mirror of
https://github.com/samba-team/samba.git
synced 2025-01-25 06:04:04 +03:00
r2645: converted the NTLMSSP code to the new style of talloc
(This used to be commit b378aae95d4001c4cf4e6e59ed80ee1bd55382ee)
This commit is contained in:
parent
525a993469
commit
4b1050a6cf
@ -36,7 +36,6 @@ enum GENSEC_KRB5_STATE {
|
||||
};
|
||||
|
||||
struct gensec_krb5_state {
|
||||
TALLOC_CTX *mem_ctx;
|
||||
DATA_BLOB session_key;
|
||||
struct PAC_LOGON_INFO *logon_info;
|
||||
enum GENSEC_KRB5_STATE state_position;
|
||||
@ -230,18 +229,11 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
|
||||
struct gensec_krb5_state *gensec_krb5_state;
|
||||
krb5_error_code ret = 0;
|
||||
|
||||
TALLOC_CTX *mem_ctx = talloc_init("gensec_krb5");
|
||||
if (!mem_ctx) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
gensec_krb5_state = talloc_p(mem_ctx, struct gensec_krb5_state);
|
||||
gensec_krb5_state = talloc_p(gensec_security, struct gensec_krb5_state);
|
||||
if (!gensec_krb5_state) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
gensec_krb5_state->mem_ctx = mem_ctx;
|
||||
|
||||
gensec_security->private_data = gensec_krb5_state;
|
||||
|
||||
initialize_krb5_error_table();
|
||||
@ -429,7 +421,7 @@ static void gensec_krb5_end(struct gensec_security *gensec_security)
|
||||
krb5_free_context(gensec_krb5_state->krb5_context);
|
||||
}
|
||||
|
||||
talloc_destroy(gensec_krb5_state->mem_ctx);
|
||||
talloc_free(gensec_krb5_state);
|
||||
gensec_security->private_data = NULL;
|
||||
}
|
||||
|
||||
@ -544,7 +536,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security, TALL
|
||||
|
||||
if (pac.data) {
|
||||
/* decode and verify the pac */
|
||||
nt_status = gensec_krb5_decode_pac(gensec_krb5_state->mem_ctx, &gensec_krb5_state->logon_info, pac,
|
||||
nt_status = gensec_krb5_decode_pac(gensec_krb5_state, &gensec_krb5_state->logon_info, pac,
|
||||
gensec_krb5_state);
|
||||
} else {
|
||||
/* NULL PAC, we might need to figure this information out the hard way */
|
||||
@ -556,7 +548,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security, TALL
|
||||
/* wrap that up in a nice GSS-API wrapping */
|
||||
*out = gensec_gssapi_gen_krb5_wrap(out_mem_ctx, &unwrapped_out, TOK_ID_KRB_AP_REP);
|
||||
|
||||
gensec_krb5_state->peer_principal = talloc_steal(gensec_krb5_state->mem_ctx, principal);
|
||||
gensec_krb5_state->peer_principal = talloc_steal(gensec_krb5_state, principal);
|
||||
}
|
||||
return nt_status;
|
||||
}
|
||||
@ -591,7 +583,7 @@ static NTSTATUS gensec_krb5_session_key(struct gensec_security *gensec_security,
|
||||
}
|
||||
if (err == 0 && skey != NULL) {
|
||||
DEBUG(10, ("Got KRB5 session key of length %d\n", KRB5_KEY_LENGTH(skey)));
|
||||
gensec_krb5_state->session_key = data_blob_talloc(gensec_krb5_state->mem_ctx,
|
||||
gensec_krb5_state->session_key = data_blob_talloc(gensec_krb5_state,
|
||||
KRB5_KEY_DATA(skey), KRB5_KEY_LENGTH(skey));
|
||||
*session_key = gensec_krb5_state->session_key;
|
||||
dump_data_pw("KRB5 Session Key:\n", session_key->data, session_key->length);
|
||||
@ -609,7 +601,6 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
|
||||
{
|
||||
NTSTATUS nt_status;
|
||||
struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
|
||||
TALLOC_CTX *mem_ctx;
|
||||
struct auth_serversupplied_info *server_info = NULL;
|
||||
struct auth_session_info *session_info = NULL;
|
||||
struct PAC_LOGON_INFO *logon_info = gensec_krb5_state->logon_info;
|
||||
@ -657,7 +648,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
