Changeset 745 for trunk/server/source4/utils/ntlm_auth.c
- Timestamp:
- Nov 27, 2012, 4:43:17 PM (13 years ago)
- Location:
- trunk/server
- Files:
-
- 2 edited
-
. (modified) (1 prop)
-
source4/utils/ntlm_auth.c (modified) (20 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/server
- Property svn:mergeinfo changed
/vendor/current merged: 581,587,591,594,597,600,615,618,740
- Property svn:mergeinfo changed
-
trunk/server/source4/utils/ntlm_auth.c
r414 r745 25 25 #include "system/filesys.h" 26 26 #include "lib/cmdline/popt_common.h" 27 #include "lib/ldb/include/ldb.h"27 #include <ldb.h> 28 28 #include "auth/credentials/credentials.h" 29 29 #include "auth/gensec/gensec.h" … … 212 212 213 213 nt_status = ntlm_password_check(mem_ctx, 214 lp _lanman_auth(lp_ctx),215 lp _ntlm_auth(lp_ctx),214 lpcfg_lanman_auth(lp_ctx), 215 lpcfg_ntlm_auth(lp_ctx), 216 216 MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT | 217 217 MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT, … … 226 226 if (NT_STATUS_IS_OK(nt_status)) { 227 227 if (unix_name) { 228 asprintf(unix_name, 229 "%s%c%s", domain, 230 *lp_winbind_separator(lp_ctx), 231 username); 228 if (asprintf(unix_name, "%s%c%s", domain, 229 *lpcfg_winbind_separator(lp_ctx), 230 username) < 0) { 231 nt_status = NT_STATUS_NO_MEMORY; 232 } 232 233 } 233 234 } else { … … 477 478 478 479 nt_status = gensec_client_start(NULL, &state->gensec_state, ev, 479 lp _gensec_settings(NULL, lp_ctx));480 lpcfg_gensec_settings(NULL, lp_ctx)); 480 481 if (!NT_STATUS_IS_OK(nt_status)) { 481 482 talloc_free(mem_ctx); … … 490 491 struct auth_context *auth_context; 491 492 492 msg = messaging_client_init(state, lp_messaging_path(state, lp_ctx), 493 lp_iconv_convenience(lp_ctx), ev); 493 msg = messaging_client_init(state, lpcfg_messaging_path(state, lp_ctx), ev); 494 494 if (!msg) { 495 495 talloc_free(mem_ctx); … … 501 501 msg, 502 502 lp_ctx, 503 NULL, 503 504 &auth_context); 504 505 … … 509 510 510 511 if (!NT_STATUS_IS_OK(gensec_server_start(state, ev, 511 lp _gensec_settings(state, lp_ctx),512 lpcfg_gensec_settings(state, lp_ctx), 512 513 auth_context, &state->gensec_state))) { 513 514 talloc_free(mem_ctx); … … 617 618 struct security_token *token = session_info->security_token; 618 619 const char *sidstr = dom_sid_string(session_info, 619 token->sids[i]);620 &token->sids[i]); 620 621 grouplist = talloc_asprintf_append_buffer(grouplist, "%s,", sidstr); 621 622 } … … 647 648 648 649 if (strncmp(buf, "GF", 2) == 0) { 649 struct gensec_ntlmssp_state *gensec_ntlmssp_state;650 struct ntlmssp_state *ntlmssp_state; 650 651 uint32_t neg_flags; 651 652 652 gensec_ntlmssp_state = talloc_get_type(state->gensec_state->private_data,653 struct gensec_ntlmssp_state);654 neg_flags = gensec_ntlmssp_state->neg_flags;653 ntlmssp_state = talloc_get_type(state->gensec_state->private_data, 654 struct ntlmssp_state); 655 neg_flags = ntlmssp_state->neg_flags; 655 656 656 657 DEBUG(10, ("Requested negotiated feature flags\n")); … … 662 663 663 664 /* don't leak 'bad password'/'no such user' info to the network client */ 664 nt_status = auth_nt_status_squash(nt_status);665 nt_status = nt_status_squash(nt_status); 665 666 666 667 if (out.length) { … … 702 703 reply_code = "BH Failed to retrive session info"; 703 704 reply_arg = nt_errstr(nt_status); 704 DEBUG(1, ("GENSEC failed to retr eive the session info: %s\n", nt_errstr(nt_status)));705 DEBUG(1, ("GENSEC failed to retrieve the session info: %s\n", nt_errstr(nt_status))); 705 706 } else { 706 707 707 708 reply_code = "AF"; 708 709 reply_arg = talloc_asprintf(state->gensec_state, 709 "%s%s%s", session_info-> server_info->domain_name,710 lp _winbind_separator(lp_ctx), session_info->server_info->account_name);710 "%s%s%s", session_info->info->domain_name, 711 lpcfg_winbind_separator(lp_ctx), session_info->info->account_name); 711 712 talloc_free(session_info); 712 713 } … … 760 761 /* handle this request as plaintext */ 761 762 if (!full_username) { 762 if (asprintf(&full_username, "%s%c%s", domain, *lp _winbind_separator(lp_ctx), username) == -1) {763 if (asprintf(&full_username, "%s%c%s", domain, *lpcfg_winbind_separator(lp_ctx), username) < 0) { 763 764 mux_printf(mux_id, "Error: Out of memory in asprintf!\n.\n"); 764 765 return; … … 785 786 if (!parse_ntlm_auth_domain_user(full_username, &username, 786 787 &domain, 787 *lp _winbind_separator(lp_ctx))) {788 *lpcfg_winbind_separator(lp_ctx))) { 788 789 /* username might be 'tainted', don't print into our new-line deleimianted stream */ 789 790 mux_printf(mux_id, "Error: Could not parse into domain and username\n"); … … 792 793 793 794 if (!domain) { 794 domain = smb_xstrdup(lp _workgroup(lp_ctx));795 domain = smb_xstrdup(lpcfg_workgroup(lp_ctx)); 795 796 } 796 797 … … 805 806 username, 806 807 domain, 807 lp _netbios_name(lp_ctx),808 lpcfg_netbios_name(lp_ctx), 808 809 &challenge, 809 810 &lm_response, … … 933 934 } 934 935 935 static void manage_squid_request(struct loadparm_context *lp_ctx, enum stdio_helper_mode helper_mode, 936 static void manage_squid_request(struct loadparm_context *lp_ctx, enum stdio_helper_mode helper_mode, 936 937 stdio_helper_function fn, void **private2) 937 938 { … … 1040 1041 } 1041 1042 1042 static void squid_stream(struct loadparm_context *lp_ctx, 1043 static void squid_stream(struct loadparm_context *lp_ctx, 1043 1044 enum stdio_helper_mode stdio_mode, 1044 1045 stdio_helper_function fn) { … … 1133 1134 1134 1135 if (opt_domain == NULL) { 1135 opt_domain = lp _workgroup(cmdline_lp_ctx);1136 opt_domain = lpcfg_workgroup(cmdline_lp_ctx); 1136 1137 } 1137 1138 … … 1160 1161 1161 1162 if (opt_workstation == NULL) { 1162 opt_workstation = lp _netbios_name(cmdline_lp_ctx);1163 opt_workstation = lpcfg_netbios_name(cmdline_lp_ctx); 1163 1164 } 1164 1165 … … 1170 1171 char *user; 1171 1172 1172 asprintf(&user, "%s%c%s", opt_domain, *lp_winbind_separator(cmdline_lp_ctx), opt_username); 1173 if (asprintf(&user, "%s%c%s", opt_domain, 1174 *lpcfg_winbind_separator(cmdline_lp_ctx), 1175 opt_username) < 0) { 1176 return 1; 1177 } 1173 1178 if (!check_plaintext_auth(user, opt_password, true)) { 1174 1179 return 1;
Note:
See TracChangeset
for help on using the changeset viewer.
