sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
Code

Some more shuffling around gss-spnego server

Browse Source
This commit is contained in:
Volker Lendecke 0001-01-01 00:00:00 +00:00
parent 555d1ba01c
commit f2c85595da
1 changed files with 41 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
source/utils/ntlm_auth.c
View File

@ -410,6 +410,9 @@ static void manage_gss_spnego_request(enum squid_mode squid_mode,
NTSTATUS status; NTSTATUS status;
ssize_t len; ssize_t len;
char *user = NULL;
char *domain = NULL;
const char *reply_code; const char *reply_code;
char *reply_base64; char *reply_base64;
pstring reply_argument; pstring reply_argument;
@ -470,12 +473,7 @@ static void manage_gss_spnego_request(enum squid_mode squid_mode,
return; return;
} }
if ( strcmp(request.negTokenInit.mechTypes[0], OID_NTLMSSP) != 0 ) { if (strcmp(request.negTokenInit.mechTypes[0], OID_NTLMSSP) == 0) {
DEBUG(1, ("Client did not choose NTLMSSP but %s\n",
request.negTokenInit.mechTypes[0]));
x_fprintf(x_stdout, "BH\n");
return;
}
if ( request.negTokenInit.mechToken.data == NULL ) { if ( request.negTokenInit.mechToken.data == NULL ) {
DEBUG(1, ("Client did not provide NTLMSSP data\n")); DEBUG(1, ("Client did not provide NTLMSSP data\n"));
@ -503,6 +501,7 @@ static void manage_gss_spnego_request(enum squid_mode squid_mode,
status = ntlmssp_server_update(ntlmssp_state, status = ntlmssp_server_update(ntlmssp_state,
request.negTokenInit.mechToken, request.negTokenInit.mechToken,
&response.negTokenTarg.responseToken); &response.negTokenTarg.responseToken);
}
} else { } else {
@ -517,6 +516,12 @@ static void manage_gss_spnego_request(enum squid_mode squid_mode,
status = ntlmssp_server_update(ntlmssp_state, status = ntlmssp_server_update(ntlmssp_state,
request.negTokenTarg.responseToken, request.negTokenTarg.responseToken,
&response.negTokenTarg.responseToken); &response.negTokenTarg.responseToken);
if (NT_STATUS_IS_OK(status)) {
user = strdup(ntlmssp_state->user);
domain = strdup(ntlmssp_state->domain);
ntlmssp_server_end(&ntlmssp_state);
}
} }
free_spnego_data(&request); free_spnego_data(&request);
@ -528,8 +533,7 @@ static void manage_gss_spnego_request(enum squid_mode squid_mode,
if (NT_STATUS_IS_OK(status)) { if (NT_STATUS_IS_OK(status)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED; response.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED;
reply_code = "AF"; reply_code = "AF";
pstr_sprintf(reply_argument, "%s\\%s", pstr_sprintf(reply_argument, "%s\\%s", domain, user);
ntlmssp_state->domain, ntlmssp_state->user);
} else if (NT_STATUS_EQUAL(status, } else if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED)) { NT_STATUS_MORE_PROCESSING_REQUIRED)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE; response.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE;
@ -541,6 +545,9 @@ static void manage_gss_spnego_request(enum squid_mode squid_mode,
pstrcpy(reply_argument, nt_errstr(status)); pstrcpy(reply_argument, nt_errstr(status));
} }
SAFE_FREE(user);
SAFE_FREE(domain);
len = write_spnego_data(&token, &response); len = write_spnego_data(&token, &response);
free_spnego_data(&response); free_spnego_data(&response);
@ -558,10 +565,6 @@ static void manage_gss_spnego_request(enum squid_mode squid_mode,
SAFE_FREE(reply_base64); SAFE_FREE(reply_base64);
data_blob_free(&token); data_blob_free(&token);
if (NT_STATUS_IS_OK(status)) {
ntlmssp_server_end(&ntlmssp_state);
}
return; return;
} }