|
||||
|
||||
ptoken->num_sids = 0;
|
||||
|
||||
ptoken->user_sids = talloc_array_p(mem_ctx, struct dom_sid*, logon_info->groups_count + 2);
|
||||
ptoken->user_sids = talloc_array_p(ptoken, struct dom_sid*, logon_info->groups_count + 2);
|
||||
if (!ptoken->user_sids) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
@ -24,7 +24,6 @@
|
||||
#include "includes.h"
|
||||
|
||||
struct gensec_ntlmssp_state {
|
||||
TALLOC_CTX *mem_ctx;
|
||||
struct auth_context *auth_context;
|
||||
struct auth_serversupplied_info *server_info;
|
||||
struct ntlmssp_state *ntlmssp_state;
|
||||
@ -125,13 +124,13 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
|
||||
}
|
||||
if (gensec_ntlmssp_state->server_info->user_session_key.length) {
|
||||
DEBUG(10, ("Got NT session key of length %u\n", gensec_ntlmssp_state->server_info->user_session_key.length));
|
||||
*user_session_key = data_blob_talloc(ntlmssp_state->mem_ctx,
|
||||
*user_session_key = data_blob_talloc(ntlmssp_state,
|
||||
gensec_ntlmssp_state->server_info->user_session_key.data,
|
||||
gensec_ntlmssp_state->server_info->user_session_key.length);
|
||||
}
|
||||
if (gensec_ntlmssp_state->server_info->lm_session_key.length) {
|
||||
DEBUG(10, ("Got LM session key of length %u\n", gensec_ntlmssp_state->server_info->lm_session_key.length));
|
||||
*lm_session_key = data_blob_talloc(ntlmssp_state->mem_ctx,
|
||||
*lm_session_key = data_blob_talloc(ntlmssp_state,
|
||||
gensec_ntlmssp_state->server_info->lm_session_key.data,
|
||||
gensec_ntlmssp_state->server_info->lm_session_key.length);
|
||||
}
|
||||
@ -142,17 +141,11 @@ static NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security)
|
||||
{
|
||||
struct gensec_ntlmssp_state *gensec_ntlmssp_state;
|
||||
|
||||
TALLOC_CTX *mem_ctx = talloc_init("gensec_ntlmssp");
|
||||
if (!mem_ctx) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
gensec_ntlmssp_state = talloc_p(mem_ctx, struct gensec_ntlmssp_state);
|
||||
gensec_ntlmssp_state = talloc_p(gensec_security, struct gensec_ntlmssp_state);
|
||||
if (!gensec_ntlmssp_state) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
gensec_ntlmssp_state->mem_ctx = mem_ctx;
|
||||
gensec_ntlmssp_state->ntlmssp_state = NULL;
|
||||
gensec_ntlmssp_state->auth_context = NULL;
|
||||
gensec_ntlmssp_state->server_info = NULL;
|
||||
@ -175,7 +168,8 @@ static NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_secur
|
||||
|
||||
gensec_ntlmssp_state = gensec_security->private_data;
|
||||
|
||||
if (!NT_STATUS_IS_OK(nt_status = ntlmssp_server_start(&gensec_ntlmssp_state->ntlmssp_state))) {
|
||||
if (!NT_STATUS_IS_OK(nt_status = ntlmssp_server_start(gensec_security,
|
||||
&gensec_ntlmssp_state->ntlmssp_state))) {
|
||||
return nt_status;
|
||||
}
|
||||
|
||||
@ -221,7 +215,8 @@ static NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_secur
|
||||
}
|
||||
|
||||
gensec_ntlmssp_state = gensec_security->private_data;
|
||||
status = ntlmssp_client_start(&gensec_ntlmssp_state->ntlmssp_state);
|
||||
status = ntlmssp_client_start(gensec_security,
|
||||
&gensec_ntlmssp_state->ntlmssp_state);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
@ -265,7 +260,7 @@ static NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_secur
|
||||
return status;
|
||||
}
|
||||
|
||||
status = gensec_get_password(gensec_security, gensec_ntlmssp_state->mem_ctx, &password);
|
||||
status = gensec_get_password(gensec_security, gensec_ntlmssp_state, &password);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
