Returns a const char of length 8 bytes.
****************************************************************************/
-static const uint8 *get_ntlm_challenge(struct auth_context *auth_context)
+static void get_ntlm_challenge(struct auth_context *auth_context,
+ uint8_t chal[8])
{
DATA_BLOB challenge = data_blob_null;
const char *challenge_set_by = NULL;
if (auth_context->challenge.length) {
DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge by module %s (normal)\n",
auth_context->challenge_set_by));
- return auth_context->challenge.data;
+ memcpy(chal, auth_context->challenge.data, 8);
+ return;
}
auth_context->challenge_may_be_modified = False;
}
if (!challenge_set_by) {
- uchar chal[8];
+ uchar tmp[8];
- generate_random_buffer(chal, sizeof(chal));
+ generate_random_buffer(tmp, sizeof(tmp));
auth_context->challenge = data_blob_talloc(auth_context->mem_ctx,
- chal, sizeof(chal));
+ tmp, sizeof(tmp));
challenge_set_by = "random";
auth_context->challenge_may_be_modified = True;
auth_context->challenge_set_by=challenge_set_by;
- return auth_context->challenge.data;
+ memcpy(chal, auth_context->challenge.data, 8);
}
{
struct auth_context *plaintext_auth_context = NULL;
auth_usersupplied_info *user_info = NULL;
- const uint8 *chal;
+ uint8_t chal[8];
NTSTATUS nt_status;
if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&plaintext_auth_context))) {
return nt_status;
}
- chal = plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context);
+ plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context,
+ chal);
if (!make_user_info_for_reply(&user_info,
smb_name, lp_workgroup(), chal,
* @return an 8 byte random challenge
*/
-static const uint8 *auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state)
+static void auth_ntlmssp_get_challenge(const struct ntlmssp_state *ntlmssp_state,
+ uint8_t chal[8])
{
AUTH_NTLMSSP_STATE *auth_ntlmssp_state =
(AUTH_NTLMSSP_STATE *)ntlmssp_state->auth_context;
- return auth_ntlmssp_state->auth_context->get_ntlm_challenge(auth_ntlmssp_state->auth_context);
+ return auth_ntlmssp_state->auth_context->get_ntlm_challenge(
+ auth_ntlmssp_state->auth_context, chal);
}
/**
struct auth_methods *auth_method_list;
TALLOC_CTX *mem_ctx;
- const uint8 *(*get_ntlm_challenge)(struct auth_context *auth_context);
+ void (*get_ntlm_challenge)(struct auth_context *auth_context,
+ uint8_t chal[8]);
NTSTATUS (*check_ntlm_password)(const struct auth_context *auth_context,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info);
* @return 8 bytes of challnege data, determined by the server to be the challenge for NTLM authentication
*
*/
- const uint8 *(*get_challenge)(const struct ntlmssp_state *ntlmssp_state);
+ void (*get_challenge)(const struct ntlmssp_state *ntlmssp_state,
+ uint8_t challenge[8]);
/**
* Callback to find if the challenge used by NTLM authentication may be modified
*
*/
-static const uint8 *get_challenge(const struct ntlmssp_state *ntlmssp_state)
+static void get_challenge(const struct ntlmssp_state *ntlmssp_state,
+ uint8_t chal[8])
{
- static uchar chal[8];
- generate_random_buffer(chal, sizeof(chal));
-
- return chal;
+ generate_random_buffer(chal, 8);
}
/**
char *dnsdomname = NULL;
uint32 neg_flags = 0;
uint32 ntlmssp_command, chal_flags;
- const uint8 *cryptkey;
+ uint8_t cryptkey[8];
const char *target_name;
/* parse the NTLMSSP packet */
ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, lp_lanman_auth());
/* Ask our caller what challenge they would like in the packet */
- cryptkey = ntlmssp_state->get_challenge(ntlmssp_state);
+ ntlmssp_state->get_challenge(ntlmssp_state, cryptkey);
/* Check if we may set the challenge */
if (!ntlmssp_state->may_set_challenge(ntlmssp_state)) {
this to challenge/response for the auth subsystem to chew
on */
{
- const uint8 *chal;
+ uint8_t chal[8];
if (!NT_STATUS_IS_OK(status = make_auth_context_subsystem(&auth_context))) {
return status;
}
- chal = auth_context->get_ntlm_challenge(auth_context);
+ auth_context->get_ntlm_challenge(auth_context, chal);
if (!make_user_info_netlogon_interactive(&user_info,
nt_username, nt_domain,
static void get_challenge(uint8 buff[8])
{
NTSTATUS nt_status;
- const uint8 *cryptkey;
/* We might be called more than once, multiple negprots are
* permitted */
smb_panic("cannot make_negprot_global_auth_context!");
}
DEBUG(10, ("get challenge: getting challenge\n"));
- cryptkey = negprot_global_auth_context->get_ntlm_challenge(negprot_global_auth_context);
- memcpy(buff, cryptkey, 8);
+ negprot_global_auth_context->get_ntlm_challenge(
+ negprot_global_auth_context, buff);
}
/****************************************************************************
}
} else {
struct auth_context *plaintext_auth_context = NULL;
- const uint8 *chal;
nt_status = make_auth_context_subsystem(
&plaintext_auth_context);
if (NT_STATUS_IS_OK(nt_status)) {
- chal = plaintext_auth_context->get_ntlm_challenge(
- plaintext_auth_context);
+ uint8_t chal[8];
+
+ plaintext_auth_context->get_ntlm_challenge(
+ plaintext_auth_context, chal);
if (!make_user_info_for_reply(&user_info,
user, domain, chal,