X-Git-Url: http://git.samba.org/samba.git/?a=blobdiff_plain;f=source4%2Futils%2Fntlm_auth.c;h=a60ce98d48fc1f4af85e52885ef932372e70e94f;hb=7a23b9769be2c3c25cfb8fa280efb0ab34cd24b2;hp=99fb3e80817ab33702258a2a77cee5186549bb87;hpb=8c4e2eb49deec55485e86330ddddc26e584d8e1b;p=sfrench%2Fsamba-autobuild%2F.git diff --git a/source4/utils/ntlm_auth.c b/source4/utils/ntlm_auth.c index 99fb3e80817..a60ce98d48f 100644 --- a/source4/utils/ntlm_auth.c +++ b/source4/utils/ntlm_auth.c @@ -30,7 +30,6 @@ #include "auth/auth.h" #include "librpc/gen_ndr/ndr_netlogon.h" #include "auth/auth_sam.h" -#include "auth/ntlm/ntlm_check.h" #include "libcli/auth/libcli_auth.h" #include "libcli/security/security.h" #include "lib/events/events.h" @@ -59,22 +58,22 @@ enum stdio_helper_mode { typedef void (*stdio_helper_function)(enum stdio_helper_mode stdio_helper_mode, struct loadparm_context *lp_ctx, - char *buf, int length, void **private, + char *buf, int length, void **private1, unsigned int mux_id, void **private2); static void manage_squid_basic_request (enum stdio_helper_mode stdio_helper_mode, struct loadparm_context *lp_ctx, - char *buf, int length, void **private, + char *buf, int length, void **private1, unsigned int mux_id, void **private2); static void manage_gensec_request (enum stdio_helper_mode stdio_helper_mode, struct loadparm_context *lp_ctx, - char *buf, int length, void **private, + char *buf, int length, void **private1, unsigned int mux_id, void **private2); static void manage_ntlm_server_1_request (enum stdio_helper_mode stdio_helper_mode, struct loadparm_context *lp_ctx, - char *buf, int length, void **private, + char *buf, int length, void **private1, unsigned int mux_id, void **private2); static void manage_squid_request(struct loadparm_context *lp_ctx, @@ -248,7 +247,7 @@ static NTSTATUS local_pw_check_specified(struct loadparm_context *lp_ctx, static void manage_squid_basic_request(enum stdio_helper_mode stdio_helper_mode, struct loadparm_context *lp_ctx, - char *buf, int length, void **private, + char *buf, int length, void **private1, unsigned int mux_id, void **private2) { char *user, *pass; @@ -280,7 +279,7 @@ static void manage_squid_basic_request(enum stdio_helper_mode stdio_helper_mode, static void manage_gensec_get_pw_request(enum stdio_helper_mode stdio_helper_mode, struct loadparm_context *lp_ctx, - char *buf, int length, void **private, + char *buf, int length, void **private1, unsigned int mux_id, void **password) { DATA_BLOB in; @@ -298,7 +297,7 @@ static void manage_gensec_get_pw_request(enum stdio_helper_mode stdio_helper_mod if (strncmp(buf, "PW ", 3) == 0) { - *password = talloc_strndup(*private /* hopefully the right gensec context, useful to use for talloc */, + *password = talloc_strndup(*private1 /* hopefully the right gensec context, useful to use for talloc */, (const char *)in.data, in.length); if (*password == NULL) { @@ -380,7 +379,7 @@ static void gensec_want_feature_list(struct gensec_security *state, char* featur static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, struct loadparm_context *lp_ctx, - char *buf, int length, void **private, + char *buf, int length, void **private1, unsigned int mux_id, void **private2) { DATA_BLOB in; @@ -392,7 +391,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, const char *set_password; }; struct gensec_ntlm_state *state; - struct event_context *ev; + struct tevent_context *ev; struct messaging_context *msg; NTSTATUS nt_status; @@ -405,15 +404,15 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, TALLOC_CTX *mem_ctx; - if (*private) { - state = (struct gensec_ntlm_state *)*private; + if (*private1) { + state = (struct gensec_ntlm_state *)*private1; } else { state = talloc_zero(NULL, struct gensec_ntlm_state); if (!state) { mux_printf(mux_id, "BH No Memory\n"); exit(1); } - *private = state; + *private1 = state; if (opt_password) { state->set_password = opt_password; } @@ -466,6 +465,9 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, if (!ev) { exit(1); } + + mem_ctx = talloc_named(NULL, 0, "manage_gensec_request internal mem_ctx"); + /* setup gensec */ if (!