@ -410,7 +405,7 @@ static void gensec_ntlmssp_end(struct gensec_security *gensec_security)
|
||||
if (gensec_ntlmssp_state->server_info) {
|
||||
free_server_info(&gensec_ntlmssp_state->server_info);
|
||||
}
|
||||
talloc_destroy(gensec_ntlmssp_state->mem_ctx);
|
||||
talloc_free(gensec_ntlmssp_state);
|
||||
gensec_security->private_data = NULL;
|
||||
}
|
||||
|
||||
|
@ -107,7 +107,7 @@ void debug_ntlmssp_flags(uint32_t neg_flags)
|
||||
|
||||
static const uint8_t *get_challenge(const struct ntlmssp_state *ntlmssp_state)
|
||||
{
|
||||
uint8_t *chal = talloc(ntlmssp_state->mem_ctx, 8);
|
||||
uint8_t *chal = talloc(ntlmssp_state, 8);
|
||||
generate_random_buffer(chal, 8);
|
||||
|
||||
return chal;
|
||||
@ -143,7 +143,7 @@ static NTSTATUS set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *ch
|
||||
|
||||
NTSTATUS ntlmssp_set_username(struct ntlmssp_state *ntlmssp_state, const char *user)
|
||||
{
|
||||
ntlmssp_state->user = talloc_strdup(ntlmssp_state->mem_ctx, user);
|
||||
ntlmssp_state->user = talloc_strdup(ntlmssp_state, user);
|
||||
if (!ntlmssp_state->user) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -159,7 +159,7 @@ NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *p
|
||||
if (!password) {
|
||||
ntlmssp_state->password = NULL;
|
||||
} else {
|
||||
ntlmssp_state->password = talloc_strdup(ntlmssp_state->mem_ctx, password);
|
||||
ntlmssp_state->password = talloc_strdup(ntlmssp_state, password);
|
||||
if (!ntlmssp_state->password) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -173,7 +173,7 @@ NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *p
|
||||
*/
|
||||
NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *domain)
|
||||
{
|
||||
ntlmssp_state->domain = talloc_strdup(ntlmssp_state->mem_ctx, domain);
|
||||
ntlmssp_state->domain = talloc_strdup(ntlmssp_state, domain);
|
||||
if (!ntlmssp_state->domain) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -186,7 +186,7 @@ NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *dom
|
||||
*/
|
||||
NTSTATUS ntlmssp_set_workstation(struct ntlmssp_state *ntlmssp_state, const char *workstation)
|
||||
{
|
||||
ntlmssp_state->workstation = talloc_strdup(ntlmssp_state->mem_ctx, workstation);
|
||||
ntlmssp_state->workstation = talloc_strdup(ntlmssp_state, workstation);
|
||||
if (!ntlmssp_state->domain) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -201,7 +201,7 @@ NTSTATUS ntlmssp_set_workstation(struct ntlmssp_state *ntlmssp_state, const char
|
||||
NTSTATUS ntlmssp_store_response(struct ntlmssp_state *ntlmssp_state,
|
||||
DATA_BLOB response)
|
||||
{
|
||||
ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state->mem_ctx,
|
||||
ntlmssp_state->stored_response = data_blob_talloc(ntlmssp_state,
|
||||
response.data, response.length);
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
@ -234,7 +234,7 @@ NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
|
||||
if (!out_mem_ctx) {
|
||||
/* if the caller doesn't want to manage/own the memory,
|
||||
we can put it on our context */
|
||||
out_mem_ctx = ntlmssp_state->mem_ctx;
|
||||
out_mem_ctx = ntlmssp_state;
|
||||
}
|
||||
|
||||
if (!in.length && ntlmssp_state->stored_response.length) {
|
||||
@ -257,7 +257,7 @@ NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
if (!msrpc_parse(ntlmssp_state->mem_ctx,
|
||||
if (!msrpc_parse(ntlmssp_state,
|
||||
&input, "Cd",
|
||||
"NTLMSSP",
|
||||
&ntlmssp_command)) {
|
