Changeset 745 for trunk/server/source3/auth/auth_compat.c

Timestamp:

Nov 27, 2012, 4:43:17 PM (13 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: updated trunk to 3.6.0

Location:

trunk/server

Files:

• . (modified) (1 prop)
• source3/auth/auth_compat.c (modified) (6 diffs)

trunk/server/source3/auth/auth_compat.c

@@ -19 +19 @@
 
 #include "includes.h"
+#include "auth.h"
 
 extern struct auth_context *negprot_global_auth_context;
@@ -31 +32 @@
 
 /****************************************************************************
-check if a username/password is OK assuming the password is a 24 byte
-SMB hash
+check if a username/password is OK assuming the password is in plaintext
 return True if the password is correct, False otherwise
 ****************************************************************************/
 
-NTSTATUS check_plaintext_password(const char *smb_name, DATA_BLOB plaintext_password, auth_serversupplied_info **server_info)
+NTSTATUS check_plaintext_password(const char *smb_name,
+                                  DATA_BLOB plaintext_blob,
+                                  struct auth_serversupplied_info **server_info)
 {
         struct auth_context *plaintext_auth_context = NULL;
-        auth_usersupplied_info *user_info = NULL;
+        struct auth_usersupplied_info *user_info = NULL;
         uint8_t chal[8];
         NTSTATUS nt_status;
-        if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&plaintext_auth_context))) {
+
+        nt_status = make_auth_context_subsystem(talloc_tos(),
+                                                &plaintext_auth_context);
+        if (!NT_STATUS_IS_OK(nt_status)) {
                 return nt_status;
         }
@@ -51 +56 @@
         if (!make_user_info_for_reply(&user_info, 
                                       smb_name, lp_workgroup(), chal,
-                                      plaintext_password)) {
+                                      plaintext_blob)) {
                 return NT_STATUS_NO_MEMORY;
         }
@@ -58 +63 @@
                                                                 user_info, server_info); 
 
-        (plaintext_auth_context->free)(&plaintext_auth_context);
+        TALLOC_FREE(plaintext_auth_context);
         free_user_info(&user_info);
         return nt_status;
@@ -67 +72 @@
                                const char *domain, 
                                DATA_BLOB lm_pwd,
-                               DATA_BLOB nt_pwd,
-                               DATA_BLOB plaintext_password,
-                               bool encrypted)
+                               DATA_BLOB nt_pwd)
 
 {
         NTSTATUS nt_status;
-        auth_serversupplied_info *server_info = NULL;
-        if (encrypted) {
-                auth_usersupplied_info *user_info = NULL;
-                if (actx == NULL) {
-                        return NT_STATUS_INTERNAL_ERROR;
-                }
-                make_user_info_for_reply_enc(&user_info, smb_name, 
-                                             domain,
-                                             lm_pwd, 
-                                             nt_pwd);
-                nt_status = actx->check_ntlm_password(actx, user_info, &server_info);
-                free_user_info(&user_info);
-        } else {
-                nt_status = check_plaintext_password(smb_name, plaintext_password, &server_info);
-        }               
+        struct auth_serversupplied_info *server_info = NULL;
+        struct auth_usersupplied_info *user_info = NULL;
+        if (actx == NULL) {
+                return NT_STATUS_INTERNAL_ERROR;
+        }
+        make_user_info_for_reply_enc(&user_info, smb_name,
+                                     domain,
+                                     lm_pwd,
+                                     nt_pwd);
+        nt_status = actx->check_ntlm_password(actx, user_info, &server_info);
+        free_user_info(&user_info);
         TALLOC_FREE(server_info);
         return nt_status;
@@ -112 +111 @@
                  */
                 if (session_workgroup) {
-                        if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, session_workgroup, null_password, password_blob, null_password, encrypted))) {
+                        if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, session_workgroup, null_password, password_blob))) {
                                 return True;
                         }
-                        if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, session_workgroup, password_blob, null_password, null_password, encrypted))) {
+                        if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, session_workgroup, password_blob, null_password))) {
                                 return True;
                         }
                 }
 
-                if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), null_password, password_blob, null_password, encrypted))) {
+                if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), null_password, password_blob))) {
                         return True;
                 }
 
-                if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), password_blob, null_password, null_password, encrypted))) {
+                if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), password_blob, null_password))) {
                         return True;
                 }
         } else {
-                if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), null_password, null_password, password_blob, encrypted))) {
+                struct auth_serversupplied_info *server_info = NULL;
+                NTSTATUS nt_status = check_plaintext_password(smb_name, password_blob, &server_info);
+                TALLOC_FREE(server_info);
+                if (NT_STATUS_IS_OK(nt_status)) {
                         return True;
                 }