git.samba.org / samba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
More simple const fixes.
[samba.git] / source3 / smbd / sesssetup.c
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index b227d2bc9e4e5fef05b8723f72b56d1512e3a979..026380e3e6a5e27b1da472556ccb245c83789857 100644 (file)
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -23,13 +23,18 @@
 */
 
 #include "includes.h"
+#include "../lib/tsocket/tsocket.h"
+#include "smbd/smbd.h"
 #include "smbd/globals.h"
 #include "../libcli/auth/spnego.h"
 #include "../libcli/auth/ntlmssp.h"
 #include "ntlmssp_wrap.h"
-#include "librpc/gen_ndr/messaging.h"
 #include "../librpc/gen_ndr/krb5pac.h"
 #include "libads/kerberos_proto.h"
+#include "../lib/util/asn1.h"
+#include "auth.h"
+#include "messages.h"
+#include "smbprofile.h"
 
 /* For split krb5 SPNEGO blobs. */
 struct pending_auth_data {
@@ -141,14 +146,12 @@ static NTSTATUS check_guest_password(struct auth_serversupplied_info **server_in
        struct auth_usersupplied_info *user_info = NULL;
 
        NTSTATUS nt_status;
-       unsigned char chal[8];
-
-       ZERO_STRUCT(chal);
+       static unsigned char chal[8] = { 0, };
 
        DEBUG(3,("Got anonymous request\n"));
 
-       if (!NT_STATUS_IS_OK(nt_status = make_auth_context_fixed(&auth_context,
-                                       chal))) {
+       nt_status = make_auth_context_fixed(talloc_tos(), &auth_context, chal);
+       if (!NT_STATUS_IS_OK(nt_status)) {
                return nt_status;
        }
 
@@ -247,7 +250,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
        int sess_vuid = req->vuid;
        NTSTATUS ret = NT_STATUS_OK;
        DATA_BLOB ap_rep, ap_rep_wrapped, response;
-       struct auth_serversupplied_info *server_info = NULL;
+       struct auth_serversupplied_info *session_info = NULL;
        DATA_BLOB session_key = data_blob_null;
        uint8 tok_id[2];
        DATA_BLOB nullblob = data_blob_null;
@@ -368,56 +371,32 @@ static void reply_spnego_kerberos(struct smb_request *req,
        /* reload services so that the new %U is taken into account */
        reload_services(sconn->msg_ctx, sconn->sock, True);
 
-       ret = make_server_info_krb5(mem_ctx,
-                                   user, domain, real_username, pw,
-                                   logon_info, map_domainuser_to_guest,
-                                   &server_info);
+       ret = make_session_info_krb5(mem_ctx,
+                                    user, domain, real_username, pw,
+                                    logon_info, map_domainuser_to_guest,
+                                    username_was_mapped,
+                                    &session_key,
+                                    &session_info);
+       data_blob_free(&session_key);
        if (!NT_STATUS_IS_OK(ret)) {
                DEBUG(1, ("make_server_info_krb5 failed!\n"));
                data_blob_free(&ap_rep);
-               data_blob_free(&session_key);
                TALLOC_FREE(mem_ctx);
                reply_nterror(req, nt_status_squash(ret));
                return;
        }
 
-       server_info->nss_token |= username_was_mapped;
-
-       /* we need to build the token for the user. make_server_info_guest()
-          already does this */
-
-       if ( !server_info->ptok ) {
-               ret = create_local_token( server_info );
-               if ( !NT_STATUS_IS_OK(ret) ) {
-                       DEBUG(10,("failed to create local token: %s\n",
-                               nt_errstr(ret)));
-                       data_blob_free(&ap_rep);
-                       data_blob_free(&session_key);
-                       TALLOC_FREE( mem_ctx );
-                       TALLOC_FREE( server_info );
-                       reply_nterror(req, nt_status_squash(ret));
-                       return;
-               }
-       }
-
        if (!is_partial_auth_vuid(sconn, sess_vuid)) {
                sess_vuid = register_initial_vuid(sconn);
        }
 