||||
@ -311,12 +311,10 @@ NTSTATUS ntlmssp_session_key(struct ntlmssp_state *ntlmssp_state,
|
||||
|
||||
void ntlmssp_end(struct ntlmssp_state **ntlmssp_state)
|
||||
{
|
||||
TALLOC_CTX *mem_ctx = (*ntlmssp_state)->mem_ctx;
|
||||
|
||||
(*ntlmssp_state)->ref_count--;
|
||||
|
||||
if ((*ntlmssp_state)->ref_count == 0) {
|
||||
talloc_destroy(mem_ctx);
|
||||
talloc_free(*ntlmssp_state);
|
||||
}
|
||||
|
||||
*ntlmssp_state = NULL;
|
||||
@ -464,7 +462,7 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
|
||||
#endif
|
||||
|
||||
if (in.length) {
|
||||
if (!msrpc_parse(ntlmssp_state->mem_ctx,
|
||||
if (!msrpc_parse(ntlmssp_state,
|
||||
&in, "CddAA",
|
||||
"NTLMSSP",
|
||||
&ntlmssp_command,
|
||||
@ -502,8 +500,8 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
|
||||
if (target_name == NULL)
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
|
||||
ntlmssp_state->chal = data_blob_talloc(ntlmssp_state->mem_ctx, cryptkey, 8);
|
||||
ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state->mem_ctx, cryptkey, 8);
|
||||
ntlmssp_state->chal = data_blob_talloc(ntlmssp_state, cryptkey, 8);
|
||||
ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state, cryptkey, 8);
|
||||
|
||||
/* This should be a 'netbios domain -> DNS domain' mapping */
|
||||
dnsdomname[0] = '\0';
|
||||
@ -599,7 +597,7 @@ static NTSTATUS ntlmssp_server_preauth(struct ntlmssp_state *ntlmssp_state,
|
||||
ntlmssp_state->workstation = NULL;
|
||||
|
||||
/* now the NTLMSSP encoded auth hashes */
|
||||
if (!msrpc_parse(ntlmssp_state->mem_ctx,
|
||||
if (!msrpc_parse(ntlmssp_state,
|
||||
&request, parse_string,
|
||||
"NTLMSSP",
|
||||
&ntlmssp_command,
|
||||
@ -625,7 +623,7 @@ static NTSTATUS ntlmssp_server_preauth(struct ntlmssp_state *ntlmssp_state,
|
||||
}
|
||||
|
||||
/* now the NTLMSSP encoded auth hashes */
|
||||
if (!msrpc_parse(ntlmssp_state->mem_ctx,
|
||||
if (!msrpc_parse(ntlmssp_state,
|
||||
&request, parse_string,
|
||||
"NTLMSSP",
|
||||
&ntlmssp_command,
|
||||
@ -690,7 +688,7 @@ static NTSTATUS ntlmssp_server_preauth(struct ntlmssp_state *ntlmssp_state,
|
||||
MD5Update(&md5_session_nonce_ctx, ntlmssp_state->session_nonce, 16);
|
||||
MD5Final(session_nonce_hash, &md5_session_nonce_ctx);
|
||||
|
||||
ntlmssp_state->chal = data_blob_talloc(ntlmssp_state->mem_ctx,
|
||||
ntlmssp_state->chal = data_blob_talloc(ntlmssp_state,
|
||||
session_nonce_hash, 8);
|
||||
|
||||
/* LM response is no longer useful, zero it out */
|
||||
@ -736,7 +734,7 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
|
||||
/* Handle the different session key derivation for NTLM2 */
|
||||
if (ntlmssp_state->doing_ntlm2) {
|
||||
if (user_session_key && user_session_key->data && user_session_key->length == 16) {
|
||||
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
|
||||
session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
|
||||
hmac_md5(user_session_key->data, ntlmssp_state->session_nonce,
|
||||
sizeof(ntlmssp_state->session_nonce), session_key.data);
|
||||
DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n"));
|
||||
@ -752,7 +750,7 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
|
||||
|
||||
if (lm_session_key && lm_session_key->data && lm_session_key->length >= 8) {
|
||||
if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
|
||||
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
|
||||
session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
|
||||
SMBsesskeygen_lm_sess_key(lm_session_key->data, ntlmssp_state->lm_resp.data,
