sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

challange -> challenge

Browse Source 
(This used to be commit d6318add27f6bca5be00cbedf2226b642341297a)
This commit is contained in:
Tim Potter 2001-11-26 04:05:28 +00:00
parent abe6aff924
commit 178f6a64b2
12 changed files with 72 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
source3/auth/auth.c
View File

@ -75,9 +75,9 @@ NTSTATUS check_password(const auth_usersupplied_info *user_info,
DEBUG(3, ("check_password: mapped user is: [%s]\\[%s]@[%s]\n",
user_info->domain.str, user_info->internal_username.str, user_info->wksta_name.str));
DEBUG(10, ("auth_info challange created by %s\n", auth_info->challange_set_by));
DEBUG(10, ("challange is: \n"));
dump_data(5, (auth_info)->challange.data, (auth_info)->challange.length);
DEBUG(10, ("auth_info challenge created by %s\n", auth_info->challenge_set_by));
DEBUG(10, ("challenge is: \n"));
dump_data(5, (auth_info)->challenge.data, (auth_info)->challenge.length);
#ifdef DEBUG_PASSWORD
DEBUG(100, ("user_info has passwords of length %d and %d\n",
@ -213,7 +213,7 @@ static NTSTATUS pass_check_smb(char *smb_name,
return NT_STATUS_NO_MEMORY;
}
chal = auth_get_challange(plaintext_auth_info);
chal = auth_get_challenge(plaintext_auth_info);
if (!make_user_info_for_reply(&user_info,
smb_name, domain, chal.data,

2
source3/auth/auth_domain.c
View File

@ -475,7 +475,7 @@ static NTSTATUS check_ntdomain_security(void *my_private_data,
if (! *pserver) pserver = "*";
p = pserver;
nt_status = domain_client_validate(user_info, (uchar *)auth_info->challange.data,server_info,
nt_status = domain_client_validate(user_info, (uchar *)auth_info->challenge.data,server_info,
p, trust_passwd, last_change_time);
return nt_status;

