s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them

Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>

diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h
index f44922f7b518120dc61bf7dbd3fbb036f054b7e1..afed1901e511796f135fc553b3650f313fcb535e 100644 (file)
--- a/source3/include/ntlmssp.h
+++ b/source3/include/ntlmssp.h
@@ -56,6 +56,11 @@ struct ntlmssp_state
        unsigned char *nt_hash;
        unsigned char *lm_hash;
 
+       struct {
+               const char *netbios_name;
+               const char *netbios_domain;
+       } client;
+
        struct {
                bool is_standalone;
                const char *netbios_name;

diff --git a/source3/include/proto.h b/source3/include/proto.h
index de2923938b7978732ad027fc36e2be3fc90c8157..1b28b47b01e332abfeb5a315b006727a0fbe5bd7 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3217,7 +3217,11 @@ NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx,
                              const char *dns_name,
                              const char *dns_domain,
                              struct ntlmssp_state **ntlmssp_state);
-NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state);
+NTSTATUS ntlmssp_client_start(TALLOC_CTX *mem_ctx,
+                             const char *netbios_name,
+                             const char *netbios_domain,
+                             bool use_ntlmv2,
+                             struct ntlmssp_state **_ntlmssp_state);
 
 /* The following definitions come from libsmb/ntlmssp_sign.c  */
 

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 6a0a1ae3d201b5aaabbbadfb560dcbea20ca5d36..3856f5b49ae78ca4609508a77783d0359dc8d303 100644 (file)
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -134,7 +134,12 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
 
        struct ntlmssp_state *ntlmssp_state;
 
-       if (!NT_STATUS_IS_OK(nt_status = ntlmssp_client_start(&ntlmssp_state))) {
+       nt_status = ntlmssp_client_start(NULL,
+                                        global_myname(),
+                                        lp_workgroup(),
+                                        lp_client_ntlmv2_auth(),
+                                        &ntlmssp_state);
+       if (!NT_STATUS_IS_OK(nt_status)) {
                return ADS_ERROR_NT(nt_status);
        }
        ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_SIGN;

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 11faa27b3f5fcf9ed5d562a73d3e481c89d7a411..9ac3551d7ca81a2fb9bc7bf8a615e37738a215cf 100644 (file)
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1000,7 +1000,11 @@ static struct tevent_req *cli_session_setup_ntlmssp_send(
 
        cli_temp_set_signing(cli);
 
-       status = ntlmssp_client_start(&state->ntlmssp_state);
+       status = ntlmssp_client_start(state,
+                                     global_myname(),
+                                     lp_workgroup(),
+                                     lp_client_ntlmv2_auth(),
+                                     &state->ntlmssp_state);
        if (!NT_STATUS_IS_OK(status)) {
                goto fail;
        }

diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c
index b3c9d5f6e7ff2b2631da7bfcbfebbbc21be338ae..3297ec76ca2342df8b410e02c5588f7ce698df6f 100644 (file)
--- a/source3/libsmb/clifsinfo.c
+++ b/source3/libsmb/clifsinfo.c
@@ -634,7 +634,11 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
        if (!es) {
                return NT_STATUS_NO_MEMORY;
        }
-       status = ntlmssp_client_start(&es->s.ntlmssp_state);
+       status = ntlmssp_client_start(NULL,
+                                     global_myname(),
+                                     lp_workgroup(),
+                                     lp_client_ntlmv2_auth(),
+                                     &es->s.ntlmssp_state);
        if (!NT_STATUS_IS_OK(status)) {
                goto fail;
        }

diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 872358846784f881717fcd2117a2ffe2207dfce7..e2bf4f224788bad6eff0a06cebbc3b6a01d6366a 100644 (file)
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -982,8 +982,8 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
                  "NTLMSSP",
                  NTLMSSP_NEGOTIATE,
                  ntlmssp_state->neg_flags,
-                 ntlmssp_state->get_domain(),
-                 ntlmssp_state->get_global_myname());
+                 ntlmssp_state->client.netbios_domain,
+                 ntlmssp_state->client.netbios_name);
 
        if (DEBUGLEVEL >= 10) {
                if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(next_request,
@@ -1272,7 +1272,7 @@ noccache:
                       nt_response.data, nt_response.length,
                       ntlmssp_state->domain,
                       ntlmssp_state->user,
-                      ntlmssp_state->get_global_myname(),
+                      ntlmssp_state->client.netbios_name,
                       encrypted_session_key.data, encrypted_session_key.length,
                       ntlmssp_state->neg_flags)) {
 