|
||||
session_key.data);
|
||||
DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
|
||||
@ -761,7 +759,7 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
|
||||
|
||||
/* When there is no LM response, just use zeros */
|
||||
static const uint8_t zeros[24];
|
||||
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
|
||||
session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
|
||||
SMBsesskeygen_lm_sess_key(zeros, zeros,
|
||||
session_key.data);
|
||||
DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
|
||||
@ -820,7 +818,7 @@ static NTSTATUS ntlmssp_server_postauth(struct ntlmssp_state *ntlmssp_state,
|
||||
arcfour_crypt(ntlmssp_state->encrypted_session_key.data,
|
||||
session_key.data,
|
||||
ntlmssp_state->encrypted_session_key.length);
|
||||
ntlmssp_state->session_key = data_blob_talloc(ntlmssp_state->mem_ctx,
|
||||
ntlmssp_state->session_key = data_blob_talloc(ntlmssp_state,
|
||||
ntlmssp_state->encrypted_session_key.data,
|
||||
ntlmssp_state->encrypted_session_key.length);
|
||||
dump_data_pw("KEY_EXCH session key:\n", ntlmssp_state->encrypted_session_key.data,
|
||||
@ -903,22 +901,17 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
|
||||
* @param ntlmssp_state NTLMSSP State, allocated by this function
|
||||
*/
|
||||
|
||||
NTSTATUS ntlmssp_server_start(struct ntlmssp_state **ntlmssp_state)
|
||||
NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx, struct ntlmssp_state **ntlmssp_state)
|
||||
{
|
||||
TALLOC_CTX *mem_ctx;
|
||||
|
||||
mem_ctx = talloc_init("NTLMSSP context");
|
||||
|
||||
*ntlmssp_state = talloc_zero(mem_ctx, sizeof(**ntlmssp_state));
|
||||
*ntlmssp_state = talloc_p(mem_ctx, struct ntlmssp_state);
|
||||
if (!*ntlmssp_state) {
|
||||
DEBUG(0,("ntlmssp_server_start: talloc failed!\n"));
|
||||
talloc_destroy(mem_ctx);
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
ZERO_STRUCTP(*ntlmssp_state);
|
||||
|
||||
(*ntlmssp_state)->role = NTLMSSP_SERVER;
|
||||
|
||||
(*ntlmssp_state)->mem_ctx = mem_ctx;
|
||||
(*ntlmssp_state)->get_challenge = get_challenge;
|
||||
(*ntlmssp_state)->set_challenge = set_challenge;
|
||||
(*ntlmssp_state)->may_set_challenge = may_set_challenge;
|
||||
@ -1025,7 +1018,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
DATA_BLOB encrypted_session_key = data_blob(NULL, 0);
|
||||
NTSTATUS nt_status;
|
||||
|
||||
if (!msrpc_parse(ntlmssp_state->mem_ctx,
|
||||
if (!msrpc_parse(ntlmssp_state,
|
||||
&in, "CdBd",
|
||||
"NTLMSSP",
|
||||
&ntlmssp_command,
|
||||
@ -1064,7 +1057,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
DEBUG(3, ("NTLMSSP: Set final flags:\n"));
|
||||
debug_ntlmssp_flags(ntlmssp_state->neg_flags);
|
||||
|
||||
if (!msrpc_parse(ntlmssp_state->mem_ctx,
|
||||
if (!msrpc_parse(ntlmssp_state,
|
||||
&in, chal_parse_string,
|
||||
"NTLMSSP",
|
||||
&ntlmssp_command,
|
||||
@ -1089,8 +1082,8 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
/* do nothing - blobs are zero length */
|
||||
|
||||
/* session key is all zeros */
|
||||
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, zeros, 16);
|
||||
lm_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, zeros, 16);
|
||||
session_key = data_blob_talloc(ntlmssp_state, zeros, 16);
|
||||
lm_session_key = data_blob_talloc(ntlmssp_state, zeros, 16);
|
||||
|
||||
/* not doing NLTM2 without a password */
|
||||
ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2;
|
||||
@ -1126,7 +1119,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
