The branch, master has been updated
via 1334ed7 s3:libsmb/cliconnect: make use of ntlmssp_is_anonymous()
via 3207c7f s3:libsmb/ntlmssp: improve anonymous logins
via 941a6a7 s3:libsmb/ntlmssp: add ntlmssp_is_anonymous()
via cb3cde9 s3:libsmb/ntlmssp: remove some indentation in
ntlmssp_set_password()
via 5f0f5b3 Revert "s3:libsmb/ntlmssp: an empty string should mean no
password"
from 9fe3544 tsocket: Fix a couple of typos and spellings in
tsocket_guide.txt
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1334ed723edc5d746f355a836b3bc52ba85cda4b
Author: Stefan Metzmacher <[email protected]>
Date: Tue Apr 17 13:49:28 2012 +0200
s3:libsmb/cliconnect: make use of ntlmssp_is_anonymous()
metze
Autobuild-User: Stefan Metzmacher <[email protected]>
Autobuild-Date: Tue Apr 17 16:16:51 CEST 2012 on sn-devel-104
commit 3207c7f9655c236278d96a0837354d1e58993974
Author: Stefan Metzmacher <[email protected]>
Date: Tue Apr 17 13:36:42 2012 +0200
s3:libsmb/ntlmssp: improve anonymous logins
smbtorture3 (and maybe others) use fstrings for 'user' and 'password',
so we need to check for empty strings.
metze
commit 941a6a78519bd24064ee1919662529bfdd87d78d
Author: Stefan Metzmacher <[email protected]>
Date: Tue Apr 17 13:34:27 2012 +0200
s3:libsmb/ntlmssp: add ntlmssp_is_anonymous()
metze
commit cb3cde951859852daf830efdeaf8392cf7c89300
Author: Stefan Metzmacher <[email protected]>
Date: Tue Apr 17 08:46:51 2012 +0200
s3:libsmb/ntlmssp: remove some indentation in ntlmssp_set_password()
metze
commit 5f0f5b361531926bc394a4e468392ee617dbbc1f
Author: Stefan Metzmacher <[email protected]>
Date: Tue Apr 17 08:38:10 2012 +0200
Revert "s3:libsmb/ntlmssp: an empty string should mean no password"
This reverts commit 92483eee254ef6844fe88abe1e64f67033a1ea2d.
-----------------------------------------------------------------------
Summary of changes:
source3/include/proto.h | 1 +
source3/libsmb/cliconnect.c | 2 +-
source3/libsmb/ntlmssp.c | 58 ++++++++++++++++++++++++++++---------------
3 files changed, 40 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 035d87e..14fe730 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -998,6 +998,7 @@ void ntlmssp_want_feature_list(struct ntlmssp_state
*ntlmssp_state, char *featur
void ntlmssp_want_feature(struct ntlmssp_state *ntlmssp_state, uint32_t
feature);
NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
const DATA_BLOB in, DATA_BLOB *out) ;
+bool ntlmssp_is_anonymous(struct ntlmssp_state *ntlmssp_state);
NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx,
bool is_standalone,
const char *netbios_name,
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 6e057a5..b9634eb 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1711,7 +1711,7 @@ static void cli_session_setup_ntlmssp_done(struct
tevent_req *subreq)
if (cli_state_protocol(state->cli) >= PROTOCOL_SMB2_02) {
struct smbXcli_session *session =
state->cli->smb2.session;
- if (state->ntlmssp_state->nt_hash == NULL) {
+ if (ntlmssp_is_anonymous(state->ntlmssp_state)) {
/*
* Windows server does not set the
* SMB2_SESSION_FLAG_IS_GUEST nor
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 72466fe..66e7102 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -76,31 +76,33 @@ NTSTATUS ntlmssp_set_username(struct ntlmssp_state
*ntlmssp_state, const char *u
*/
NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char
*password)
{
+ uint8_t lm_hash[16];
+ uint8_t nt_hash[16];
+
TALLOC_FREE(ntlmssp_state->lm_hash);
TALLOC_FREE(ntlmssp_state->nt_hash);
- if (!password || strlen(password) == 0) {
- return NT_STATUS_OK;
- } else {
- uint8_t lm_hash[16];
- uint8_t nt_hash[16];
-
- if (E_deshash(password, lm_hash)) {
- ntlmssp_state->lm_hash = (uint8_t *)
- talloc_memdup(ntlmssp_state, lm_hash, 16);
- if (!ntlmssp_state->lm_hash) {
- return NT_STATUS_NO_MEMORY;
- }
- }
- E_md4hash(password, nt_hash);
+ if (password == NULL) {
+ return NT_STATUS_OK;
+ }
- ntlmssp_state->nt_hash = (uint8_t *)
- talloc_memdup(ntlmssp_state, nt_hash, 16);
- if (!ntlmssp_state->nt_hash) {
- TALLOC_FREE(ntlmssp_state->lm_hash);
+ if (E_deshash(password, lm_hash)) {
+ ntlmssp_state->lm_hash = (uint8_t *)
+ talloc_memdup(ntlmssp_state, lm_hash, 16);
+ if (!ntlmssp_state->lm_hash) {
return NT_STATUS_NO_MEMORY;
}
}
+
+ E_md4hash(password, nt_hash);
+
+ ntlmssp_state->nt_hash = (uint8_t *)
+ talloc_memdup(ntlmssp_state, nt_hash, 16);
+ if (!ntlmssp_state->nt_hash) {
+ TALLOC_FREE(ntlmssp_state->lm_hash);
+ return NT_STATUS_NO_MEMORY;
+ }
+
return NT_STATUS_OK;
}
@@ -307,6 +309,21 @@ static NTSTATUS ntlmssp3_client_initial(struct
ntlmssp_state *ntlmssp_state,
return NT_STATUS_MORE_PROCESSING_REQUIRED;
}
+bool ntlmssp_is_anonymous(struct ntlmssp_state *ntlmssp_state)
+{
+ const char *user = ntlmssp_state->user;
+
+ if (ntlmssp_state->user == NULL) {
+ return true;
+ }
+
+ if (strlen(ntlmssp_state->user) == 0) {
+ return true;
+ }
+
+ return false;
+}
+
/**
* Next state function for the Challenge Packet. Generate an auth packet.
*
@@ -332,8 +349,9 @@ static NTSTATUS ntlmssp3_client_challenge(struct
ntlmssp_state *ntlmssp_state,
DATA_BLOB session_key = data_blob_null;
DATA_BLOB encrypted_session_key = data_blob_null;
NTSTATUS nt_status = NT_STATUS_OK;
+ bool anon = ntlmssp_is_anonymous(ntlmssp_state);
- if (ntlmssp_state->use_ccache) {
+ if (!anon && ntlmssp_state->use_ccache) {
struct wbcCredentialCacheParams params;
struct wbcCredentialCacheInfo *info = NULL;
struct wbcAuthErrorInfo *error = NULL;
@@ -466,7 +484,7 @@ noccache:
return NT_STATUS_INVALID_PARAMETER;
}
- if (!ntlmssp_state->nt_hash) {
+ if (anon || !ntlmssp_state->nt_hash) {
static const uint8_t zeros[16] = {0, };
/* do nothing - blobs are zero length */
--
Samba Shared Repository
