1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

Allow an NTLM response to be specified into the auth subsystem.

This allows it to be proxied for NTLM pass-though authentication (aka
security=server and associated man-in-the-middle attacks).

Andrew Bartlett
(This used to be commit 6ffabb38d0)
This commit is contained in:
Andrew Bartlett 2008-05-05 12:58:15 +10:00
parent f8fb5d8c4d
commit fe7d460671
3 changed files with 63 additions and 18 deletions

View File

@ -306,6 +306,8 @@ _PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred,
cli_credentials_invalidate_ccache(cred, cred->password_obtained);
cred->nt_hash = NULL;
cred->lm_response = data_blob(NULL, 0);
cred->nt_response = data_blob(NULL, 0);
return true;
}
@ -376,24 +378,6 @@ _PUBLIC_ const struct samr_Password *cli_credentials_get_nt_hash(struct cli_cred
}
}
_PUBLIC_ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
const struct samr_Password *nt_hash,
enum credentials_obtained obtained)
{
if (obtained >= cred->password_obtained) {
cli_credentials_set_password(cred, NULL, obtained);
if (nt_hash) {
cred->nt_hash = talloc(cred, struct samr_Password);
*cred->nt_hash = *nt_hash;
} else {
cred->nt_hash = NULL;
}
return true;
}
return false;
}
/**
* Obtain the 'short' or 'NetBIOS' domain for this credentials context.
* @param cred credentials context

View File

@ -80,8 +80,13 @@ struct cli_credentials {
const char *bind_dn;
/* Allows authentication from a keytab or similar */
struct samr_Password *nt_hash;
/* Allows NTLM pass-though authentication */
DATA_BLOB lm_response;
DATA_BLOB nt_response;
struct ccache_container *ccache;
struct gssapi_creds_container *client_gss_creds;
struct keytab_container *keytab;
@ -221,6 +226,10 @@ void cli_credentials_set_kvno(struct cli_credentials *cred,
bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
const struct samr_Password *nt_hash,
enum credentials_obtained obtained);
bool cli_credentials_set_ntlm_response(struct cli_credentials *cred,
const DATA_BLOB *lm_response,
const DATA_BLOB *nt_response,
enum credentials_obtained obtained);
int cli_credentials_set_keytab_name(struct cli_credentials *cred,
struct event_context *event_ctx,
struct loadparm_context *lp_ctx,

View File

@ -52,6 +52,20 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
const struct samr_Password *nt_hash;
lm_session_key = data_blob(NULL, 0);
/* We may already have an NTLM response we prepared earlier.
* This is used for NTLM pass-though authentication */
if (cred->nt_response.data || cred->lm_response.data) {
*_nt_response = cred->nt_response;
*_lm_response = cred->lm_response;
if (!cred->lm_response.data) {
*flags = *flags & ~CLI_CRED_LANMAN_AUTH;
}
*_lm_session_key = data_blob(NULL, 0);
*_session_key = data_blob(NULL, 0);
return NT_STATUS_OK;
}
nt_hash = cli_credentials_get_nt_hash(cred, mem_ctx);
cli_credentials_get_ntlm_username_domain(cred, mem_ctx, &user, &domain);
@ -215,3 +229,41 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
return NT_STATUS_OK;
}
_PUBLIC_ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
const struct samr_Password *nt_hash,
enum credentials_obtained obtained)
{
if (obtained >= cred->password_obtained) {
cli_credentials_set_password(cred, NULL, obtained);
if (nt_hash) {
cred->nt_hash = talloc(cred, struct samr_Password);
*cred->nt_hash = *nt_hash;
} else {
cred->nt_hash = NULL;
}
return true;
}
return false;
}
_PUBLIC_ bool cli_credentials_set_ntlm_response(struct cli_credentials *cred,
const DATA_BLOB *lm_response,
const DATA_BLOB *nt_response,
enum credentials_obtained obtained)
{
if (obtained >= cred->password_obtained) {
cli_credentials_set_password(cred, NULL, obtained);
if (nt_response) {
cred->nt_response = data_blob_talloc(cred, nt_response->data, nt_response->length);
talloc_steal(cred, cred->nt_response.data);
}
if (nt_response) {
cred->lm_response = data_blob_talloc(cred, lm_response->data, lm_response->length);
}
return true;
}
return false;
}