uint8_t user_session_key[16];
|
||||
E_md4hash(ntlmssp_state->password, nt_hash);
|
||||
|
||||
lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
|
||||
lm_response = data_blob_talloc(ntlmssp_state, NULL, 24);
|
||||
generate_random_buffer(lm_response.data, 8);
|
||||
memset(lm_response.data+8, 0, 16);
|
||||
|
||||
@ -1142,12 +1135,12 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
DEBUG(5, ("challenge is: \n"));
|
||||
dump_data(5, (const char *)session_nonce_hash, 8);
|
||||
|
||||
nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
|
||||
nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
|
||||
SMBNTencrypt(ntlmssp_state->password,
|
||||
session_nonce_hash,
|
||||
nt_response.data);
|
||||
|
||||
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
|
||||
session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
|
||||
|
||||
SMBsesskeygen_ntv1(nt_hash, user_session_key);
|
||||
hmac_md5(user_session_key, session_nonce, sizeof(session_nonce), session_key.data);
|
||||
@ -1159,18 +1152,18 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
uint8_t nt_hash[16];
|
||||
|
||||
if (ntlmssp_state->use_nt_response) {
|
||||
nt_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
|
||||
nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
|
||||
SMBNTencrypt(ntlmssp_state->password,challenge_blob.data,
|
||||
nt_response.data);
|
||||
E_md4hash(ntlmssp_state->password, nt_hash);
|
||||
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
|
||||
session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
|
||||
SMBsesskeygen_ntv1(nt_hash, session_key.data);
|
||||
dump_data_pw("NT session key:\n", session_key.data, session_key.length);
|
||||
}
|
||||
|
||||
/* lanman auth is insecure, it may be disabled */
|
||||
if (lp_client_lanman_auth()) {
|
||||
lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
|
||||
lm_response = data_blob_talloc(ntlmssp_state, NULL, 24);
|
||||
if (!SMBencrypt(ntlmssp_state->password,challenge_blob.data,
|
||||
lm_response.data)) {
|
||||
/* If the LM password was too long (and therefore the LM hash being
|
||||
@ -1181,7 +1174,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
|
||||
} else {
|
||||
E_deshash(ntlmssp_state->password, lm_hash);
|
||||
lm_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
|
||||
lm_session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
|
||||
memcpy(lm_session_key.data, lm_hash, 8);
|
||||
memset(&lm_session_key.data[8], '\0', 8);
|
||||
|
||||
@ -1197,7 +1190,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
|
||||
if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY)
|
||||
&& lp_client_lanman_auth() && lm_session_key.length == 16) {
|
||||
DATA_BLOB new_session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
|
||||
DATA_BLOB new_session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
|
||||
if (lm_response.length == 24) {
|
||||
SMBsesskeygen_lm_sess_key(lm_session_key.data, lm_response.data,
|
||||
new_session_key.data);
|
||||
@ -1220,14 +1213,14 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
generate_random_buffer(client_session_key, sizeof(client_session_key));
|
||||
|
||||
/* Encrypt the new session key with the old one */
|
||||
encrypted_session_key = data_blob_talloc(ntlmssp_state->mem_ctx,
|
||||
encrypted_session_key = data_blob_talloc(ntlmssp_state,
|
||||
client_session_key, sizeof(client_session_key));
|
||||
dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data, encrypted_session_key.length);