68
source3/auth/auth_info.c
View File

@ -163,7 +163,7 @@ BOOL make_auth_info_subsystem(auth_authsupplied_info **auth_info)
}
/***************************************************************************
Make a auth_info struct with a random challange
Make a auth_info struct with a random challenge
***************************************************************************/
BOOL make_auth_info_random(auth_authsupplied_info **auth_info)
@ -174,15 +174,15 @@ BOOL make_auth_info_random(auth_authsupplied_info **auth_info)
}
generate_random_buffer(chal, sizeof(chal), False);
(*auth_info)->challange = data_blob(chal, sizeof(chal));
(*auth_info)->challenge = data_blob(chal, sizeof(chal));
(*auth_info)->challange_set_by = "random";
(*auth_info)->challenge_set_by = "random";
return True;
}
/***************************************************************************
Make a auth_info struct with a fixed challange
Make a auth_info struct with a fixed challenge
***************************************************************************/
BOOL make_auth_info_fixed(auth_authsupplied_info **auth_info, uchar chal[8])
@ -191,7 +191,7 @@ BOOL make_auth_info_fixed(auth_authsupplied_info **auth_info, uchar chal[8])
return False;
}
(*auth_info)->challange = data_blob(chal, 8);
(*auth_info)->challenge = data_blob(chal, 8);
return True;
}
@ -213,70 +213,70 @@ void free_auth_info(auth_authsupplied_info **auth_info)
SAFE_FREE(old_head);
}
data_blob_free(&(*auth_info)->challange);
data_blob_free(&(*auth_info)->challenge);
ZERO_STRUCT(**auth_info);
}
SAFE_FREE(*auth_info);
}
/****************************************************************************
Try to get a challange out of the various authenticaion modules.
Try to get a challenge out of the various authenticaion modules.
It is up to the caller to free it.
****************************************************************************/
DATA_BLOB auth_get_challange(auth_authsupplied_info *auth_info)
DATA_BLOB auth_get_challenge(auth_authsupplied_info *auth_info)
{
DATA_BLOB challange = data_blob(NULL, 0);
char *challange_set_by = NULL;
DATA_BLOB challenge = data_blob(NULL, 0);
char *challenge_set_by = NULL;
auth_methods *auth_method;
if (auth_info->challange.length) {
DEBUG(5, ("auth_get_challange: returning previous challange (normal)\n"));
return data_blob(auth_info->challange.data, auth_info->challange.length);
if (auth_info->challenge.length) {
DEBUG(5, ("auth_get_challenge: returning previous challenge (normal)\n"));
return data_blob(auth_info->challenge.data, auth_info->challenge.length);
}
for (auth_method = auth_info->auth_method_list; auth_method; auth_method = auth_method->next)
{
if (auth_method->get_chal) {
DEBUG(5, ("auth_get_challange: getting challange from module %s\n", auth_method->name));
if (challange_set_by) {
DEBUG(1, ("auth_get_challange: CONFIGURATION ERROR: authenticaion method %s has already specified a challange. Challange by %s ignored.\n",
challange_set_by, auth_method->name));
DEBUG(5, ("auth_get_challenge: getting challenge from module %s\n", auth_method->name));
if (challenge_set_by) {
DEBUG(1, ("auth_get_challenge: CONFIGURATION ERROR: authenticaion method %s has already specified a challenge. Challenge by %s ignored.\n",
challenge_set_by, auth_method->name));
} else {
challange = auth_method->get_chal(&auth_method->private_data, auth_info);
if (challange.length) {
DEBUG(5, ("auth_get_challange: sucessfully got challange from module %s\n", auth_method->name));
auth_info->challange = challange;
challange_set_by = auth_method->name;
auth_info->challange_set_method = auth_method;
challenge = auth_method->get_chal(&auth_method->private_data, auth_info);
if (challenge.length) {
DEBUG(5, ("auth_get_challenge: sucessfully got challenge from module %s\n", auth_method->name));
auth_info->challenge = challenge;
challenge_set_by = auth_method->name;
auth_info->challenge_set_method = auth_method;
} else {
DEBUG(3, ("auth_get_challange: getting challange from authenticaion method %s FAILED.\n",
DEBUG(3, ("auth_get_challenge: getting challenge from authenticaion method %s FAILED.\n",
auth_method->name));
}
}
} else {
DEBUG(5, ("auth_get_challange: module %s did not want to specify a challange\n", auth_method->name));
DEBUG(5, ("auth_get_challenge: module %s did not want to specify a challenge\n", auth_method->name));
}
}
if (!challange_set_by) {
if (!challenge_set_by) {
uchar chal[8];
generate_random_buffer(chal, sizeof(chal), False);
auth_info->challange = data_blob(chal, sizeof(chal));
auth_info->challenge = data_blob(chal, sizeof(chal));
challange_set_by = "random";
challenge_set_by = "random";
}
DEBUG(5, ("auth_info challange created by %s\n", challange_set_by));
DEBUG(5, ("challange is: \n"));
dump_data(5, auth_info->challange.data, (auth_info)->challange.length);
DEBUG(5, ("auth_info challenge created by %s\n", challenge_set_by));
DEBUG(5, ("challenge is: \n"));
dump_data(5, auth_info->challenge.data, (auth_info)->challenge.length);
SMB_ASSERT(auth_info->challange.length == 8);
SMB_ASSERT(auth_info->challenge.length == 8);
auth_info->challange_set_by=challange_set_by;
auth_info->challenge_set_by=challenge_set_by;
return data_blob(auth_info->challange.data, auth_info->challange.length);
return data_blob(auth_info->challenge.data, auth_info->challenge.length);
}

8
source3/auth/auth_sam.c
View File

@ -41,7 +41,7 @@ static BOOL smb_pwd_check_ntlmv1(DATA_BLOB nt_response,
}
if (sec_blob.length != 8) {
DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challange size (%d)\n", sec_blob.length));
DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%d)\n", sec_blob.length));
return False;
}
@ -174,7 +174,7 @@ static NTSTATUS sam_password_ok(SAM_ACCOUNT *sampass,
*/
DEBUG(4,("smb_password_ok: Checking NTLMv2 password\n"));
if (smb_pwd_check_ntlmv2( user_info->nt_resp,
nt_pw, auth_info->challange,
nt_pw, auth_info->challenge,
user_info->smb_name.str,
user_info->client_domain.str,
user_sess_key))
@ -191,7 +191,7 @@ static NTSTATUS sam_password_ok(SAM_ACCOUNT *sampass,
*/
DEBUG(4,("smb_password_ok: Checking NT MD4 password\n"));
if (smb_pwd_check_ntlmv1(user_info->nt_resp,
nt_pw, auth_info->challange,
nt_pw, auth_info->challenge,
user_sess_key))
{
return NT_STATUS_OK;
@ -224,7 +224,7 @@ static NTSTATUS sam_password_ok(SAM_ACCOUNT *sampass,
DEBUG(4,("smb_password_ok: Checking LM password\n"));
if (smb_pwd_check_ntlmv1(user_info->lm_resp,
lm_pw, auth_info->challange,
lm_pw, auth_info->challenge,
user_sess_key))
{
return NT_STATUS_OK;

