Port Samba4 to the new combined libcli/auth functions

For example, some of the new shared functionality was previously in the wkssvc
torture test.

Andrew Bartlett

diff --git a/libcli/auth/config.mk b/libcli/auth/config.mk
index 0d440c0f66fca033bb6b0712a353b5d3d7feedb7..5428f04433ba56daa84c4cb826a9da561f426ef1 100644 (file)
--- a/libcli/auth/config.mk
+++ b/libcli/auth/config.mk
@@ -1,3 +1,8 @@
+[SUBSYSTEM::ntlm_check]
+PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL
+
+ntlm_check_OBJ_FILES = $(addprefix $(libclicommonsrcdir)/auth/, ntlm_check.o)
+
 [SUBSYSTEM::MSRPC_PARSE]
 
 MSRPC_PARSE_OBJ_FILES = $(addprefix $(libclicommonsrcdir)/auth/, msrpc_parse.o)

diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
index bcb40acda19c4a6665259b8a2406c89178fa623f..f5a73feadcd7ccc4a630c88209adf4d8c593a841 100644 (file)
--- a/libcli/auth/smbencrypt.c
+++ b/libcli/auth/smbencrypt.c
@@ -538,7 +538,7 @@ bool encode_pw_buffer(uint8_t buffer[516], const char *password, int string_flag
        /* the incoming buffer can be any alignment. */
        string_flags |= STR_NOALIGN;
 
-       new_pw_len = push_string(new_pw, new_pw,
+       new_pw_len = push_string(new_pw,
                                 password, 
                                 sizeof(new_pw), string_flags);
        

diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c
index 96a13d5ed9c0613b7aff7e9b6026f322e589a7b9..2b9b92812cb1653d785f86416afef94a4445cfa2 100644 (file)
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -25,7 +25,7 @@
 #include "lib/ldb/include/ldb.h"
 #include "../lib/util/util_ldb.h"
 #include "auth/auth.h"
-#include "auth/ntlm/ntlm_check.h"
+#include "../libcli/auth/ntlm_check.h"
 #include "auth/ntlm/auth_proto.h"
 #include "auth/auth_sam.h"
 #include "dsdb/samdb/samdb.h"

diff --git a/source4/auth/ntlm/config.mk b/source4/auth/ntlm/config.mk
index 668c528ea910b641b153dd52facaacf5d1f7f447..a9ae18e7c25e85b0b21b4fc7a420b47da388f3bc 100644 (file)
--- a/source4/auth/ntlm/config.mk
+++ b/source4/auth/ntlm/config.mk
@@ -1,10 +1,5 @@
 # NTLM auth server subsystem
 
-[SUBSYSTEM::ntlm_check]
-PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL
-
-ntlm_check_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, ntlm_check.o)
-
 #######################
 # Start MODULE auth_sam
 [MODULE::auth_sam_module]

diff --git a/source4/torture/rpc/wkssvc.c b/source4/torture/rpc/wkssvc.c
index 3c34229dff6b87def52e576d73a76232fd10aee3..06b1d05ee4dce2ee8063caf17485569c52e17727 100644 (file)
--- a/source4/torture/rpc/wkssvc.c
+++ b/source4/torture/rpc/wkssvc.c
@@ -1148,43 +1148,6 @@ static bool test_NetrJoinDomain(struct torture_context *tctx,
        return true;
 }
 
-/* encode a wkssvc_PasswordBuffer for remote joining/unjoining:
- *
- * similar to samr_CryptPasswordEx. Different: 8byte confounder (instead of
- * 16byte), confounder in front of the 516 byte buffer (instead of after that
- * buffer), calling MD5Update() first with session_key and then with confounder
- * (vice versa in samr) - Guenther */
-
-static void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
-                                              const char *pwd,
-                                              DATA_BLOB *session_key,
-                                              struct wkssvc_PasswordBuffer *pwd_buf)
-{
-       uint8_t buffer[516];
-       struct MD5Context ctx;
-
-       DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
-
-       int confounder_len = 8;
-       uint8_t confounder[8];
-
-       encode_pw_buffer(buffer, pwd, STR_UNICODE);
-
-       generate_random_buffer((uint8_t *)confounder, confounder_len);
-
-       MD5Init(&ctx);
-       MD5Update(&ctx, session_key->data, session_key->length);
-       MD5Update(&ctx, confounder, confounder_len);
-       MD5Final(confounded_session_key.data, &ctx);
-
-       arcfour_crypt_blob(buffer, 516, &confounded_session_key);
-
-       memcpy(&pwd_buf->data[0], confounder, confounder_len);
-       memcpy(&pwd_buf->data[8], buffer, 516);
-
-       data_blob_free(&confounded_session_key);
-}
-
 /*
  * prerequisites for remotely joining an unjoined XP SP2 workstation:
  * - firewall needs to be disabled (or open for ncacn_np access)
@@ -1202,7 +1165,7 @@ static bool test_NetrJoinDomain2(struct torture_context *tctx,
        const char *domain_admin_account = NULL;
        const char *domain_admin_password = NULL;
        const char *domain_name = NULL;
-       struct wkssvc_PasswordBuffer pwd_buf;
+       struct wkssvc_PasswordBuffer *pwd_buf;
        enum wkssvc_NetJoinStatus join_status;
        const char *join_name = NULL;
        WERROR expected_err;
@@ -1253,7 +1216,7 @@ static bool test_NetrJoinDomain2(struct torture_context *tctx,
        r.in.domain_name = domain_name;
        r.in.account_ou = NULL;
        r.in.admin_account = domain_admin_account;
-       r.in.encrypted_password = &pwd_buf;
+       r.in.encrypted_password = pwd_buf;
        r.in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
                          WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE;
 
@@ -1286,7 +1249,7 @@ static bool test_NetrUnjoinDomain2(struct torture_context *tctx,
        struct wkssvc_NetrUnjoinDomain2 r;
        const char *domain_admin_account = NULL;
        const char *domain_admin_password = NULL;
-       struct wkssvc_PasswordBuffer pwd_buf;
+       struct wkssvc_PasswordBuffer *pwd_buf;
        enum wkssvc_NetJoinStatus join_status;
        const char *join_name = NULL;
        WERROR expected_err;
@@ -1332,7 +1295,7 @@ static bool test_NetrUnjoinDomain2(struct torture_context *tctx,
 
        r.in.server_name = dcerpc_server_name(p);
        r.in.account = domain_admin_account;
-       r.in.encrypted_password = &pwd_buf;
+       r.in.encrypted_password = pwd_buf;
        r.in.unjoin_flags = 0;
 
        torture_comment(tctx, "testing NetrUnjoinDomain2 (assuming non-DC)\n");

diff --git a/source4/utils/ntlm_auth.c b/source4/utils/ntlm_auth.c
index 2c6f353252efafd7e0c8761c98231b85f26a7607..1c9eabe09ad89fde9347595af32d1d7a51482191 100644 (file)
--- a/source4/utils/ntlm_auth.c
+++ b/source4/utils/ntlm_auth.c
@@ -30,7 +30,6 @@
 #include "auth/auth.h"
 #include "librpc/gen_ndr/ndr_netlogon.h"
 #include "auth/auth_sam.h"
-#include "auth/ntlm/ntlm_check.h"
 #include "libcli/auth/libcli_auth.h"
 #include "libcli/security/security.h"
 #include "lib/events/events.h"