|
||||
arcfour_crypt(encrypted_session_key.data, session_key.data, encrypted_session_key.length);
|
||||
dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length);
|
||||
|
||||
/* Mark the new session key as the 'real' session key */
|
||||
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, client_session_key, sizeof(client_session_key));
|
||||
session_key = data_blob_talloc(ntlmssp_state, client_session_key, sizeof(client_session_key));
|
||||
}
|
||||
|
||||
/* this generates the actual auth packet */
|
||||
@ -1266,23 +1259,17 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
|
||||
return NT_STATUS_MORE_PROCESSING_REQUIRED;
|
||||
}
|
||||
|
||||
NTSTATUS ntlmssp_client_start(struct ntlmssp_state **ntlmssp_state)
|
||||
NTSTATUS ntlmssp_client_start(TALLOC_CTX *mem_ctx, struct ntlmssp_state **ntlmssp_state)
|
||||
{
|
||||
TALLOC_CTX *mem_ctx;
|
||||
|
||||
mem_ctx = talloc_init("NTLMSSP Client context");
|
||||
|
||||
*ntlmssp_state = talloc_zero(mem_ctx, sizeof(**ntlmssp_state));
|
||||
*ntlmssp_state = talloc_p(mem_ctx, struct ntlmssp_state);
|
||||
if (!*ntlmssp_state) {
|
||||
DEBUG(0,("ntlmssp_client_start: talloc failed!\n"));
|
||||
talloc_destroy(mem_ctx);
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
ZERO_STRUCTP(*ntlmssp_state);
|
||||
|
||||
(*ntlmssp_state)->role = NTLMSSP_CLIENT;
|
||||
|
||||
(*ntlmssp_state)->mem_ctx = mem_ctx;
|
||||
|
||||
(*ntlmssp_state)->get_global_myname = lp_netbios_name;
|
||||
(*ntlmssp_state)->get_domain = lp_workgroup;
|
||||
|
||||
|
@ -75,7 +75,6 @@ enum ntlmssp_message_type
|
||||
|
||||
struct ntlmssp_state
|
||||
{
|
||||
TALLOC_CTX *mem_ctx;
|
||||
uint_t ref_count;
|
||||
enum ntlmssp_role role;
|
||||
enum samr_Role server_role;
|
||||
|
@ -387,14 +387,14 @@ NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state)
|
||||
weak_session_key.length);
|
||||
|
||||
/* SEND */
|
||||
calc_ntlmv2_key(ntlmssp_state->mem_ctx,
|
||||
calc_ntlmv2_key(ntlmssp_state,
|
||||
&ntlmssp_state->send_sign_key,
|
||||
ntlmssp_state->session_key, send_sign_const);
|
||||
dump_data_pw("NTLMSSP send sign key:\n",
|
||||
ntlmssp_state->send_sign_key.data,
|
||||
ntlmssp_state->send_sign_key.length);
|
||||
|
||||
calc_ntlmv2_key(ntlmssp_state->mem_ctx,
|
||||
calc_ntlmv2_key(ntlmssp_state,
|
||||
&ntlmssp_state->send_seal_key,
|
||||
weak_session_key, send_seal_const);
|
||||
dump_data_pw("NTLMSSP send seal key:\n",
|
||||
@ -409,14 +409,14 @@ NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state)
|
||||
sizeof(ntlmssp_state->send_seal_hash));
|
||||
|
||||
/* RECV */
|
||||
calc_ntlmv2_key(ntlmssp_state->mem_ctx,
|
||||
calc_ntlmv2_key(ntlmssp_state,
|
||||
&ntlmssp_state->recv_sign_key,
|
||||
ntlmssp_state->session_key, recv_sign_const);
|
||||
dump_data_pw("NTLMSSP recv sign key:\n",
|
||||
ntlmssp_state->recv_sign_key.data,
|
||||
ntlmssp_state->recv_sign_key.length);
|
||||
|
||||
calc_ntlmv2_key(ntlmssp_state->mem_ctx,
|
||||
calc_ntlmv2_key(ntlmssp_state,
|
||||
&ntlmssp_state->recv_seal_key,
|
||||
weak_session_key, recv_seal_const);
|
||||
dump_data_pw("NTLMSSP recv seal key:\n",
|
||||
|
@ -37,7 +37,6 @@ enum spnego_state_position {
|
||||
};
|
||||
|
||||
struct spnego_state {
|
||||
TALLOC_CTX *mem_ctx;
|
||||
uint_t ref_count;
|
||||
enum spnego_message_type expected_packet;
|
||||
enum spnego_state_position state_position;
|
||||
@ -47,19 +46,14 @@ struct spnego_state {
|
||||
static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security)