-       data_blob_free(&server_info->user_session_key);
-       /* Set the kerberos-derived session key onto the server_info */
-       server_info->user_session_key = session_key;
-       talloc_steal(server_info, session_key.data);
-
-       session_key = data_blob_null;
-
        /* register_existing_vuid keeps the server info */
        /* register_existing_vuid takes ownership of session_key on success,
         * no need to free after this on success. A better interface would copy
         * it.... */
 
        sess_vuid = register_existing_vuid(sconn, sess_vuid,
-                                          server_info, nullblob, user);
+                                          session_info, nullblob, user);
 
        reply_outbuf(req, 4, 0);
        SSVAL(req->outbuf,smb_uid,sess_vuid);
@@ -430,7 +409,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
 
                SSVAL(req->outbuf, smb_vwv3, 0);
 
-               if (server_info->guest) {
+               if (session_info->guest) {
                        SSVAL(req->outbuf,smb_vwv2,1);
                }
 
@@ -476,19 +455,19 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 {
        bool do_invalidate = true;
        DATA_BLOB response;
-       struct auth_serversupplied_info *server_info = NULL;
+       struct auth_serversupplied_info *session_info = NULL;
        struct smbd_server_connection *sconn = req->sconn;
 
        if (NT_STATUS_IS_OK(nt_status)) {
-               nt_status = auth_ntlmssp_steal_server_info(talloc_tos(),
-                                       (*auth_ntlmssp_state), &server_info);
+               nt_status = auth_ntlmssp_steal_session_info(talloc_tos(),
+                                       (*auth_ntlmssp_state), &session_info);
        } else {
-               /* Note that this server_info won't have a session
+               /* Note that this session_info won't have a session
                 * key.  But for map to guest, that's exactly the right
                 * thing - we can't reasonably guess the key the
                 * client wants, as the password was wrong */
                nt_status = do_map_to_guest(nt_status,
-                                           &server_info,
+                                           &session_info,
                                            auth_ntlmssp_get_username(*auth_ntlmssp_state),
                                            auth_ntlmssp_get_domain(*auth_ntlmssp_state));
        }
@@ -507,7 +486,7 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 
                /* register_existing_vuid keeps the server info */
                if (register_existing_vuid(sconn, vuid,
-                                          server_info, nullblob,
+                                          session_info, nullblob,
                                           auth_ntlmssp_get_username(*auth_ntlmssp_state)) !=
                                           vuid) {
                        /* The problem is, *auth_ntlmssp_state points
@@ -524,7 +503,7 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 
                SSVAL(req->outbuf, smb_vwv3, 0);
 
-               if (server_info->guest) {
+               if (session_info->guest) {
                        SSVAL(req->outbuf,smb_vwv2,1);
                }
        }
@@ -672,9 +651,7 @@ static void reply_spnego_negotiate(struct smb_request *req,
        }
 #endif
 
-       if (*auth_ntlmssp_state) {
-               TALLOC_FREE(*auth_ntlmssp_state);
-       }
+       TALLOC_FREE(*auth_ntlmssp_state);
 
        if (kerb_mech) {
                data_blob_free(&secblob);
@@ -1066,7 +1043,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
        file_save("negotiate.dat", blob1.data, blob1.length);
 #endif
 
-       p2 = (char *)req->buf + blob1.length;
+       p2 = (const char *)req->buf + blob1.length;
 
        p2 += srvstr_pull_req_talloc(talloc_tos(), req, &tmp, p2,
                                     STR_TERMINATE);
@@ -1097,6 +1074,10 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
                } else {
                        ra_lanman_string( native_lanman );
                }
+       } else if ( ra_type == RA_VISTA ) {
+               if ( strncmp(native_os, "Mac OS X", 8) == 0 ) {
+                       set_remote_arch(RA_OSX);
+               }
        }
 
        /* Did we get a valid vuid ? */
@@ -1290,6 +1271,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
        const char *primary_domain;
        struct auth_usersupplied_info *user_info = NULL;
        struct auth_serversupplied_info *server_info = NULL;
+       struct auth_serversupplied_info *session_info = NULL;
        uint16 smb_flag2 = req->flags2;
 
