sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-24 02:04:21 +03:00
Code

s3-auth: Move auth_ntlmssp wrappers in their own file

Browse Source 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Simo Sorce 2010-07-19 13:36:33 -04:00 committed by Andrew Bartlett
parent a04bbd281c
commit e958b39042
9 changed files with 194 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
source3/Makefile.in
View File

@ -495,6 +495,7 @@ LIBSMB_ERR_OBJ = $(LIBSMB_ERR_OBJ0) $(LIBSMB_ERR_OBJ1) \
LIBSMB_OBJ0 = \
../libcli/auth/ntlm_check.o \
libsmb/ntlmssp.o \
libsmb/ntlmssp_wrap.o \
../libcli/auth/ntlmssp.o \
../libcli/auth/ntlmssp_sign.o \
$(LIBNDR_NTLMSSP_OBJ) \

78
source3/auth/auth_ntlmssp.c
View File

@ -22,56 +22,7 @@
#include "includes.h"
#include "../libcli/auth/ntlmssp.h"
struct auth_ntlmssp_state {
struct auth_context *auth_context;
struct auth_serversupplied_info *server_info;
struct ntlmssp_state *ntlmssp_state;
};
NTSTATUS auth_ntlmssp_sign_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
TALLOC_CTX *sig_mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
{
return ntlmssp_sign_packet(auth_ntlmssp_state->ntlmssp_state, sig_mem_ctx, data, length, whole_pdu, pdu_length, sig);
}
NTSTATUS auth_ntlmssp_check_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
return ntlmssp_check_packet(auth_ntlmssp_state->ntlmssp_state, data, length, whole_pdu, pdu_length, sig);
}
NTSTATUS auth_ntlmssp_seal_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
TALLOC_CTX *sig_mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
{
return ntlmssp_seal_packet(auth_ntlmssp_state->ntlmssp_state, sig_mem_ctx, data, length, whole_pdu, pdu_length, sig);
}
NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
return ntlmssp_unseal_packet(auth_ntlmssp_state->ntlmssp_state, data, length, whole_pdu, pdu_length, sig);
}
bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *auth_ntlmssp_state)
{
return auth_ntlmssp_state->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN;
}
bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *auth_ntlmssp_state)
{
return auth_ntlmssp_state->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL;
}
#include "ntlmssp_wrap.h"
void auth_ntlmssp_want_sign(struct auth_ntlmssp_state *auth_ntlmssp_state)
{
@ -105,27 +56,6 @@ NTSTATUS auth_ntlmssp_steal_server_info(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state)
{
return auth_ntlmssp_state->ntlmssp_state;
}
/* Needed for 'map to guest' and 'smb username' processing */
const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *auth_ntlmssp_state)
{
return auth_ntlmssp_state->ntlmssp_state->user;
}
const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_state)
{
return auth_ntlmssp_state->ntlmssp_state->domain;
}
const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *auth_ntlmssp_state)
{
return auth_ntlmssp_state->ntlmssp_state->client.netbios_name;
}
/**
* Return the challenge as determined by the authentication subsystem
* @return an 8 byte random challenge
@ -329,9 +259,3 @@ static int auth_ntlmssp_state_destructor(void *ptr)
TALLOC_FREE(ans->ntlmssp_state);
return 0;
}
NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *auth_ntlmssp_state,
const DATA_BLOB request, DATA_BLOB *reply)
{
return ntlmssp_update(auth_ntlmssp_state->ntlmssp_state, request, reply);
}

69
source3/include/ntlmssp_wrap.h Normal file
View File

@ -0,0 +1,69 @@
/*
NLTMSSP wrappers
Copyright (C) Andrew Tridgell 2001
Copyright (C) Andrew Bartlett 2001-2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _NTLMSSP_WRAP_
#define _NTLMSSP_WRAP_
struct auth_ntlmssp_state {
/* used only by server implementation */
struct auth_context *auth_context;
struct auth_serversupplied_info *server_info;
/* used by both client and server implementation */
struct ntlmssp_state *ntlmssp_state;
};
NTSTATUS auth_ntlmssp_sign_packet(struct auth_ntlmssp_state *ans,
TALLOC_CTX *sig_mem_ctx,
const uint8_t *data,
size_t length,
const uint8_t *whole_pdu,
size_t pdu_length,
DATA_BLOB *sig);
NTSTATUS auth_ntlmssp_check_packet(struct auth_ntlmssp_state *ans,
const uint8_t *data,
size_t length,
const uint8_t *whole_pdu,
size_t pdu_length,
const DATA_BLOB *sig);
NTSTATUS auth_ntlmssp_seal_packet(struct auth_ntlmssp_state *ans,
TALLOC_CTX *sig_mem_ctx,
uint8_t *data,
size_t length,
const uint8_t *whole_pdu,
size_t pdu_length,
DATA_BLOB *sig);
NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *ans,
uint8_t *data,
size_t length,
const uint8_t *whole_pdu,
size_t pdu_length,
const DATA_BLOB *sig);
bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *ans);
bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *ans);
struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(
struct auth_ntlmssp_state *ans);
const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *ans);
const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *ans);
const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *ans);
NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *ans,
const DATA_BLOB request, DATA_BLOB *reply);
#endif /* _NTLMSSP_WRAP_ */