|
||||
{
|
||||
struct spnego_state *spnego_state;
|
||||
TALLOC_CTX *mem_ctx = talloc_init("gensec_spnego_client_start");
|
||||
if (!mem_ctx) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
spnego_state = talloc_p(mem_ctx, struct spnego_state);
|
||||
|
||||
spnego_state = talloc_p(gensec_security, struct spnego_state);
|
||||
if (!spnego_state) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
|
||||
spnego_state->state_position = SPNEGO_CLIENT_START;
|
||||
spnego_state->mem_ctx = mem_ctx;
|
||||
spnego_state->sub_sec_security = NULL;
|
||||
|
||||
gensec_security->private_data = spnego_state;
|
||||
@ -69,19 +63,14 @@ static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_securi
|
||||
static NTSTATUS gensec_spnego_server_start(struct gensec_security *gensec_security)
|
||||
{
|
||||
struct spnego_state *spnego_state;
|
||||
TALLOC_CTX *mem_ctx = talloc_init("gensec_spnego_server_start");
|
||||
if (!mem_ctx) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
spnego_state = talloc_p(mem_ctx, struct spnego_state);
|
||||
|
||||
spnego_state = talloc_p(gensec_security, struct spnego_state);
|
||||
if (!spnego_state) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT;
|
||||
spnego_state->state_position = SPNEGO_SERVER_START;
|
||||
spnego_state->mem_ctx = mem_ctx;
|
||||
spnego_state->sub_sec_security = NULL;
|
||||
|
||||
gensec_security->private_data = spnego_state;
|
||||
@ -426,7 +415,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
|
||||
*out = data_blob(NULL, 0);
|
||||
|
||||
if (!out_mem_ctx) {
|
||||
out_mem_ctx = spnego_state->mem_ctx;
|
||||
out_mem_ctx = spnego_state;
|
||||
}
|
||||
|
||||
/* and switch into the state machine */
|
||||
@ -701,7 +690,7 @@ static void gensec_spnego_end(struct gensec_security *gensec_security)
|
||||
gensec_end(&spnego_state->sub_sec_security);
|
||||
}
|
||||
|
||||
talloc_destroy(spnego_state->mem_ctx);
|
||||
talloc_free(spnego_state);
|
||||
|
||||
gensec_security->private_data = NULL;
|
||||
}
|
||||
|
@ -27,7 +27,7 @@ BOOL torture_ntlmssp_self_check(int dummy)
|
||||
DATA_BLOB sig, expected_sig;
|
||||
NTSTATUS status;
|
||||
|
||||
if (!NT_STATUS_IS_OK(ntlmssp_client_start(&ntlmssp_state))) {
|
||||
if (!NT_STATUS_IS_OK(ntlmssp_client_start(NULL, &ntlmssp_state))) {
|
||||
return False;
|
||||
}
|
||||
|
||||
@ -45,7 +45,7 @@ BOOL torture_ntlmssp_self_check(int dummy)
|
||||
}
|
||||
|
||||
data = strhex_to_data_blob("6a43494653");
|
||||
ntlmssp_sign_packet(ntlmssp_state, ntlmssp_state->mem_ctx,
|
||||
ntlmssp_sign_packet(ntlmssp_state, ntlmssp_state,
|
||||
data.data, data.length, data.data, data.length, &sig);
|
||||
|
||||
expected_sig = strhex_to_data_blob("01000000e37f97f2544f4d7e00000000");
|
||||
@ -64,7 +64,7 @@ BOOL torture_ntlmssp_self_check(int dummy)
|
||||
|
||||
ntlmssp_end(&ntlmssp_state);
|
||||
|
||||
if (!NT_STATUS_IS_OK(ntlmssp_client_start(&ntlmssp_state))) {
|
||||
if (!NT_STATUS_IS_OK(ntlmssp_client_start(NULL, &ntlmssp_state))) {
|
||||
return False;
|
||||
}
|
||||
|
||||
@ -82,7 +82,7 @@ BOOL torture_ntlmssp_self_check(int dummy)
|
||||
}
|
||||
|
||||
data = strhex_to_data_blob("6a43494653");
|
||||
ntlmssp_sign_packet(ntlmssp_state, ntlmssp_state->mem_ctx,
|
||||
ntlmssp_sign_packet(ntlmssp_state, ntlmssp_state,
|
||||
data.data, data.length, data.data, data.length, &sig);
|
||||
|
||||
expected_sig = strhex_to_data_blob("0100000078010900397420fe0e5a0f89");
|
||||
|
Loading…
x
Reference in New Issue
Block a user