s4:ntlmssp: calculate server names at startup and store them in (gensec_)ntlmssp_stat...

Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>

diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index 44a1064e15726aea3062bd613d87b3e6d5baba7f..b415dba9c0fe7b8adaabf480b1ba6259b4b9f05b 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -66,6 +66,10 @@ struct gensec_ntlmssp_state
 
        struct {
                bool is_standalone;
+               const char *netbios_name;
+               const char *netbios_domain;
+               const char *dns_name;
+               const char *dns_domain;
        } server;
 
        DATA_BLOB internal_chal; /* Random challenge as supplied to the client for NTLM authentication */
@@ -131,8 +135,6 @@ struct gensec_ntlmssp_state
        NTSTATUS (*check_password)(struct gensec_ntlmssp_state *,
                                   DATA_BLOB *nt_session_key, DATA_BLOB *lm_session_key);
 
-       const char *server_name;
-
        bool doing_ntlm2;
 
        union {

diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 484cf3f51d1912d14e77b6bbfd0463a1693cf0df..488aa63620372f2651efa7902a4579a8d71db8ef 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -94,10 +94,10 @@ static const char *ntlmssp_target_name(struct gensec_ntlmssp_state *gensec_ntlms
                *chal_flags |= NTLMSSP_REQUEST_TARGET;
                if (gensec_ntlmssp_state->server.is_standalone) {
                        *chal_flags |= NTLMSSP_TARGET_TYPE_SERVER;
-                       return gensec_ntlmssp_state->server_name;
+                       return gensec_ntlmssp_state->server.netbios_name;
                } else {
                        *chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN;
-                       return gensec_ntlmssp_state->domain;
+                       return gensec_ntlmssp_state->server.netbios_domain;
                };
        } else {
                return "";
@@ -184,26 +184,12 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
 
        /* This creates the 'blob' of names that appears at the end of the packet */
        if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
-               char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN];
-
-               /* Find out the DNS domain name */
-               dnsdomname[0] = '\0';
-               safe_strcpy(dnsdomname, lp_dnsdomain(gensec_security->settings->lp_ctx), sizeof(dnsdomname) - 1);
-
-               /* Find out the DNS host name */
-               safe_strcpy(dnsname, gensec_ntlmssp_state->server_name, sizeof(dnsname) - 1);
-               if (dnsdomname[0] != '\0') {
-                       safe_strcat(dnsname, ".", sizeof(dnsname) - 1);
-                       safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1);
-               }
-               strlower_m(dnsname);
-
                msrpc_gen(out_mem_ctx, 
                          &struct_blob, "aaaaa",
                          MsvAvNbDomainName, target_name,
-                         MsvAvNbComputerName, gensec_ntlmssp_state->server_name,
-                         MsvAvDnsDomainName, dnsdomname,
-                         MsvAvDnsComputerName, dnsname,
+                         MsvAvNbComputerName, gensec_ntlmssp_state->server.netbios_name,
+                         MsvAvDnsDomainName, gensec_ntlmssp_state->server.dns_domain,
+                         MsvAvDnsComputerName, gensec_ntlmssp_state->server.dns_name,
                          MsvAvEOL, "");
        } else {
                struct_blob = data_blob(NULL, 0);
@@ -767,11 +753,6 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
 
        gensec_ntlmssp_state->role = NTLMSSP_SERVER;
 
-       gensec_ntlmssp_state->workstation = NULL;
-       gensec_ntlmssp_state->server_name = lp_netbios_name(gensec_security->settings->lp_ctx);
-
-       gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->settings->lp_ctx);
-
        gensec_ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE;
 
        gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth(gensec_security->settings->lp_ctx) 
@@ -825,6 +806,34 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
                gensec_ntlmssp_state->server.is_standalone = false;
        }
 
+       gensec_ntlmssp_state->server.netbios_name = lp_netbios_name(gensec_security->settings->lp_ctx);
+
+       gensec_ntlmssp_state->server.netbios_domain = lp_workgroup(gensec_security->settings->lp_ctx);
+
+       {
+               char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN];
+
+               /* Find out the DNS domain name */
+               dnsdomname[0] = '\0';
+               safe_strcpy(dnsdomname, lp_dnsdomain(gensec_security->settings->lp_ctx), sizeof(dnsdomname) - 1);
+
+               /* Find out the DNS host name */
+               safe_strcpy(dnsname, gensec_ntlmssp_state->server.netbios_name, sizeof(dnsname) - 1);
+               if (dnsdomname[0] != '\0') {
+                       safe_strcat(dnsname, ".", sizeof(dnsname) - 1);
+                       safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1);
+               }
+               strlower_m(dnsname);
+
+               gensec_ntlmssp_state->server.dns_name = talloc_strdup(gensec_ntlmssp_state,
+                                                                     dnsname);
+               NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->server.dns_name);
+
+               gensec_ntlmssp_state->server.dns_domain = talloc_strdup(gensec_ntlmssp_state,
+                                                                       dnsdomname);
+               NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->server.dns_domain);
+       }
+
        return NT_STATUS_OK;
 }