@@ -1310,27 +1310,36 @@ done:
        return nt_status;
 }
 
-NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state)
+NTSTATUS ntlmssp_client_start(TALLOC_CTX *mem_ctx,
+                             const char *netbios_name,
+                             const char *netbios_domain,
+                             bool use_ntlmv2,
+                             struct ntlmssp_state **_ntlmssp_state)
 {
-       *ntlmssp_state = TALLOC_ZERO_P(NULL, struct ntlmssp_state);
-       if (!*ntlmssp_state) {
-               DEBUG(0,("ntlmssp_client_start: talloc failed!\n"));
-               talloc_destroy(*ntlmssp_state);
-               return NT_STATUS_NO_MEMORY;
+       struct ntlmssp_state *ntlmssp_state;
+
+       if (!netbios_name) {
+               netbios_name = "";
        }
 
-       (*ntlmssp_state)->role = NTLMSSP_CLIENT;
+       if (!netbios_domain) {
+               netbios_domain = "";
+       }
 
-       (*ntlmssp_state)->get_global_myname = global_myname;
-       (*ntlmssp_state)->get_domain = lp_workgroup;
+       ntlmssp_state = talloc_zero(mem_ctx, struct ntlmssp_state);
+       if (!ntlmssp_state) {
+               return NT_STATUS_NO_MEMORY;
+       }
 
-       (*ntlmssp_state)->unicode = True;
+       ntlmssp_state->role = NTLMSSP_CLIENT;
 
-       (*ntlmssp_state)->use_ntlmv2 = lp_client_ntlmv2_auth();
+       ntlmssp_state->unicode = True;
 
-       (*ntlmssp_state)->expected_state = NTLMSSP_INITIAL;
+       ntlmssp_state->use_ntlmv2 = use_ntlmv2;
 
-       (*ntlmssp_state)->neg_flags =
+       ntlmssp_state->expected_state = NTLMSSP_INITIAL;
+
+       ntlmssp_state->neg_flags =
                NTLMSSP_NEGOTIATE_128 |
                NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
                NTLMSSP_NEGOTIATE_NTLM |
@@ -1338,5 +1347,21 @@ NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state)
                NTLMSSP_NEGOTIATE_KEY_EXCH |
                NTLMSSP_REQUEST_TARGET;
 
+       ntlmssp_state->client.netbios_name = talloc_strdup(ntlmssp_state, netbios_name);
+       if (!ntlmssp_state->client.netbios_name) {
+               talloc_free(ntlmssp_state);
+               return NT_STATUS_NO_MEMORY;
+       }
+       ntlmssp_state->client.netbios_domain = talloc_strdup(ntlmssp_state, netbios_domain);
+       if (!ntlmssp_state->client.netbios_domain) {
+               talloc_free(ntlmssp_state);
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       /* TODO: remove this */
+       ntlmssp_state->get_global_myname = global_myname;
+       ntlmssp_state->get_domain = lp_workgroup;
+
+       *_ntlmssp_state = ntlmssp_state;
        return NT_STATUS_OK;
 }

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 2f7db99f205deab49396b6351cd092a5b79afd22..af1ebd6f418c3ded3776eef8a55defdc0f134cb2 100644 (file)
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -3167,7 +3167,11 @@ static NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx,
                goto fail;
        }
 
-       status = ntlmssp_client_start(&result->a_u.ntlmssp_state);
+       status = ntlmssp_client_start(NULL,
+                                     global_myname(),
+                                     lp_workgroup(),
+                                     lp_client_ntlmv2_auth(),
+                                     &result->a_u.ntlmssp_state);
        if (!NT_STATUS_IS_OK(status)) {
                goto fail;
        }

diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 487401b66210398c471aa2bd4336c3648302e2da..929c11f5a9e284478879e5ceaefacce5b66a206c 100644 (file)
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -645,7 +645,11 @@ static NTSTATUS ntlm_auth_start_ntlmssp_client(struct ntlmssp_state **client_ntl
                return NT_STATUS_INVALID_PARAMETER;
        }
 
-       status = ntlmssp_client_start(client_ntlmssp_state);
+       status = ntlmssp_client_start(NULL,
+                                     global_myname(),
+                                     lp_workgroup(),
+                                     lp_client_ntlmv2_auth(),
+                                     client_ntlmssp_state);
 
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(1, ("Could not start NTLMSSP client: %s\n",

diff --git a/source3/winbindd/winbindd_ccache_access.c b/source3/winbindd/winbindd_ccache_access.c
index f8f57f6add9779aad2d4134433911a1e1756d7f0..ff5c8408f4b4d9b67986ecf9da4f18757ff35855 100644 (file)
--- a/source3/winbindd/winbindd_ccache_access.c
+++ b/source3/winbindd/winbindd_ccache_access.c
@@ -54,7 +54,11 @@ static NTSTATUS do_ntlm_auth_with_hashes(const char *username,
        struct ntlmssp_state *ntlmssp_state = NULL;
        DATA_BLOB dummy_msg, reply;
 
-       status = ntlmssp_client_start(&ntlmssp_state);
+       status = ntlmssp_client_start(NULL,
+                                     global_myname(),
+                                     lp_workgroup(),
+                                     lp_client_ntlmv2_auth(),
+                                     &ntlmssp_state);
 
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(1, ("Could not start NTLMSSP client: %s\n",