27
source3/include/proto.h
View File

@ -57,35 +57,10 @@ NTSTATUS auth_netlogond_init(void);
NTSTATUS auth_ntlmssp_steal_server_info(TALLOC_CTX *mem_ctx,
struct auth_ntlmssp_state *auth_ntlmssp_state,
struct auth_serversupplied_info **server_info);
struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state);
const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *auth_ntlmssp_state);
const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_state);
const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *auth_ntlmssp_state);
bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *auth_ntlmssp_state);
bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *auth_ntlmssp_state);
void auth_ntlmssp_want_sign(struct auth_ntlmssp_state *auth_ntlmssp_state);
void auth_ntlmssp_want_seal(struct auth_ntlmssp_state *auth_ntlmssp_state);
NTSTATUS auth_ntlmssp_start(struct auth_ntlmssp_state **auth_ntlmssp_state);
NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *auth_ntlmssp_state,
const DATA_BLOB request, DATA_BLOB *reply) ;
NTSTATUS auth_ntlmssp_sign_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
TALLOC_CTX *sig_mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig);
NTSTATUS auth_ntlmssp_check_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig) ;
NTSTATUS auth_ntlmssp_seal_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
TALLOC_CTX *sig_mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig);
NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *auth_ntlmssp_state,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig);
/* The following definitions come from auth/auth_sam.c */

118
source3/libsmb/ntlmssp_wrap.c Normal file
View File

@ -0,0 +1,118 @@
/*
NLTMSSP wrappers
Copyright (C) Andrew Tridgell 2001
Copyright (C) Andrew Bartlett 2001-2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "libcli/auth/ntlmssp.h"
#include "ntlmssp_wrap.h"
NTSTATUS auth_ntlmssp_sign_packet(struct auth_ntlmssp_state *ans,
TALLOC_CTX *sig_mem_ctx,
const uint8_t *data,
size_t length,
const uint8_t *whole_pdu,
size_t pdu_length,
DATA_BLOB *sig)
{
return ntlmssp_sign_packet(ans->ntlmssp_state,
sig_mem_ctx,
data, length,
whole_pdu, pdu_length,
sig);
}
NTSTATUS auth_ntlmssp_check_packet(struct auth_ntlmssp_state *ans,
const uint8_t *data,
size_t length,
const uint8_t *whole_pdu,
size_t pdu_length,
const DATA_BLOB *sig)
{
return ntlmssp_check_packet(ans->ntlmssp_state,
data, length,
whole_pdu, pdu_length,
sig);
}
NTSTATUS auth_ntlmssp_seal_packet(struct auth_ntlmssp_state *ans,
TALLOC_CTX *sig_mem_ctx,
uint8_t *data,
size_t length,
const uint8_t *whole_pdu,
size_t pdu_length,
DATA_BLOB *sig)
{
return ntlmssp_seal_packet(ans->ntlmssp_state,
sig_mem_ctx,
data, length,
whole_pdu, pdu_length,
sig);
}
NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *ans,
uint8_t *data,
size_t length,
const uint8_t *whole_pdu,
size_t pdu_length,
const DATA_BLOB *sig)
{
return ntlmssp_unseal_packet(ans->ntlmssp_state,
data, length,
whole_pdu, pdu_length,
sig);
}
bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *ans)
{
return ans->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN;
}
bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *ans)
{
return ans->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL;
}
struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(
struct auth_ntlmssp_state *ans)
{
return ans->ntlmssp_state;
}
/* Needed for 'map to guest' and 'smb username' processing */
const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *ans)
{
return ans->ntlmssp_state->user;
}
const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *ans)
{
return ans->ntlmssp_state->domain;
}
const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *ans)
{
return ans->ntlmssp_state->client.netbios_name;
}
NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *ans,
const DATA_BLOB request, DATA_BLOB *reply)
{
return ntlmssp_update(ans->ntlmssp_state, request, reply);
}

1
source3/rpc_server/srv_pipe.c
View File

@ -33,6 +33,7 @@
#include "../libcli/auth/schannel.h"
#include "../libcli/auth/spnego.h"
#include "../libcli/auth/ntlmssp.h"
#include "ntlmssp_wrap.h"
#include "rpc_server.h"
#undef DBGC_CLASS

1
source3/smbd/seal.c
View File

@ -21,6 +21,7 @@
#include "smbd/globals.h"
#include "../libcli/auth/spnego.h"
#include "../libcli/auth/ntlmssp.h"
#include "ntlmssp_wrap.h"
/******************************************************************************
Server side encryption.

1
source3/smbd/sesssetup.c
View File

@ -26,6 +26,7 @@
#include "smbd/globals.h"
#include "../libcli/auth/spnego.h"
#include "../libcli/auth/ntlmssp.h"
#include "ntlmssp_wrap.h"
#include "librpc/gen_ndr/messaging.h"
/* For split krb5 SPNEGO blobs. */

1
source3/smbd/smb2_sesssetup.c
View File

@ -24,6 +24,7 @@
#include "../libcli/smb/smb_common.h"
#include "../libcli/auth/spnego.h"
#include "../libcli/auth/ntlmssp.h"
#include "ntlmssp_wrap.h"
static NTSTATUS smbd_smb2_session_setup(struct smbd_smb2_request *smb2req,
uint64_t in_session_id,