16
source3/auth/auth_server.c
View File

@ -135,10 +135,10 @@ static void send_server_keepalive(void **private_data_pointer)
}
/****************************************************************************
Get the challange out of a password server.
Get the challenge out of a password server.
****************************************************************************/
static DATA_BLOB auth_get_challange_server(void **my_private_data, const struct authsupplied_info *auth_info)
static DATA_BLOB auth_get_challenge_server(void **my_private_data, const struct authsupplied_info *auth_info)
{
struct cli_state *cli = server_cryptkey();
@ -147,14 +147,14 @@ static DATA_BLOB auth_get_challange_server(void **my_private_data, const struct
if ((cli->sec_mode & 2) == 0) {
/* We can't work with unencrypted password servers
unless 'encrypt passwords = no' */
DEBUG(5,("make_auth_info_server: Server is unencrypted, no challange available..\n"));
DEBUG(5,("make_auth_info_server: Server is unencrypted, no challenge available..\n"));
*my_private_data = (void *)cli;
return data_blob(NULL, 0);
} else if (cli->secblob.length < 8) {
/* We can't do much if we don't get a full challange */
DEBUG(2,("make_auth_info_server: Didn't receive a full challange from server\n"));
/* We can't do much if we don't get a full challenge */
DEBUG(2,("make_auth_info_server: Didn't receive a full challenge from server\n"));
cli_shutdown(cli);
return data_blob(NULL, 0);
}
@ -205,8 +205,8 @@ static NTSTATUS check_smbserver_security(void *my_private_data,
return NT_STATUS_LOGON_FAILURE;
}
} else {
if (memcmp(cli->secblob.data, auth_info->challange.data, 8) != 0) {
DEBUG(1,("the challange that the password server (%s) supplied us is not the one we gave our client. This just can't work :-(\n", cli->desthost));
if (memcmp(cli->secblob.data, auth_info->challenge.data, 8) != 0) {
DEBUG(1,("the challenge that the password server (%s) supplied us is not the one we gave our client. This just can't work :-(\n", cli->desthost));
return NT_STATUS_LOGON_FAILURE;
}
}
@ -347,7 +347,7 @@ BOOL auth_init_smbserver(auth_methods **auth_method)
return False;
}
(*auth_method)->auth = check_smbserver_security;
(*auth_method)->get_chal = auth_get_challange_server;
(*auth_method)->get_chal = auth_get_challenge_server;
(*auth_method)->send_keepalive = send_server_keepalive;
(*auth_method)->free_private_data = free_server_private_data;
return True;

2
source3/auth/auth_util.c
View File

@ -358,7 +358,7 @@ BOOL make_user_info_winbind(auth_usersupplied_info **user_info,
const char *username,
const char *domain,
const char *password,
char chal[8] /* Give winbind back the challange we used */
char chal[8] /* Give winbind back the challenge we used */
)
{
unsigned char local_lm_response[24];

4
source3/auth/auth_winbind.c
View File

@ -49,7 +49,7 @@ static NTSTATUS check_winbind_security(void *my_private_data,
}
if (!auth_info) {
DEBUG(3,("Password for user %s cannot be checked becouse we have no auth_info to get the challange from.\n",
DEBUG(3,("Password for user %s cannot be checked because we have no auth_info to get the challenge from.\n",
user_info->internal_username.str));
return NT_STATUS_LOGON_FAILURE;
}
@ -62,7 +62,7 @@ static NTSTATUS check_winbind_security(void *my_private_data,
snprintf(request.data.auth_crap.user, sizeof(request.data.auth_crap.user),
"%s\\%s", user_info->domain.str, user_info->smb_name.str);
memcpy(request.data.auth_crap.chal, auth_info->challange.data, sizeof(request.data.auth_crap.chal));
memcpy(request.data.auth_crap.chal, auth_info->challenge.data, sizeof(request.data.auth_crap.chal));
request.data.auth_crap.lm_resp_len = MIN(user_info->lm_resp.length,
sizeof(request.data.auth_crap.lm_resp));