(state->gensec_state)) { switch (stdio_helper_mode) { @@ -473,24 +475,48 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, case NTLMSSP_CLIENT_1: /* setup the client side */ - nt_status = gensec_client_start(NULL, &state->gensec_state, ev, lp_ctx); + nt_status = gensec_client_start(NULL, &state->gensec_state, ev, + lp_gensec_settings(NULL, lp_ctx)); if (!NT_STATUS_IS_OK(nt_status)) { + talloc_free(mem_ctx); exit(1); } break; case GSS_SPNEGO_SERVER: case SQUID_2_5_NTLMSSP: + { + const char *winbind_method[] = { "winbind", NULL }; + struct auth_context *auth_context; + msg = messaging_client_init(state, lp_messaging_path(state, lp_ctx), lp_iconv_convenience(lp_ctx), ev); if (!msg) { + talloc_free(mem_ctx); + exit(1); + } + nt_status = auth_context_create_methods(mem_ctx, + winbind_method, + ev, + msg, + lp_ctx, + &auth_context); + + if (!NT_STATUS_IS_OK(nt_status)) { + talloc_free(mem_ctx); exit(1); } - if (!NT_STATUS_IS_OK(gensec_server_start(state, ev, lp_ctx, msg, &state->gensec_state))) { + + if (!NT_STATUS_IS_OK(gensec_server_start(state, ev, + lp_gensec_settings(state, lp_ctx), + auth_context, &state->gensec_state))) { + talloc_free(mem_ctx); exit(1); } break; + } default: + talloc_free(mem_ctx); abort(); } @@ -541,20 +567,21 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, nt_status = gensec_start_mech_by_oid(state->gensec_state, GENSEC_OID_NTLMSSP); break; default: + talloc_free(mem_ctx); abort(); } if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(1, ("GENSEC mech failed to start: %s\n", nt_errstr(nt_status))); mux_printf(mux_id, "BH GENSEC mech failed to start\n"); + talloc_free(mem_ctx); return; } } /* update */ - mem_ctx = talloc_named(NULL, 0, "manage_gensec_request internal mem_ctx"); - + if (strncmp(buf, "PW ", 3) == 0) { state->set_password = talloc_strndup(state, (const char *)in.data, @@ -674,7 +701,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, if (!NT_STATUS_IS_OK(nt_status)) { reply_code = "BH Failed to retrive session info"; reply_arg = nt_errstr(nt_status); - DEBUG(1, ("GENSEC failed to retreive the session info: %s\n", nt_errstr(nt_status))); + DEBUG(1, ("GENSEC failed to retrieve the session info: %s\n", nt_errstr(nt_status))); } else { reply_code = "AF"; @@ -712,7 +739,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mode, struct loadparm_context *lp_ctx, - char *buf, int length, void **private, + char *buf, int length, void **private1, unsigned int mux_id, void **private2) { char *request, *parameter; @@ -920,7 +947,7 @@ static void manage_squid_request(struct loadparm_context *lp_ctx, enum stdio_hel static struct mux_private *mux_private; static void *normal_private; - void **private; + void **private1; buf = talloc_strdup(NULL, ""); @@ -1002,13 +1029,13 @@ static void manage_squid_request(struct loadparm_context *lp_ctx, enum stdio_hel (sizeof(*mux_private->private_pointers) * (mux_private->max_mux - prev_max))); }; - private = &mux_private->private_pointers[mux_id]; + private1 = &mux_private->private_pointers[mux_id]; } else { c = buf; - private = &normal_private; + private1 = &normal_private; } - fn(helper_mode, lp_ctx, c, length, private, mux_id, private2); + fn(helper_mode, lp_ctx, c, length, private1, mux_id, private2); talloc_free(buf); }