sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-25 17:57:42 +03:00
Code

auth/credentials: cli_credentials_set_ntlm_response() pass session_keys

Browse Source 
Otherwise cli_credentials_get_ntlm_response() will return session keys
with a 0 length, which leads to errors in the NTLMSSP code.

This wasn't noticed as cli_credentials_set_ntlm_response() has no
callers yet, but that will change in the next commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14932

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Stefan Metzmacher 2021-12-18 10:40:36 +01:00 committed by Jeremy Allison
parent a03aa13155
commit 0ef1254f44
3 changed files with 64 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
auth/credentials/credentials.h
View File

@ -230,8 +230,10 @@ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
bool cli_credentials_set_old_nt_hash(struct cli_credentials *cred,
const struct samr_Password *nt_hash);
bool cli_credentials_set_ntlm_response(struct cli_credentials *cred,
const DATA_BLOB *lm_response,
const DATA_BLOB *nt_response,
const DATA_BLOB *lm_response,
const DATA_BLOB *lm_session_key,
const DATA_BLOB *nt_response,
const DATA_BLOB *nt_session_key,
enum credentials_obtained obtained);
int cli_credentials_set_keytab_name(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,

2
auth/credentials/credentials_internal.h
View File

@ -70,7 +70,9 @@ struct cli_credentials {
/* Allows NTLM pass-though authentication */
DATA_BLOB lm_response;
DATA_BLOB lm_session_key;
DATA_BLOB nt_response;
DATA_BLOB nt_session_key;
struct ccache_container *ccache;
struct gssapi_creds_container *client_gss_creds;

65
auth/credentials/credentials_ntlm.c
View File

@ -69,6 +69,14 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
return NT_STATUS_NO_MEMORY;
}
}
if (cred->nt_session_key.length != 0) {
session_key = data_blob_dup_talloc(frame,
cred->nt_session_key);
if (session_key.data == NULL) {
TALLOC_FREE(frame);
return NT_STATUS_NO_MEMORY;
}
}
if (cred->lm_response.length != 0) {
lm_response = data_blob_dup_talloc(frame,
cred->lm_response);
@ -77,6 +85,14 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
return NT_STATUS_NO_MEMORY;
}
}
if (cred->lm_session_key.length != 0) {
lm_session_key = data_blob_dup_talloc(frame,
cred->lm_session_key);
if (lm_session_key.data == NULL) {
TALLOC_FREE(frame);
return NT_STATUS_NO_MEMORY;
}
}
if (cred->lm_response.data == NULL) {
*flags = *flags & ~CLI_CRED_LANMAN_AUTH;
@ -483,19 +499,54 @@ _PUBLIC_ bool cli_credentials_set_old_nt_hash(struct cli_credentials *cred,
}
_PUBLIC_ bool cli_credentials_set_ntlm_response(struct cli_credentials *cred,
const DATA_BLOB *lm_response,
const DATA_BLOB *nt_response,
const DATA_BLOB *lm_response,
const DATA_BLOB *lm_session_key,
const DATA_BLOB *nt_response,
const DATA_BLOB *nt_session_key,
enum credentials_obtained obtained)
{
if (obtained >= cred->password_obtained) {
cli_credentials_set_password(cred, NULL, obtained);
if (nt_response) {
cred->nt_response = data_blob_talloc(cred, nt_response->data, nt_response->length);
talloc_steal(cred, cred->nt_response.data);
data_blob_clear_free(&cred->lm_response);
data_blob_clear_free(&cred->lm_session_key);
data_blob_clear_free(&cred->nt_response);
data_blob_clear_free(&cred->nt_session_key);
if (lm_response != NULL && lm_response->length != 0) {
cred->lm_response = data_blob_talloc(cred,
lm_response->data,
lm_response->length);
if (cred->lm_response.data == NULL) {
return false;
}
}
if (nt_response) {
cred->lm_response = data_blob_talloc(cred, lm_response->data, lm_response->length);
if (lm_session_key != NULL && lm_session_key->length != 0) {
cred->lm_session_key = data_blob_talloc(cred,
lm_session_key->data,
lm_session_key->length);
if (cred->lm_session_key.data == NULL) {
return false;
}
}
if (nt_response != NULL && nt_response->length != 0) {
cred->nt_response = data_blob_talloc(cred,
nt_response->data,
nt_response->length);
if (cred->nt_response.data == NULL) {
return false;
}
}
if (nt_session_key != NULL && nt_session_key->length != 0) {
cred->nt_session_key = data_blob_talloc(cred,
nt_session_key->data,
nt_session_key->length);
if (cred->nt_session_key.data == NULL) {
return false;
}
}
return true;
}