6
source3/include/auth.h
View File

@ -92,12 +92,12 @@ typedef struct serversupplied_info
} auth_serversupplied_info;
typedef struct authsupplied_info {
DATA_BLOB challange;
DATA_BLOB challenge;
/* Who set this up in the first place? */
char *challange_set_by; \
char *challenge_set_by; \
struct auth_methods *challange_set_method;
struct auth_methods *challenge_set_method;
/* What order are the various methods in? Try to stop it changing under us */
struct auth_methods *auth_method_list;
} auth_authsupplied_info;

11
source3/rpc_server/srv_netlog_nt.c
View File

@ -569,7 +569,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
{
auth_authsupplied_info *auth_info = NULL;
make_auth_info_fixed(&auth_info, ctr->auth.id2.lm_chal);
/* Standard challange/response authenticaion */
/* Standard challenge/response authenticaion */
make_user_info_netlogon_network(&user_info,
nt_username, nt_domain,
nt_workstation,
@ -584,9 +584,10 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
break;
}
case INTERACTIVE_LOGON_TYPE:
/* 'Interactive' autheticaion, supplies the password in its MD4 form, encrypted
with the session key. We will convert this to challange/responce for the
auth subsystem to chew on */
/* 'Interactive' autheticaion, supplies the password in its
MD4 form, encrypted with the session key. We will
convert this to chellange/responce for the auth
subsystem to chew on */
{
auth_authsupplied_info *auth_info = NULL;
DATA_BLOB chal;
@ -594,7 +595,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
return NT_STATUS_NO_MEMORY;
}
chal = auth_get_challange(auth_info);
chal = auth_get_challenge(auth_info);
make_user_info_netlogon_interactive(&user_info,
nt_username, nt_domain,

6
source3/smbd/negprot.c
View File

@ -83,7 +83,7 @@ static int reply_lanman1(char *inbuf, char *outbuf)
if (!make_auth_info_subsystem(&negprot_global_auth_info)) {
smb_panic("cannot make_negprot_global_auth_info!\n");
}
cryptkey = auth_get_challange(negprot_global_auth_info);
cryptkey = auth_get_challenge(negprot_global_auth_info);
memcpy(smb_buf(outbuf), cryptkey.data, 8);
data_blob_free(&cryptkey);
}
@ -129,7 +129,7 @@ static int reply_lanman2(char *inbuf, char *outbuf)
if (!make_auth_info_subsystem(&negprot_global_auth_info)) {
smb_panic("cannot make_negprot_global_auth_info!\n");
}
cryptkey = auth_get_challange(negprot_global_auth_info);
cryptkey = auth_get_challenge(negprot_global_auth_info);
memcpy(smb_buf(outbuf), cryptkey.data, 8);
data_blob_free(&cryptkey);
}
@ -265,7 +265,7 @@ static int reply_nt1(char *inbuf, char *outbuf)
if (!make_auth_info_subsystem(&negprot_global_auth_info)) {
smb_panic("cannot make_negprot_global_auth_info!\n");
}
cryptkey = auth_get_challange(negprot_global_auth_info);
cryptkey = auth_get_challenge(negprot_global_auth_info);
memcpy(p, cryptkey.data, 8);
data_blob_free(&cryptkey);
}

8
source3/smbd/process.c
View File

@ -1122,10 +1122,10 @@ static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_t
This is attached to the auth_info created in the
negprot */
if (negprot_global_auth_info
&& negprot_global_auth_info->challange_set_method
&& negprot_global_auth_info->challange_set_method->send_keepalive) {
negprot_global_auth_info->challange_set_method->send_keepalive
(&negprot_global_auth_info->challange_set_method->private_data);
&& negprot_global_auth_info->challenge_set_method
&& negprot_global_auth_info->challenge_set_method->send_keepalive) {
negprot_global_auth_info->challenge_set_method->send_keepalive
(&negprot_global_auth_info->challenge_set_method->private_data);
}
last_keepalive_sent_time = t;

4
source3/smbd/sesssetup.c
View File

@ -235,7 +235,7 @@ static int reply_spnego_negotiate(connection_struct *conn,
return ERROR_NT(NT_STATUS_NO_MEMORY);
}
cryptkey = auth_get_challange(ntlmssp_auth_info);
cryptkey = auth_get_challenge(ntlmssp_auth_info);
/* Give them the challenge. For now, ignore neg_flags and just
return the flags we want. Obviously this is not correct */
@ -649,7 +649,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
return ERROR_NT(NT_STATUS_NO_MEMORY);
}
chal = auth_get_challange(plaintext_auth_info);
chal = auth_get_challenge(plaintext_auth_info);
if (!make_user_info_for_reply(&user_info,
user, domain, chal.data,