        NTSTATUS nt_status;
@@ -1548,13 +1530,20 @@ void reply_sesssetup_and_X(struct smb_request *req)
        reload_services(sconn->msg_ctx, sconn->sock, True);
 
        if (lp_security() == SEC_SHARE) {
+               char *sub_user_mapped = NULL;
                /* In share level we should ignore any passwords */
 
                data_blob_free(&lm_resp);
                data_blob_free(&nt_resp);
                data_blob_clear_free(&plaintext_password);
 
-               map_username(sub_user);
+               (void)map_username(talloc_tos(), sub_user, &sub_user_mapped);
+               if (!sub_user_mapped) {
+                       reply_nterror(req, NT_STATUS_NO_MEMORY);
+                       END_PROFILE(SMBsesssetupX);
+                       return;
+               }
+               fstrcpy(sub_user, sub_user_mapped);
                add_session_user(sconn, sub_user);
                add_session_workgroup(sconn, domain);
                /* Then force it to null for the benfit of the code below */
@@ -1589,7 +1578,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
                struct auth_context *plaintext_auth_context = NULL;
 
                nt_status = make_auth_context_subsystem(
-                               &plaintext_auth_context);
+                       talloc_tos(), &plaintext_auth_context);
 
                if (NT_STATUS_IS_OK(nt_status)) {
                        uint8_t chal[8];
@@ -1630,29 +1619,20 @@ void reply_sesssetup_and_X(struct smb_request *req)
                return;
        }
 
-       /* Ensure we can't possible take a code path leading to a
-        * null defref. */
-       if (!server_info) {
-               reply_nterror(req, nt_status_squash(NT_STATUS_LOGON_FAILURE));
+       nt_status = create_local_token(req, server_info, NULL, &session_info);
+       TALLOC_FREE(server_info);
+
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               DEBUG(10, ("create_local_token failed: %s\n",
+                          nt_errstr(nt_status)));
+               data_blob_free(&nt_resp);
+               data_blob_free(&lm_resp);
+               data_blob_clear_free(&plaintext_password);
+               reply_nterror(req, nt_status_squash(nt_status));
                END_PROFILE(SMBsesssetupX);
                return;
        }
 
-       if (!server_info->ptok) {
-               nt_status = create_local_token(server_info);
-
-               if (!NT_STATUS_IS_OK(nt_status)) {
-                       DEBUG(10, ("create_local_token failed: %s\n",
-                                  nt_errstr(nt_status)));
-                       data_blob_free(&nt_resp);
-                       data_blob_free(&lm_resp);
-                       data_blob_clear_free(&plaintext_password);
-                       reply_nterror(req, nt_status_squash(nt_status));
-                       END_PROFILE(SMBsesssetupX);
-                       return;
-               }
-       }
-
        data_blob_clear_free(&plaintext_password);
 
        /* it's ok - setup a reply */
@@ -1662,7 +1642,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
                /* perhaps grab OS version here?? */
        }
 
-       if (server_info->guest) {
+       if (session_info->guest) {
                SSVAL(req->outbuf,smb_vwv2,1);
        }
 
@@ -1671,7 +1651,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
 
        if (lp_security() == SEC_SHARE) {
                sess_vuid = UID_FIELD_INVALID;
-               TALLOC_FREE(server_info);
+               TALLOC_FREE(session_info);
        } else {
                /* Ignore the initial vuid. */
                sess_vuid = register_initial_vuid(sconn);
@@ -1683,9 +1663,9 @@ void reply_sesssetup_and_X(struct smb_request *req)
                        END_PROFILE(SMBsesssetupX);
                        return;
                }
-               /* register_existing_vuid keeps the server info */
+               /* register_existing_vuid keeps the session_info */
                sess_vuid = register_existing_vuid(sconn, sess_vuid,
-                                       server_info,
+                                       session_info,
                                        nt_resp.data ? nt_resp : lm_resp,
                                        sub_user);
                if (sess_vuid == UID_FIELD_INVALID) {
@@ -1705,7 +1685,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
        data_blob_free(&lm_resp);
 
        SSVAL(req->outbuf,smb_uid,sess_vuid);
-       SSVAL(req->inbuf,smb_uid,sess_vuid);
+       SSVAL(discard_const_p(char, req->inbuf),smb_uid,sess_vuid);
        req->vuid = sess_vuid;
 
        if (!sconn->smb1.sessions.done_sesssetup) {
Samba Shared Repository