ntlmssp: merge initial packet implementations

author Andrew Bartlett <abartlet@samba.org>

Tue, 27 Dec 2011 08:16:14 +0000 (19:16 +1100)

committer Stefan Metzmacher <metze@samba.org>

Fri, 6 Jan 2012 12:18:40 +0000 (13:18 +0100)
author Andrew Bartlett <abartlet@samba.org>
Tue, 27 Dec 2011 08:16:14 +0000 (19:16 +1100)
committer Stefan Metzmacher <metze@samba.org>
Fri, 6 Jan 2012 12:18:40 +0000 (13:18 +0100)
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c

index 01cc1cc02e7f46145452d04d5b91a6c8271394f5..866ce9218b878522e5454e7f89adc2f398b8fc8f 100644 (file)
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -33,7 +33,7 @@
  #include "../nsswitch/libwbclient/wbclient.h"
  
  static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
-                                      TALLOC_CTX *out_mem_ctx, /* Unused at this time */
+                                      TALLOC_CTX *out_mem_ctx,
                                        DATA_BLOB reply, DATA_BLOB *next_request);
  static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
                                          TALLOC_CTX *out_mem_ctx, /* Unused at this time */
@@ -374,11 +374,22 @@ NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx,
   */
  
  static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
-                                 TALLOC_CTX *out_mem_ctx, /* Unused at this time */
-                                 DATA_BLOB reply, DATA_BLOB *next_request)
+                                      TALLOC_CTX *out_mem_ctx,
+                                      DATA_BLOB in, DATA_BLOB *out)
  {
+       const char *domain = ntlmssp_state->client.netbios_domain;
+       const char *workstation = ntlmssp_state->client.netbios_name;
         NTSTATUS status;
  
+       /* These don't really matter in the initial packet, so don't panic if they are not set */
+       if (!domain) {
+               domain = "";
+       }
+
+       if (!workstation) {
+               workstation = "";
+       }
+
         if (ntlmssp_state->unicode) {
                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
         } else {
@@ -390,15 +401,17 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
         }
  
         /* generate the ntlmssp negotiate packet */
-       status = msrpc_gen(ntlmssp_state, next_request, "CddAA",
+       status = msrpc_gen(out_mem_ctx,
+                 out, "CddAA",
                   "NTLMSSP",
                   NTLMSSP_NEGOTIATE,
                   ntlmssp_state->neg_flags,
-                 ntlmssp_state->client.netbios_domain,
-                 ntlmssp_state->client.netbios_name);
+                 domain,
+                 workstation);
+
         if (!NT_STATUS_IS_OK(status)) {
                 DEBUG(0, ("ntlmssp_client_initial: failed to generate "
-                       "ntlmssp negotiate packet\n"));
+                         "ntlmssp negotiate packet\n"));
                 return status;
         }
  
@@ -407,7 +420,7 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
                         talloc_tos(), struct NEGOTIATE_MESSAGE);
                 if (negotiate != NULL) {
                         status = ntlmssp_pull_NEGOTIATE_MESSAGE(
-                               next_request, negotiate, negotiate);
+                               out, negotiate, negotiate);
                         if (NT_STATUS_IS_OK(status)) {
                                 NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE,
                                                 negotiate);
diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c

index d5ece11e6afbae3750e1cb6ad8768bb3791fde08..6e372dc8f8fedc7a0ff610bfbda0ae532c26b340 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -32,6 +32,8 @@ struct auth_session_info;
  #include "auth/gensec/gensec.h"
  #include "param/param.h"
  #include "auth/ntlmssp/ntlmssp_private.h"
+#include "../librpc/gen_ndr/ndr_ntlmssp.h"
+#include "../auth/ntlmssp/ntlmssp_ndr.h"
  
  /*********************************************************************
   Client side NTLMSSP
@@ -55,8 +57,8 @@ NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security,
                 talloc_get_type_abort(gensec_security->private_data,
                                       struct gensec_ntlmssp_context);
         struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
-       const char *domain = ntlmssp_state->domain;
-       const char *workstation = cli_credentials_get_workstation(gensec_security->credentials);
+       const char *domain = ntlmssp_state->client.netbios_domain;
+       const char *workstation = ntlmssp_state->client.netbios_name;
         NTSTATUS status;
  
         /* These don't really matter in the initial packet, so don't panic if they are not set */
@@ -73,24 +75,40 @@ NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security,
         } else {
                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_OEM;
         }
-       
+
         if (ntlmssp_state->use_ntlmv2) {
                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
         }
  
         /* generate the ntlmssp negotiate packet */
-       status = msrpc_gen(out_mem_ctx, 
+       status = msrpc_gen(out_mem_ctx,
                   out, "CddAA",
                   "NTLMSSP",
                   NTLMSSP_NEGOTIATE,
                   ntlmssp_state->neg_flags,
-                 domain, 
+                 domain,
                   workstation);
  
         if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0, ("ntlmssp_client_initial: failed to generate "
+                         "ntlmssp negotiate packet\n"));
                 return status;
         }
  
+       if (DEBUGLEVEL >= 10) {
+               struct NEGOTIATE_MESSAGE *negotiate = talloc(
+                       talloc_tos(), struct NEGOTIATE_MESSAGE);
+               if (negotiate != NULL) {
+                       status = ntlmssp_pull_NEGOTIATE_MESSAGE(
+                               out, negotiate, negotiate);
+                       if (NT_STATUS_IS_OK(status)) {
+                               NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE,
+                                               negotiate);
+                       }
+                       TALLOC_FREE(negotiate);
+               }
+       }
+
         ntlmssp_state->expected_state = NTLMSSP_CHALLENGE;
  
         return NT_STATUS_MORE_PROCESSING_REQUIRED;
@@ -349,7 +367,8 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
  
         ntlmssp_state->role = NTLMSSP_CLIENT;
  
-       ntlmssp_state->domain = lpcfg_workgroup(gensec_security->settings->lp_ctx);
+       ntlmssp_state->client.netbios_domain = lpcfg_workgroup(gensec_security->settings->lp_ctx);
+       ntlmssp_state->client.netbios_name = cli_credentials_get_workstation(gensec_security->credentials);
  
         ntlmssp_state->unicode = gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "unicode", true);
author	Andrew Bartlett <abartlet@samba.org>
	Tue, 27 Dec 2011 08:16:14 +0000 (19:16 +1100)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 6 Jan 2012 12:18:40 +0000 (13:18 +0100)
source3/libsmb/ntlmssp.c		patch \| blob \| history
source4/auth/ntlmssp/ntlmssp_client.c		patch \| blob \| history