git.samba.org
/
kai
/
samba-autobuild
/
.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
555d1ba
)
Some more shuffling around gss-spnego server
author
Volker Lendecke
<vlendec@samba.org>
Tue, 12 Aug 2003 19:00:08 +0000
(19:00 +0000)
committer
Volker Lendecke
<vlendec@samba.org>
Tue, 12 Aug 2003 19:00:08 +0000
(19:00 +0000)
source/utils/ntlm_auth.c
patch
|
blob
|
history
diff --git
a/source/utils/ntlm_auth.c
b/source/utils/ntlm_auth.c
index da41f9dd080ad3bf643e5d3da5ae7cc69735fb16..5154744ed1edf7b4820f78c05f297d8b39c872f0 100644
(file)
--- a/
source/utils/ntlm_auth.c
+++ b/
source/utils/ntlm_auth.c
@@
-410,6
+410,9
@@
static void manage_gss_spnego_request(enum squid_mode squid_mode,
NTSTATUS status;
ssize_t len;
NTSTATUS status;
ssize_t len;
+ char *user = NULL;
+ char *domain = NULL;
+
const char *reply_code;
char *reply_base64;
pstring reply_argument;
const char *reply_code;
char *reply_base64;
pstring reply_argument;
@@
-470,39
+473,35
@@
static void manage_gss_spnego_request(enum squid_mode squid_mode,
return;
}
return;
}
- if ( strcmp(request.negTokenInit.mechTypes[0], OID_NTLMSSP) != 0 ) {
- DEBUG(1, ("Client did not choose NTLMSSP but %s\n",
- request.negTokenInit.mechTypes[0]));
- x_fprintf(x_stdout, "BH\n");
- return;
- }
+ if (strcmp(request.negTokenInit.mechTypes[0], OID_NTLMSSP) == 0) {
- if ( request.negTokenInit.mechToken.data == NULL ) {
- DEBUG(1, ("Client did not provide NTLMSSP data\n"));
- x_fprintf(x_stdout, "BH\n");
- return;
- }
+
if ( request.negTokenInit.mechToken.data == NULL ) {
+
DEBUG(1, ("Client did not provide NTLMSSP data\n"));
+
x_fprintf(x_stdout, "BH\n");
+
return;
+
}
- if ( ntlmssp_state != NULL ) {
- DEBUG(1, ("Client wants a new NTLMSSP challenge, but "
- "already got one\n"));
- x_fprintf(x_stdout, "BH\n");
- ntlmssp_server_end(&ntlmssp_state);
- return;
- }
+
if ( ntlmssp_state != NULL ) {
+
DEBUG(1, ("Client wants a new NTLMSSP challenge, but "
+
"already got one\n"));
+
x_fprintf(x_stdout, "BH\n");
+
ntlmssp_server_end(&ntlmssp_state);
+
return;
+
}
- ntlmssp_server_start(&ntlmssp_state);
- ntlmssp_state->check_password = winbind_pw_check;
- ntlmssp_state->get_domain = get_winbind_domain;
- ntlmssp_state->get_global_myname = get_winbind_netbios_name;
+
ntlmssp_server_start(&ntlmssp_state);
+
ntlmssp_state->check_password = winbind_pw_check;
+
ntlmssp_state->get_domain = get_winbind_domain;
+
ntlmssp_state->get_global_myname = get_winbind_netbios_name;
- DEBUG(10, ("got NTLMSSP packet:\n"));
- dump_data(10, request.negTokenInit.mechToken.data,
- request.negTokenInit.mechToken.length);
+
DEBUG(10, ("got NTLMSSP packet:\n"));
+
dump_data(10, request.negTokenInit.mechToken.data,
+
request.negTokenInit.mechToken.length);
- status = ntlmssp_server_update(ntlmssp_state,
- request.negTokenInit.mechToken,
- &response.negTokenTarg.responseToken);
+ status = ntlmssp_server_update(ntlmssp_state,
+ request.negTokenInit.mechToken,
+ &response.negTokenTarg.responseToken);
+ }
} else {
} else {
@@
-517,6
+516,12
@@
static void manage_gss_spnego_request(enum squid_mode squid_mode,
status = ntlmssp_server_update(ntlmssp_state,
request.negTokenTarg.responseToken,
&response.negTokenTarg.responseToken);
status = ntlmssp_server_update(ntlmssp_state,
request.negTokenTarg.responseToken,
&response.negTokenTarg.responseToken);
+
+ if (NT_STATUS_IS_OK(status)) {
+ user = strdup(ntlmssp_state->user);
+ domain = strdup(ntlmssp_state->domain);
+ ntlmssp_server_end(&ntlmssp_state);
+ }
}
free_spnego_data(&request);
}
free_spnego_data(&request);
@@
-528,8
+533,7
@@
static void manage_gss_spnego_request(enum squid_mode squid_mode,
if (NT_STATUS_IS_OK(status)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED;
reply_code = "AF";
if (NT_STATUS_IS_OK(status)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED;
reply_code = "AF";
- pstr_sprintf(reply_argument, "%s\\%s",
- ntlmssp_state->domain, ntlmssp_state->user);
+ pstr_sprintf(reply_argument, "%s\\%s", domain, user);
} else if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE;
} else if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE;
@@
-541,6
+545,9
@@
static void manage_gss_spnego_request(enum squid_mode squid_mode,
pstrcpy(reply_argument, nt_errstr(status));
}
pstrcpy(reply_argument, nt_errstr(status));
}
+ SAFE_FREE(user);
+ SAFE_FREE(domain);
+
len = write_spnego_data(&token, &response);
free_spnego_data(&response);
len = write_spnego_data(&token, &response);
free_spnego_data(&response);
@@
-558,10
+565,6
@@
static void manage_gss_spnego_request(enum squid_mode squid_mode,
SAFE_FREE(reply_base64);
data_blob_free(&token);
SAFE_FREE(reply_base64);
data_blob_free(&token);
- if (NT_STATUS_IS_OK(status)) {
- ntlmssp_server_end(&ntlmssp_state);
- }
-
return;
}
return;
}