gensec.h" #include "auth/auth.h" #include "libcli/smb2/smb2.h" @@ -57,9 +58,9 @@ struct smb2srv_sesssetup_callback_ctx { struct smbsrv_session *smb_sess; }; -static void smb2srv_sesssetup_callback(struct gensec_update_request *greq, void *private_data) +static void smb2srv_sesssetup_callback(struct tevent_req *subreq) { - struct smb2srv_sesssetup_callback_ctx *ctx = talloc_get_type(private_data, + struct smb2srv_sesssetup_callback_ctx *ctx = tevent_req_callback_data(subreq, struct smb2srv_sesssetup_callback_ctx); struct smb2srv_request *req = ctx->req; union smb_sesssetup *io = ctx->io; @@ -67,7 +68,8 @@ static void smb2srv_sesssetup_callback(struct gensec_update_request *greq, void struct auth_session_info *session_info = NULL; NTSTATUS status; - status = gensec_update_recv(greq, req, &io->smb2.out.secblob); + status = gensec_update_recv(subreq, req, &io->smb2.out.secblob); + TALLOC_FREE(subreq); if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { goto done; } else if (!NT_STATUS_IS_OK(status)) { @@ -108,6 +110,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses struct smb2srv_sesssetup_callback_ctx *callback_ctx; struct smbsrv_session *smb_sess = NULL; uint64_t vuid; + struct tevent_req *subreq; io->smb2.out.session_flags = 0; io->smb2.out.uid = 0; @@ -174,8 +177,12 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses callback_ctx->io = io; callback_ctx->smb_sess = smb_sess; - gensec_update_send(smb_sess->gensec_ctx, io->smb2.in.secblob, - smb2srv_sesssetup_callback, callback_ctx); + subreq = gensec_update_send(callback_ctx, + req->smb_conn->connection->event.ctx, + smb_sess->gensec_ctx, + io->smb2.in.secblob); + if (!subreq) goto nomem; + tevent_req_set_callback(subreq, smb2srv_sesssetup_callback, callback_ctx); /* note that we ignore SMB2_NEGOTIATE_SIGNING_ENABLED from the client. This is deliberate as windows does not set it even when it does -- cgit From 078482ad0efc9c4902601080f146853a1a3494fe Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 23 Dec 2009 09:09:37 +0100 Subject: s4:auth: change auth_check_password_send/recv to tevent_req metze --- source4/smb_server/smb/sesssetup.c | 39 +++++++++++++++++++++++++------------- 1 file changed, 26 insertions(+), 13 deletions(-) (limited to 'source4/smb_server') diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c index e415a47699..aecd49fb0b 100644 --- a/source4/smb_server/smb/sesssetup.c +++ b/source4/smb_server/smb/sesssetup.c @@ -56,17 +56,18 @@ static void smbsrv_sesssetup_backend_send(struct smbsrv_request *req, smbsrv_reply_sesssetup_send(req, sess, status); } -static void sesssetup_old_send(struct auth_check_password_request *areq, - void *private_data) +static void sesssetup_old_send(struct tevent_req *subreq) { - struct smbsrv_request *req = talloc_get_type(private_data, struct smbsrv_request); + struct smbsrv_request *req = + tevent_req_callback_data(subreq, struct smbsrv_request); union smb_sesssetup *sess = talloc_get_type(req->io_ptr, union smb_sesssetup); struct auth_serversupplied_info *server_info = NULL; struct auth_session_info *session_info; struct smbsrv_session *smb_sess; NTSTATUS status; - status = auth_check_password_recv(areq, req, &server_info); + status = auth_check_password_recv(subreq, req, &server_info); + TALLOC_FREE(subreq); if (!NT_STATUS_IS_OK(status)) goto failed; /* This references server_info into session_info */ @@ -104,6 +105,7 @@ static void sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *sess) struct auth_usersupplied_info *user_info = NULL; struct tsocket_address *remote_address; const char *remote_machine = NULL; + struct tevent_req *subreq; sess->old.out.vuid = 0; sess->old.out.action = 0; @@ -145,25 +147,30 @@ static void sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *sess) user_info->password.response.lanman.data = talloc_steal(user_info, sess->old.in.password.data); user_info->password.response.nt = data_blob(NULL, 0); - auth_check_password_send(req->smb_conn->negotiate.auth_context, user_info, - sesssetup_old_send, req); + subreq = auth_check_password_send(req, + req->smb_conn->connection->event.ctx, + req->smb_conn->negotiate.auth_context, + user_info); + if (!subreq) goto nomem; + tevent_req_set_callback(subreq, sesssetup_old_send, req); return; nomem: smbsrv_sesssetup_backend_send(req, sess, NT_STATUS_NO_MEMORY); } -static void sesssetup_nt1_send(struct auth_check_password_request *areq, - void *private_data) +static void sesssetup_nt1_send(struct tevent_req *subreq) { - struct smbsrv_request *req = talloc_get_type(private_data, struct smbsrv_request); + struct smbsrv_request *req = + tevent_req_callback_data(subreq, struct smbsrv_request); union smb_sesssetup *sess = talloc_get_type(req->io_ptr, union smb_sesssetup); struct auth_serversupplied_info *server_info = NULL; struct auth_session_info *session_info; struct smbsrv_session *smb_sess; NTSTATUS status; - status = auth_check_password_recv(areq, req, &server_info); + status = auth_check_password_recv(subreq, req, &server_info); + TALLOC_FREE(subreq); if (!NT_STATUS_IS_OK(status)) goto failed; /* This references server_info into session_info */ @@ -211,7 +218,8 @@ static void sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess) struct auth_usersupplied_info *user_info = NULL; struct tsocket_address *remote_address; const char *remote_machine = NULL; - + struct tevent_req *subreq; + sess->nt1.out.vuid = 0; sess->nt1.out.action = 0; @@ -273,8 +281,13 @@ static void sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess) user_info->password.response.nt = sess->nt1.in.password2; user_info->password.response.nt.data = talloc_steal(user_info, sess->nt1.in.password2.data); - auth_check_password_send(auth_context, user_info, - sesssetup_nt1_send, req); + subreq = auth_check_password_send(req, + req->smb_conn->connection->event.ctx, + auth_context, + user_info); + if (!subreq) goto nomem; + tevent_req_set_callback(subreq, sesssetup_nt1_send, req); + return; nomem: -- cgit